2600hz WebRTC Meetup at WeWork, San Francisco, CA2600Hz
2600hz Engineers Peter Defebvre and Maxime Roux will lead an intense discussion on WebRTC, what it is and how to build your own phone. We will also discuss how 2600hz is able to provide enterprise grade connectivity to any HTML5 endpoint.
SIPLABS CEO Mikhail Rodionov discusses current projects, contributions back to the Kazoo platform, and challenges in the market for his emerging company.
2600Hz - Tuning Kazoo to 10,000 Handsets - KazooCon 20152600Hz
People love to talk about scale. Some vendors pitch that their systems easily support 100,000 simultaneous calls, or 500 calls per second, etc. The reality is, in the real world, people’s behaviors vary and the feature sets they use can cut these numbers down quickly. For example, ask that same vendor claiming 100,000 simultaneous calls if it can be done while call recording, call statistics and other features are turned on at the same time, and you’ll usually get a very different, cautious, qualified response.
In this presentation, we'll show you how to set up your infrastructure to support 100,000 simultaneous calls.
CTO Karl Anderson discusses the state of Kazoo. This includes integrations with FreeSWITCH, erlang, and Kamailio. Reseller milestones include the release of whitelabeling, webhooks, migration, carriers, debugging, account management and more.
Kazoo APIs are an example of a restful web-service. They are APIs are provided over HTTP/HTTPS. Kazoo APIs mostly uses the JavaScript Object Notation (JSON) data format for most payloads!
2600hz WebRTC Meetup at WeWork, San Francisco, CA2600Hz
2600hz Engineers Peter Defebvre and Maxime Roux will lead an intense discussion on WebRTC, what it is and how to build your own phone. We will also discuss how 2600hz is able to provide enterprise grade connectivity to any HTML5 endpoint.
SIPLABS CEO Mikhail Rodionov discusses current projects, contributions back to the Kazoo platform, and challenges in the market for his emerging company.
2600Hz - Tuning Kazoo to 10,000 Handsets - KazooCon 20152600Hz
People love to talk about scale. Some vendors pitch that their systems easily support 100,000 simultaneous calls, or 500 calls per second, etc. The reality is, in the real world, people’s behaviors vary and the feature sets they use can cut these numbers down quickly. For example, ask that same vendor claiming 100,000 simultaneous calls if it can be done while call recording, call statistics and other features are turned on at the same time, and you’ll usually get a very different, cautious, qualified response.
In this presentation, we'll show you how to set up your infrastructure to support 100,000 simultaneous calls.
CTO Karl Anderson discusses the state of Kazoo. This includes integrations with FreeSWITCH, erlang, and Kamailio. Reseller milestones include the release of whitelabeling, webhooks, migration, carriers, debugging, account management and more.
Kazoo APIs are an example of a restful web-service. They are APIs are provided over HTTP/HTTPS. Kazoo APIs mostly uses the JavaScript Object Notation (JSON) data format for most payloads!
Kamailio is the leading Open Source SIP Server - a SIP proxy, registrar, location server, presence server, IMS server and much more. Find out more by viewing this quick presentation! (Updated June 2014)
High Availability Asterisk and FreePBX on Microsoft AzureSanjay Willie
In this slide, we presented to MaGIC Malaysia for entrepreneurs wanting to get an Asterisk business on cloud going. Here, we provide the most basic, lowest level method of having a HA on Microsoft Azure with FreePBX,
Components used with Azure's Ubuntu 14.04 image
1) Asterisk 11
2) FreePBX 2.11
3) DRBD
4) Heartbeat - but without actually relying on Virtual IP since we use Azure Cloud to do the HA by exposing TCP5060
5) Use Azure's HA method to achieve HA by ensuring that whichever server that "listens" to port TCP5060 will have all the HA DNS name of Asterisk traffic redirected there.
Asterisk is an Open Source PBX - but how does it support larger installations? Can you scale it up to thousands of users, with hundreds of simultaneous calls? What about failover, backups and the famous blinking lamps? Olle Johansson goes through various models and describes where some of his current projects with strange names - Pinefrog, Pinana, Pinetree and Bufo fits into this picture.
NGINX.conf 2017 - Not all microservices are created equal ... some are server...Dragos Dascalita Haut
As the industry gained experience with microservices, so did our understanding about them evolved. The momentum created by simplifying services at a micro level has brought forth a new way of thinking at a more granular level; we call it “serverless”. We don’t know whether it’s going to replace microservices, but what we know for sure is that it’s changing the way we think of services ... especially servers.
Serverless architectures promote the idea of no servers, but does this mean that soon we won’t have to think of running web servers on our own ? Does NGINX play a role in this new architecture ? Is it so much more efficient for us to care about ?
Join this session to talk about these questions and see what role NGINX could play in this picture. To help us in our journey we'll use cloud serverless platforms, as well as open source solutions in order to look at some practical examples, and to draw some conclusions.
Build HA Asterisk on Microsoft Azure using DRBD/HeartbeatSanjay Willie
This was presented during Microsoft Azure's BootCamp on April 25 2015 at Microsoft Malaysia. This particular session was about using OSS Asterisk on Azure with HA capabilities.
IIT RTC Conference 2015, Chicago - talk on optimizations for SIP singaling traffic in mobile 3G/4G environments and how Kamailio can be used for such situations.
A technical presentation that accompanied a discussion on the topic of automation various aspects of the peering decision making and provisioning process
NGINX.conf 2016 - Fail in order to succeed ! Designing Microservices for fail...Dragos Dascalita Haut
If you didn’t fail with microservices at least once you didn’t really try anything new! Even though microservices are an established architectural style in the industry, they still come with their own challenges.
This session from nginx.conf 2016 focuses on a topic that is usually overlooked in the early stages of building a microservices architecture: traffic management. It comes into the picture after we fail an SLA, whether the cause is a misbehaving client, a legitimate increase of traffic, or a DDoS attack. We then start asking questions like how to ensure a fair usage policy for clients across microservices, how to protect clients from an abusive peer that is generating a spike in traffic, and how to protect microservices themselves from abusive clients.
NGINX comes with options for rate limiting that usually work great for a single node. Extending NGINX's capabilities to distributed environments increases the complexity of the solution. Can rate limiting be applied transparently without visible impact on latency? Is it easy to scale? Is it reliable? In this session, Adobe's Dragos Dascalita Haut introduces an open source solution contributed by Adobe I/O and used with success in real-life scenarios. The solution is based on an asynchronous communication model that supports high-throughput scenarios with minimum impact on latency. If you've had similar problems in the past or if you're concerned about how clients interact with your microservices then this session is for you.
What is NetDevOps? How? Leslie Carr PuppetConf 2015Leslie Carr
This talk describes NetDevOps. Why should you implement DevOps methodologies in your network? How do you take the first steps to do so?
Hopefully the gif's succesfully stay animated!
TADSummit Dangerous demo: Oracle
Presented by Doug Tait, Oracle at TADSummit Lisbon 18th November 2015
WebRTC Client connect to an HTML application deployed on OCSG over HTPP(s). The app use:
OCSG Authentication REST API
oneAPI SMS REST service exposed by OCSG to send SMS
WebRTC API SDK deployed on WSC
Once connected, the webRTC endpoint create a conference room and then:
open a websocket connection to WSC using WSC SDK
Can send an SMS an SMS to a mobile device with the link to the conference leveraging the SMS API
It then use WSC API to make a call to a mobile user or to another webRTC Endpoint
Chat message are sent via Datachannel
RTP stream goes through WSC
VirtualPBX - Back Office, Delivering Voice in a Competitive Market - KazooCon...2600Hz
In a competitive market, high quality voice services alone are rarely enough. Lon will speak about the customer lifecycle, back office systems from Sales to CRM to deployment, and how to drive profitable growth while delivering an excellent customer experience.
Kamailio is the leading Open Source SIP Server - a SIP proxy, registrar, location server, presence server, IMS server and much more. Find out more by viewing this quick presentation! (Updated June 2014)
High Availability Asterisk and FreePBX on Microsoft AzureSanjay Willie
In this slide, we presented to MaGIC Malaysia for entrepreneurs wanting to get an Asterisk business on cloud going. Here, we provide the most basic, lowest level method of having a HA on Microsoft Azure with FreePBX,
Components used with Azure's Ubuntu 14.04 image
1) Asterisk 11
2) FreePBX 2.11
3) DRBD
4) Heartbeat - but without actually relying on Virtual IP since we use Azure Cloud to do the HA by exposing TCP5060
5) Use Azure's HA method to achieve HA by ensuring that whichever server that "listens" to port TCP5060 will have all the HA DNS name of Asterisk traffic redirected there.
Asterisk is an Open Source PBX - but how does it support larger installations? Can you scale it up to thousands of users, with hundreds of simultaneous calls? What about failover, backups and the famous blinking lamps? Olle Johansson goes through various models and describes where some of his current projects with strange names - Pinefrog, Pinana, Pinetree and Bufo fits into this picture.
NGINX.conf 2017 - Not all microservices are created equal ... some are server...Dragos Dascalita Haut
As the industry gained experience with microservices, so did our understanding about them evolved. The momentum created by simplifying services at a micro level has brought forth a new way of thinking at a more granular level; we call it “serverless”. We don’t know whether it’s going to replace microservices, but what we know for sure is that it’s changing the way we think of services ... especially servers.
Serverless architectures promote the idea of no servers, but does this mean that soon we won’t have to think of running web servers on our own ? Does NGINX play a role in this new architecture ? Is it so much more efficient for us to care about ?
Join this session to talk about these questions and see what role NGINX could play in this picture. To help us in our journey we'll use cloud serverless platforms, as well as open source solutions in order to look at some practical examples, and to draw some conclusions.
Build HA Asterisk on Microsoft Azure using DRBD/HeartbeatSanjay Willie
This was presented during Microsoft Azure's BootCamp on April 25 2015 at Microsoft Malaysia. This particular session was about using OSS Asterisk on Azure with HA capabilities.
IIT RTC Conference 2015, Chicago - talk on optimizations for SIP singaling traffic in mobile 3G/4G environments and how Kamailio can be used for such situations.
A technical presentation that accompanied a discussion on the topic of automation various aspects of the peering decision making and provisioning process
NGINX.conf 2016 - Fail in order to succeed ! Designing Microservices for fail...Dragos Dascalita Haut
If you didn’t fail with microservices at least once you didn’t really try anything new! Even though microservices are an established architectural style in the industry, they still come with their own challenges.
This session from nginx.conf 2016 focuses on a topic that is usually overlooked in the early stages of building a microservices architecture: traffic management. It comes into the picture after we fail an SLA, whether the cause is a misbehaving client, a legitimate increase of traffic, or a DDoS attack. We then start asking questions like how to ensure a fair usage policy for clients across microservices, how to protect clients from an abusive peer that is generating a spike in traffic, and how to protect microservices themselves from abusive clients.
NGINX comes with options for rate limiting that usually work great for a single node. Extending NGINX's capabilities to distributed environments increases the complexity of the solution. Can rate limiting be applied transparently without visible impact on latency? Is it easy to scale? Is it reliable? In this session, Adobe's Dragos Dascalita Haut introduces an open source solution contributed by Adobe I/O and used with success in real-life scenarios. The solution is based on an asynchronous communication model that supports high-throughput scenarios with minimum impact on latency. If you've had similar problems in the past or if you're concerned about how clients interact with your microservices then this session is for you.
What is NetDevOps? How? Leslie Carr PuppetConf 2015Leslie Carr
This talk describes NetDevOps. Why should you implement DevOps methodologies in your network? How do you take the first steps to do so?
Hopefully the gif's succesfully stay animated!
TADSummit Dangerous demo: Oracle
Presented by Doug Tait, Oracle at TADSummit Lisbon 18th November 2015
WebRTC Client connect to an HTML application deployed on OCSG over HTPP(s). The app use:
OCSG Authentication REST API
oneAPI SMS REST service exposed by OCSG to send SMS
WebRTC API SDK deployed on WSC
Once connected, the webRTC endpoint create a conference room and then:
open a websocket connection to WSC using WSC SDK
Can send an SMS an SMS to a mobile device with the link to the conference leveraging the SMS API
It then use WSC API to make a call to a mobile user or to another webRTC Endpoint
Chat message are sent via Datachannel
RTP stream goes through WSC
VirtualPBX - Back Office, Delivering Voice in a Competitive Market - KazooCon...2600Hz
In a competitive market, high quality voice services alone are rarely enough. Lon will speak about the customer lifecycle, back office systems from Sales to CRM to deployment, and how to drive profitable growth while delivering an excellent customer experience.
WebRTC (Web Real-Time Communication) is an API definition drafted by the World Wide Web Consortium (W3C) that supports browser-to-browser applications for voice calling, video chat, and P2P file sharing without plugins. Web RTC is a young but is a promising & powerful technology. The possibilities are endless that includes HD audio, video, file sharing, screen sharing, conference application and more. www.2600hz.com
KazooCon 2014 - Building Your Business: Behind the Numbers!2600Hz
2600hz Sales Manager Angela Lambert discusses
Compeetor pricing for your customers, how consumers understand VoIP as a product & VoIP pricing and what this means for you as a provider
KazooCon 2014 - Control Cellular Service via APIs2600Hz
2600hz engineer Chris Cole demos the advanced functionality of our API. Currently there are tons of callflow options that include ring a device, ring a user, manual presence, pivot, etc. Chris explores this functionality in his live demo.
Apache Kafka - Scalable Message-Processing and more !Guido Schmutz
ndependent of the source of data, the integration of event streams into an Enterprise Architecture gets more and more important in the world of sensors, social media streams and Internet of Things. Events have to be accepted quickly and reliably, they have to be distributed and analysed, often with many consumers or systems interested in all or part of the events. How can me make sure that all these event are accepted and forwarded in an efficient and reliable way? This is where Apache Kafaka comes into play, a distirbuted, highly-scalable messaging broker, build for exchanging huge amount of messages between a source and a target.
This session will start with an introduction into Apache and presents the role of Apache Kafka in a modern data / information architecture and the advantages it brings to the table. Additionally the Kafka ecosystem will be covered as well as the integration of Kafka in the Oracle Stack, with products such as Golden Gate, Service Bus and Oracle Stream Analytics all being able to act as a Kafka consumer or producer.
Automating Oracle Database deployment with Amazon Web Services, fabric, and botomjbommar
Have credit card, need database? In this talk, I'll show you how to deploy your own Oracle 11gR2 sandbox with a single keystroke (and I don't mean RDS). Along the way, we'll learn about Infrastructure-as-a-Service with boto, provisioning tools like fabric, and Oracle response files. When we're done, we'll have a repeatable, ten-minute process that can deliver a server as cheap as $5/day or as powerful as 40k IOPS and 2.6GB/s throughput. More importantly, we'll understand what the big deal about IaaS and automated provisioning really is, and how enterprise products like Oracle can still fit comfortably in the space.
Message queuing is becoming an essential part of modern architectures and essential for asynchronous architectures and microservices. In this session will be described the benefits of messaging systems, the software solutions that are available and typical messaging architectures. Examples will be made using Azure Storage Queues, Azure Service Bus and RabbitMQ. This presentation is primarily about messaging, however as this session is for tech hipsters, the demos will be done giving an extensive introduction to Azure functions, Azure Resource Manager Templates, .Net core and Docker.
Amazon EKS 그리고 Service Mesh
Kubernetes는 컨테이너 서비스를 도입하는 기업들에게 가장 있기있는 Orchestration 플랫폼입니다. 이 세션에서는 아마존에서 6월 정식 출시한 managed Kubenetes서비스인 EKS를 소개해드리며, 오픈소스 버전과의 차이점 및 장점 등에 대해 설명하고, 진보한 마이크로 서비스인 Service Mesh를 구현하는 Linkerd 소개 및 데모를 진행하고자 합니다.
Applying ML on your Data in Motion with AWS and Confluent | Joseph Morais, Co...HostedbyConfluent
Event-driven application architectures are becoming increasingly common as a large number of users demand more interactive, real-time, and intelligent responses. Yet it can be challenging to decide how to capture and perform real-time data analysis and deliver differentiating experiences. Join experts from Confluent and AWS to learn how to build Apache Kafka®-based streaming applications backed by machine learning models. Adopting the recommendations will help you establish repeatable patterns for high performing event-based apps.
Webinar Slides: High Volume MySQL HA: SaaS Continuous Operations with Terabyt...Continuent
Large Number of On-premises Tungsten MySQL Clusters @ Marketo
Marketo is a very large marketing automation SaaS provider. Marketo scaled from tens of customers back in 2010 to thousands of enterprise customers today using Tungsten Clustering and several hundreds of MySQL instances.
In this webinar, Continuent CEO Eero Teerikorpi discusses some common challenges SaaS providers face, such as having to provide 24/7/365 operations with zero downtime, even during maintenance operations. In addition, SaaS providers need to have an easy, consistent, and cost-effective model to scale.
Watch this webinar replay to learn how to guarantee continuous operations for a SaaS provider with billions of daily transactions and terabytes of data using Tungsten MySQL Clusters.
AGENDA
- Continuent Introduction
- How to Guarantee Continuous Operations for a SaaS with Terabytes Data with Tungsten MySQL Clusters
- Continuent Tungsten Solutions & Benefits
- Key Benefit Highlight: Billions of MySQL Transactions, Very Large Data Volume
- Q&A
PRESENTER
Eero Teerikorpi - founder and CEO, Continuent - is a 7-time serial entrepreneur who has more than 30 years of high-tech management and enterprise software experience. Eero has been in the MySQL marketplace virtually since day one, from the early 2000s. Eero has held top management positions at various cross-Atlantic entities (CEO at Alcom Corporation, President at Capslock, Executive Board Member at Esker S.A.) Eero started his career as a Product Manager at Apple Computer in Finland in the mid-80s. Eero also owns and manages a boutique NOET Vineyards producing high-quality dry-farmed Cabernet Sauvignon.
Eero is a former Navy officer and still an avid sailor on San Francisco Bay and around the world. Eero is a very active sportsman: a 4+ tennis player, a rookie golfer, a very careful mountain biker, and an experienced (40+ years) skier, both slalom and cross-country.
Building Event Driven (Micro)services with Apache KafkaGuido Schmutz
What is a Microservices architecture and how does it differ from a Service-Oriented Architecture? Should you use traditional REST APIs to bind services together? Or is it better to use a richer, more loosely-coupled protocol? This talk will start with quick recap of how we created systems over the past 20 years and how different architectures evolved from it. The talk will show how we piece services together in event driven systems, how we use a distributed log (event hub) to create a central, persistent history of events and what benefits we achieve from doing so.
Apache Kafka is a perfect match for building such an asynchronous, loosely-coupled event-driven backbone. Events trigger processing logic, which can be implemented in a more traditional as well as in a stream processing fashion. The talk will show the difference between a request-driven and event-driven communication and show when to use which. It highlights how the modern stream processing systems can be used to hold state both internally as well as in a database and how this state can be used to further increase independence of other services, the primary goal of a Microservices architecture.
[Capitole du Libre] #serverless - mettez-le en oeuvre dans votre entreprise...Ludovic Piot
Tout comme le Cloud IaaS avant lui, le serverless promet de faciliter le succès de vos projets en accélérant le Time to Market et en fluidifiant les relations entre Devs et Ops.
Mais sa mise en œuvre au sein d’une entreprise reste complexe et coûteuse.
Après 2 ans à mettre en place des plateformes managées de ce type, nous partagons nos expériences de ce qu’il faut faire pour mettre en œuvre du serverless en entreprise, en évitant les douleurs et en limitant les contraintes au maximum.
Tout d’abord l’architecture technique, avec 2 implémentations très différentes : Kubernetes et Helm d’un côté, Clever Cloud on-premise de l’autre.
Ensuite, la mise en place et l’utilisation d’OpenFaaS. Comment tester et versionner du Function as a Service. Mais aussi les problématiques de blue/green deployment, de rolling update, d’A/B testing. Comment diagnostiquer rapidement les dépendances et les communications entre services.
Enfin, en abordant les sujets chers à la production : * vulnerability management et patch management, * hétérogénéïté du parc, * monitoring et alerting, * gestion des stacks obsolètes, etc.
Stay productive while slicing up the monolithMarkus Eisele
Microservices-based architectures are in vogue. Over the last couple of years, we have learned how thought leaders implement them, and it seems like every other week we hear about how containers and platform-as-a-service offerings make them ultimately happen.
Tech Talent Night Copenhagen 11/22/17
https://greenticket.dk/techtalentnightcph
LinuxCon North America 2013: Why Lease When You Can Buy Your CloudMark Hinkle
Perhaps one of the perplexing things about cloud computing is the choice around renting time in someone else’s cloud (Amazon, Google, Rackspace or a myriad of others) or building your own. It’s not unlike the age-old car buyer’s dilemma, take the lower payments and lower total miles lease or buy the car and drive it for the long haul. Cloud computing users are often faced with the same conundrum. This presentation will focus on how to buy and build a cloud that can be fulfill the needs of most users including strategies for making use of the open source private cloud or managing workloads in both the private and public cloud using open source software.
Similar to 2600hz CTO Karl Anderson speaks at Kamailio World 2014 (20)
Telnexus CEO Vernon Keenan discuss how he built the Managed Service Provider Telnexus from the ground up and the lessons he has learned in the process.
Product Director Aaron Gunn discusses billing options for SaaS and IaaS customers. This includes CDR API, AMPQ, and integrating VoIP billing platforms.
This is an overview of VoIP fraud, different types of fraud and what telecommunication carriers are doing to combat this issue. Types of fraud include International / Premium Number Fraud, Impersonation / Social Engineering, Service Degradation / Denial of service. Presented by Mark Magnusson at KazooCon 2015.
Jean-Roche Maitre and Joris TIrado discuss the basics of coding a Monster app, which will track all new call events happening on a Kazoo Account. The goal is to see the events in our app as we place calls from a softphone!
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfPaige Cruz
Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack.
While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack.
I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionAggregage
Join Maher Hanafi, VP of Engineering at Betterworks, in this new session where he'll share a practical framework to transform Gen AI prototypes into impactful products! He'll delve into the complexities of data collection and management, model selection and optimization, and ensuring security, scalability, and responsible use.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Removing Uninteresting Bytes in Software FuzzingAftab Hussain
Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process.
In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds.
- These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.
Unlocking Productivity: Leveraging the Potential of Copilot in Microsoft 365, a presentation by Christoforos Vlachos, Senior Solutions Manager – Modern Workplace, Uni Systems
Essentials of Automations: The Art of Triggers and Actions in FMESafe Software
In this second installment of our Essentials of Automations webinar series, we’ll explore the landscape of triggers and actions, guiding you through the nuances of authoring and adapting workspaces for seamless automations. Gain an understanding of the full spectrum of triggers and actions available in FME, empowering you to enhance your workspaces for efficient automation.
We’ll kick things off by showcasing the most commonly used event-based triggers, introducing you to various automation workflows like manual triggers, schedules, directory watchers, and more. Plus, see how these elements play out in real scenarios.
Whether you’re tweaking your current setup or building from the ground up, this session will arm you with the tools and insights needed to transform your FME usage into a powerhouse of productivity. Join us to discover effective strategies that simplify complex processes, enhancing your productivity and transforming your data management practices with FME. Let’s turn complexity into clarity and make your workspaces work wonders!
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
A tale of scale & speed: How the US Navy is enabling software delivery from l...sonjaschweigert1
Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved:
- Reduction in onboarding time from 5 weeks to 1 day
- Improved developer experience and productivity through actionable findings and reduction of false positives
- Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO)
Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production.
We will cover:
- How to remove silos in DevSecOps
- How to build efficient development pipeline roles and component templates
- How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence)
- How to streamline operations with automated policy checks on container images
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
2. Karl Anderson
Senior Bit Herder
My name is Karl Anderson, I am one of the senior bit herders at 2600hz. I have no
credentials that will “wow” you, but hopefully you will still find this talk
informative and at the very least interesting.
4. At 2600hz we are building an
ambitious open-source
project called Kazoo. Kazoo
is a distributed
communication platform
5. This is Kazoo from a high level, it is a control layer focused on the telecom problem
domain. It provides modern interfaces to the communication revolution and allows
anybody to quickly enter the telecom industry. At the border you can see the SBC, which
in our case is Kamailio. We also use Kamailio for as presence and registration servers,
which is why we created the Kamailio module db_kazoo to connect to Kazoo’s internal
AMQP message bus.
7. • Enterprise messaging
• Initially John O'Hara with JP Morgan
Chase
• 2005 formed a working group, which
grew to include:
Cisco, Bank of America, Red Hat,
Microsoft, VM Ware, Goldman
Sachs, Software AG and Others
• Originated from the demands of financial services. Completely open, version 1.0
accepted by OASIS (Organization for the Advancement of Structured Information
Standards) this year.
• It is a document, standard specification. We use a implementation called
RabbitMQ.
• AMQP is a wire-level messaging protocol that offers organizations an efficient,
reliable approach to passing real-time data and business transactions with
confidence. AMQP provides a platform-agnostic method for ensuring information is
safely transported between applications, among organizations, within mobile
infrastructures, and across the Cloud.
• Solves the a lot of really hard distributed system problems.
8.
9. What Does this Mean?
• Messages are published to exchanges, which are often compared to post
offices or mailboxes. Exchanges then distribute message copies
to queues using rules called bindings. Then AMQP brokers either deliver
messages to consumers subscribed to queues, or consumers fetch/pull
messages from queues on demand.
• A direct exchange delivers messages to queues based on the message
routing key. A direct exchange is ideal for the unicast routing of messages
• A fanout exchange routes messages to all of the queues that are bound to
it and the routing key is ignored.
• Topic exchanges route messages to one or many queues based on
matching between a message routing key and the pattern that was used
to bind a queue to an exchange. The topic exchange type is often used to
implement various publish/subscribe pattern variations.
11. db_kazoo presents the Kazoo AMQP message bus a database type to Kamailio. This
allows lookups to preform response/request operations in Kazoo which in turn draw
from our database.
Discuss why we use the db interface in Kamailio and how in this architecture Kazoo
is a middle man for the Bigcouch, providing a layer of realtime logic…
My name is Karl Anderson, I am one of the senior bit herders at 2600hz. I have no credentials that will “wow” you, but hopefully you will still find this talk informative and at the very least interesting.
So lets rewind what is Kazoo?
At 2600hz we are building an ambitious open-source project called Kazoo. Kazoo is a distributed communication platform
This is Kazoo from a high level, it is a control layer focused on the telecom problem domain. It provides modern interfaces to the communication revolution and allows anybody to quickly enter the telecom industry. At the border you can see the SBC, which in our case is Kamailio. We also use Kamailio for as presence and registration servers, which is why we created the Kamailio module db_kazoo to connect to Kazoo’s internal AMQP message bus.
What is AMQP?
Enterprise messaging
Initially John O'Hara with JP Morgan Chase
2005 formed a working group, which grew to include:
Cisco, Bank of America, Red Hat, Microsoft, VM Ware, Goldman Sachs, Software AG and Others
Originated from the demands of financial services. Completely open, version 1.0 accepted by OASIS (Organization for the Advancement of Structured Information Standards) this year.
It is a document, standard specification. We use a implementation called RabbitMQ.
AMQP is a wire-level messaging protocol that offers organizations an efficient, reliable approach to passing real-time data and business transactions with confidence. AMQP provides a platform-agnostic method for ensuring information is safely transported between applications, among organizations, within mobile infrastructures, and across the Cloud.
Solves the a lot of really hard distributed system problems.
Messages are published to exchanges, which are often compared to post offices or mailboxes. Exchanges then distribute message copies to queues using rules called bindings. Then AMQP brokers either deliver messages to consumers subscribed to queues, or consumers fetch/pull messages from queues on demand.
A direct exchange delivers messages to queues based on the message routing key. A direct exchange is ideal for the unicast routing of messages
A fanout exchange routes messages to all of the queues that are bound to it and the routing key is ignored.
Topic exchanges route messages to one or many queues based on matching between a message routing key and the pattern that was used to bind a queue to an exchange. The topic exchange type is often used to implement various publish/subscribe pattern variations.
So what is the role of db_kazoo
db_kazoo presents the Kazoo AMQP message bus a database type to Kamailio. This allows lookups to preform response/request operations in Kazoo which in turn draw from our database.
Discuss why we use the db interface in Kamailio and how in this architecture Kazoo is a middle man for the Bigcouch, providing a layer of realtime logic…
So, how do we use it?
First configure it
typedef struct db_func {
unsigned int cap; /* Capability vector of the database transport */
db_use_table_f use_table; /* Specify table name */
db_init_f init; /* Initialize database connection */
db_close_f close; /* Close database connection */
db_query_f query; /* query a table */
db_fetch_result_f fetch_result; /* fetch result */
db_raw_query_f raw_query; /* Raw query - SQL */
db_free_result_f free_result; /* Free a query result */
db_insert_f insert; /* Insert into table */
db_delete_f delete; /* Delete from table */
db_update_f update; /* Update table */
db_replace_f replace; /* Replace row in a table */
db_last_inserted_id_f last_inserted_id; /* Retrieve the last inserted ID
in a table */
db_insert_update_f insert_update; /* Insert into table, update on duplicate key */
db_insert_delayed_f insert_delayed; /* Insert delayed into table */
db_affected_rows_f affected_rows; /* Numer of affected rows for last query */
} db_func_t;
/*
* Query table for specified rows
* _h: structure representing database connection
* _k: key names
* _op: operators
* _v: values of the keys that must match
* _c: column names to return
* _n: number of key=values pairs to compare
* _nc: number of columns to return
* _o: order by the specified column
*/
What is AMQP?
Make it more generic
Commit it upstream
Add support for connections to multiple AMQP brokers
- MOR Threads!!!
- ERL_TICK
- Do you need to support distributed erlang?
- ..are you sure??
- Cutting edge... in 1986
- erl_interface / ei
- Sophisticated errors!
- APR? April?
- os_sock_put / os_sock_get / ect