SlideShare a Scribd company logo

Agile Enterprise Rome 2018 - Ops and Security in a PaaS and Serverless world

Chris Swan
Chris Swan

A look at how PaaS can be helpful in dealing with the 'audit paradox' presented by the choice between bolt on and build in for security, along with operational considerations for a serverless environment

Technology
1 of 48
Download to read offline
© 2017 DXC Technology Company. All rights reserved. May 16, 2018 Ops and Security in a PaaS and Serverless world Chris Swan (@cpswan) Fellow, VP, CTO Global Delivery
May 16, 2018 Chris Swan – Why Me? Combat Systems Engineer - Royal Navy Security R&D - Credit Suisse CTO Security - UBS CTO - Cohesive Networks CTO Global Infrastructure Services - CSC CTO Global Delivery - DXC Technology @cpswan
May 16, 2018 “With a monolith it's easy... you just pile a bunch of appliances in front of it“ Frank Chen Andreessen Horowitz podcast ‘All about Microservices’ with Adrian Cockcroft and Martin Casado https://a16z.com/2016/09/01/microservices/
4May 16, 2018© 2017 DXC Technology Company. All rights reserved. The Audit Paradox
May 16, 2018 Building Security In CC photo by WorldSkills
May 16, 2018 Looks Like This
May 16, 2018 Bolting Security On CC photo by arbyreed
May 16, 2018 Looks Like This
May 16, 2018 Unified Threat Management Firewall NIDS/NIPS AV Anti Spam VPN DLP Load Balancer UTM
May 16, 2018 Application Delivery Controllers Cache TLS offload Compression WAF Multiplexing Load Balancer ADC Traffic Shaping
May 16, 2018 PaaS Gives Us the Chance to ‘Bolt In’
May 16, 2018 12© 2017 DXC Technology Company. All rights reserved. But Docker Adoption Shows a Movement Against Opinionated Platforms
13May 16, 2018© 2017 DXC Technology Company. All rights reserved. FaaS and CaaS
May 16, 2018 The NIST Model for Cloud Services IaaS PaaS SaaS OperationalConsistency Speed/Stickyness
May 16, 2018 More Choices Have Emerged IaaS CaaS PaaS FaaS SaaS OperationalConsistency Speed/Stickyness
May 16, 2018 And ‘Cloud’ Doesn’t Have to Mean ‘Public’ IaaS CaaS PaaS FaaS SaaS OperationalConsistency Speed/Stickyness IaaS CaaS PaaS FaaS SaaS On Premises Off Premises
May 16, 2018 Zooming in Around PaaS and Thinking About Deployment Granularity and Platform ‘Opinion’ CaaS PaaS FaaS Lessopinionated Finergranularity
May 16, 2018 This Isn’t My Container Security Talk… So Let’s Leave CaaS For Another Time
May 16, 2018 19© 2017 DXC Technology Company. All rights reserved. 2015 ToDo: SecDevOps – Are We There Yet? APIs are necessary but not sufficient: Need to have them integrated into the overall system Control metadata (and its mutability): Must be visible and understandable Security events need to be captured: Then turned into something humans can action
May 16, 2018 If a Security Event Happens and It Isn’t Monitored
May 16, 2018 21© 2017 DXC Technology Company. All rights reserved. ‘LessOps
May 16, 2018 #define Serverless (aka Functions as a Service – FaaS)
May 16, 2018 Want to do CaaS and FaaS Together? FaaS on Kubernetes 1. Azure Functions Runtime 2. Fission 3. Fn 4. Gestalt 5. IronFunctions 6. Kubeless 7. OpenFaaS 8. OpenWhisk 9. Nuclio 10. Riff 11. VMware Dispatch https://github.com/cpswan/FaaSonK8s
May 16, 2018 #define Operations Provisioning Config Management Monitoring Logging
May 16, 2018 Or as Charity Majors @mipsytipsy Put It “Operations is the constellation of your org's technical skills, practices, and cultural values around designing, building and maintaining systems, shipping software, and solving problems with technology.”
May 16, 2018 #define DevOps The operational practices that have co-evolved with IaaS or Flow Feedback Continuous Learning by Experimentation
May 16, 2018 #define NoOps Provisioning Config Management Monitoring Logging
May 16, 2018 28© 2017 DXC Technology Company. All rights reserved. No Server != No Ops
May 16, 2018 #define LessOps Provisioning aaS Config Management < will be ‘code’, won’t go away Monitoring aaS Logging aaS
May 16, 2018 30© 2017 DXC Technology Company. All rights reserved. Factories for Continuous Delivery Pipelines
May 16, 2018 We’re not there yet By Alan Manson - Flickr: Yellow Canary (Serinus flaviventris), CC BY-SA 2.0 https://commons.wikimedia.org/w/index.php?curid=17379213
May 16, 2018https://speakerdeck.com/garethr/serverless-not-infrastructureless
May 16, 2018
May 16, 2018
May 16, 2018 35© 2017 DXC Technology Company. All rights reserved. (barely) 3 lines of Javascript 32 lines of config
May 16, 2018
May 16, 2018
May 16, 2018 38© 2017 DXC Technology Company. All rights reserved. 33 lines of Python 100 lines of config
May 16, 2018 39© 2017 DXC Technology Company. All rights reserved. What’s all that config for? • Identity and Access Management –Policies –Roles • API Gateway • Monitoring –Event Targets –Event Rules
May 16, 2018 Hello World with the Serverless Framework
May 16, 2018 AWS CodeStar
May 16, 2018 42© 2017 DXC Technology Company. All rights reserved. State management The twelve-factor methodology can be applied to apps written in any programming language, and which use any combination of backing services (database, queue, memory cache, etc).
May 16, 2018 43© 2017 DXC Technology Company. All rights reserved. “The service will protect itself (at your expense)”
May 16, 2018 44© 2017 DXC Technology Company. All rights reserved. “Own the critical path (and keep it short)”
May 16, 2018 45© 2017 DXC Technology Company. All rights reserved. “Understand the tech and its dependencies”
May 16, 2018 46© 2017 DXC Technology Company. All rights reserved. 2015 ToDo: SecDevOps – Let’s review APIs are necessary but not sufficient: Need to have them integrated into the overall system Control metadata (and its mutability): Must be visible and understandable Security events need to be captured: Then turned into something humans can action
May 16, 2018 47© 2017 DXC Technology Company. All rights reserved. With thanks to: Charity Majors @mipsytipsy Rafal Gancarz @RafalGancarz Paul Johnston @PaulDJohnston Patrick Debois @patrickdebois
© 2017 DXC Technology Company. All rights reserved. Questions? Questions?

Recommended

Keynote
KeynoteKeynote
Keynote
Elasticsearch
 
Keynote
KeynoteKeynote
Keynote
Elasticsearch
 
Keynote
KeynoteKeynote
Keynote
Elasticsearch
 
Drupalgeddon 2 – Yet Another Weapon for the Attacker
Drupalgeddon 2 – Yet Another Weapon for the AttackerDrupalgeddon 2 – Yet Another Weapon for the Attacker
Drupalgeddon 2 – Yet Another Weapon for the Attacker
DefCamp
 
10 Step Guide to Cloud Security - 10th Magnitude - CSS Dallas Azure
10 Step Guide to Cloud Security - 10th Magnitude - CSS Dallas Azure10 Step Guide to Cloud Security - 10th Magnitude - CSS Dallas Azure
10 Step Guide to Cloud Security - 10th Magnitude - CSS Dallas Azure
Alert Logic
 
Criação de uma API RESTful Multitenat em Spring Boot e Oracle database utiliz...
Criação de uma API RESTful Multitenat em Spring Boot e Oracle database utiliz...Criação de uma API RESTful Multitenat em Spring Boot e Oracle database utiliz...
Criação de uma API RESTful Multitenat em Spring Boot e Oracle database utiliz...
Norberto Enomoto
 
Front office securities IT team
Front office securities IT teamFront office securities IT team
Front office securities IT team
Vaidas Beneševičius
 
AWS Security Week: Lacework - Automating Cloud Security at Scale
AWS Security Week: Lacework - Automating Cloud Security at ScaleAWS Security Week: Lacework - Automating Cloud Security at Scale
AWS Security Week: Lacework - Automating Cloud Security at Scale
Amazon Web Services
 

Recommended

Keynote
KeynoteKeynote
Keynote
Elasticsearch
 
Keynote
KeynoteKeynote
Keynote
Elasticsearch
 
Keynote
KeynoteKeynote
Keynote
Elasticsearch
 
Drupalgeddon 2 – Yet Another Weapon for the Attacker
Drupalgeddon 2 – Yet Another Weapon for the AttackerDrupalgeddon 2 – Yet Another Weapon for the Attacker
Drupalgeddon 2 – Yet Another Weapon for the Attacker
DefCamp
 
10 Step Guide to Cloud Security - 10th Magnitude - CSS Dallas Azure
10 Step Guide to Cloud Security - 10th Magnitude - CSS Dallas Azure10 Step Guide to Cloud Security - 10th Magnitude - CSS Dallas Azure
10 Step Guide to Cloud Security - 10th Magnitude - CSS Dallas Azure
Alert Logic
 
Criação de uma API RESTful Multitenat em Spring Boot e Oracle database utiliz...
Criação de uma API RESTful Multitenat em Spring Boot e Oracle database utiliz...Criação de uma API RESTful Multitenat em Spring Boot e Oracle database utiliz...
Criação de uma API RESTful Multitenat em Spring Boot e Oracle database utiliz...
Norberto Enomoto
 
Front office securities IT team
Front office securities IT teamFront office securities IT team
Front office securities IT team
Vaidas Beneševičius
 
AWS Security Week: Lacework - Automating Cloud Security at Scale
AWS Security Week: Lacework - Automating Cloud Security at ScaleAWS Security Week: Lacework - Automating Cloud Security at Scale
AWS Security Week: Lacework - Automating Cloud Security at Scale
Amazon Web Services
 
Automating Event Driven Security in the AWS Cloud - AWS Public Sector Summit ...
Automating Event Driven Security in the AWS Cloud - AWS Public Sector Summit ...Automating Event Driven Security in the AWS Cloud - AWS Public Sector Summit ...
Automating Event Driven Security in the AWS Cloud - AWS Public Sector Summit ...
Amazon Web Services
 
Open Source Software Security
Open Source Software SecurityOpen Source Software Security
Open Source Software Security
Netizen Corporation
 
Project Grace - Towards a Secure Internet
Project Grace - Towards a Secure InternetProject Grace - Towards a Secure Internet
Project Grace - Towards a Secure Internet
inside-BigData.com
 
How to Consolidate in Order to Increase Operational Efficiency by Moving Your...
How to Consolidate in Order to Increase Operational Efficiency by Moving Your...How to Consolidate in Order to Increase Operational Efficiency by Moving Your...
How to Consolidate in Order to Increase Operational Efficiency by Moving Your...
Zia Consulting
 
The Journey from Zero to SOC: How Citadel built its Security Operations from ...
The Journey from Zero to SOC: How Citadel built its Security Operations from ...The Journey from Zero to SOC: How Citadel built its Security Operations from ...
The Journey from Zero to SOC: How Citadel built its Security Operations from ...
Elasticsearch
 
Amazon Macie hackathon presentation
Amazon Macie hackathon presentationAmazon Macie hackathon presentation
Amazon Macie hackathon presentation
David Webster
 
Engineering Continuous Security and Compliance
Engineering Continuous Security and ComplianceEngineering Continuous Security and Compliance
Engineering Continuous Security and Compliance
QAware GmbH
 
Data Analytics in Cyber Security
Data Analytics in Cyber SecurityData Analytics in Cyber Security
Data Analytics in Cyber Security
DNIF
 
Data Analytics in Cyber Security
Data Analytics in Cyber Security Data Analytics in Cyber Security
Data Analytics in Cyber Security
Siddhant Mishra
 
Support Rapid Systems Growth with a Design-First Approach
Support Rapid Systems Growth with a Design-First ApproachSupport Rapid Systems Growth with a Design-First Approach
Support Rapid Systems Growth with a Design-First Approach
SmartBear
 
APIdays Paris 2018 - From real-life challenges to industrial IoT solutions, i...
APIdays Paris 2018 - From real-life challenges to industrial IoT solutions, i...APIdays Paris 2018 - From real-life challenges to industrial IoT solutions, i...
APIdays Paris 2018 - From real-life challenges to industrial IoT solutions, i...
apidays
 
Ntxissacsc5 blue 5-holistic approach to cybersecurity-abu_sadeq
Ntxissacsc5 blue 5-holistic approach to cybersecurity-abu_sadeqNtxissacsc5 blue 5-holistic approach to cybersecurity-abu_sadeq
Ntxissacsc5 blue 5-holistic approach to cybersecurity-abu_sadeq
North Texas Chapter of the ISSA
 
Garantice la continuidad de su negocio Damian Prieto
Garantice la continuidad de su negocio Damian PrietoGarantice la continuidad de su negocio Damian Prieto
Garantice la continuidad de su negocio Damian Prieto
Cristian Garcia G.
 
Full time PII data protection: How Randstad uses Elastic Security to keep cli...
Full time PII data protection: How Randstad uses Elastic Security to keep cli...Full time PII data protection: How Randstad uses Elastic Security to keep cli...
Full time PII data protection: How Randstad uses Elastic Security to keep cli...
Elasticsearch
 
October 2020 meetup
October 2020 meetupOctober 2020 meetup
October 2020 meetup
Daliya Spasova
 
How to build containerized architectures for deep learning - Data Festival 20...
How to build containerized architectures for deep learning - Data Festival 20...How to build containerized architectures for deep learning - Data Festival 20...
How to build containerized architectures for deep learning - Data Festival 20...
Antje Barth
 
[Cisco Connect 2018 - Vietnam] Anh duc le building a secure data center
[Cisco Connect 2018 - Vietnam] Anh duc le building a secure data center[Cisco Connect 2018 - Vietnam] Anh duc le building a secure data center
[Cisco Connect 2018 - Vietnam] Anh duc le building a secure data center
Nur Shiqim Chok
 
Cisco Connect 2018 Vietnam - building a secure data center
Cisco Connect 2018 Vietnam - building a secure data centerCisco Connect 2018 Vietnam - building a secure data center
Cisco Connect 2018 Vietnam - building a secure data center
NetworkCollaborators
 
Adaptation as a Service
Adaptation as a ServiceAdaptation as a Service
Adaptation as a Service
York University
 
Cisco Connect 2018 Indonesia - Building a secure data center
Cisco Connect 2018 Indonesia - Building a secure data center Cisco Connect 2018 Indonesia - Building a secure data center
Cisco Connect 2018 Indonesia - Building a secure data center
NetworkCollaborators
 
Overview and Opentracing in theory by Gianluca Arbezzano
Overview and Opentracing in theory by Gianluca ArbezzanoOverview and Opentracing in theory by Gianluca Arbezzano
Overview and Opentracing in theory by Gianluca Arbezzano
Gianluca Arbezzano
 
Secure Clouds are Happy Clouds
Secure Clouds are Happy CloudsSecure Clouds are Happy Clouds
Secure Clouds are Happy Clouds
2nd Watch
 

More Related Content

What's hot

Automating Event Driven Security in the AWS Cloud - AWS Public Sector Summit ...
Automating Event Driven Security in the AWS Cloud - AWS Public Sector Summit ...Automating Event Driven Security in the AWS Cloud - AWS Public Sector Summit ...
Automating Event Driven Security in the AWS Cloud - AWS Public Sector Summit ...
Amazon Web Services
 
Open Source Software Security
Open Source Software SecurityOpen Source Software Security
Open Source Software Security
Netizen Corporation
 
Project Grace - Towards a Secure Internet
Project Grace - Towards a Secure InternetProject Grace - Towards a Secure Internet
Project Grace - Towards a Secure Internet
inside-BigData.com
 
How to Consolidate in Order to Increase Operational Efficiency by Moving Your...
How to Consolidate in Order to Increase Operational Efficiency by Moving Your...How to Consolidate in Order to Increase Operational Efficiency by Moving Your...
How to Consolidate in Order to Increase Operational Efficiency by Moving Your...
Zia Consulting
 
The Journey from Zero to SOC: How Citadel built its Security Operations from ...
The Journey from Zero to SOC: How Citadel built its Security Operations from ...The Journey from Zero to SOC: How Citadel built its Security Operations from ...
The Journey from Zero to SOC: How Citadel built its Security Operations from ...
Elasticsearch
 
Amazon Macie hackathon presentation
Amazon Macie hackathon presentationAmazon Macie hackathon presentation
Amazon Macie hackathon presentation
David Webster
 
Engineering Continuous Security and Compliance
Engineering Continuous Security and ComplianceEngineering Continuous Security and Compliance
Engineering Continuous Security and Compliance
QAware GmbH
 
Data Analytics in Cyber Security
Data Analytics in Cyber SecurityData Analytics in Cyber Security
Data Analytics in Cyber Security
DNIF
 
Data Analytics in Cyber Security
Data Analytics in Cyber Security Data Analytics in Cyber Security
Data Analytics in Cyber Security
Siddhant Mishra
 
Support Rapid Systems Growth with a Design-First Approach
Support Rapid Systems Growth with a Design-First ApproachSupport Rapid Systems Growth with a Design-First Approach
Support Rapid Systems Growth with a Design-First Approach
SmartBear
 
APIdays Paris 2018 - From real-life challenges to industrial IoT solutions, i...
APIdays Paris 2018 - From real-life challenges to industrial IoT solutions, i...APIdays Paris 2018 - From real-life challenges to industrial IoT solutions, i...
APIdays Paris 2018 - From real-life challenges to industrial IoT solutions, i...
apidays
 
Ntxissacsc5 blue 5-holistic approach to cybersecurity-abu_sadeq
Ntxissacsc5 blue 5-holistic approach to cybersecurity-abu_sadeqNtxissacsc5 blue 5-holistic approach to cybersecurity-abu_sadeq
Ntxissacsc5 blue 5-holistic approach to cybersecurity-abu_sadeq
North Texas Chapter of the ISSA
 
Garantice la continuidad de su negocio Damian Prieto
Garantice la continuidad de su negocio Damian PrietoGarantice la continuidad de su negocio Damian Prieto
Garantice la continuidad de su negocio Damian Prieto
Cristian Garcia G.
 
Full time PII data protection: How Randstad uses Elastic Security to keep cli...
Full time PII data protection: How Randstad uses Elastic Security to keep cli...Full time PII data protection: How Randstad uses Elastic Security to keep cli...
Full time PII data protection: How Randstad uses Elastic Security to keep cli...
Elasticsearch
 
October 2020 meetup
October 2020 meetupOctober 2020 meetup
October 2020 meetup
Daliya Spasova
 

What's hot (15)

Automating Event Driven Security in the AWS Cloud - AWS Public Sector Summit ...
Automating Event Driven Security in the AWS Cloud - AWS Public Sector Summit ...Automating Event Driven Security in the AWS Cloud - AWS Public Sector Summit ...
Automating Event Driven Security in the AWS Cloud - AWS Public Sector Summit ...
 
Open Source Software Security
Open Source Software SecurityOpen Source Software Security
Open Source Software Security
 
Project Grace - Towards a Secure Internet
Project Grace - Towards a Secure InternetProject Grace - Towards a Secure Internet
Project Grace - Towards a Secure Internet
 
How to Consolidate in Order to Increase Operational Efficiency by Moving Your...
How to Consolidate in Order to Increase Operational Efficiency by Moving Your...How to Consolidate in Order to Increase Operational Efficiency by Moving Your...
How to Consolidate in Order to Increase Operational Efficiency by Moving Your...
 
The Journey from Zero to SOC: How Citadel built its Security Operations from ...
The Journey from Zero to SOC: How Citadel built its Security Operations from ...The Journey from Zero to SOC: How Citadel built its Security Operations from ...
The Journey from Zero to SOC: How Citadel built its Security Operations from ...
 
Amazon Macie hackathon presentation
Amazon Macie hackathon presentationAmazon Macie hackathon presentation
Amazon Macie hackathon presentation
 
Engineering Continuous Security and Compliance
Engineering Continuous Security and ComplianceEngineering Continuous Security and Compliance
Engineering Continuous Security and Compliance
 
Data Analytics in Cyber Security
Data Analytics in Cyber SecurityData Analytics in Cyber Security
Data Analytics in Cyber Security
 
Data Analytics in Cyber Security
Data Analytics in Cyber Security Data Analytics in Cyber Security
Data Analytics in Cyber Security
 
Support Rapid Systems Growth with a Design-First Approach
Support Rapid Systems Growth with a Design-First ApproachSupport Rapid Systems Growth with a Design-First Approach
Support Rapid Systems Growth with a Design-First Approach
 
APIdays Paris 2018 - From real-life challenges to industrial IoT solutions, i...
APIdays Paris 2018 - From real-life challenges to industrial IoT solutions, i...APIdays Paris 2018 - From real-life challenges to industrial IoT solutions, i...
APIdays Paris 2018 - From real-life challenges to industrial IoT solutions, i...
 
Ntxissacsc5 blue 5-holistic approach to cybersecurity-abu_sadeq
Ntxissacsc5 blue 5-holistic approach to cybersecurity-abu_sadeqNtxissacsc5 blue 5-holistic approach to cybersecurity-abu_sadeq
Ntxissacsc5 blue 5-holistic approach to cybersecurity-abu_sadeq
 
Garantice la continuidad de su negocio Damian Prieto
Garantice la continuidad de su negocio Damian PrietoGarantice la continuidad de su negocio Damian Prieto
Garantice la continuidad de su negocio Damian Prieto
 
Full time PII data protection: How Randstad uses Elastic Security to keep cli...
Full time PII data protection: How Randstad uses Elastic Security to keep cli...Full time PII data protection: How Randstad uses Elastic Security to keep cli...
Full time PII data protection: How Randstad uses Elastic Security to keep cli...
 
October 2020 meetup
October 2020 meetupOctober 2020 meetup
October 2020 meetup
 

Similar to Agile Enterprise Rome 2018 - Ops and Security in a PaaS and Serverless world

How to build containerized architectures for deep learning - Data Festival 20...
How to build containerized architectures for deep learning - Data Festival 20...How to build containerized architectures for deep learning - Data Festival 20...
How to build containerized architectures for deep learning - Data Festival 20...
Antje Barth
 
[Cisco Connect 2018 - Vietnam] Anh duc le building a secure data center
[Cisco Connect 2018 - Vietnam] Anh duc le building a secure data center[Cisco Connect 2018 - Vietnam] Anh duc le building a secure data center
[Cisco Connect 2018 - Vietnam] Anh duc le building a secure data center
Nur Shiqim Chok
 
Cisco Connect 2018 Vietnam - building a secure data center
Cisco Connect 2018 Vietnam - building a secure data centerCisco Connect 2018 Vietnam - building a secure data center
Cisco Connect 2018 Vietnam - building a secure data center
NetworkCollaborators
 
Adaptation as a Service
Adaptation as a ServiceAdaptation as a Service
Adaptation as a Service
York University
 
Cisco Connect 2018 Indonesia - Building a secure data center
Cisco Connect 2018 Indonesia - Building a secure data center Cisco Connect 2018 Indonesia - Building a secure data center
Cisco Connect 2018 Indonesia - Building a secure data center
NetworkCollaborators
 
Overview and Opentracing in theory by Gianluca Arbezzano
Overview and Opentracing in theory by Gianluca ArbezzanoOverview and Opentracing in theory by Gianluca Arbezzano
Overview and Opentracing in theory by Gianluca Arbezzano
Gianluca Arbezzano
 
Secure Clouds are Happy Clouds
Secure Clouds are Happy CloudsSecure Clouds are Happy Clouds
Secure Clouds are Happy Clouds
2nd Watch
 
Changing Times - the Future of ECM - AIIM 2017
Changing Times - the Future of ECM - AIIM 2017 Changing Times - the Future of ECM - AIIM 2017
Changing Times - the Future of ECM - AIIM 2017
Stephen Ludlow
 
[AIIM17] Changing Times, The Future of ECM - Stephen Ludlow
[AIIM17] Changing Times, The Future of ECM - Stephen Ludlow[AIIM17] Changing Times, The Future of ECM - Stephen Ludlow
[AIIM17] Changing Times, The Future of ECM - Stephen Ludlow
AIIM International
 
SINC – An Information-Centric Approach for End-to-End IoT Cloud Resource Prov...
SINC – An Information-Centric Approach for End-to-End IoT Cloud Resource Prov...SINC – An Information-Centric Approach for End-to-End IoT Cloud Resource Prov...
SINC – An Information-Centric Approach for End-to-End IoT Cloud Resource Prov...
Hong-Linh Truong
 
Cwin16 tls-a micro-service deployment - v1.0
Cwin16 tls-a micro-service deployment - v1.0Cwin16 tls-a micro-service deployment - v1.0
Cwin16 tls-a micro-service deployment - v1.0
Capgemini
 
Saving Human Lives with the IoT
Saving Human Lives with the IoTSaving Human Lives with the IoT
Saving Human Lives with the IoT
Dat Tran
 
Comparison of Open Source Frameworks for Integrating the Internet of Things
Comparison of Open Source Frameworks for Integrating the Internet of ThingsComparison of Open Source Frameworks for Integrating the Internet of Things
Comparison of Open Source Frameworks for Integrating the Internet of Things
Kai Wähner
 
Fast Cars, Big Data How Streaming can help Formula 1
Fast Cars, Big Data How Streaming can help Formula 1Fast Cars, Big Data How Streaming can help Formula 1
Fast Cars, Big Data How Streaming can help Formula 1
Carol McDonald
 
CWIN16 UK Event - The Future of Infrastructure
CWIN16 UK Event - The Future of Infrastructure CWIN16 UK Event - The Future of Infrastructure
CWIN16 UK Event - The Future of Infrastructure
Gunnar Menzel
 
Cloud-Native Workshop New York- Pivotal
Cloud-Native Workshop New York- PivotalCloud-Native Workshop New York- Pivotal
Cloud-Native Workshop New York- Pivotal
VMware Tanzu
 
DevSecOps Days London - Teaching 'Shift Left on Security'
DevSecOps Days London - Teaching 'Shift Left on Security'DevSecOps Days London - Teaching 'Shift Left on Security'
DevSecOps Days London - Teaching 'Shift Left on Security'
Chris Swan
 
How to Leverage Machine Learning (R, Hadoop, Spark, H2O) for Real Time Proces...
How to Leverage Machine Learning (R, Hadoop, Spark, H2O) for Real Time Proces...How to Leverage Machine Learning (R, Hadoop, Spark, H2O) for Real Time Proces...
How to Leverage Machine Learning (R, Hadoop, Spark, H2O) for Real Time Proces...
Codemotion Tel Aviv
 
Cloud Conversations: Giving Business Transformation a Voice_AWSPSSummit_Singa...
Cloud Conversations: Giving Business Transformation a Voice_AWSPSSummit_Singa...Cloud Conversations: Giving Business Transformation a Voice_AWSPSSummit_Singa...
Cloud Conversations: Giving Business Transformation a Voice_AWSPSSummit_Singa...
Amazon Web Services
 
Digitální transformace: zabezpečení agilních prostředí
Digitální transformace: zabezpečení agilních prostředíDigitální transformace: zabezpečení agilních prostředí
Digitální transformace: zabezpečení agilních prostředí
MarketingArrowECS_CZ
 

Similar to Agile Enterprise Rome 2018 - Ops and Security in a PaaS and Serverless world (20)

How to build containerized architectures for deep learning - Data Festival 20...
How to build containerized architectures for deep learning - Data Festival 20...How to build containerized architectures for deep learning - Data Festival 20...
How to build containerized architectures for deep learning - Data Festival 20...
 
[Cisco Connect 2018 - Vietnam] Anh duc le building a secure data center
[Cisco Connect 2018 - Vietnam] Anh duc le building a secure data center[Cisco Connect 2018 - Vietnam] Anh duc le building a secure data center
[Cisco Connect 2018 - Vietnam] Anh duc le building a secure data center
 
Cisco Connect 2018 Vietnam - building a secure data center
Cisco Connect 2018 Vietnam - building a secure data centerCisco Connect 2018 Vietnam - building a secure data center
Cisco Connect 2018 Vietnam - building a secure data center
 
Adaptation as a Service
Adaptation as a ServiceAdaptation as a Service
Adaptation as a Service
 
Cisco Connect 2018 Indonesia - Building a secure data center
Cisco Connect 2018 Indonesia - Building a secure data center Cisco Connect 2018 Indonesia - Building a secure data center
Cisco Connect 2018 Indonesia - Building a secure data center
 
Overview and Opentracing in theory by Gianluca Arbezzano
Overview and Opentracing in theory by Gianluca ArbezzanoOverview and Opentracing in theory by Gianluca Arbezzano
Overview and Opentracing in theory by Gianluca Arbezzano
 
Secure Clouds are Happy Clouds
Secure Clouds are Happy CloudsSecure Clouds are Happy Clouds
Secure Clouds are Happy Clouds
 
Changing Times - the Future of ECM - AIIM 2017
Changing Times - the Future of ECM - AIIM 2017 Changing Times - the Future of ECM - AIIM 2017
Changing Times - the Future of ECM - AIIM 2017
 
[AIIM17] Changing Times, The Future of ECM - Stephen Ludlow
[AIIM17] Changing Times, The Future of ECM - Stephen Ludlow[AIIM17] Changing Times, The Future of ECM - Stephen Ludlow
[AIIM17] Changing Times, The Future of ECM - Stephen Ludlow
 
SINC – An Information-Centric Approach for End-to-End IoT Cloud Resource Prov...
SINC – An Information-Centric Approach for End-to-End IoT Cloud Resource Prov...SINC – An Information-Centric Approach for End-to-End IoT Cloud Resource Prov...
SINC – An Information-Centric Approach for End-to-End IoT Cloud Resource Prov...
 
Cwin16 tls-a micro-service deployment - v1.0
Cwin16 tls-a micro-service deployment - v1.0Cwin16 tls-a micro-service deployment - v1.0
Cwin16 tls-a micro-service deployment - v1.0
 
Saving Human Lives with the IoT
Saving Human Lives with the IoTSaving Human Lives with the IoT
Saving Human Lives with the IoT
 
Comparison of Open Source Frameworks for Integrating the Internet of Things
Comparison of Open Source Frameworks for Integrating the Internet of ThingsComparison of Open Source Frameworks for Integrating the Internet of Things
Comparison of Open Source Frameworks for Integrating the Internet of Things
 
Fast Cars, Big Data How Streaming can help Formula 1
Fast Cars, Big Data How Streaming can help Formula 1Fast Cars, Big Data How Streaming can help Formula 1
Fast Cars, Big Data How Streaming can help Formula 1
 
CWIN16 UK Event - The Future of Infrastructure
CWIN16 UK Event - The Future of Infrastructure CWIN16 UK Event - The Future of Infrastructure
CWIN16 UK Event - The Future of Infrastructure
 
Cloud-Native Workshop New York- Pivotal
Cloud-Native Workshop New York- PivotalCloud-Native Workshop New York- Pivotal
Cloud-Native Workshop New York- Pivotal
 
DevSecOps Days London - Teaching 'Shift Left on Security'
DevSecOps Days London - Teaching 'Shift Left on Security'DevSecOps Days London - Teaching 'Shift Left on Security'
DevSecOps Days London - Teaching 'Shift Left on Security'
 
How to Leverage Machine Learning (R, Hadoop, Spark, H2O) for Real Time Proces...
How to Leverage Machine Learning (R, Hadoop, Spark, H2O) for Real Time Proces...How to Leverage Machine Learning (R, Hadoop, Spark, H2O) for Real Time Proces...
How to Leverage Machine Learning (R, Hadoop, Spark, H2O) for Real Time Proces...
 
Cloud Conversations: Giving Business Transformation a Voice_AWSPSSummit_Singa...
Cloud Conversations: Giving Business Transformation a Voice_AWSPSSummit_Singa...Cloud Conversations: Giving Business Transformation a Voice_AWSPSSummit_Singa...
Cloud Conversations: Giving Business Transformation a Voice_AWSPSSummit_Singa...
 
Digitální transformace: zabezpečení agilních prostředí
Digitální transformace: zabezpečení agilních prostředíDigitální transformace: zabezpečení agilních prostředí
Digitální transformace: zabezpečení agilních prostředí
 

More from Chris Swan

LNETM - Atsign - Privacy with Personal Data Services
LNETM - Atsign - Privacy with Personal Data ServicesLNETM - Atsign - Privacy with Personal Data Services
LNETM - Atsign - Privacy with Personal Data Services
Chris Swan
 
SOOCon24 - Showing that you care about security - OpenSSF Scorecards
SOOCon24 - Showing that you care about security - OpenSSF ScorecardsSOOCon24 - Showing that you care about security - OpenSSF Scorecards
SOOCon24 - Showing that you care about security - OpenSSF Scorecards
Chris Swan
 
All Day DevOps 2023 - Implementing OSSF Scorecards Across an Organisation.pdf
All Day DevOps 2023 - Implementing OSSF Scorecards Across an Organisation.pdfAll Day DevOps 2023 - Implementing OSSF Scorecards Across an Organisation.pdf
All Day DevOps 2023 - Implementing OSSF Scorecards Across an Organisation.pdf
Chris Swan
 
Fluttercon Berlin 23 - Dart & Flutter on RISC-V
Fluttercon Berlin 23 - Dart & Flutter on RISC-VFluttercon Berlin 23 - Dart & Flutter on RISC-V
Fluttercon Berlin 23 - Dart & Flutter on RISC-V
Chris Swan
 
QConNY 2023 - Implementing OSSF Scorecards Across an Organisation
QConNY 2023 - Implementing OSSF Scorecards Across an OrganisationQConNY 2023 - Implementing OSSF Scorecards Across an Organisation
QConNY 2023 - Implementing OSSF Scorecards Across an Organisation
Chris Swan
 
Flutter SV Meetup Oct 2022 - End to end encrypted IoT with Dart and Flutter
Flutter SV Meetup Oct 2022 - End to end encrypted IoT with Dart and FlutterFlutter SV Meetup Oct 2022 - End to end encrypted IoT with Dart and Flutter
Flutter SV Meetup Oct 2022 - End to end encrypted IoT with Dart and Flutter
Chris Swan
 
QConSF 2022 - Backends in Dart
QConSF 2022 - Backends in DartQConSF 2022 - Backends in Dart
QConSF 2022 - Backends in Dart
Chris Swan
 
London IoT Meetup Sep 2022 - End to end encrypted IoT
London IoT Meetup Sep 2022 - End to end encrypted IoTLondon IoT Meetup Sep 2022 - End to end encrypted IoT
London IoT Meetup Sep 2022 - End to end encrypted IoT
Chris Swan
 
Flutter Vikings 2022 - End to end IoT with Dart and Flutter
Flutter Vikings 2022 - End to end IoT with Dart and FlutterFlutter Vikings 2022 - End to end IoT with Dart and Flutter
Flutter Vikings 2022 - End to end IoT with Dart and Flutter
Chris Swan
 
EMFcamp2022 - What if apps logged into you, instead of you logging into apps?
EMFcamp2022 - What if apps logged into you, instead of you logging into apps?EMFcamp2022 - What if apps logged into you, instead of you logging into apps?
EMFcamp2022 - What if apps logged into you, instead of you logging into apps?
Chris Swan
 
Devoxx UK 2022 - Application security: What should the attack landscape look ...
Devoxx UK 2022 - Application security: What should the attack landscape look ...Devoxx UK 2022 - Application security: What should the attack landscape look ...
Devoxx UK 2022 - Application security: What should the attack landscape look ...
Chris Swan
 
Flutter Festival London 2022 - End to end IoT with Dart and Flutter
Flutter Festival London 2022 - End to end IoT with Dart and FlutterFlutter Festival London 2022 - End to end IoT with Dart and Flutter
Flutter Festival London 2022 - End to end IoT with Dart and Flutter
Chris Swan
 
Full Stack Squared 2022 - Power of Open Source
Full Stack Squared 2022 - Power of Open SourceFull Stack Squared 2022 - Power of Open Source
Full Stack Squared 2022 - Power of Open Source
Chris Swan
 
Flutter Vikings 2022 - Full Stack Dart
Flutter Vikings 2022 - Full Stack DartFlutter Vikings 2022 - Full Stack Dart
Flutter Vikings 2022 - Full Stack Dart
Chris Swan
 
Droidcon London 2021 - Full Stack Dart
Droidcon London 2021 - Full Stack DartDroidcon London 2021 - Full Stack Dart
Droidcon London 2021 - Full Stack Dart
Chris Swan
 
Keeping a project going
Keeping a project goingKeeping a project going
Keeping a project going
Chris Swan
 
Dart on Arm - Flutter Bangalore June 2021
Dart on Arm - Flutter Bangalore June 2021Dart on Arm - Flutter Bangalore June 2021
Dart on Arm - Flutter Bangalore June 2021
Chris Swan
 
TMS9995 on RC2014
TMS9995 on RC2014TMS9995 on RC2014
TMS9995 on RC2014
Chris Swan
 
CloudCamp London Nov 2019 Intro
CloudCamp London Nov 2019 IntroCloudCamp London Nov 2019 Intro
CloudCamp London Nov 2019 Intro
Chris Swan
 
Cooking with a touch of science and a dash of engineering
Cooking with a touch of science and a dash of engineeringCooking with a touch of science and a dash of engineering
Cooking with a touch of science and a dash of engineering
Chris Swan
 

More from Chris Swan (20)

LNETM - Atsign - Privacy with Personal Data Services
LNETM - Atsign - Privacy with Personal Data ServicesLNETM - Atsign - Privacy with Personal Data Services
LNETM - Atsign - Privacy with Personal Data Services
 
SOOCon24 - Showing that you care about security - OpenSSF Scorecards
SOOCon24 - Showing that you care about security - OpenSSF ScorecardsSOOCon24 - Showing that you care about security - OpenSSF Scorecards
SOOCon24 - Showing that you care about security - OpenSSF Scorecards
 
All Day DevOps 2023 - Implementing OSSF Scorecards Across an Organisation.pdf
All Day DevOps 2023 - Implementing OSSF Scorecards Across an Organisation.pdfAll Day DevOps 2023 - Implementing OSSF Scorecards Across an Organisation.pdf
All Day DevOps 2023 - Implementing OSSF Scorecards Across an Organisation.pdf
 
Fluttercon Berlin 23 - Dart & Flutter on RISC-V
Fluttercon Berlin 23 - Dart & Flutter on RISC-VFluttercon Berlin 23 - Dart & Flutter on RISC-V
Fluttercon Berlin 23 - Dart & Flutter on RISC-V
 
QConNY 2023 - Implementing OSSF Scorecards Across an Organisation
QConNY 2023 - Implementing OSSF Scorecards Across an OrganisationQConNY 2023 - Implementing OSSF Scorecards Across an Organisation
QConNY 2023 - Implementing OSSF Scorecards Across an Organisation
 
Flutter SV Meetup Oct 2022 - End to end encrypted IoT with Dart and Flutter
Flutter SV Meetup Oct 2022 - End to end encrypted IoT with Dart and FlutterFlutter SV Meetup Oct 2022 - End to end encrypted IoT with Dart and Flutter
Flutter SV Meetup Oct 2022 - End to end encrypted IoT with Dart and Flutter
 
QConSF 2022 - Backends in Dart
QConSF 2022 - Backends in DartQConSF 2022 - Backends in Dart
QConSF 2022 - Backends in Dart
 
London IoT Meetup Sep 2022 - End to end encrypted IoT
London IoT Meetup Sep 2022 - End to end encrypted IoTLondon IoT Meetup Sep 2022 - End to end encrypted IoT
London IoT Meetup Sep 2022 - End to end encrypted IoT
 
Flutter Vikings 2022 - End to end IoT with Dart and Flutter
Flutter Vikings 2022 - End to end IoT with Dart and FlutterFlutter Vikings 2022 - End to end IoT with Dart and Flutter
Flutter Vikings 2022 - End to end IoT with Dart and Flutter
 
EMFcamp2022 - What if apps logged into you, instead of you logging into apps?
EMFcamp2022 - What if apps logged into you, instead of you logging into apps?EMFcamp2022 - What if apps logged into you, instead of you logging into apps?
EMFcamp2022 - What if apps logged into you, instead of you logging into apps?
 
Devoxx UK 2022 - Application security: What should the attack landscape look ...
Devoxx UK 2022 - Application security: What should the attack landscape look ...Devoxx UK 2022 - Application security: What should the attack landscape look ...
Devoxx UK 2022 - Application security: What should the attack landscape look ...
 
Flutter Festival London 2022 - End to end IoT with Dart and Flutter
Flutter Festival London 2022 - End to end IoT with Dart and FlutterFlutter Festival London 2022 - End to end IoT with Dart and Flutter
Flutter Festival London 2022 - End to end IoT with Dart and Flutter
 
Full Stack Squared 2022 - Power of Open Source
Full Stack Squared 2022 - Power of Open SourceFull Stack Squared 2022 - Power of Open Source
Full Stack Squared 2022 - Power of Open Source
 
Flutter Vikings 2022 - Full Stack Dart
Flutter Vikings 2022 - Full Stack DartFlutter Vikings 2022 - Full Stack Dart
Flutter Vikings 2022 - Full Stack Dart
 
Droidcon London 2021 - Full Stack Dart
Droidcon London 2021 - Full Stack DartDroidcon London 2021 - Full Stack Dart
Droidcon London 2021 - Full Stack Dart
 
Keeping a project going
Keeping a project goingKeeping a project going
Keeping a project going
 
Dart on Arm - Flutter Bangalore June 2021
Dart on Arm - Flutter Bangalore June 2021Dart on Arm - Flutter Bangalore June 2021
Dart on Arm - Flutter Bangalore June 2021
 
TMS9995 on RC2014
TMS9995 on RC2014TMS9995 on RC2014
TMS9995 on RC2014
 
CloudCamp London Nov 2019 Intro
CloudCamp London Nov 2019 IntroCloudCamp London Nov 2019 Intro
CloudCamp London Nov 2019 Intro
 
Cooking with a touch of science and a dash of engineering
Cooking with a touch of science and a dash of engineeringCooking with a touch of science and a dash of engineering
Cooking with a touch of science and a dash of engineering
 

Recently uploaded

RESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for studentsRESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for students
KAMESHS29
 
How to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptxHow to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptx
danishmna97
 
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
Neo4j
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
James Anderson
 
Building RAG with self-deployed Milvus vector database and Snowpark Container...
Building RAG with self-deployed Milvus vector database and Snowpark Container...Building RAG with self-deployed Milvus vector database and Snowpark Container...
Building RAG with self-deployed Milvus vector database and Snowpark Container...
Zilliz
 
Large Language Model (LLM) and it’s Geospatial Applications
Large Language Model (LLM) and it’s Geospatial ApplicationsLarge Language Model (LLM) and it’s Geospatial Applications
Large Language Model (LLM) and it’s Geospatial Applications
Rohit Gautam
 
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
Neo4j
 
Introduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - CybersecurityIntroduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - Cybersecurity
mikeeftimakis1
 
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
James Anderson
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
Ana-Maria Mihalceanu
 
Microsoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdfMicrosoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdf
Uni Systems S.M.S.A.
 
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdfUnlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Malak Abu Hammad
 
GridMate - End to end testing is a critical piece to ensure quality and avoid...
GridMate - End to end testing is a critical piece to ensure quality and avoid...GridMate - End to end testing is a critical piece to ensure quality and avoid...
GridMate - End to end testing is a critical piece to ensure quality and avoid...
ThomasParaiso2
 
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Nexer Digital
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
ControlCase
 
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
Neo4j
 
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
Neo4j
 
Pushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 daysPushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 days
Adtran
 
20240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 202420240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 2024
Matthew Sinclair
 
A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...
sonjaschweigert1
 

Recently uploaded (20)

RESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for studentsRESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for students
 
How to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptxHow to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptx
 
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
 
Building RAG with self-deployed Milvus vector database and Snowpark Container...
Building RAG with self-deployed Milvus vector database and Snowpark Container...Building RAG with self-deployed Milvus vector database and Snowpark Container...
Building RAG with self-deployed Milvus vector database and Snowpark Container...
 
Large Language Model (LLM) and it’s Geospatial Applications
Large Language Model (LLM) and it’s Geospatial ApplicationsLarge Language Model (LLM) and it’s Geospatial Applications
Large Language Model (LLM) and it’s Geospatial Applications
 
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
 
Introduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - CybersecurityIntroduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - Cybersecurity
 
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
 
Microsoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdfMicrosoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdf
 
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdfUnlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
 
GridMate - End to end testing is a critical piece to ensure quality and avoid...
GridMate - End to end testing is a critical piece to ensure quality and avoid...GridMate - End to end testing is a critical piece to ensure quality and avoid...
GridMate - End to end testing is a critical piece to ensure quality and avoid...
 
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
 
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
 
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
 
Pushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 daysPushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 days
 
20240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 202420240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 2024
 
A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...
 

Agile Enterprise Rome 2018 - Ops and Security in a PaaS and Serverless world

  • 1. © 2017 DXC Technology Company. All rights reserved. May 16, 2018 Ops and Security in a PaaS and Serverless world Chris Swan (@cpswan) Fellow, VP, CTO Global Delivery
  • 2. May 16, 2018 Chris Swan – Why Me? Combat Systems Engineer - Royal Navy Security R&D - Credit Suisse CTO Security - UBS CTO - Cohesive Networks CTO Global Infrastructure Services - CSC CTO Global Delivery - DXC Technology @cpswan
  • 3. May 16, 2018 “With a monolith it's easy... you just pile a bunch of appliances in front of it“ Frank Chen Andreessen Horowitz podcast ‘All about Microservices’ with Adrian Cockcroft and Martin Casado https://a16z.com/2016/09/01/microservices/
  • 4. 4May 16, 2018© 2017 DXC Technology Company. All rights reserved. The Audit Paradox
  • 5. May 16, 2018 Building Security In CC photo by WorldSkills
  • 6. May 16, 2018 Looks Like This
  • 7. May 16, 2018 Bolting Security On CC photo by arbyreed
  • 8. May 16, 2018 Looks Like This
  • 9. May 16, 2018 Unified Threat Management Firewall NIDS/NIPS AV Anti Spam VPN DLP Load Balancer UTM
  • 10. May 16, 2018 Application Delivery Controllers Cache TLS offload Compression WAF Multiplexing Load Balancer ADC Traffic Shaping
  • 11. May 16, 2018 PaaS Gives Us the Chance to ‘Bolt In’
  • 12. May 16, 2018 12© 2017 DXC Technology Company. All rights reserved. But Docker Adoption Shows a Movement Against Opinionated Platforms
  • 13. 13May 16, 2018© 2017 DXC Technology Company. All rights reserved. FaaS and CaaS
  • 14. May 16, 2018 The NIST Model for Cloud Services IaaS PaaS SaaS OperationalConsistency Speed/Stickyness
  • 15. May 16, 2018 More Choices Have Emerged IaaS CaaS PaaS FaaS SaaS OperationalConsistency Speed/Stickyness
  • 16. May 16, 2018 And ‘Cloud’ Doesn’t Have to Mean ‘Public’ IaaS CaaS PaaS FaaS SaaS OperationalConsistency Speed/Stickyness IaaS CaaS PaaS FaaS SaaS On Premises Off Premises
  • 17. May 16, 2018 Zooming in Around PaaS and Thinking About Deployment Granularity and Platform ‘Opinion’ CaaS PaaS FaaS Lessopinionated Finergranularity
  • 18. May 16, 2018 This Isn’t My Container Security Talk… So Let’s Leave CaaS For Another Time
  • 19. May 16, 2018 19© 2017 DXC Technology Company. All rights reserved. 2015 ToDo: SecDevOps – Are We There Yet? APIs are necessary but not sufficient: Need to have them integrated into the overall system Control metadata (and its mutability): Must be visible and understandable Security events need to be captured: Then turned into something humans can action
  • 20. May 16, 2018 If a Security Event Happens and It Isn’t Monitored
  • 21. May 16, 2018 21© 2017 DXC Technology Company. All rights reserved. ‘LessOps
  • 22. May 16, 2018 #define Serverless (aka Functions as a Service – FaaS)
  • 23. May 16, 2018 Want to do CaaS and FaaS Together? FaaS on Kubernetes 1. Azure Functions Runtime 2. Fission 3. Fn 4. Gestalt 5. IronFunctions 6. Kubeless 7. OpenFaaS 8. OpenWhisk 9. Nuclio 10. Riff 11. VMware Dispatch https://github.com/cpswan/FaaSonK8s
  • 24. May 16, 2018 #define Operations Provisioning Config Management Monitoring Logging
  • 25. May 16, 2018 Or as Charity Majors @mipsytipsy Put It “Operations is the constellation of your org's technical skills, practices, and cultural values around designing, building and maintaining systems, shipping software, and solving problems with technology.”
  • 26. May 16, 2018 #define DevOps The operational practices that have co-evolved with IaaS or Flow Feedback Continuous Learning by Experimentation
  • 27. May 16, 2018 #define NoOps Provisioning Config Management Monitoring Logging
  • 28. May 16, 2018 28© 2017 DXC Technology Company. All rights reserved. No Server != No Ops
  • 29. May 16, 2018 #define LessOps Provisioning aaS Config Management < will be ‘code’, won’t go away Monitoring aaS Logging aaS
  • 30. May 16, 2018 30© 2017 DXC Technology Company. All rights reserved. Factories for Continuous Delivery Pipelines
  • 31. May 16, 2018 We’re not there yet By Alan Manson - Flickr: Yellow Canary (Serinus flaviventris), CC BY-SA 2.0 https://commons.wikimedia.org/w/index.php?curid=17379213
  • 35. May 16, 2018 35© 2017 DXC Technology Company. All rights reserved. (barely) 3 lines of Javascript 32 lines of config
  • 38. May 16, 2018 38© 2017 DXC Technology Company. All rights reserved. 33 lines of Python 100 lines of config
  • 39. May 16, 2018 39© 2017 DXC Technology Company. All rights reserved. What’s all that config for? • Identity and Access Management –Policies –Roles • API Gateway • Monitoring –Event Targets –Event Rules
  • 40. May 16, 2018 Hello World with the Serverless Framework
  • 41. May 16, 2018 AWS CodeStar
  • 42. May 16, 2018 42© 2017 DXC Technology Company. All rights reserved. State management The twelve-factor methodology can be applied to apps written in any programming language, and which use any combination of backing services (database, queue, memory cache, etc).
  • 43. May 16, 2018 43© 2017 DXC Technology Company. All rights reserved. “The service will protect itself (at your expense)”
  • 44. May 16, 2018 44© 2017 DXC Technology Company. All rights reserved. “Own the critical path (and keep it short)”
  • 45. May 16, 2018 45© 2017 DXC Technology Company. All rights reserved. “Understand the tech and its dependencies”
  • 46. May 16, 2018 46© 2017 DXC Technology Company. All rights reserved. 2015 ToDo: SecDevOps – Let’s review APIs are necessary but not sufficient: Need to have them integrated into the overall system Control metadata (and its mutability): Must be visible and understandable Security events need to be captured: Then turned into something humans can action
  • 47. May 16, 2018 47© 2017 DXC Technology Company. All rights reserved. With thanks to: Charity Majors @mipsytipsy Rafal Gancarz @RafalGancarz Paul Johnston @PaulDJohnston Patrick Debois @patrickdebois
  • 48. © 2017 DXC Technology Company. All rights reserved. Questions? Questions?