A Byte of Software Deployment
•
0 likes•391 views
- What's Software Deployment - A Minimal Python Web Application - Trouble Shoot - Interface between Web Server and Application - Standardization/Automation/Monitoring/Availability
Report
Share
Report
Share
Download to read offline
Recommended
Nikto
Nikto is a popular webserver assessment tool that scans for over 6700 potentially dangerous files and programs, checks for outdated server versions of over 1250 servers, and identifies version-specific problems on 270+ servers. It identifies vulnerabilities very quickly but is not stealthy, making the scans obvious in server logs. Nikto allows tuning scans to specific categories like file uploads, information disclosure, or SQL injection, and has features like SSL support, HTTP proxy support, customizable reports, and host authentication.
Protecting your site by detection
This document discusses ways to detect security issues on a WordPress site and server. It recommends using tools like ModSecurity, fail2ban, Apticron, and Apt-dater to monitor for updates, failed login attempts, and other security events. It also proposes building a WordPress plugin called WP Central that would aggregate security data from all sites and servers and provide a central dashboard. The plugin would monitor files, permissions, login attempts, and perform checksum scans to detect any changes or additions.
[old] Network Performance Monitoring for DevOps and IT
Take a look at our updated Network Monitoring presentation in the link given below:
https://www.slideshare.net/Site24x7/network-final
Get comprehensive performance insights by monitoring critical network devices such as routers, switches and firewalls with Site24x7.
About Site24x7:
Site24x7 offers unified cloud monitoring for DevOps and IT operations. Monitor the experience of real users accessing websites and applications from desktop and mobile devices. In-depth monitoring capabilities enable DevOps teams to monitor and troubleshoot applications, servers and network infrastructure including private and public clouds. End user experience monitoring is done from 50+ locations across the world and various wireless carriers. For more information on Site24x7, please visit http://www.site24x7.com/.
Forums: https://forums.site24x7.com/
Facebook: http://www.facebook.com/Site24x7
Twitter: http://twitter.com/site24x7
Google+: https://plus.google.com/+Site24x7
LinkedIn: https://www.linkedin.com/company/site...
View Blogs: http://blogs.site24x7.com/
Code lifecycle on the Acquia Cloud Platform
This presentation was given during Drupal Camp Byron Bay 2015 and focused on code lifecycle on the Acquia Cloud platform
NGINX: Basics and Best Practices
On-demand recording: nginx.com/resources/webinars/nginx-basics-best-practices
You’ve heard of NGINX and the benefits it can provide to your web application, but maybe you’re not sure how to get started. There are a lot of tutorials online, but they can be outdated and contradict each other, making things more challenging. In this webinar we’ll cover the basics of NGINX to help you effectively begin using it as part of your existing or new web app.
This webinar covers how to:
* Install NGINX and verify it's properly running
* Create NGINX configurations for reverse proxy, load balancer, etc.
* Improve performance using keepalives and other NGINX directives
* Debug and troubleshoot using NGINX logs
Linux routing and firewall for beginners
This document outlines an agenda for a workshop on networking and firewall basics. It will cover setting up a router and routing between networks, firewall administration, and demonstrations of routing, pinging, traceroute, SSH, and basic firewall rules. It provides instructions on software installation and setup for the demonstrations and includes exercises on port forwarding, multi-DMZ configurations, and network address translation.
y3dips hacking priv8 network
This document discusses hacking into IPSec VPNs used by banks. It describes how banks previously used private networks but now rely on VPNs to connect over public infrastructure like the internet in a more cost effective way. However, VPNs are only relatively secure and rely on the security of the protocols and devices used. The document goes on to describe how IPSec VPNs can be vulnerable through issues with aggressive mode authentication and use of pre-shared keys, and provides information on tools that can crack pre-shared keys over aggressive mode. It recommends ways to improve security such as disabling aggressive mode and using certificates instead of pre-shared keys.
Continuous Delivery and Infrastructure as Code
Sascha Möllering discusses how his company moved from manual server setup and deployment to automated deployments using infrastructure as code and continuous delivery. They now deploy whenever needed using tools like Chef and JBoss to configure servers. Previously they faced challenges like manual processes, difficult rollbacks, and biweekly deployment windows. Now deployments are automated, safer, and can happen continuously.
Recommended
Nikto
Nikto is a popular webserver assessment tool that scans for over 6700 potentially dangerous files and programs, checks for outdated server versions of over 1250 servers, and identifies version-specific problems on 270+ servers. It identifies vulnerabilities very quickly but is not stealthy, making the scans obvious in server logs. Nikto allows tuning scans to specific categories like file uploads, information disclosure, or SQL injection, and has features like SSL support, HTTP proxy support, customizable reports, and host authentication.
Protecting your site by detection
This document discusses ways to detect security issues on a WordPress site and server. It recommends using tools like ModSecurity, fail2ban, Apticron, and Apt-dater to monitor for updates, failed login attempts, and other security events. It also proposes building a WordPress plugin called WP Central that would aggregate security data from all sites and servers and provide a central dashboard. The plugin would monitor files, permissions, login attempts, and perform checksum scans to detect any changes or additions.
[old] Network Performance Monitoring for DevOps and IT
Take a look at our updated Network Monitoring presentation in the link given below:
https://www.slideshare.net/Site24x7/network-final
Get comprehensive performance insights by monitoring critical network devices such as routers, switches and firewalls with Site24x7.
About Site24x7:
Site24x7 offers unified cloud monitoring for DevOps and IT operations. Monitor the experience of real users accessing websites and applications from desktop and mobile devices. In-depth monitoring capabilities enable DevOps teams to monitor and troubleshoot applications, servers and network infrastructure including private and public clouds. End user experience monitoring is done from 50+ locations across the world and various wireless carriers. For more information on Site24x7, please visit http://www.site24x7.com/.
Forums: https://forums.site24x7.com/
Facebook: http://www.facebook.com/Site24x7
Twitter: http://twitter.com/site24x7
Google+: https://plus.google.com/+Site24x7
LinkedIn: https://www.linkedin.com/company/site...
View Blogs: http://blogs.site24x7.com/
Code lifecycle on the Acquia Cloud Platform
This presentation was given during Drupal Camp Byron Bay 2015 and focused on code lifecycle on the Acquia Cloud platform
NGINX: Basics and Best Practices
On-demand recording: nginx.com/resources/webinars/nginx-basics-best-practices
You’ve heard of NGINX and the benefits it can provide to your web application, but maybe you’re not sure how to get started. There are a lot of tutorials online, but they can be outdated and contradict each other, making things more challenging. In this webinar we’ll cover the basics of NGINX to help you effectively begin using it as part of your existing or new web app.
This webinar covers how to:
* Install NGINX and verify it's properly running
* Create NGINX configurations for reverse proxy, load balancer, etc.
* Improve performance using keepalives and other NGINX directives
* Debug and troubleshoot using NGINX logs
Linux routing and firewall for beginners
This document outlines an agenda for a workshop on networking and firewall basics. It will cover setting up a router and routing between networks, firewall administration, and demonstrations of routing, pinging, traceroute, SSH, and basic firewall rules. It provides instructions on software installation and setup for the demonstrations and includes exercises on port forwarding, multi-DMZ configurations, and network address translation.
y3dips hacking priv8 network
This document discusses hacking into IPSec VPNs used by banks. It describes how banks previously used private networks but now rely on VPNs to connect over public infrastructure like the internet in a more cost effective way. However, VPNs are only relatively secure and rely on the security of the protocols and devices used. The document goes on to describe how IPSec VPNs can be vulnerable through issues with aggressive mode authentication and use of pre-shared keys, and provides information on tools that can crack pre-shared keys over aggressive mode. It recommends ways to improve security such as disabling aggressive mode and using certificates instead of pre-shared keys.
Continuous Delivery and Infrastructure as Code
Sascha Möllering discusses how his company moved from manual server setup and deployment to automated deployments using infrastructure as code and continuous delivery. They now deploy whenever needed using tools like Chef and JBoss to configure servers. Previously they faced challenges like manual processes, difficult rollbacks, and biweekly deployment windows. Now deployments are automated, safer, and can happen continuously.
Debugging the Web with Fiddler
Fiddler is a free web debugging proxy that monitors and manipulates HTTP/HTTPS traffic between a computer and the Internet. It can inspect traffic, set breakpoints, and modify requests and responses. Fiddler functions as a reverse proxy by capturing and reconstructing messages passing through it. This allows developers to debug web applications, analyze performance issues, and test servers. It supports common protocols and can debug services running as Windows services. Fiddler is extensible through scripting and has use cases for traffic inspection, performance analysis, debugging, and testing.
Open Audit
There are many ways to keep track of your IT inventory. We have experienced great success with an Open Source solution that can automate the process of managing the inventory of a network. It can tell you what is on your network, how it is configured and when it changes. It works with Windows, Mac and Linux systems and can be customized to work in most network environments.
Attack all the layers secure 360
This presentation is intended to provide an overview of vulnerabilities and attack techniques that are popular in penetration testing at the moment. Vulnerabilities related to the application, network, and server layers will be covered along with current anti-virus bypass and privilege escalation techniques used by attackers and penetration testers. This presentation should be interesting to security professionals and system administrators looking for more insight into real world attacks. Karl Fosaaen and I put this together for Secure 360 in Minneapolis. We hope you enjoy it.
More security blogs by the authors can be found @
https://www.netspi.com/blog/
CENTRAL MANAGEMENT OF NETWORK AND CALL SERVICES
The objective of this project is to make servers of web service, ftp service, VoIP video call service, and manage them centrally from a host in private connection or from remote connection. We will also monitor the services, we are going to install, from this central PC. If there is a problem found like no connectivity, then the monitor agent will notify the network administrator showing the error message.
Towards automated testing - CloudStack Collab Conference
This document proposes an automated testing environment for CloudStack to continuously run basic verification tests (BVTs), enable community testing, and keep the master branch stable. It describes an architecture using Jenkins for continuous integration, Cobbler for provisioning management and hypervisor servers, and Marvin tests to check for regressions. The implementation is outlined, along with plans for easy replication of the testing environment and enhancements to integrate additional hypervisors and improve testing.
Attacking VPN's
This document provides an overview of VPN penetration testing. It begins with an introduction of the presenter and agenda. It then defines what a VPN is and why they are used. The main types of VPN protocols covered are PPTP, IPSec, SSL, and hybrid VPNs. Details are given about each protocol type. The document also discusses VPN traffic, applications, and potential issues like weak encryption, brute force attacks, lack of data integrity checks, and port failures leading to data leaks. Contact information is provided at the end.
Supercharge Application Delivery to Satisfy Users
Users expect websites and applications to be quick and reliable. A slow user experience can have a significant impact on your business. Join us for this webinar where we will show you a number of ways you can use NGINX and other tools and techniques to supercharge your application delivery, including:
- Client Caching
- Content Delivery Networks (CDN)
- OCSP stapling
- Dynamic Content Caching
View full webinar on demand at http://bit.ly/nginxsupercharge
Upcoming Products, Services and Features - Workshop by Praveen Umanath
The document summarizes upcoming products, services, and features from two product managers. New shared hosting features include SSH key authentication and Ruby support. A new VPS offering uses high-end hardware and storage. Dedicated servers will offer blade servers, storage expansion, and Linux/Windows support. Additional data centers in Turkey and Hong Kong are planned along with an enterprise email product in beta testing.
Attack All the Layers: What's Working during Pentests (OWASP NYC)
This presentation is intended to provide an overview of vulnerabilities and attack techniques that are popular in penetration testing at the moment. Vulnerabilities related to the application, network, and server layers will be covered along with current anti-virus bypass and privilege escalation techniques used by attackers and penetration testers. This presentation should be interesting to security professionals and system administrators looking for more insight into real world attacks.
This is the version modified for the OWASP meeting in June of 2014.
Lateral Movement with PowerShell
PowerShell, the must have tool and the long overlooked security challenge. Learn how PowerShell’s deep integration with the Microsoft platform can be utilized as a powerful attack platform within the enterprise space. Watch as a malicious actor moves from a compromised end user PC to the domain controllers and learn how we can begin to defend these types of attacks.
Sullivan heartbleed-defcon22 2014
The Heartbleed vulnerability was an information disclosure bug in OpenSSL unveiled to the world in April 2014. This talk will describe the impact of this bug on the Internet and CloudFlare's part in contributing to the research and education of the public about this issue.
Chrome O S
Chrome OS is a Linux-based operating system designed by Google to work exclusively with web apps. It has no built-in apps and loads directly into the Chrome browser, providing instant web access. All information is synchronized to the cloud, making it accessible from any device connected to the network. As apps are web-based, there is no need to update, install, or uninstall them. The OS uses a three-tier architecture with firmware for fast booting, system software and services, and the Chromium browser and window manager. It focuses on being lightweight, simple to use, and suitable for net-based systems.
Introduction to CFEngine Enterprise 3.6.0 Webinar
Slides from 'Introduction to CFEngine 3.6.0' webinars held July 1 and 2, 2014.
Topics covered in this webinar included an overview of IT Automation at WebScale and new features of CFEngine Enterprise 3.6.0 including:
• Proactive alerts on policy drifts through a simple-to-use, configurable dashboard
• Comprehensive visibility into IT infrastructure with enhanced compliance and extensible inventory reporting
• New language abstractions to improve administration productivity
• Painless integration with other IT systems using native JSON support
Deploy RvSIEM (eng)
This document provides step-by-step instructions for deploying the RvSIEM virtual machine and configuring the RuSIEM agent to collect and analyze Windows event logs. Key steps include downloading the RvSIEM virtual image, deploying it in VMware or Hyper-V, configuring the network settings, installing the RuSIEM agent on Windows machines, and configuring the agent to send events to the RvSIEM server for analysis and querying. The document also provides tips on licensing, event searching, and troubleshooting log collection.
WAF in Scale
This document discusses implementing a web application firewall (WAF) in scale across multiple teams and data centers. It proposes using ModSecurity for detection-only monitoring of web attacks. Alerts would be sent to a Splunk dashboard for correlation and analysis by a security operations center. Rules would be automatically deployed using Puppet to ensure all front-end systems are protected in a consistent way.
15 most valuable reports with CFEngine
This document provides descriptions of 15 reports available through the CFEngine configuration management tool. The reports cover topics such as changes made to systems by CFEngine, available software updates, installed software, file integrity monitoring, policy compliance, system inventory, open ports, package repository configurations, SSH host keys, kernel settings, NTP configuration, security benchmarks, and IP forwarding settings. It encourages customers to contact CFEngine if they are interested in learning how to create these reports.
Puppet Camp Charlotte 2015: Managing middleware with Puppet
Managing middleware with Puppet can be challenging due to the complex nature of middleware applications and configurations. Some key challenges include having multiple software development lifecycles to manage for applications and middleware updates, issues with ownership of configuration directories, maintaining idempotency when applying configurations, and managing customizations while avoiding naming conflicts. The document recommends isolating any company-specific customizations into a wrapper module to more easily contribute standard configuration back to the open source community. Active management of middleware is important for security and availability reasons.
An Introduction to PowerShell for Security Assessments
This document introduces PowerShell as a tool for security assessments. It notes that bringing outside tools to a system can cause issues, but using native operating system tools avoids these problems. PowerShell is presented as a potential solution as it is available natively on Windows systems and allows accessing operating system objects without downloading software. The document then provides an overview of PowerShell and its capabilities before presenting a case study of how to use PowerShell to assess a Microsoft Active Directory Certificate Services server.
ASP.NET 5 - Microsoft's Web development platform reimagined
Presentation for Dutch Microsoft TechDays 2015:
The ASP.NET Framework is rebuilt from the ground up in version 5. On the surface it might still resemble the ASP.NET you have come to know in the past 13 years. Underneath the covers there are immense changes in the way ASP.NET works. It is designed with modern software development practices in mind and clearly shows the shift in Microsoft's approach to web and cross-platform and open source development. In this session you will see the most important parts of ASP.NET 5 and get a glimpse into the future of .NET as well.
How to be a lion tamer
Keeping WebSphere under control with free tools - Wannes & Sharon share some tips and experience on the free tools they use daily to monitor Connections environments using FREE tools
.NET Cloud-Native Bootcamp
Slides from the .NET Cloud-Native Bootcamp, hosted by Pivotal, Microsoft, and Magenic in New York and New Jersey on April 9th & 11th, 2019.
12-Factor Apps
The twelve-factor app is designed for continuous deployment by keeping the gap between development and production small. For example, make the time gap small, make the personnel gap small & make the tools gap small. Learn more about how a Cloud vendor must provide a platform for 12-factor / Cloud Native development and deployment with identified anti-patterns.
More Related Content
What's hot
Debugging the Web with Fiddler
Fiddler is a free web debugging proxy that monitors and manipulates HTTP/HTTPS traffic between a computer and the Internet. It can inspect traffic, set breakpoints, and modify requests and responses. Fiddler functions as a reverse proxy by capturing and reconstructing messages passing through it. This allows developers to debug web applications, analyze performance issues, and test servers. It supports common protocols and can debug services running as Windows services. Fiddler is extensible through scripting and has use cases for traffic inspection, performance analysis, debugging, and testing.
Open Audit
There are many ways to keep track of your IT inventory. We have experienced great success with an Open Source solution that can automate the process of managing the inventory of a network. It can tell you what is on your network, how it is configured and when it changes. It works with Windows, Mac and Linux systems and can be customized to work in most network environments.
Attack all the layers secure 360
This presentation is intended to provide an overview of vulnerabilities and attack techniques that are popular in penetration testing at the moment. Vulnerabilities related to the application, network, and server layers will be covered along with current anti-virus bypass and privilege escalation techniques used by attackers and penetration testers. This presentation should be interesting to security professionals and system administrators looking for more insight into real world attacks. Karl Fosaaen and I put this together for Secure 360 in Minneapolis. We hope you enjoy it.
More security blogs by the authors can be found @
https://www.netspi.com/blog/
CENTRAL MANAGEMENT OF NETWORK AND CALL SERVICES
The objective of this project is to make servers of web service, ftp service, VoIP video call service, and manage them centrally from a host in private connection or from remote connection. We will also monitor the services, we are going to install, from this central PC. If there is a problem found like no connectivity, then the monitor agent will notify the network administrator showing the error message.
Towards automated testing - CloudStack Collab Conference
This document proposes an automated testing environment for CloudStack to continuously run basic verification tests (BVTs), enable community testing, and keep the master branch stable. It describes an architecture using Jenkins for continuous integration, Cobbler for provisioning management and hypervisor servers, and Marvin tests to check for regressions. The implementation is outlined, along with plans for easy replication of the testing environment and enhancements to integrate additional hypervisors and improve testing.
Attacking VPN's
This document provides an overview of VPN penetration testing. It begins with an introduction of the presenter and agenda. It then defines what a VPN is and why they are used. The main types of VPN protocols covered are PPTP, IPSec, SSL, and hybrid VPNs. Details are given about each protocol type. The document also discusses VPN traffic, applications, and potential issues like weak encryption, brute force attacks, lack of data integrity checks, and port failures leading to data leaks. Contact information is provided at the end.
Supercharge Application Delivery to Satisfy Users
Users expect websites and applications to be quick and reliable. A slow user experience can have a significant impact on your business. Join us for this webinar where we will show you a number of ways you can use NGINX and other tools and techniques to supercharge your application delivery, including:
- Client Caching
- Content Delivery Networks (CDN)
- OCSP stapling
- Dynamic Content Caching
View full webinar on demand at http://bit.ly/nginxsupercharge
Upcoming Products, Services and Features - Workshop by Praveen Umanath
The document summarizes upcoming products, services, and features from two product managers. New shared hosting features include SSH key authentication and Ruby support. A new VPS offering uses high-end hardware and storage. Dedicated servers will offer blade servers, storage expansion, and Linux/Windows support. Additional data centers in Turkey and Hong Kong are planned along with an enterprise email product in beta testing.
Attack All the Layers: What's Working during Pentests (OWASP NYC)
This presentation is intended to provide an overview of vulnerabilities and attack techniques that are popular in penetration testing at the moment. Vulnerabilities related to the application, network, and server layers will be covered along with current anti-virus bypass and privilege escalation techniques used by attackers and penetration testers. This presentation should be interesting to security professionals and system administrators looking for more insight into real world attacks.
This is the version modified for the OWASP meeting in June of 2014.
Lateral Movement with PowerShell
PowerShell, the must have tool and the long overlooked security challenge. Learn how PowerShell’s deep integration with the Microsoft platform can be utilized as a powerful attack platform within the enterprise space. Watch as a malicious actor moves from a compromised end user PC to the domain controllers and learn how we can begin to defend these types of attacks.
Sullivan heartbleed-defcon22 2014
The Heartbleed vulnerability was an information disclosure bug in OpenSSL unveiled to the world in April 2014. This talk will describe the impact of this bug on the Internet and CloudFlare's part in contributing to the research and education of the public about this issue.
Chrome O S
Chrome OS is a Linux-based operating system designed by Google to work exclusively with web apps. It has no built-in apps and loads directly into the Chrome browser, providing instant web access. All information is synchronized to the cloud, making it accessible from any device connected to the network. As apps are web-based, there is no need to update, install, or uninstall them. The OS uses a three-tier architecture with firmware for fast booting, system software and services, and the Chromium browser and window manager. It focuses on being lightweight, simple to use, and suitable for net-based systems.
Introduction to CFEngine Enterprise 3.6.0 Webinar
Slides from 'Introduction to CFEngine 3.6.0' webinars held July 1 and 2, 2014.
Topics covered in this webinar included an overview of IT Automation at WebScale and new features of CFEngine Enterprise 3.6.0 including:
• Proactive alerts on policy drifts through a simple-to-use, configurable dashboard
• Comprehensive visibility into IT infrastructure with enhanced compliance and extensible inventory reporting
• New language abstractions to improve administration productivity
• Painless integration with other IT systems using native JSON support
Deploy RvSIEM (eng)
This document provides step-by-step instructions for deploying the RvSIEM virtual machine and configuring the RuSIEM agent to collect and analyze Windows event logs. Key steps include downloading the RvSIEM virtual image, deploying it in VMware or Hyper-V, configuring the network settings, installing the RuSIEM agent on Windows machines, and configuring the agent to send events to the RvSIEM server for analysis and querying. The document also provides tips on licensing, event searching, and troubleshooting log collection.
WAF in Scale
This document discusses implementing a web application firewall (WAF) in scale across multiple teams and data centers. It proposes using ModSecurity for detection-only monitoring of web attacks. Alerts would be sent to a Splunk dashboard for correlation and analysis by a security operations center. Rules would be automatically deployed using Puppet to ensure all front-end systems are protected in a consistent way.
15 most valuable reports with CFEngine
This document provides descriptions of 15 reports available through the CFEngine configuration management tool. The reports cover topics such as changes made to systems by CFEngine, available software updates, installed software, file integrity monitoring, policy compliance, system inventory, open ports, package repository configurations, SSH host keys, kernel settings, NTP configuration, security benchmarks, and IP forwarding settings. It encourages customers to contact CFEngine if they are interested in learning how to create these reports.
Puppet Camp Charlotte 2015: Managing middleware with Puppet
Managing middleware with Puppet can be challenging due to the complex nature of middleware applications and configurations. Some key challenges include having multiple software development lifecycles to manage for applications and middleware updates, issues with ownership of configuration directories, maintaining idempotency when applying configurations, and managing customizations while avoiding naming conflicts. The document recommends isolating any company-specific customizations into a wrapper module to more easily contribute standard configuration back to the open source community. Active management of middleware is important for security and availability reasons.
An Introduction to PowerShell for Security Assessments
This document introduces PowerShell as a tool for security assessments. It notes that bringing outside tools to a system can cause issues, but using native operating system tools avoids these problems. PowerShell is presented as a potential solution as it is available natively on Windows systems and allows accessing operating system objects without downloading software. The document then provides an overview of PowerShell and its capabilities before presenting a case study of how to use PowerShell to assess a Microsoft Active Directory Certificate Services server.
ASP.NET 5 - Microsoft's Web development platform reimagined
Presentation for Dutch Microsoft TechDays 2015:
The ASP.NET Framework is rebuilt from the ground up in version 5. On the surface it might still resemble the ASP.NET you have come to know in the past 13 years. Underneath the covers there are immense changes in the way ASP.NET works. It is designed with modern software development practices in mind and clearly shows the shift in Microsoft's approach to web and cross-platform and open source development. In this session you will see the most important parts of ASP.NET 5 and get a glimpse into the future of .NET as well.
How to be a lion tamer
Keeping WebSphere under control with free tools - Wannes & Sharon share some tips and experience on the free tools they use daily to monitor Connections environments using FREE tools
What's hot (20)
Towards automated testing - CloudStack Collab Conference
Towards automated testing - CloudStack Collab Conference
Upcoming Products, Services and Features - Workshop by Praveen Umanath
Upcoming Products, Services and Features - Workshop by Praveen Umanath
Attack All the Layers: What's Working during Pentests (OWASP NYC)
Attack All the Layers: What's Working during Pentests (OWASP NYC)
Puppet Camp Charlotte 2015: Managing middleware with Puppet
Puppet Camp Charlotte 2015: Managing middleware with Puppet
An Introduction to PowerShell for Security Assessments
An Introduction to PowerShell for Security Assessments
ASP.NET 5 - Microsoft's Web development platform reimagined
ASP.NET 5 - Microsoft's Web development platform reimagined
Similar to A Byte of Software Deployment
.NET Cloud-Native Bootcamp
Slides from the .NET Cloud-Native Bootcamp, hosted by Pivotal, Microsoft, and Magenic in New York and New Jersey on April 9th & 11th, 2019.
12-Factor Apps
The twelve-factor app is designed for continuous deployment by keeping the gap between development and production small. For example, make the time gap small, make the personnel gap small & make the tools gap small. Learn more about how a Cloud vendor must provide a platform for 12-factor / Cloud Native development and deployment with identified anti-patterns.
Splunk: Forward me the REST of those shells
Splunk forwarders were used to gain initial access to a network by exploiting their default credentials and REST API. This allowed deploying a malicious app that provided a shell. The shell was then used to pillage other systems by abusing credentials and data found in Chef scripts and GitHub repositories. Mitigations include changing default credentials, disabling the REST API on forwarders, improving logging and monitoring for unusual app deployments, using TLS for deployment server communications, and running Splunk in a less privileged manner.
Twelve-Factor App: Software Application Architecture
12-Factor App is a methodology for building web applications, software-as-a-service apps. Software applications that are Easy to Setup, Portable, Cloud Platform Ready, CI/CD Ready and Scalable.
Automating Software Development Life Cycle - A DevOps Approach
The document discusses DevOps and provides an overview of the key concepts. It describes how DevOps aims to bring development, operations, and business teams together through automating processes, continuous monitoring, and breaking down silos between teams. The document then covers various DevOps tools and technologies like version control systems, build tools, configuration management, virtualization, and continuous integration/deployment practices.
Rock Solid Deployment of Web Applications
This document discusses best practices for deploying web applications. It recommends automating deployment using tools like Capistrano, Fabric, or Phing to allow for continuous deployment. It also stresses the importance of monitoring servers and applications during deployment using tools like StatsD, Graphite, Logstash, Graylog, and Kibana. The document provides examples of deployment scripts and emphasizes planning deployment early in the development process.
Windows 2012 R2 Multi Server Management
The document provides information about three Microsoft resources for technical training and software evaluation: the TechNet Evaluation Center, IT Camps, and Microsoft Virtual Academy. The TechNet Evaluation Center allows downloading free trials of Microsoft software. IT Camps are free, hands-on technical training events led by Microsoft experts. Microsoft Virtual Academy provides free online technical courses on Microsoft technologies.
DEF CON 27 - ORANGE TSAI and MEH CHANG - infiltrating corporate intranet like...
DEF CON 27 - ORANGE TSAI and MEH CHANG - infiltrating corporate intranet like nsa pre auth rce on leading ssl vpns
Apache Street Smarts Presentation (SANS 99)
This document provides an overview of installing and configuring the Apache HTTP server on Linux and Windows platforms. It discusses setting up virtual hosts and directories, securing pages with passwords, customizing error messages, and using modules to add functionality like PHP, Perl, and CGI scripting. The tutorial demonstrates the Apache configuration files and directives for tasks like process control, module management, and empowering web developers.
Getting to Walk with DevOps
Moving from "Crawl" to "walk" stage on Devops. Part 2 of 4 for Complete DevOps implementation in an organization.
IBM Think Session 8598 Domino and JavaScript Development MasterClass
Session from IBM Think 2018. Note: the architecture used is an extreme case of what's possible (and it could go further), rather than a real-world expectation
DevOPS training - Day 1/2
Slides from training at ECV digital school - Sponsored by CALLR.com
Basics of DevOPS in one day with a workshop.
Putting the Sec into DevOps
Putting the Sec into DevOps
DevOps enables companies to deliver innovations faster to market. But with multiple functional teams collaborating on development, and so many moving parts, security is often left out of the DevOps process and then tacked on at the end - delaying deployment into production and negating many of the benefits of DevOps.
Presented by renowned industry expert Prof. Avishai Wool, this new technical webinar will cover best practices for incorporating security into the DevOps lifecycle. This insight will help ensure better collaboration between security and the development teams right from the start and reduce the time, cost and risk of deploying applications into production.
In this webinar Professor Wool will cover how to:
• Identify and map existing applications and their connectivity flows to establish a baseline
• Adjust application connectivity for each stage of the DevOps lifecycle – without coding
• Automatically deploy connectivity throughout the development lifecycle using templates
• Proactively assess risk and compliance throughout the DevOps process
• Manage and maintain security in the production environment
Infrastructure and Compliance Delight with Chef Automate
The document discusses Chef Automate, a platform for continuous automation, infrastructure automation, compliance automation, and application automation. It describes how Chef Automate can help increase development speed, improve efficiency, and decrease risk by defining infrastructure, applications, and compliance rules as code. It provides an example workflow of how Chef Automate can enable the continuous compliance process of scanning for compliance, building and testing locally and in CI/CD, remediating issues, and verifying compliance. Finally, it summarizes how Chef Automate supports the entire journey from detecting compliance issues to correcting them to automating continuous detection and correction.
Thick Application Penetration Testing - A Crash Course
This document provides an overview of penetration testing thick applications. It discusses why thick apps present unique risks compared to web apps, common thick app architectures, and how to access and test various components of thick apps including the GUI, files, registry, network traffic, memory, and configurations. A variety of tools are listed that can be used for tasks like decompiling, injecting code, and exploiting excessive privileges. The document concludes with recommendations such as never storing sensitive data in assemblies and being careful when deploying thick apps via terminal services.
Continuous Integration - Mobile Practice
Continuous Integration (CI) is a development practice that requires developers to integrate code into a shared repository several times a day. Each check-in is then verified by an automated build, allowing teams to detect problems early. In this post, Vedamanikandan explains continuous integration.
JCON_15FactorWorkshop.pptx
The workshop covered cloud-native Java technologies using Open Liberty and MicroProfile. It included presentations on 12-factor and 15-factor application methodologies and hands-on labs exploring OpenAPI, health checks, metrics, and JWT authentication. Leaders demonstrated how to build and deploy modular, scalable microservices using open-source tools that optimize developer productivity and application portability in cloud environments.
DevSecOps: Putting the Sec into the DevOps
DevOps aims to accelerate application delivery by automating network connectivity processing. This requires integrating security (DevSecOps). The document discusses challenges with network segmentation and security policies when adding capacity or traffic flows. It proposes automating the documentation of application flows and updating security policies through the development cycle. AlgoSec tools can maintain an application flow repository and integrate with CI/CD pipelines to continuously check for required policy changes and implement them automatically or through approval workflows. This facilitates agile development while maintaining security and compliance.
Build automation best practices
- Build automation helps ensure consistent builds, prevents errors, and speeds up the release process. It helps development teams integrate and deliver changes continuously.
- Common tools for build automation include MSBuild, Team Foundation Server, CruiseControl.NET, and Hudson. These tools help with continuous integration (CI), running tests, code analysis, versioning, and deploying builds.
- Best practices include CI on every code check-in, running unit tests as part of the build to prevent bugs, and continuously delivering integrated builds to environments for testing. This supports rapid and reliable software delivery.
56k.cloud training
This document provides an overview of Docker and cloud native training presented by Brian Christner of 56K.Cloud. It includes an agenda for Docker labs, common IT struggles Docker can address, and 56K.Cloud's consulting and training services. It discusses concepts like containers, microservices, DevOps, infrastructure as code, and cloud migration. It also includes sections on Docker architecture, networking, volumes, logging, and monitoring tools. Case studies and examples are provided to demonstrate how Docker delivers speed, agility, and cost savings for application development.
Similar to A Byte of Software Deployment (20)
Twelve-Factor App: Software Application Architecture
Twelve-Factor App: Software Application Architecture
Automating Software Development Life Cycle - A DevOps Approach
Automating Software Development Life Cycle - A DevOps Approach
DEF CON 27 - ORANGE TSAI and MEH CHANG - infiltrating corporate intranet like...
DEF CON 27 - ORANGE TSAI and MEH CHANG - infiltrating corporate intranet like...
IBM Think Session 8598 Domino and JavaScript Development MasterClass
IBM Think Session 8598 Domino and JavaScript Development MasterClass
Infrastructure and Compliance Delight with Chef Automate
Infrastructure and Compliance Delight with Chef Automate
Thick Application Penetration Testing - A Crash Course
Thick Application Penetration Testing - A Crash Course
More from Gong Haibing
Ansible Introduction
This document provides an introduction to Ansible, an open source automation tool. It discusses what Ansible is, highlighting that it is a simple yet powerful IT automation system. It then covers Ansible fundamentals like architecture, modules, inventory, playbooks and variables. The document also discusses advanced Ansible topics such as YAML, debugging, SSH and plugins. It concludes with best practices for Ansible such as using roles and the automation server Tower.
Nginx Essential
This document outlines an agenda for an Nginx essentials presentation. The presentation introduces concepts like HTTP protocols and web servers. It covers installing and configuring Nginx, including its HTTP module and features like load balancing and SSL. It also discusses debugging, customizing Nginx using modules like Tengine and OpenResty, and provides example use cases and references for further reading.
How to Code Review
The document contains links and references to various coding topics including OpenPlay 1.0, rating systems, ElasticSearch, Redis pubsub, admin statistics migration, Python, GitHub pull requests and issues, code review best practices, and references for further reading. It provides an overview of code, tools, and processes for development and code review.
Sponia with QingCloud
This document discusses setting up a cloud computing site like OpenPlay. It outlines the traditional stages of initial setup on physical hardware in a data center, running and maintaining the site, scaling it up, and eventually recycling the hardware. It also provides technical details on OpenPlay's development including issues addressed between versions 1.0 and 2.0, software used like Ubuntu, MongoDB, and Redis, and VPN configurations. The document ends with reference materials on related topics like data centers, cloud computing, networking protocols, and virtualization.
Search Engine
This document discusses search technologies including ElasticSearch, Lucene, SQL, NoSQL, and inverted indexes. It provides information on ElasticSearch features such as its RESTful API, indexing, mapping, aggregations, highlighting, autocomplete, and evaluation metrics like precision and recall. Examples are given of using ElasticSearch with MongoDB through Mongo-Connector and Chinese text segmentation with Jieba.
Jenkins-CI
This document discusses Jenkins-CI, an open source tool for continuous integration and continuous delivery. It provides an overview of Jenkins-CI capabilities including building and testing software projects continuously, integrating changes, and continuously delivering software. The document also demonstrates Jenkins-CI in action with a live demo and discusses configuring Jenkins jobs, managing Jenkins, and requirements for deployment beyond Jenkins-CI like standardization, workflow, monitoring, and high availability.
Linux Fundamental
This document provides an overview of Linux fundamentals including concepts related to Ubuntu desktop and server, Linux distributions and architecture, the philosophy of Linux including the idea that everything is a file, and profiles of key figures like Linus Torvalds. It also summarizes common Linux skills and tools such as the bash shell, VIM text editor, SSH, directory structure, permissions, links, redirection, piping, cron jobs, iptables firewall, and containers versus virtual machines. References are provided for further reading.
Database Fundamental
- Database Concept
- Database History
- Theory and SQL of RDBMS
- Advanced Tops
- Distributed Database and CAP
Git Real
This document provides an overview of Git, including what it is, its internals, and workflows. Git is a distributed version control system that was designed as a content tracker and file system rather than a traditional SCM. It uses a non-linear development model and stores content in compressed objects including blobs for files, trees for directories, commits for snapshots, and tags for labels. Git allows for distributed and non-linear workflows through features like branching, merging, and rebasing. Common Git workflows include Gitflow and GitHub Flow.
More from Gong Haibing (9)
Recently uploaded
怎么办理(lincoln学位证书)英国林肯大学毕业证文凭学位证书原版一模一样
原版定制【微信:bwp0011】《(lincoln学位证书)英国林肯大学毕业证文凭学位证书》【微信:bwp0011】成绩单 、雅思、外壳、留信学历认证永久存档查询,采用学校原版纸张、特殊工艺完全按照原版一比一制作(包括:隐形水印,阴影底纹,钢印LOGO烫金烫银,LOGO烫金烫银复合重叠,文字图案浮雕,激光镭射,紫外荧光,温感,复印防伪)行业标杆!精益求精,诚心合作,真诚制作!多年品质 ,按需精细制作,24小时接单,全套进口原装设备,十五年致力于帮助留学生解决难题,业务范围有加拿大、英国、澳洲、韩国、美国、新加坡,新西兰等学历材料,包您满意。
【业务选择办理准则】
一、工作未确定,回国需先给父母、亲戚朋友看下文凭的情况,办理一份就读学校的毕业证【微信bwp0011】文凭即可
二、回国进私企、外企、自己做生意的情况,这些单位是不查询毕业证真伪的,而且国内没有渠道去查询国外文凭的真假,也不需要提供真实教育部认证。鉴于此,办理一份毕业证【微信bwp0011】即可
三、进国企,银行,事业单位,考公务员等等,这些单位是必需要提供真实教育部认证的,办理教育部认证所需资料众多且烦琐,所有材料您都必须提供原件,我们凭借丰富的经验,快捷的绿色通道帮您快速整合材料,让您少走弯路。
留信网认证的作用:
1:该专业认证可证明留学生真实身份
2:同时对留学生所学专业登记给予评定
3:国家专业人才认证中心颁发入库证书
4:这个认证书并且可以归档倒地方
5:凡事获得留信网入网的信息将会逐步更新到个人身份内,将在公安局网内查询个人身份证信息后,同步读取人才网入库信息
6:个人职称评审加20分
7:个人信誉贷款加10分
8:在国家人才网主办的国家网络招聘大会中纳入资料,供国家高端企业选择人才
【关于价格问题(保证一手价格)】
我们所定的价格是非常合理的,而且我们现在做得单子大多数都是代理和回头客户介绍的所以一般现在有新的单子 我给客户的都是第一手的代理价格,因为我想坦诚对待大家 不想跟大家在价格方面浪费时间
对于老客户或者被老客户介绍过来的朋友,我们都会适当给一些优惠。
原版制作贝德福特大学毕业证(bedfordhire毕业证)硕士文凭原版一模一样
原版一模一样【微信:741003700 】【贝德福特大学毕业证(bedfordhire毕业证)硕士文凭】【微信:741003700 】学位证,留信认证(真实可查,永久存档)offer、雅思、外壳等材料/诚信可靠,可直接看成品样本,帮您解决无法毕业带来的各种难题!外壳,原版制作,诚信可靠,可直接看成品样本。行业标杆!精益求精,诚心合作,真诚制作!多年品质 ,按需精细制作,24小时接单,全套进口原装设备。十五年致力于帮助留学生解决难题,包您满意。
本公司拥有海外各大学样板无数,能完美还原海外各大学 Bachelor Diploma degree, Master Degree Diploma
1:1完美还原海外各大学毕业材料上的工艺:水印,阴影底纹,钢印LOGO烫金烫银,LOGO烫金烫银复合重叠。文字图案浮雕、激光镭射、紫外荧光、温感、复印防伪等防伪工艺。材料咨询办理、认证咨询办理请加学历顾问Q/微741003700
留信网认证的作用:
1:该专业认证可证明留学生真实身份
2:同时对留学生所学专业登记给予评定
3:国家专业人才认证中心颁发入库证书
4:这个认证书并且可以归档倒地方
5:凡事获得留信网入网的信息将会逐步更新到个人身份内,将在公安局网内查询个人身份证信息后,同步读取人才网入库信息
6:个人职称评审加20分
7:个人信誉贷款加10分
8:在国家人才网主办的国家网络招聘大会中纳入资料,供国家高端企业选择人才
Artificial Intelligence, Data and Competition – ČORBA – June 2024 OECD discus...
Artificial Intelligence, Data and Competition – ČORBA – June 2024 OECD discus...OECD Directorate for Financial and Enterprise Affairs
This presentation by Juraj Čorba, Chair of OECD Working Party on Artificial Intelligence Governance (AIGO), was made during the discussion “Artificial Intelligence, Data and Competition” held at the 143rd meeting of the OECD Competition Committee on 12 June 2024. More papers and presentations on the topic can be found at oe.cd/aicomp.
This presentation was uploaded with the author’s consent.
The Intersection between Competition and Data Privacy – OECD – June 2024 OECD...
The Intersection between Competition and Data Privacy – OECD – June 2024 OECD...OECD Directorate for Financial and Enterprise Affairs
This presentation by OECD, OECD Secretariat, was made during the discussion “The Intersection between Competition and Data Privacy” held at the 143rd meeting of the OECD Competition Committee on 13 June 2024. More papers and presentations on the topic can be found at oe.cd/ibcdp.
This presentation was uploaded with the author’s consent.
Carrer goals.pptx and their importance in real life
Career goals serve as a roadmap for individuals, guiding them toward achieving long-term professional aspirations and personal fulfillment. Establishing clear career goals enables professionals to focus their efforts on developing specific skills, gaining relevant experience, and making strategic decisions that align with their desired career trajectory. By setting both short-term and long-term objectives, individuals can systematically track their progress, make necessary adjustments, and stay motivated. Short-term goals often include acquiring new qualifications, mastering particular competencies, or securing a specific role, while long-term goals might encompass reaching executive positions, becoming industry experts, or launching entrepreneurial ventures.
Moreover, having well-defined career goals fosters a sense of purpose and direction, enhancing job satisfaction and overall productivity. It encourages continuous learning and adaptation, as professionals remain attuned to industry trends and evolving job market demands. Career goals also facilitate better time management and resource allocation, as individuals prioritize tasks and opportunities that advance their professional growth. In addition, articulating career goals can aid in networking and mentorship, as it allows individuals to communicate their aspirations clearly to potential mentors, colleagues, and employers, thereby opening doors to valuable guidance and support. Ultimately, career goals are integral to personal and professional development, driving individuals toward sustained success and fulfillment in their chosen fields.
Artificial Intelligence, Data and Competition – SCHREPEL – June 2024 OECD dis...
Artificial Intelligence, Data and Competition – SCHREPEL – June 2024 OECD dis...OECD Directorate for Financial and Enterprise Affairs
This presentation by Thibault Schrepel, Associate Professor of Law at Vrije Universiteit Amsterdam University, was made during the discussion “Artificial Intelligence, Data and Competition” held at the 143rd meeting of the OECD Competition Committee on 12 June 2024. More papers and presentations on the topic can be found at oe.cd/aicomp.
This presentation was uploaded with the author’s consent.
nationalismineurope-230420140400-1c53f60e.pptx
Iski peti Mein Humne nationalism ko ke bare mein bataya
Proposal: The Ark Project and The BEEP Inc
1.) Introduction
Our Movement is not new; it is the same as it was for Freedom, Justice, and Equality since we were labeled as slaves. However, this movement at its core must entail economics.
2.) Historical Context
This is the same movement because none of the previous movements, such as boycotts, were ever completed. For some, maybe, but for the most part, it’s just a place to keep your stable until you’re ready to assimilate them into your system. The rest of the crabs are left in the world’s worst parts, begging for scraps.
3.) Economic Empowerment
Our Movement aims to show that it is indeed possible for the less fortunate to establish their economic system. Everyone else – Caucasian, Asian, Mexican, Israeli, Jews, etc. – has their systems, and they all set up and usurp money from the less fortunate. So, the less fortunate buy from every one of them, yet none of them buy from the less fortunate. Moreover, the less fortunate really don’t have anything to sell.
4.) Collaboration with Organizations
Our Movement will demonstrate how organizations such as the National Association for the Advancement of Colored People, National Urban League, Black Lives Matter, and others can assist in creating a much more indestructible Black Wall Street.
5.) Vision for the Future
Our Movement will not settle for less than those who came before us and stopped before the rights were equal. The economy, jobs, healthcare, education, housing, incarceration – everything is unfair, and what isn’t is rigged for the less fortunate to fail, as evidenced in society.
6.) Call to Action
Our movement has started and implemented everything needed for the advancement of the economic system. There are positions for only those who understand the importance of this movement, as failure to address it will continue the degradation of the people deemed less fortunate.
No, this isn’t Noah’s Ark, nor am I a Prophet. I’m just a man who wrote a couple of books, created a magnificent website: http://www.thearkproject.llc, and who truly hopes to try and initiate a truly sustainable economic system for deprived people. We may not all have the same beliefs, but if our methods are tried, tested, and proven, we can come together and help others. My website: http://www.thearkproject.llc is very informative and considerably controversial. Please check it out, and if you are afraid, leave immediately; it’s no place for cowards. The last Prophet said: “Whoever among you sees an evil action, then let him change it with his hand [by taking action]; if he cannot, then with his tongue [by speaking out]; and if he cannot, then, with his heart – and that is the weakest of faith.” [Sahih Muslim] If we all, or even some of us, did this, there would be significant change. We are able to witness it on small and grand scales, for example, from climate control to business partnerships. I encourage, invite, and challenge you all to support me by visiting my website.
BRIC_2024_2024-06-06-11:30-haunschild_archival_version.pdf
These are the slides of my presentation at BRIC 2024 about global science overlay maps using OpenAlex.
Pro-competitive Industrial Policy – LANE – June 2024 OECD discussion
Pro-competitive Industrial Policy – LANE – June 2024 OECD discussionOECD Directorate for Financial and Enterprise Affairs
This presentation by Nathaniel Lane, Associate Professor in Economics at Oxford University, was made during the discussion “Pro-competitive Industrial Policy” held at the 143rd meeting of the OECD Competition Committee on 12 June 2024. More papers and presentations on the topic can be found at oe.cd/pcip.
This presentation was uploaded with the author’s consent.
Disaster Management project for holidays homework and other uses
It talks about disaster management in a helful way.
The Intersection between Competition and Data Privacy – COLANGELO – June 2024...
The Intersection between Competition and Data Privacy – COLANGELO – June 2024...OECD Directorate for Financial and Enterprise Affairs
This presentation by Professor Giuseppe Colangelo, Jean Monnet Professor of European Innovation Policy, was made during the discussion “The Intersection between Competition and Data Privacy” held at the 143rd meeting of the OECD Competition Committee on 13 June 2024. More papers and presentations on the topic can be found at oe.cd/ibcdp.
This presentation was uploaded with the author’s consent.
Why Psychological Safety Matters for Software Teams - ACE 2024 - Ben Linders.pdf
Psychological safety in teams is important; team members must feel safe and able to communicate and collaborate effectively to deliver value. It’s also necessary to build long-lasting teams since things will happen and relationships will be strained.
But, how safe is a team? How can we determine if there are any factors that make the team unsafe or have an impact on the team’s culture?
In this mini-workshop, we’ll play games for psychological safety and team culture utilizing a deck of coaching cards, The Psychological Safety Cards. We will learn how to use gamification to gain a better understanding of what’s going on in teams. Individuals share what they have learned from working in teams, what has impacted the team’s safety and culture, and what has led to positive change.
Different game formats will be played in groups in parallel. Examples are an ice-breaker to get people talking about psychological safety, a constellation where people take positions about aspects of psychological safety in their team or organization, and collaborative card games where people work together to create an environment that fosters psychological safety.
IEEE CIS Webinar Sustainable futures.pdf
The importance of sustainable and efficient computational practices in artificial intelligence (AI) and deep learning has become increasingly critical. This webinar focuses on the intersection of sustainability and AI, highlighting the significance of energy-efficient deep learning, innovative randomization techniques in neural networks, the potential of reservoir computing, and the cutting-edge realm of neuromorphic computing. This webinar aims to connect theoretical knowledge with practical applications and provide insights into how these innovative approaches can lead to more robust, efficient, and environmentally conscious AI systems.
Webinar Speaker: Prof. Claudio Gallicchio, Assistant Professor, University of Pisa
Claudio Gallicchio is an Assistant Professor at the Department of Computer Science of the University of Pisa, Italy. His research involves merging concepts from Deep Learning, Dynamical Systems, and Randomized Neural Systems, and he has co-authored over 100 scientific publications on the subject. He is the founder of the IEEE CIS Task Force on Reservoir Computing, and the co-founder and chair of the IEEE Task Force on Randomization-based Neural Networks and Learning Systems. He is an associate editor of IEEE Transactions on Neural Networks and Learning Systems (TNNLS).
Competition and Regulation in Professions and Occupations – ROBSON – June 202...
Competition and Regulation in Professions and Occupations – ROBSON – June 202...OECD Directorate for Financial and Enterprise Affairs
This presentation by Professor Alex Robson, Deputy Chair of Australia’s Productivity Commission, was made during the discussion “Competition and Regulation in Professions and Occupations” held at the 77th meeting of the OECD Working Party No. 2 on Competition and Regulation on 10 June 2024. More papers and presentations on the topic can be found at oe.cd/crps.
This presentation was uploaded with the author’s consent.Artificial Intelligence, Data and Competition – OECD – June 2024 OECD discussion
Artificial Intelligence, Data and Competition – OECD – June 2024 OECD discussionOECD Directorate for Financial and Enterprise Affairs
This presentation by OECD, OECD Secretariat, was made during the discussion “Artificial Intelligence, Data and Competition” held at the 143rd meeting of the OECD Competition Committee on 12 June 2024. More papers and presentations on the topic can be found at oe.cd/aicomp.
This presentation was uploaded with the author’s consent.
Pro-competitive Industrial Policy – OECD – June 2024 OECD discussion
Pro-competitive Industrial Policy – OECD – June 2024 OECD discussionOECD Directorate for Financial and Enterprise Affairs
This presentation by OECD, OECD Secretariat, was made during the discussion “Pro-competitive Industrial Policy” held at the 143rd meeting of the OECD Competition Committee on 12 June 2024. More papers and presentations on the topic can be found at oe.cd/pcip.
This presentation was uploaded with the author’s consent.
ServiceNow CIS-ITSM Exam Dumps & Questions [2024]
• For a full set of 530+ questions. Go to
https://skillcertpro.com/product/servicenow-cis-itsm-exam-questions/
• SkillCertPro offers detailed explanations to each question which helps to understand the concepts better.
• It is recommended to score above 85% in SkillCertPro exams before attempting a real exam.
• SkillCertPro updates exam questions every 2 weeks.
• You will get life time access and life time free updates
• SkillCertPro assures 100% pass guarantee in first attempt.
The Intersection between Competition and Data Privacy – CAPEL – June 2024 OEC...
The Intersection between Competition and Data Privacy – CAPEL – June 2024 OEC...OECD Directorate for Financial and Enterprise Affairs
This presentation by Tim Capel, Director of the UK Information Commissioner’s Office Legal Service, was made during the discussion “The Intersection between Competition and Data Privacy” held at the 143rd meeting of the OECD Competition Committee on 13 June 2024. More papers and presentations on the topic can be found at oe.cd/ibcdp.
This presentation was uploaded with the author’s consent.
The Intersection between Competition and Data Privacy – KEMP – June 2024 OECD...
The Intersection between Competition and Data Privacy – KEMP – June 2024 OECD...OECD Directorate for Financial and Enterprise Affairs
This presentation by Katharine Kemp, Associate Professor at the Faculty of Law & Justice at UNSW Sydney, was made during the discussion “The Intersection between Competition and Data Privacy” held at the 143rd meeting of the OECD Competition Committee on 13 June 2024. More papers and presentations on the topic can be found at oe.cd/ibcdp.
This presentation was uploaded with the author’s consent.
Recently uploaded (20)
Artificial Intelligence, Data and Competition – ČORBA – June 2024 OECD discus...
Artificial Intelligence, Data and Competition – ČORBA – June 2024 OECD discus...
The Intersection between Competition and Data Privacy – OECD – June 2024 OECD...
The Intersection between Competition and Data Privacy – OECD – June 2024 OECD...
Carrer goals.pptx and their importance in real life
Carrer goals.pptx and their importance in real life
Artificial Intelligence, Data and Competition – SCHREPEL – June 2024 OECD dis...
Artificial Intelligence, Data and Competition – SCHREPEL – June 2024 OECD dis...
BRIC_2024_2024-06-06-11:30-haunschild_archival_version.pdf
BRIC_2024_2024-06-06-11:30-haunschild_archival_version.pdf
Pro-competitive Industrial Policy – LANE – June 2024 OECD discussion
Pro-competitive Industrial Policy – LANE – June 2024 OECD discussion
Disaster Management project for holidays homework and other uses
Disaster Management project for holidays homework and other uses
The Intersection between Competition and Data Privacy – COLANGELO – June 2024...
The Intersection between Competition and Data Privacy – COLANGELO – June 2024...
Why Psychological Safety Matters for Software Teams - ACE 2024 - Ben Linders.pdf
Why Psychological Safety Matters for Software Teams - ACE 2024 - Ben Linders.pdf
Competition and Regulation in Professions and Occupations – ROBSON – June 202...
Competition and Regulation in Professions and Occupations – ROBSON – June 202...
Artificial Intelligence, Data and Competition – OECD – June 2024 OECD discussion
Artificial Intelligence, Data and Competition – OECD – June 2024 OECD discussion
Pro-competitive Industrial Policy – OECD – June 2024 OECD discussion
Pro-competitive Industrial Policy – OECD – June 2024 OECD discussion
The Intersection between Competition and Data Privacy – CAPEL – June 2024 OEC...
The Intersection between Competition and Data Privacy – CAPEL – June 2024 OEC...
The Intersection between Competition and Data Privacy – KEMP – June 2024 OECD...
The Intersection between Competition and Data Privacy – KEMP – June 2024 OECD...
A Byte of Software Deployment
- 1. A Byte of Software Deployment @dylanninin
- 2. What is Software Deployment ?
- 3. Software Development Life Cycle
- 4. All the Activities that Make a Software System Available for Use Definition It refers to:
- 5. Deployment Activities • Requirements — The Missing Piece of Software Development • Planning — An Objective of Each and Every Activity • Testing — Do Not Ship Bugs At All • Designing — Overall Pictures of Both High/Low-Level • Deployment — What Does this Deployment Mean
- 6. How to Deploy Software
- 7. A Minimum Python Web Application
- 8. An Overview of Realword Web Application
- 9. It’s so complicated … …
- 12. Just Before You Start • Test your code - We Do Not Ship Bugs At All - Confirm That It Is Deployable
- 13. Let’s start • Get a Server • Apply a Public IP - Try AWS or Linode/DigitalOcean … - Login via SSH/VNC … - Apply an IP - Attatch the IP to Your Server - Initialize Security Rules …
- 14. Preparing • Install Required Packages - Install Project Based Libraries - Install Redis/Mongodb/ElasticSearch/… - Edit YAML/TOML/JSON Configuration - Maintain Environment Aware of Production/Staging/Test • Setup Dependencies • Build Code/Config into Release - Make them Daemon
- 15. Run Stand-alone • Run the App - export PYTHON_ENV=production - python run.py —port=8888 - http :8888/the/actual/url
- 16. Web Server • DNS - Choose a Domain Name - Add an A Record in DNS Console • Nginx - Listen on 80/443 - Proxy Pass Requests to Your App - http https://your_domain_name/the/actual/url - Get the Public IP of Your Server
- 17. It is simple!
- 19. Supervisor: Progress Manager • Convenience • Accuracy • Centralised
- 20. Nginx - Web Server • Simplicity • High Concurrency • Extensibility
- 21. Sentry - Logging • Log as Event Stream
- 22. Trouble Shooting
- 23. A Minimum Python Web Application
- 24. There may be problems anywhere
- 25. With Outlined Tech Stack
- 26. How to Trouble Shooting
- 28. A Minimum Python Web Application
- 29. What does “interface” mean?
- 30. a Protocol Describes How the Web Server Talks with an Application Definition It refers to:
- 31. CGI
- 32. mod_python
- 33. FastCGI/SCGI
- 34. WSGI
- 36. Proxy Pass
- 37. Proxy Pass
- 38. There Are Some Other Topics
- 39. Standardisation Explicitly declare and isolate dependencies • Virtual Environment for Isolation • requirements.txt for Dependencies
- 40. Standardisation Store config in the environment • YAML/TOML/JSON • Dev/Test/Staging/Production
- 41. Standardisation Treat backing services as attached resources • Configurable • Detached/Attached
- 42. Automation
- 43. Monitoring Aware of Your Application • Console • Utilities • Services
- 44. Availability Max Availability • Max Mean Time between Failures • Min Mean Time to Recover • >= 99.9%
- 45. Q & A
- 46. Reference • Comparison of web server software • http://www.fullstackpython.com/deployment.html • http://www.fullstackpython.com/wsgi-servers.html • https://docs.python.org/3.5/howto/webservers.html • https://github.com/fouber/blog/issues/6 • https://ruby-china.org/topics/12686 • http://supervisord.org/ • http://nginx.org/ • https://jenkins.io/ • https://newrelic.com/ • http://12factor.net/ • https://github.com/alex/what-happens-when