AWS re:Invent 2016: Another Day in the Life of a Netflix Engineer (DEV209)Amazon Web Services
Netflix is big. Really big. You just won't believe how vastly, hugely, mind-bogglingly big it is.
Netflix is a large, ever changing, ecosystem system serving million of customers across the globe through cloud-based systems and a globally distributed CDN. This entertaining romp through the tech stack serves as an introduction to how we think about and design systems, the Netflix approach to operational challenges, and how other organizations can apply our thought processes and technologies.
We’ll talk about:
The Bits - The technologies used to run a global streaming company
Making the Bits Bigger - Scaling at scale
Keeping an Eye Out - Billions of metrics
Break all the Things - Chaos in production is key
DevOps - How culture affects your velocity and uptime
Announcing Amazon Lightsail - January 2017 AWS Online Tech TalksAmazon Web Services
Sometimes you just need to spin up a virtual server, install your LAMP stack or web app, and go. No complex configurations - just a few clicks and a simple, low price. Amazon Lightsail is the easiest way to launch and manage a virtual private server with AWS. Get everything you need to jump start your application - compute, storage, and networking - starting at $5/month.
Learning Objectives:
• Learn about the capabilities and features of Amazon Lightsail
• Learn about the benefits of Amazon Lightsail
• Learn about the different use cases
• Learn how to get started using Amazon Lightsail
• Spin up your first VPS using pre-configured images
• Manage your Lightsail server, SSH keys, SSL certs, domains from the dashboard
• Create and manage snapshots
Protecting a small number of VPCs with a next-generation firewall is relatively easy, but what happens when you have hundreds of VPCs and regularly add more as business groups or new apps come on-line? How can you maintain a prevention architecture without slowing the business? One concept is to build a services VPC that protects your existing and new VPCs. This deep dive session will discuss how to integrate next-generation firewalls in a services VPC with the Palo Alto Networks VM-Series in AWS. Topics will include architectural design considerations, routing recommendations, and dynamic fail-over. Session sponsored by Palo Alto Networks.
AWS Elastic Beanstalk is the fastest and simplest way to get an application up and running on Amazon Web Services. Developers can simply upload their application code and the service automatically handles all the details such as resource provisioning, load balancing, auto-scaling, and monitoring. This session shows you how to connect your Git repository with Amazon Web Services, deploy your code to AWS Elastic Beanstalk, easily enable or disable application functionality, and perform zero-downtime deployments through interactive demos and code samples.
Building and Scaling a Containerized Microservice - DevDay Los Angeles 2017Amazon Web Services
From monolith to microservices, you'll learn to build and scale your first containerized microservice on AWS. We'll cover, microservices architecture, Amazon ECS, Task Placement and twelve-factor app with Amazon ECS.
AWS re:Invent 2016: Taking DevOps to the AWS Edge (CTD302)Amazon Web Services
In this session, we dive deep into how you can integrate Amazon CloudFront and related services into your application, be agile in developing and adapting the application, and follow best practices when configuring the services to improve security and performance, all while reducing costs. Attend this session and learn how to avoid needless forwarding of headers and cookies, test your application when making changes to the origin, version your configuration changes, monitor usage and automate security, create templates for new distributions, configure SSL/TLS certificates, and more.
세계 선도 It사 및 게임사 벤치마킹 + 인사이트 보고서 (6부)_새로운 삶의 시작Seunghun Lee
안녕하세요, 만 1년 만에 세계 선도 IT/게임사 벤치마킹 & 인사이트 보고서 6부를 올리게 되었습니다.
6부 주제는, 새로운 삶의 시작 입니다!
지난 1년 간 직접 경험한 실리콘밸리는 어떠했는지,
벤치마킹 대상 기업들의 시작 (0명 --> 30명)은 어떠했는지,
무엇이 저를 Ringle Start-up 창업으로 이끌었는지,
저의 사고와 삶은 어떻게 변하였는지,
중심으로 담아보았습니다.
6부를 쓰며, 아직 제가 많이 부족하다는 생각을 많이 했습니다.
그래도, 용기내어 한자 한자 적어보았습니다.
대한민국 Start-up 분들께 도움이 될 수 있길 소망합니다.
AWS re:Invent 2016: Another Day in the Life of a Netflix Engineer (DEV209)Amazon Web Services
Netflix is big. Really big. You just won't believe how vastly, hugely, mind-bogglingly big it is.
Netflix is a large, ever changing, ecosystem system serving million of customers across the globe through cloud-based systems and a globally distributed CDN. This entertaining romp through the tech stack serves as an introduction to how we think about and design systems, the Netflix approach to operational challenges, and how other organizations can apply our thought processes and technologies.
We’ll talk about:
The Bits - The technologies used to run a global streaming company
Making the Bits Bigger - Scaling at scale
Keeping an Eye Out - Billions of metrics
Break all the Things - Chaos in production is key
DevOps - How culture affects your velocity and uptime
Announcing Amazon Lightsail - January 2017 AWS Online Tech TalksAmazon Web Services
Sometimes you just need to spin up a virtual server, install your LAMP stack or web app, and go. No complex configurations - just a few clicks and a simple, low price. Amazon Lightsail is the easiest way to launch and manage a virtual private server with AWS. Get everything you need to jump start your application - compute, storage, and networking - starting at $5/month.
Learning Objectives:
• Learn about the capabilities and features of Amazon Lightsail
• Learn about the benefits of Amazon Lightsail
• Learn about the different use cases
• Learn how to get started using Amazon Lightsail
• Spin up your first VPS using pre-configured images
• Manage your Lightsail server, SSH keys, SSL certs, domains from the dashboard
• Create and manage snapshots
Protecting a small number of VPCs with a next-generation firewall is relatively easy, but what happens when you have hundreds of VPCs and regularly add more as business groups or new apps come on-line? How can you maintain a prevention architecture without slowing the business? One concept is to build a services VPC that protects your existing and new VPCs. This deep dive session will discuss how to integrate next-generation firewalls in a services VPC with the Palo Alto Networks VM-Series in AWS. Topics will include architectural design considerations, routing recommendations, and dynamic fail-over. Session sponsored by Palo Alto Networks.
AWS Elastic Beanstalk is the fastest and simplest way to get an application up and running on Amazon Web Services. Developers can simply upload their application code and the service automatically handles all the details such as resource provisioning, load balancing, auto-scaling, and monitoring. This session shows you how to connect your Git repository with Amazon Web Services, deploy your code to AWS Elastic Beanstalk, easily enable or disable application functionality, and perform zero-downtime deployments through interactive demos and code samples.
Building and Scaling a Containerized Microservice - DevDay Los Angeles 2017Amazon Web Services
From monolith to microservices, you'll learn to build and scale your first containerized microservice on AWS. We'll cover, microservices architecture, Amazon ECS, Task Placement and twelve-factor app with Amazon ECS.
AWS re:Invent 2016: Taking DevOps to the AWS Edge (CTD302)Amazon Web Services
In this session, we dive deep into how you can integrate Amazon CloudFront and related services into your application, be agile in developing and adapting the application, and follow best practices when configuring the services to improve security and performance, all while reducing costs. Attend this session and learn how to avoid needless forwarding of headers and cookies, test your application when making changes to the origin, version your configuration changes, monitor usage and automate security, create templates for new distributions, configure SSL/TLS certificates, and more.
세계 선도 It사 및 게임사 벤치마킹 + 인사이트 보고서 (6부)_새로운 삶의 시작Seunghun Lee
안녕하세요, 만 1년 만에 세계 선도 IT/게임사 벤치마킹 & 인사이트 보고서 6부를 올리게 되었습니다.
6부 주제는, 새로운 삶의 시작 입니다!
지난 1년 간 직접 경험한 실리콘밸리는 어떠했는지,
벤치마킹 대상 기업들의 시작 (0명 --> 30명)은 어떠했는지,
무엇이 저를 Ringle Start-up 창업으로 이끌었는지,
저의 사고와 삶은 어떻게 변하였는지,
중심으로 담아보았습니다.
6부를 쓰며, 아직 제가 많이 부족하다는 생각을 많이 했습니다.
그래도, 용기내어 한자 한자 적어보았습니다.
대한민국 Start-up 분들께 도움이 될 수 있길 소망합니다.
In this session, you'll learn what’s new and hot with AWS Lambda. Come learn about what we’ve been working on and what we are planning for the future. You'll get a hands-on demonstration of some our newest features.
2022 AWS Ask Me Anything for Cloud Career 에서 진행한 'AWS CDK를 활용한 클라우드 프로그래밍' 주제 발표 자료입니다.
Typescript, Java, Python과 같이 익숙한 프로그래밍 언어를 사용해서 AWS 클라우드를 구축할 수 있게 도와주는 오픈소스 프레임워크인 AWS CDK(Cloud Development Kit)에 대해 소개해드립니다.
AWS CDK에 대한 소개와 사용 방법, API Gateway + Lambda로 클라우드를 실제로 구축해보는 내용을 다룹니다.
This is a presentation on the topic of 'Cloud Programming with AWS CDK' held at the 2022 AWS Ask Me Anything for Cloud Career.
In this session, I Introduce the AWS Cloud Development Kit (AWS CDK), an open source framework that helps you build the AWS Cloud using familiar programming languages such as Typescript, Java, and Python.
The presentation includes introduction to the AWS CDK, how to use it, and actually building a cloud with API Gateway + Lambda.
Just as serverless application development is rapidly becoming the most popular way to bring highly scalable applications to the cloud, .NET has undergone radical changes with .NET Core to become a premier development platform for the cloud. In this session, you will learn how to use the newly launched C# support for .NET Core with AWS Lambda to create highly scalable serverless applications that target platforms from the traditional desktop to mobile devices. We will demonstrate how to write, test, and deploy C# code to AWS Lambda and see how we can leverage our serverless back end from mobile applications.
NTNU Tech Talks : Smartening up a Pi Zero Security Camera with Amazon Web Ser...Mark West
A key advantage of the IoT is that it enables you to expand the potential of constrained devices by giving them access to the computational power of The Cloud.
In this session I’ll show you how I transformed a lowly Raspberry Pi Zero webcam into a smart security camera (with motion detection, threat detection and alert notifications) by combining open source software with cloud based image analysis.
Attendees can expect a short introduction on how to set up their own Raspberry Pi Zero webcam, a comparison of some of the image analysis API’s currently available, and finally a demonstration of how I used Node.js and a range of cloud based API’s (including Amazon's Rekognition, Lambda and Step Functions) to help my smart security camera distinguish between an unwanted guest and the neighbour’s cat.
You can now develop your AWS Lambda functions in C# using the .NET Core 1.0 runtime.
The easiest way to get started is with the AWS Toolkit for Visual Studio, which includes project templates for individual C# Lambda functions, full C# serverless applications, and also tools to publish both projects types to AWS.
To manually create a C# Lambda function, you simply specify the Lambda runtime parameter as “netcore1.0” and upload the ZIP of all NuGet dependencies as well as your own published DLL assemblies through the AWS CLI or AWS Lambda console. Alternatively, you can use AWS CloudFormation through the AWS Serverless Application Specification for deploying your C# Lambda function.
With AWS Lambda, you can easily build scalable microservices for mobile, web, and IoT applications or respond to events from other AWS services without managing infrastructure. In this session, you’ll see demonstrations and hear more about newly launched features. We’ll show you how to use Lambda to build web, mobile, or IoT backends and voice-enabled apps, and we'll show you how to extend both AWS and third party services by triggering Lambda functions. We’ll also provide productivity and performance tips for getting the most out of your Lambda functions and show how cloud native architectures use Lambda to eliminate “cold servers” and excess capacity without sacrificing scalability or responsiveness.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
A tale of scale & speed: How the US Navy is enabling software delivery from l...sonjaschweigert1
Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved:
- Reduction in onboarding time from 5 weeks to 1 day
- Improved developer experience and productivity through actionable findings and reduction of false positives
- Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO)
Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production.
We will cover:
- How to remove silos in DevSecOps
- How to build efficient development pipeline roles and component templates
- How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence)
- How to streamline operations with automated policy checks on container images
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
In his public lecture, Christian Timmerer provides insights into the fascinating history of video streaming, starting from its humble beginnings before YouTube to the groundbreaking technologies that now dominate platforms like Netflix and ORF ON. Timmerer also presents provocative contributions of his own that have significantly influenced the industry. He concludes by looking at future challenges and invites the audience to join in a discussion.
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfPaige Cruz
Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack.
While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack.
I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:
Removing Uninteresting Bytes in Software FuzzingAftab Hussain
Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process.
In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds.
- These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdfPeter Spielvogel
Building better applications for business users with SAP Fiori.
• What is SAP Fiori and why it matters to you
• How a better user experience drives measurable business benefits
• How to get started with SAP Fiori today
• How SAP Fiori elements accelerates application development
• How SAP Build Code includes SAP Fiori tools and other generative artificial intelligence capabilities
• How SAP Fiori paves the way for using AI in SAP apps
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...SOFTTECHHUB
The choice of an operating system plays a pivotal role in shaping our computing experience. For decades, Microsoft's Windows has dominated the market, offering a familiar and widely adopted platform for personal and professional use. However, as technological advancements continue to push the boundaries of innovation, alternative operating systems have emerged, challenging the status quo and offering users a fresh perspective on computing.
One such alternative that has garnered significant attention and acclaim is Nitrux Linux 3.5.0, a sleek, powerful, and user-friendly Linux distribution that promises to redefine the way we interact with our devices. With its focus on performance, security, and customization, Nitrux Linux presents a compelling case for those seeking to break free from the constraints of proprietary software and embrace the freedom and flexibility of open-source computing.
Climate Impact of Software Testing at Nordic Testing DaysKari Kakkonen
My slides at Nordic Testing Days 6.6.2024
Climate impact / sustainability of software testing discussed on the talk. ICT and testing must carry their part of global responsibility to help with the climat warming. We can minimize the carbon footprint but we can also have a carbon handprint, a positive impact on the climate. Quality characteristics can be added with sustainability, and then measured continuously. Test environments can be used less, and in smaller scale and on demand. Test techniques can be used in optimizing or minimizing number of tests. Test automation can be used to speed up testing.
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionAggregage
Join Maher Hanafi, VP of Engineering at Betterworks, in this new session where he'll share a practical framework to transform Gen AI prototypes into impactful products! He'll delve into the complexities of data collection and management, model selection and optimization, and ensuring security, scalability, and responsible use.
Pushing the limits of ePRTC: 100ns holdover for 100 daysAdtran
At WSTS 2024, Alon Stern explored the topic of parametric holdover and explained how recent research findings can be implemented in real-world PNT networks to achieve 100 nanoseconds of accuracy for up to 100 days.