AWS Shield is a managed DDoS protection service. With AWS Shield, you can help protect Amazon CloudFront, Elastic Load Balancing, and Amazon Route 53 resources from DDoS attacks. In addition to introducing AWS Shield, this session presents some of the things we do behind the scenes to detect and mitigate Layer 3/4 network attacks and highlights ways you can use this new service to protect against Layer 7 application attacks.
Learning Objectives:
• Learn about the different types of DDoS protections AWS Shield offers
• Understand the difference between the Standard and Advanced tiers
• Hear how AWS WAF works with AWS Shield to provide a strong defense against DDoS attacks
• Learn how to get started with AWS Shield
AWS is hosting the first FSI Cloud Symposium in Hong Kong, which will take place on Thursday, March 23, 2017 at Grand Hyatt Hotel. The event will bring together FSI customers, industry professional and AWS experts, to explore how to turn the dream of transformation, innovation and acceleration into reality by exploiting Cloud, Voice to Text and IoT technologies. The packed agenda includes expert sessions on a host of pressing issues, such as security and compliance, as well as customer experience sharing on how cloud computing is benefiting the industry.
Speaker: Brian Wagner, Security Consultant, Professional Services, AWS
At re:Invent 2016, we are launching AWS Shield, a managed DDoS protection service. With AWS Shield, you can help protect Amazon CloudFront, Elastic Load Balancing, and Amazon Route 53 resources from DDoS attacks. In addition to introducing AWS Shield, this session presents some of the things we do behind the scenes to detect and mitigate Layer 3/4 network attacks and highlights ways you can use this new service to protect against Layer 7 application attacks.
Distributed denial of service (DDoS) can have an impact on the availability, security and resources consumption for your web application. AWS Web Application Firewall and AWS Shield allow to protect web applications from these attacks.
Secure your Web Applications with AWS Web Application Firewall (WAF) and AWS ...Amazon Web Services
Learning Objectives:
- Learn how to secure your web applications
- Learn how to configure AWS Shield and AWS WAF
- Learn how to defend the most common Layer 7 attacks
Distributed denial of service (DDoS) and other web attacks can affect your application’s availability, compromise its security, and consume excessive resources. AWS Shield and AWS Web Application Firewall (WAF) help secure your applications from these types of attacks. AWS Shield is a managed DDoS protection service that offers always-on detection and automatic inline mitigation to minimize application downtime and latency. AWS WAF is a web application firewall that helps protect your applications from common web exploits such as SQLi, XSS, and botnets. This introductory tech talk will provide you an overview and demonstration of these services.
Simplify & Standardise Your Migration to AWS with a Migration Landing ZoneAmazon Web Services
With customers migrating workloads to AWS, we are starting to see a need for the creation of a prescribed landing zone, which uses native AWS capabilities and meets or exceeds customers' security and compliance objectives. In this session, we will describe an AWS landing zone and explain features for account structuring, user configuration, provisioning, networking and operation automation. The Migration Landing Zone solution is based on AWS native capabilities such as AWS Service Catalog, AWS Identity and Access Management, AWS Config Rules, AWS CloudTrail and AWS Lambda. We will provide an overview of AWS Service Catalog and how it be used to provide self-service infrastructure to applications users, including various options for automation. After this session you will be able to configure an AWS landing zone for successful large scale application migrations.
Speaker: Koen Biggelaar, Senior Manager, Solutions Architecture, Amazon Web Services and Mahmoud ElZayet
At AWS, cloud security is our highest priority. All AWS customers inherit the best practices of AWS policies, architecture, and operational processes built to satisfy the requirements of the most security-sensitive organizations in the most highly-regulated industries in the world – including financial services. In this talk, AWS experts discuss the fundamentals of AWS Cloud security, best practices, and services customers can leverage in order to operate and innovate in the cloud – more securely than on premises.
AWS is hosting the first FSI Cloud Symposium in Hong Kong, which will take place on Thursday, March 23, 2017 at Grand Hyatt Hotel. The event will bring together FSI customers, industry professional and AWS experts, to explore how to turn the dream of transformation, innovation and acceleration into reality by exploiting Cloud, Voice to Text and IoT technologies. The packed agenda includes expert sessions on a host of pressing issues, such as security and compliance, as well as customer experience sharing on how cloud computing is benefiting the industry.
Speaker: Brian Wagner, Security Consultant, Professional Services, AWS
At re:Invent 2016, we are launching AWS Shield, a managed DDoS protection service. With AWS Shield, you can help protect Amazon CloudFront, Elastic Load Balancing, and Amazon Route 53 resources from DDoS attacks. In addition to introducing AWS Shield, this session presents some of the things we do behind the scenes to detect and mitigate Layer 3/4 network attacks and highlights ways you can use this new service to protect against Layer 7 application attacks.
Distributed denial of service (DDoS) can have an impact on the availability, security and resources consumption for your web application. AWS Web Application Firewall and AWS Shield allow to protect web applications from these attacks.
Secure your Web Applications with AWS Web Application Firewall (WAF) and AWS ...Amazon Web Services
Learning Objectives:
- Learn how to secure your web applications
- Learn how to configure AWS Shield and AWS WAF
- Learn how to defend the most common Layer 7 attacks
Distributed denial of service (DDoS) and other web attacks can affect your application’s availability, compromise its security, and consume excessive resources. AWS Shield and AWS Web Application Firewall (WAF) help secure your applications from these types of attacks. AWS Shield is a managed DDoS protection service that offers always-on detection and automatic inline mitigation to minimize application downtime and latency. AWS WAF is a web application firewall that helps protect your applications from common web exploits such as SQLi, XSS, and botnets. This introductory tech talk will provide you an overview and demonstration of these services.
Simplify & Standardise Your Migration to AWS with a Migration Landing ZoneAmazon Web Services
With customers migrating workloads to AWS, we are starting to see a need for the creation of a prescribed landing zone, which uses native AWS capabilities and meets or exceeds customers' security and compliance objectives. In this session, we will describe an AWS landing zone and explain features for account structuring, user configuration, provisioning, networking and operation automation. The Migration Landing Zone solution is based on AWS native capabilities such as AWS Service Catalog, AWS Identity and Access Management, AWS Config Rules, AWS CloudTrail and AWS Lambda. We will provide an overview of AWS Service Catalog and how it be used to provide self-service infrastructure to applications users, including various options for automation. After this session you will be able to configure an AWS landing zone for successful large scale application migrations.
Speaker: Koen Biggelaar, Senior Manager, Solutions Architecture, Amazon Web Services and Mahmoud ElZayet
At AWS, cloud security is our highest priority. All AWS customers inherit the best practices of AWS policies, architecture, and operational processes built to satisfy the requirements of the most security-sensitive organizations in the most highly-regulated industries in the world – including financial services. In this talk, AWS experts discuss the fundamentals of AWS Cloud security, best practices, and services customers can leverage in order to operate and innovate in the cloud – more securely than on premises.
Threat detection on AWS: An introduction to Amazon GuardDuty - FND216 - AWS r...Amazon Web Services
Amazon GuardDuty is a threat detection system that is reimagined and purpose-built for the cloud. Once enabled, GuardDuty immediately starts analyzing continuous streams of account and network activity in near real-time and at scale. You do not have to deploy or manage any additional security software, sensors, or network appliances. Threat intelligence is pre-integrated into the service and is continuously updated and maintained. This session introduces you to GuardDuty, walks you through the detection of an event, and discusses the various ways you can react and remediate.
by Michael St. Onge, Global Cloud Security Architect, AWS
Join us for this hands-on lab where you will learn about the new service Amazon GuardDuty by walking through its capabilities and some real-world attack scenarios. You will need an AWS account to do the lab. This should be your own personal account and not an account through your company given the activity in the lab. AWS Credits will be provided to help cover any costs incurred in the lab. Level 300
더욱 진화하는 AWS 네트워크 보안 - 신은수 AWS 시큐리티 스페셜리스트 솔루션즈 아키텍트 :: AWS Summit Seoul 2021Amazon Web Services Korea
Amazon VPC 내의 주요 자원을 보호하거나 규정 준수를 위해 사용되어야 하는 보안 어플라이언스의 효율적인 구성을 돕는 AWS Gateway Load Balancer의 사용 방법과 동작 원리를 알려 드립니다. Amazon VPC 내부에서 인터넷 사이트의 접근을 제한하거나 외부로부터의 침입 탐지 및 차단 기능을 사용할 수 있는 IPS 기능을 포함하는 AWS 의 관리형 방화벽인 AWS Network Firewall 의 사용 방법과 구성 가능한 다양한 레퍼런스 케이스에 대해서도 설명해 드립니다.
[AWS Builders] AWS IAM 을 통한 클라우드에서의 권한 관리 - 신은수, AWS Security Specialist SAAmazon Web Services Korea
발표자료 다시보기: https://youtu.be/A77sIwSPCsE
AWS 에서는 클라우드 환경에서의 권한 관리를 위하여 IAM( Identity & Access Management ) 서비스를 제공하고 있습니다. 이 웨비나는AWS 의 다양한 자원들에 대한 이용 권한을 효율적으로 제어하고 관리하기 위하여 사용될 수 있는 IAM 의 다양한 옵션들을 살펴보고 IAM 의 권한이 할당되는 원리들을 설명합니다.
다시보기 영상 링크: https://youtu.be/QGgQOcA3W6w
클라우드로의 마이그레이션이 증가하면서, 퍼블릭 클라우드를 목표로 한 공격도 폭증하고 있습니다. 특히, 클라우드 관리자의 자격증명을 탈취하려는 시도나 탈취된 자격증명을 이용하여 중요정보를 유출하고 대규모로 비트코인 채굴을 시도하는 행위들이 늘어가고 있습니다. AWS로의 이관을 고려하고 있거나 사용중인 고객들이라면, 이와 같이 클라우드의 특성을 활용하여 발생하고 있는 정교한 보안 위협들에 대응하기 위한 방법을 고민하셔야 합니다. 본 세션에서는 이러한 클라우드 네이티브 위협들에 효과적으로 대응하는 기능을 제공하는 GuardDuty, Inspector, Config, SecurityHub와 같은 AWS 보안 서비스들에 대한 설명을 진행합니다.
Amazon Route 53 is a highly available, scalable, and easy to use cloud Domain Name System (DNS) web service. With an SLA of 100% availability, Route 53 is designed to give developers and businesses an extremely reliable and cost effective way to route end users to Internet applications. By using Route 53 as your DNS provider, you can ensure your application’s up-time, run architecture that delivers better performance, and provide your end users with a better experience through lower latency and faster load times, all at the fraction of the cost of other DNS providers. Learning Objective: In this webinar, you will learn the following: - General overview of DNS, and how Route 53 is built to provide reliable and secure DNS - Using the Route 53 console to manage your DNS, easily and seamlessly - Utilizing health checks and failover to ensure high availability - Configuring advanced routing policies, including running your application in multiple regions with LBR and Geo for better performance for your end users. - Saving costs by using Route 53 - Registering or transferring your domains into Route 53 to manage all of your domain resources from one place - How to start using Route 53, including migrating your DNS without experiencing any downtime.
In this webinar, you'll learn about the foundational security blocks and how to start using them effectively to create robust and secure architectures. Discover how Identity and Access management is done and how it integrates with other AWS services. In addition, learn how to improve governance by using AWS Security Hub, AWS Config and CloudTrail to gain unprecedented visibility of activity in the account. Subsequently use AWS Config rules to rectify configuration issues quickly and effectively.
This session is designed to introduce you to fundamental cloud computing and AWS security concepts that will help you prepare for the Security Week sessions, demos, and workshops. We will also provide an overview of the Security pillar of the AWS Cloud Adoption Framework (CAF) and talk about how AWS keeps humans away from data—and how you can, too.
많은 기업들의 클라우드 환경이 확대되고 사용자 작업 환경 및 워크로드가 다양한 액세스 유형과 위치를 가짐에 따라 통합적인 IAM 관리가 요구되고 있습니다. 이 세션에서는 AWS 계정, 보안 주체, 권한 정책 등 IAM 구성 요소에 대한 이해와 이를 바탕으로 다중 AWS 계정 및 하이브리드 환경에서 IAM, IAM Identity Center, IAM Roles Anywhere를 활용하여 AWS 리소스의 안전한 사용을 돕는 베스트 프랙티스를 소개합니다.
In this session, you will learn about Amazon Macie, a new visibility security service that helps you classify and secure your sensitive and business-critical content. Macie uses machine learning to automatically discover, classify, and protect sensitive data in the AWS Cloud, and it recognizes sensitive data such as personally identifiable information (PII) and intellectual property. You also will learn about the available types of alerts (basic and predictive) and demonstrate how you can use Amazon CloudWatch Events, AWS Lambda, and Amazon SNS topics to automate remediation actions to unauthorized access and inadvertent data leaks.
Amazon EC2 provides a broad selection of instance types to accommodate a diverse mix of workloads. In this session, we provide an overview of the Amazon EC2 instance platform, key features, and the concept of instance generations.
Identity and Access Management: The First Step in AWS SecurityAmazon Web Services
Identity and Access Management (IAM) is first step towards AWS cloud adoption because in the cloud, first you grant access and only then can you provision infrastructure (the opposite approach of on-premises). In this session, you will learn how to define fine-grained access to AWS resources via users, roles, and groups; design privileged user and multi-factor authentication mechanisms; and operate IAM at scale.
Level: 100
Speaker: Don Edwards - Sr. Technical Delivery Manager, AWS
Bigger and more sophisticated distributed denial of service (DDoS) attacks are targeting the Internet’s Domain Name System (DNS) causing significant downtime to websites and application. Amazon Route 53, the AWS DNS service, integrates tightly with AWS Shield, the AWS service that provides managed DDoS protection, to safeguard your web applications and protect against large scale attacks. Techniques Amazon Route 53 employs to thwart DDoS attacks including Anycast Striping, Shuffle Sharding and a global network of 56 points of presence. Mitigation strategies AWS Shield provides including inline mitigations, visibility and cost protection.
Learning Objectives:
• Learn how Amazon Route 53 scales against DDoS attacks
• Learn about the advanced features like Anycast Striping and traffic shaping mitigates DDoS risks
• Learn how always-on inline mitigation techniques protects against advanced attacks
• Learn how AWS Shield integrates with Amazon Route53 to monitor traffic signatures and undertakes deterministic packet filtering to minimize application downtime
• Learn why customers should use Amazon Route 53 and AWS Shield to protect against DNS DDoS attacks
AWS re:Invent 2016: Mitigating DDoS Attacks on AWS: Five Vectors and Four Use...Amazon Web Services
Distributed denial of service (DDoS) attack mitigation has traditionally been a challenge for those hosting on fixed infrastructure. In the cloud, users can build applications on elastic infrastructure that is capable of mitigating and absorbing DDoS attacks. What once required overprovisioning, additional infrastructure, or third-party services is now an inherent capability of many cloud-based applications. This session explains common DDoS attack vectors and how AWS customers with different use cases are addressing these challenges. As part of the session, we show you how to build applications that are resilient to DDoS and demonstrate how they work in practice.
Threat detection on AWS: An introduction to Amazon GuardDuty - FND216 - AWS r...Amazon Web Services
Amazon GuardDuty is a threat detection system that is reimagined and purpose-built for the cloud. Once enabled, GuardDuty immediately starts analyzing continuous streams of account and network activity in near real-time and at scale. You do not have to deploy or manage any additional security software, sensors, or network appliances. Threat intelligence is pre-integrated into the service and is continuously updated and maintained. This session introduces you to GuardDuty, walks you through the detection of an event, and discusses the various ways you can react and remediate.
by Michael St. Onge, Global Cloud Security Architect, AWS
Join us for this hands-on lab where you will learn about the new service Amazon GuardDuty by walking through its capabilities and some real-world attack scenarios. You will need an AWS account to do the lab. This should be your own personal account and not an account through your company given the activity in the lab. AWS Credits will be provided to help cover any costs incurred in the lab. Level 300
더욱 진화하는 AWS 네트워크 보안 - 신은수 AWS 시큐리티 스페셜리스트 솔루션즈 아키텍트 :: AWS Summit Seoul 2021Amazon Web Services Korea
Amazon VPC 내의 주요 자원을 보호하거나 규정 준수를 위해 사용되어야 하는 보안 어플라이언스의 효율적인 구성을 돕는 AWS Gateway Load Balancer의 사용 방법과 동작 원리를 알려 드립니다. Amazon VPC 내부에서 인터넷 사이트의 접근을 제한하거나 외부로부터의 침입 탐지 및 차단 기능을 사용할 수 있는 IPS 기능을 포함하는 AWS 의 관리형 방화벽인 AWS Network Firewall 의 사용 방법과 구성 가능한 다양한 레퍼런스 케이스에 대해서도 설명해 드립니다.
[AWS Builders] AWS IAM 을 통한 클라우드에서의 권한 관리 - 신은수, AWS Security Specialist SAAmazon Web Services Korea
발표자료 다시보기: https://youtu.be/A77sIwSPCsE
AWS 에서는 클라우드 환경에서의 권한 관리를 위하여 IAM( Identity & Access Management ) 서비스를 제공하고 있습니다. 이 웨비나는AWS 의 다양한 자원들에 대한 이용 권한을 효율적으로 제어하고 관리하기 위하여 사용될 수 있는 IAM 의 다양한 옵션들을 살펴보고 IAM 의 권한이 할당되는 원리들을 설명합니다.
다시보기 영상 링크: https://youtu.be/QGgQOcA3W6w
클라우드로의 마이그레이션이 증가하면서, 퍼블릭 클라우드를 목표로 한 공격도 폭증하고 있습니다. 특히, 클라우드 관리자의 자격증명을 탈취하려는 시도나 탈취된 자격증명을 이용하여 중요정보를 유출하고 대규모로 비트코인 채굴을 시도하는 행위들이 늘어가고 있습니다. AWS로의 이관을 고려하고 있거나 사용중인 고객들이라면, 이와 같이 클라우드의 특성을 활용하여 발생하고 있는 정교한 보안 위협들에 대응하기 위한 방법을 고민하셔야 합니다. 본 세션에서는 이러한 클라우드 네이티브 위협들에 효과적으로 대응하는 기능을 제공하는 GuardDuty, Inspector, Config, SecurityHub와 같은 AWS 보안 서비스들에 대한 설명을 진행합니다.
Amazon Route 53 is a highly available, scalable, and easy to use cloud Domain Name System (DNS) web service. With an SLA of 100% availability, Route 53 is designed to give developers and businesses an extremely reliable and cost effective way to route end users to Internet applications. By using Route 53 as your DNS provider, you can ensure your application’s up-time, run architecture that delivers better performance, and provide your end users with a better experience through lower latency and faster load times, all at the fraction of the cost of other DNS providers. Learning Objective: In this webinar, you will learn the following: - General overview of DNS, and how Route 53 is built to provide reliable and secure DNS - Using the Route 53 console to manage your DNS, easily and seamlessly - Utilizing health checks and failover to ensure high availability - Configuring advanced routing policies, including running your application in multiple regions with LBR and Geo for better performance for your end users. - Saving costs by using Route 53 - Registering or transferring your domains into Route 53 to manage all of your domain resources from one place - How to start using Route 53, including migrating your DNS without experiencing any downtime.
In this webinar, you'll learn about the foundational security blocks and how to start using them effectively to create robust and secure architectures. Discover how Identity and Access management is done and how it integrates with other AWS services. In addition, learn how to improve governance by using AWS Security Hub, AWS Config and CloudTrail to gain unprecedented visibility of activity in the account. Subsequently use AWS Config rules to rectify configuration issues quickly and effectively.
This session is designed to introduce you to fundamental cloud computing and AWS security concepts that will help you prepare for the Security Week sessions, demos, and workshops. We will also provide an overview of the Security pillar of the AWS Cloud Adoption Framework (CAF) and talk about how AWS keeps humans away from data—and how you can, too.
많은 기업들의 클라우드 환경이 확대되고 사용자 작업 환경 및 워크로드가 다양한 액세스 유형과 위치를 가짐에 따라 통합적인 IAM 관리가 요구되고 있습니다. 이 세션에서는 AWS 계정, 보안 주체, 권한 정책 등 IAM 구성 요소에 대한 이해와 이를 바탕으로 다중 AWS 계정 및 하이브리드 환경에서 IAM, IAM Identity Center, IAM Roles Anywhere를 활용하여 AWS 리소스의 안전한 사용을 돕는 베스트 프랙티스를 소개합니다.
In this session, you will learn about Amazon Macie, a new visibility security service that helps you classify and secure your sensitive and business-critical content. Macie uses machine learning to automatically discover, classify, and protect sensitive data in the AWS Cloud, and it recognizes sensitive data such as personally identifiable information (PII) and intellectual property. You also will learn about the available types of alerts (basic and predictive) and demonstrate how you can use Amazon CloudWatch Events, AWS Lambda, and Amazon SNS topics to automate remediation actions to unauthorized access and inadvertent data leaks.
Amazon EC2 provides a broad selection of instance types to accommodate a diverse mix of workloads. In this session, we provide an overview of the Amazon EC2 instance platform, key features, and the concept of instance generations.
Identity and Access Management: The First Step in AWS SecurityAmazon Web Services
Identity and Access Management (IAM) is first step towards AWS cloud adoption because in the cloud, first you grant access and only then can you provision infrastructure (the opposite approach of on-premises). In this session, you will learn how to define fine-grained access to AWS resources via users, roles, and groups; design privileged user and multi-factor authentication mechanisms; and operate IAM at scale.
Level: 100
Speaker: Don Edwards - Sr. Technical Delivery Manager, AWS
Bigger and more sophisticated distributed denial of service (DDoS) attacks are targeting the Internet’s Domain Name System (DNS) causing significant downtime to websites and application. Amazon Route 53, the AWS DNS service, integrates tightly with AWS Shield, the AWS service that provides managed DDoS protection, to safeguard your web applications and protect against large scale attacks. Techniques Amazon Route 53 employs to thwart DDoS attacks including Anycast Striping, Shuffle Sharding and a global network of 56 points of presence. Mitigation strategies AWS Shield provides including inline mitigations, visibility and cost protection.
Learning Objectives:
• Learn how Amazon Route 53 scales against DDoS attacks
• Learn about the advanced features like Anycast Striping and traffic shaping mitigates DDoS risks
• Learn how always-on inline mitigation techniques protects against advanced attacks
• Learn how AWS Shield integrates with Amazon Route53 to monitor traffic signatures and undertakes deterministic packet filtering to minimize application downtime
• Learn why customers should use Amazon Route 53 and AWS Shield to protect against DNS DDoS attacks
AWS re:Invent 2016: Mitigating DDoS Attacks on AWS: Five Vectors and Four Use...Amazon Web Services
Distributed denial of service (DDoS) attack mitigation has traditionally been a challenge for those hosting on fixed infrastructure. In the cloud, users can build applications on elastic infrastructure that is capable of mitigating and absorbing DDoS attacks. What once required overprovisioning, additional infrastructure, or third-party services is now an inherent capability of many cloud-based applications. This session explains common DDoS attack vectors and how AWS customers with different use cases are addressing these challenges. As part of the session, we show you how to build applications that are resilient to DDoS and demonstrate how they work in practice.
Amazon EC2 F1 is a new compute instance with programmable hardware for application acceleration. With F1, you can directly access custom FPGA hardware on the instance in a few clicks.
Learning Objectives:
• Learn about the capabilities, features, and benefits of the new F1 instances
• Develop your FPGA using the F1 Hardware Developer Kit and FPGA Developer AMI
• Deploy your FPGA acceleration code using F1 instances
• Use F1 instances for hardware acceleration in your applications
• Learn how to offer pre-packaged Amazon FPGA Machine Images (AFIs) to your customers through the AWS Marketplace
"In this session, we will address the current threat landscape, present DDoS attacks that we have seen on AWS, and discuss the methods and technologies we use to protect AWS services. You will leave this session with a better understanding of:
DDoS attacks on AWS as well as the actual threats and volumes that we typically see.
What AWS does to protect our services from these attacks.
How this all relates to the AWS Shared Responsibility Model."
AWS WAF is a web application firewall that helps protect your web applications from common web exploits that could affect application availability, compromise security, or consume excessive resources. AWS WAF gives you control over which traffic to allow or block to your web applications by defining customizable web security rules. You can use AWS WAF to create custom rules that block common attack patterns, such as SQL injection or cross-site scripting, and rules that are designed for your specific application. New rules can be deployed within minutes, letting you respond quickly to changing traffic patterns. Also, AWS WAF includes a full-featured API that you can use to automate the creation, deployment, and maintenance of web security rules.
Presented by: Alessandro Esposito, Cloudfront Account Manager, Amazon Web Services
The presentation covers information about basic and advanced ddos attacks; the tools, techniques and methods to perform them and how to prevent them using the methods present in TCP/IP. Given the different network and application protocols for tcp/ip; we tried to describe where ddos attacks are made possible in the communication process . Each attack is seperately analyzed and described and defense technique is described using the same analogy. Our motto: If there is a ddos case, there was a way to defend it.
Announcing AWS Personal Health Dashboard - January 2017 AWS Online Tech TalksAmazon Web Services
Personal Health Dashboard gives you a personalized view of the status of the AWS services that power your applications, enabling you to quickly see when AWS is experiencing issues that may impact you. The dashboard displays relevant and timely information to help you manage events in progress, and provides proactive notification to help you plan for scheduled activities. And with alerts that are automatically triggered by changes in the health of AWS resources, you receive event visibility and guidance to help quickly diagnose and resolve issues.
Learning Objectives:
• Learn about the capabilities and features of AWS Personal Health Dashboard
• Learn about the benefits of AWS Personal Health Dashboard
• Learn about the different use cases
• Learn how to get started using AWS Personal Health Dashboard and the Health API
AWS re:Invent 2016: 6 Million New Registrations in 30 Days: How the Chick-fil...Amazon Web Services
Chris leads the team providing back-end services for the massively popular Chick-fil-A One mobile app that launched in June 2016. Chick-fil-A follows AWS best practices for web services and leverages numerous AWS services, including Elastic Beanstalk, DynamoDB, Lambda, and Amazon S3. This was the largest technology-dependent promotion in Chick-fil-A history. To ensure their architecture would perform at unknown and massive scale, Chris worked with AWS Support through an AWS Infrastructure Event Management (IEM) engagement and leaned on automated operations to enable load testing before launch.
AWS re:Invent 2016: Re-imagining Insurance Processes with AWS Mobile Services...Amazon Web Services
Insurance processes are fragmented and manual in nature. For the next generation of digitally savvy consumers, New York Life Labs uses modern technology and analytics to engage with and provide best-in-class customer service. This session will discuss how New York Life Labs is mobilizing key insurance technology components including customer service, underwriting, policy administration, and claims processing. This session will focus on how New York Life Labs is taking a mobile-first approach in redesigning claims processing with responsive design, automated workflows, and AWS mobile services. Some of the services discussed will be Amazon Cognito, Amazon SNS, AWS Lambda, Amazon DynamoDB, and Amazon SWF, and how they all come together.
AWS re:Invent 2016: Scaling Security Resources for Your First 10 Million Cust...Amazon Web Services
Cloud computing offers many advantages, such as the ability to scale your web applications or website on demand. But how do you scale your security and compliance infrastructure along with the business? Join this session to understand best practices for scaling your security resources as you grow from zero to millions of users. Specifically, you learn the following:
How to scale your security and compliance infrastructure to keep up with a rapidly expanding threat base.
The security implications of scaling for numbers of users and numbers of applications, and how to satisfy both needs.
How agile development with integrated security testing and validation leads to a secure environment.
Best practices and design patterns of a continuous delivery pipeline and the appropriate security-focused testing for each.
The necessity of treating your security as code, just as you would do with infrastructure.
The services covered in this session include AWS IAM, Auto Scaling, Amazon Inspector, AWS WAF, and Amazon Cognito.
AWS re:Invent 2016: Amazon CloudWatch Logs and AWS Lambda: A Match Made in He...Amazon Web Services
In this session, we cover three common scenarios that include Amazon CloudWatch Logs and AWS Lambda. First, you learn how to build an Elasticsearch cluster from historical data using Amazon S3, Lambda, and CloudWatch Logs. Next, you learn how to add details to CloudWatch alarm notifications using Amazon SNS and Lambda. Finally, we show you how to bring Elastic Load Balancing logs to CloudWatch Logs using S3 bucket triggers from Lambda.
AWS re:Invent 2016: Securing Serverless Architectures, and API Filtering at L...Amazon Web Services
AWS serverless architecture components such as Amazon S3, Amazon SQS, Amazon SNS, CloudWatch Logs, DynamoDB, Amazon Kinesis, and Lambda can be tightly constrained in their operation. However, it may still be possible to use some of them to propagate payloads that could be used to exploit vulnerabilities in some consuming endpoints or user-generated code. This session explores techniques for enhancing the security of these services, from assessing and tightening permissions in IAM to integrating tools and mechanisms for inline and out-of-band payload analysis that are more typically applied to traditional server-based architectures.
AWS re:Invent 2016: Scaling Up to Your First 10 Million Users (ARC201)Amazon Web Services
Cloud computing gives you a number of advantages, such as the ability to scale your web application or website on demand. If you have a new web application and want to use cloud computing, you might be asking yourself, "Where do I start?" Join us in this session to understand best practices for scaling your resources from zero to millions of users. We show you how to best combine different AWS services, how to make smarter decisions for architecting your application, and how to scale your infrastructure in the cloud.
AWS re:Invent 2016: Getting Started with Serverless Architectures (CMP211)Amazon Web Services
Serverless architectures let you build and deploy applications and services with infrastructure resources that require zero administration. In the past, you had to provision and scale servers to run your application code, install and operate distributed databases, and build and run custom software to handle API requests. Now, AWS provides a stack of scalable, fully-managed services that eliminates these operational complexities.
In this session, you learn about the concepts and benefits of serverless architectures and the basics of the serverless stack AWS provides (e.g., AWS Lambda and Amazon API Gateway). We discuss use cases such as data processing, website backends, serverless applications and "operational glue". After that, you get practical tips and tricks, best practices, and architecture patterns that you can take back and implement immediately.
Introducing Amazon Lex – A Service for Building Voice or Text Chatbots - Marc...Amazon Web Services
Amazon Lex is a service for building conversational interfaces into any application using voice and text. Lex provides the advanced deep learning functionalities of automatic speech recognition (ASR) for converting speech to text, and natural language understanding (NLU) to recognize the intent of the text, to enable you to build applications with highly engaging user experiences and lifelike conversational interactions.
Learning Objectives:
• Learn about the capabilities and features of Amazon Lex
• Learn about the benefits of Amazon Lex
• Learn about the different use cases
• Learn how to get started using Amazon Lex
Deep Dive on AWS Lambda - January 2017 AWS Online Tech TalksAmazon Web Services
AWS Lambda lets you run code without provisioning or managing servers. You pay only for the compute time you consume - there is no charge when your code is not running. With Lambda, you can run code for virtually any type of application or backend service - all with zero administration. Just upload your code and Lambda takes care of everything required to run and scale your code with high availability. You can set up your code to automatically trigger from other AWS services or call it directly from any web or mobile app. In this session, we dive deep into AWS Lambda to learn about capabilities, features and benefits.
Learning Objectives:
• Dive deep into AWS Lambda
• Learn about the capabilities, features and benefits of AWS Lambda
• Learn about the different use cases
• Learn how to get started using AWS Lambda
Network security, Anti-DDoS and other Internet-side protections: Encryption i...Amazon Web Services
Architecting for resilience doesn’t stop at spreading EC2 and VPC-based environments across multiple Availability Zones. We discuss and demonstrate a number of protective measures which can be put in place between the Internet and your AWS environments to mitigate DDoS and other varieties of attack, and measures that can be deployed on-instance to protect EC2 environments. We also discuss whether encryption in transit is necessary within a VPC, and for customers who consider it to be, how to manage distribution of key material and other secret credentials in autoscaling environments.
Understand AWS best practices for Distributed Denial of Service (DDoS) resiliency and how AWS Shield can assist you to protect your business. Uncover how this tool safeguards web applications running on AWS, and how always-on detection and automatic inline mitigations minimize application downtime and latency.
SEC304 Advanced Techniques for DDoS Mitigation and Web Application DefenseAmazon Web Services
Security professionals and full-stack engineers will learn how to defend against distributed denial of service (DDoS) attacks and web application exploits by using automation to monitor activity, configure rate limiting, and deploy network filtering rules. This session will show you how to use Lambda functions to automate event response and integrate with your security operations tools. You will become an expert in advanced techniques to help you protect and monitor your AWS networks and resources using services such as Amazon Virtual Private Cloud, Amazon Web Application Firewall, Amazon Shield, and more. You will also learn how to monitor and gain deep visibility into your AWS environment by using highly-scaled solutions such as AWS CloudTrail and AWS CloudWatch.
Advanced Techniques for DDoS Mitigation and Web Application Defense | AWS Pub...Amazon Web Services
Security professionals and full-stack engineers will learn how to defend against distributed denial of service (DDoS) attacks and web application exploits by using automation to monitor activity, configure rate limiting, and deploy network filtering rules. This session will show you how to use Lambda functions to automate event response and integrate with your security operations tools. You will become an expert in advanced techniques to help you protect and monitor your AWS networks and resources using services such as Amazon Virtual Private Cloud, Amazon Web Application Firewall, Amazon Shield, and more. You will also learn how to monitor and gain deep visibility into your AWS environment by using highly-scaled solutions such as AWS CloudTrail and AWS CloudWatch. Learn More: https://aws.amazon.com/government-education/
SEC304 Advanced Techniques for DDoS Mitigation and Web Application DefenseAmazon Web Services
Security professionals and full-stack engineers will learn how to defend against distributed denial of service (DDoS) attacks and web application exploits by using automation to monitor activity, configure rate limiting, and deploy network filtering rules. This session will show you how to use Lambda functions to automate event response and integrate with your security operations tools. You will become an expert in advanced techniques to help you protect and monitor your AWS networks and resources using services such as Amazon Virtual Private Cloud, Amazon Web Application Firewall, Amazon Shield, and more. You will also learn how to monitor and gain deep visibility into your AWS environment by using highly-scaled solutions such as AWS CloudTrail and AWS CloudWatch.
SEC304 Advanced Techniques for DDoS Mitigation and Web Application DefenseAmazon Web Services
Security professionals and full-stack engineers will learn how to defend against distributed denial of service (DDoS) attacks and web application exploits by using automation to monitor activity, configure rate limiting, and deploy network filtering rules. This session will show you how to use Lambda functions to automate event response and integrate with your security operations tools. You will become an expert in advanced techniques to help you protect and monitor your AWS networks and resources using services such as Amazon Virtual Private Cloud, Amazon Web Application Firewall, Amazon Shield, and more. You will also learn how to monitor and gain deep visibility into your AWS environment by using highly-scaled solutions such as AWS CloudTrail and AWS CloudWatch.
Advanced Techniques for DDOS Mitigation and Web Application DefenseAmazon Web Services
Security professionals and full-stack engineers will learn how to defend against distributed denial of service (DDoS) attacks and web application exploits by using automation to monitor activity, configure rate limiting, and deploy network filtering rules.
Learning Objectives:
- Learn how to use AWS Shield to build scalable DDoS defense into your applications
- Learn how to monitor your applications on the AWS Cloud and detect DDoS attempts
- Learn how to respond to in-progress DDoS attempts
by Jeff Lyon, Manager of DDoS Ops Engineering, AWS
Mitigation of Distributed Denial of Service (DDoS) attacks to protect the availability of an application historically required expensive hardware, scaling of fixed capacity, or the enlistment of third-party DDoS mitigation services. Today, AWS provides you with tools to build applications that are automatically protected against DDoS attacks without having to invest in costly infrastructure, route traffic externally, or accept performance tradeoffs. In this session, you will learn simple techniques for building DDoS-resilient applications, monitoring and alarming on the presence of DDoS attacks, and responding to events in-progress.
The enterprise perimeter is disappearing. Migration to the cloud means a more distributed network infrastructure. Transition of web based applications to the cloud renders on premise mitigation tools ineffective against web attacks and requires organizations to protect applications both on premise and in-the-cloud.
Introducing Radware's Hybrid Cloud WAF Service - a fully-managed, always on service that integrates cloud-based with on premise protection against a broad range of attack vectors.
Visit here http://www.radware.com/social/hybridcloudwaf/ to read "The Dawn of Hybrid Cloud WAF" and to learn how the industry's first hybrid cloud-based WAF service addresses today's most challenging web-based cyber-attacks.
PLNOG 17 - Marek Karczewski - Mity i fakty skutecznej ochrony aplikacji inter...PROIDEA
Na przykładzie rozwiązania AMS (Attack Mitigation System) firmy RADWARE niniejsza prezentacja przedstawi różne modele skutecznej ochrony aplikacji internetowych zarówno w modelu „chmurowym” jak również mieszanym (hybrydowym). Prezentacja przedstawi również zalety implementacji mechanizmów bezpieczeństwa w formie natywnych funkcji sieciowych oraz odpowie na pytanie w jaki sposób zapewnić najlepszą ochronę przy jednoczesnym zachowaniu najwyższego poziomu SLA aplikacji.
HaltDos is a high throughput, high performance software based network appliance that can stay updated with evolving technology and threats without requiring hardware replacements. With its multi-layered and multi-vector approach, it can defend against a wide range of DDoS attacks within seconds to ensure high uptime of your website/web services.
Cloud-Native App Protection: Web Application Security at Pearson and other cu...Amazon Web Services
In this session, you learn how to adapt application defenses and operational responses based on your unique requirements. You also hear directly from customers about how they architected their applications on AWS to protect their applications. There are many ways to build secure, high-availability applications in the cloud. Services such as API Gateway, Amazon VPC, ALB, ELB, and Amazon EC2 are the basic building blocks that enable you to address a wide range of use cases. Best practices for defending your applications against Distributed Denial of Service (DDoS) attacks, exploitation attempts, and bad bots can vary with your choices in architecture.
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Amazon Web Services
Il Forecasting è un processo importante per tantissime aziende e viene utilizzato in vari ambiti per cercare di prevedere in modo accurato la crescita e distribuzione di un prodotto, l’utilizzo delle risorse necessarie nelle linee produttive, presentazioni finanziarie e tanto altro. Amazon utilizza delle tecniche avanzate di forecasting, in parte questi servizi sono stati messi a disposizione di tutti i clienti AWS.
In questa sessione illustreremo come pre-processare i dati che contengono una componente temporale e successivamente utilizzare un algoritmo che a partire dal tipo di dato analizzato produce un forecasting accurato.
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Amazon Web Services
La varietà e la quantità di dati che si crea ogni giorno accelera sempre più velocemente e rappresenta una opportunità irripetibile per innovare e creare nuove startup.
Tuttavia gestire grandi quantità di dati può apparire complesso: creare cluster Big Data su larga scala sembra essere un investimento accessibile solo ad aziende consolidate. Ma l’elasticità del Cloud e, in particolare, i servizi Serverless ci permettono di rompere questi limiti.
Vediamo quindi come è possibile sviluppare applicazioni Big Data rapidamente, senza preoccuparci dell’infrastruttura, ma dedicando tutte le risorse allo sviluppo delle nostre le nostre idee per creare prodotti innovativi.
Ora puoi utilizzare Amazon Elastic Kubernetes Service (EKS) per eseguire pod Kubernetes su AWS Fargate, il motore di elaborazione serverless creato per container su AWS. Questo rende più semplice che mai costruire ed eseguire le tue applicazioni Kubernetes nel cloud AWS.In questa sessione presenteremo le caratteristiche principali del servizio e come distribuire la tua applicazione in pochi passaggi
Vent'anni fa Amazon ha attraversato una trasformazione radicale con l'obiettivo di aumentare il ritmo dell'innovazione. In questo periodo abbiamo imparato come cambiare il nostro approccio allo sviluppo delle applicazioni ci ha permesso di aumentare notevolmente l'agilità, la velocità di rilascio e, in definitiva, ci ha consentito di creare applicazioni più affidabili e scalabili. In questa sessione illustreremo come definiamo le applicazioni moderne e come la creazione di app moderne influisce non solo sull'architettura dell'applicazione, ma sulla struttura organizzativa, sulle pipeline di rilascio dello sviluppo e persino sul modello operativo. Descriveremo anche approcci comuni alla modernizzazione, compreso l'approccio utilizzato dalla stessa Amazon.com.
Come spendere fino al 90% in meno con i container e le istanze spot Amazon Web Services
L’utilizzo dei container è in continua crescita.
Se correttamente disegnate, le applicazioni basate su Container sono molto spesso stateless e flessibili.
I servizi AWS ECS, EKS e Kubernetes su EC2 possono sfruttare le istanze Spot, portando ad un risparmio medio del 70% rispetto alle istanze On Demand. In questa sessione scopriremo insieme quali sono le caratteristiche delle istanze Spot e come possono essere utilizzate facilmente su AWS. Impareremo inoltre come Spreaker sfrutta le istanze spot per eseguire applicazioni di diverso tipo, in produzione, ad una frazione del costo on-demand!
In recent months, many customers have been asking us the question – how to monetise Open APIs, simplify Fintech integrations and accelerate adoption of various Open Banking business models. Therefore, AWS and FinConecta would like to invite you to Open Finance marketplace presentation on October 20th.
Event Agenda :
Open banking so far (short recap)
• PSD2, OB UK, OB Australia, OB LATAM, OB Israel
Intro to Open Finance marketplace
• Scope
• Features
• Tech overview and Demo
The role of the Cloud
The Future of APIs
• Complying with regulation
• Monetizing data / APIs
• Business models
• Time to market
One platform for all: a Strategic approach
Q&A
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Amazon Web Services
Per creare valore e costruire una propria offerta differenziante e riconoscibile, le startup di successo sanno come combinare tecnologie consolidate con componenti innovativi creati ad hoc.
AWS fornisce servizi pronti all'utilizzo e, allo stesso tempo, permette di personalizzare e creare gli elementi differenzianti della propria offerta.
Concentrandoci sulle tecnologie di Machine Learning, vedremo come selezionare i servizi di intelligenza artificiale offerti da AWS e, anche attraverso una demo, come costruire modelli di Machine Learning personalizzati utilizzando SageMaker Studio.
OpsWorks Configuration Management: automatizza la gestione e i deployment del...Amazon Web Services
Con l'approccio tradizionale al mondo IT per molti anni è stato difficile implementare tecniche di DevOps, che finora spesso hanno previsto attività manuali portando di tanto in tanto a dei downtime degli applicativi interrompendo l'operatività dell'utente. Con l'avvento del cloud, le tecniche di DevOps sono ormai a portata di tutti a basso costo per qualsiasi genere di workload, garantendo maggiore affidabilità del sistema e risultando in dei significativi miglioramenti della business continuity.
AWS mette a disposizione AWS OpsWork come strumento di Configuration Management che mira ad automatizzare e semplificare la gestione e i deployment delle istanze EC2 per mezzo di workload Chef e Puppet.
Scopri come sfruttare AWS OpsWork a garanzia e affidabilità del tuo applicativo installato su Instanze EC2.
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsAmazon Web Services
Vuoi conoscere le opzioni per eseguire Microsoft Active Directory su AWS? Quando si spostano carichi di lavoro Microsoft in AWS, è importante considerare come distribuire Microsoft Active Directory per supportare la gestione, l'autenticazione e l'autorizzazione dei criteri di gruppo. In questa sessione, discuteremo le opzioni per la distribuzione di Microsoft Active Directory su AWS, incluso AWS Directory Service per Microsoft Active Directory e la distribuzione di Active Directory su Windows su Amazon Elastic Compute Cloud (Amazon EC2). Trattiamo argomenti quali l'integrazione del tuo ambiente Microsoft Active Directory locale nel cloud e l'utilizzo di applicazioni SaaS, come Office 365, con AWS Single Sign-On.
Dal riconoscimento facciale al riconoscimento di frodi o difetti di fabbricazione, l'analisi di immagini e video che sfruttano tecniche di intelligenza artificiale, si stanno evolvendo e raffinando a ritmi elevati. In questo webinar esploreremo le possibilità messe a disposizione dai servizi AWS per applicare lo stato dell'arte delle tecniche di computer vision a scenari reali.
Amazon Web Services e VMware organizzano un evento virtuale gratuito il prossimo mercoledì 14 Ottobre dalle 12:00 alle 13:00 dedicato a VMware Cloud ™ on AWS, il servizio on demand che consente di eseguire applicazioni in ambienti cloud basati su VMware vSphere® e di accedere ad una vasta gamma di servizi AWS, sfruttando a pieno le potenzialità del cloud AWS e tutelando gli investimenti VMware esistenti.
Molte organizzazioni sfruttano i vantaggi del cloud migrando i propri carichi di lavoro Oracle e assicurandosi notevoli vantaggi in termini di agilità ed efficienza dei costi.
La migrazione di questi carichi di lavoro, può creare complessità durante la modernizzazione e il refactoring delle applicazioni e a questo si possono aggiungere rischi di prestazione che possono essere introdotti quando si spostano le applicazioni dai data center locali.
Crea la tua prima serverless ledger-based app con QLDB e NodeJSAmazon Web Services
Molte aziende oggi, costruiscono applicazioni con funzionalità di tipo ledger ad esempio per verificare lo storico di accrediti o addebiti nelle transazioni bancarie o ancora per tenere traccia del flusso supply chain dei propri prodotti.
Alla base di queste soluzioni ci sono i database ledger che permettono di avere un log delle transazioni trasparente, immutabile e crittograficamente verificabile, ma sono strumenti complessi e onerosi da gestire.
Amazon QLDB elimina la necessità di costruire sistemi personalizzati e complessi fornendo un database ledger serverless completamente gestito.
In questa sessione scopriremo come realizzare un'applicazione serverless completa che utilizzi le funzionalità di QLDB.
Con l’ascesa delle architetture di microservizi e delle ricche applicazioni mobili e Web, le API sono più importanti che mai per offrire agli utenti finali una user experience eccezionale. In questa sessione impareremo come affrontare le moderne sfide di progettazione delle API con GraphQL, un linguaggio di query API open source utilizzato da Facebook, Amazon e altro e come utilizzare AWS AppSync, un servizio GraphQL serverless gestito su AWS. Approfondiremo diversi scenari, comprendendo come AppSync può aiutare a risolvere questi casi d’uso creando API moderne con funzionalità di aggiornamento dati in tempo reale e offline.
Inoltre, impareremo come Sky Italia utilizza AWS AppSync per fornire aggiornamenti sportivi in tempo reale agli utenti del proprio portale web.
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareAmazon Web Services
Molte organizzazioni sfruttano i vantaggi del cloud migrando i propri carichi di lavoro Oracle e assicurandosi notevoli vantaggi in termini di agilità ed efficienza dei costi.
La migrazione di questi carichi di lavoro, può creare complessità durante la modernizzazione e il refactoring delle applicazioni e a questo si possono aggiungere rischi di prestazione che possono essere introdotti quando si spostano le applicazioni dai data center locali.
In queste slide, gli esperti AWS e VMware presentano semplici e pratici accorgimenti per facilitare e semplificare la migrazione dei carichi di lavoro Oracle accelerando la trasformazione verso il cloud, approfondiranno l’architettura e dimostreranno come sfruttare a pieno le potenzialità di VMware Cloud ™ on AWS.
Amazon Elastic Container Service (Amazon ECS) è un servizio di gestione dei container altamente scalabile, che semplifica la gestione dei contenitori Docker attraverso un layer di orchestrazione per il controllo del deployment e del relativo lifecycle. In questa sessione presenteremo le principali caratteristiche del servizio, le architetture di riferimento per i differenti carichi di lavoro e i semplici passi necessari per poter velocemente migrare uno o più dei tuo container.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
5. Types of DDoS attacks
Volumetric DDoS attacks
Congest networks by flooding them with
more traffic than they are able to handle
(e.g., UDP reflection attacks)
6. Types of DDoS attacks
State-exhaustion DDoS attacks
Abuse protocols to stress systems like
firewalls, IPS, or load balancers (e.g., TCP
SYN flood)
7. Types of DDoS attacks
Application-layer DDoS attacks
Use well-formed but malicious requests to
circumvent mitigation and consume
application resources (e.g., HTTP GET, DNS
query floods)
8. DDoS attack trends
Volumetric State exhaustion Application layer
65%
Volumetric
20%
State exhaustion
15%
Application layer
9. DDoS attack trends
Volumetric State exhaustion Application layer
SSDP reflection attacks are very
common
Reflection attacks have clear signatures,
but can consume available bandwidth.
65%
Volumetric
20%
State exhaustion
15%
Application layer
10. DDoS attack trends
Volumetric State exhaustion Application layer
65%
Volumetric
20%
State exhaustion
15%
Application layer
Other common volumetric attacks:
NTP reflection, DNS reflection,
Chargen reflection, SNMP reflection
11. DDoS attack trends
Volumetric State exhaustion Application layer
SYN floods can look like real
connection attempts
And on average, they are larger in
volume. They can prevent real users
from establishing connections.
65%
Volumetric
20%
State exhaustion
15%
Application layer
12. DDoS attack trends
Volumetric State exhaustion Application layer
DNS query floods are real DNS requests
These can continue for hours and exhaust the
available resources of the DNS server.
65%
Volumetric
20%
State exhaustion
15%
Application layer
13. DDoS attack trends
Volumetric State exhaustion Application layer
65%
Volumetric
20%
State exhaustion
15%
Application layer
Other common application
layer attacks:
HTTP GET flood, Slowloris
15. Challenges in mitigating DDoS attacks
Difficult to enable
Complex set-up Provision bandwidth capacity Application re-architecture
16. Challenges in mitigating DDoS attacks
Traditional
Datacenter
Manual involvement
Operator involvement to
initiate mitigation
Re-route traffic via distant
scrubbing location
Increased time to mitigate
17. Challenges in mitigating DDoS attacks
Traditional
Datacenter
Traffic re-routing = Increased latency for users
20. At AWS, our goal has always been to …
Remove undifferentiated
heavy-lifting
Ensure availability
Automatically protected
against common attacks
AWS services are
highly available
21. DDoS protections built into AWS
Integrated into the AWS global infrastructure
Always-on, fast mitigation without external routing
Redundant Internet connectivity in AWS data
centers
22. DDoS protections built into AWS
Protection against most
common infrastructure attacks
SYN/ACK Floods, UDP Floods,
Refection attacks etc.
No additional cost
DDoS mitigation
systems
DDoS Attack
Users
23. Customers keep asking …
Does AWS protect me
from DDoS attacks?
What about large
DDoS attacks?
How can I get visibility
when I get attacked?
Does AWS protect
me from application
layer attacks?
Scaling for
DDoS attacks is
expensive.
I want to talk to
DDoS experts.
25. AWS Shield
Standard Protection Advanced Protection
Available to ALL AWS customers at
No Additional Cost
Paid service that provides additional,
comprehensive protections from large
and sophisticated attacks
29. AWS Shield Standard
Better protection than ever for your applications running on AWS
Improved mitigations using proprietary BlackWatch systems
Additional mitigation capacity
Commitment to continuously improve detection and mitigation
Still at no additional cost
31. AWS Shield Advanced
AWS Integration
DDoS protection without
infrastructure changes
Affordable
Don’t make trade-offs
between cost and quality
Flexible
Customize protections for
your applications
Always-On Detection
and Mitigation
Minimizes impact on
application latency
Four key pillars…
40. Always-on monitoring and detection
Signature based
detection
Heuristics-based
anomaly detection
Baselining
41. Always-on monitoring and detection
Detects anomaly based on attributes such as:
Source IP
Source ASN
Traffic levels
Validated sources
Heuristics-based anomaly detection
42. Always-on monitoring and detection
Continuously baselining normal traffic patterns:
HTTP Requests per second
Source IP Address
URLs
User-Agents
Baselining
43. AWS Shield Advanced
Always-on monitoring &
detection
Advanced L3/4 & L7 DDoS
protection
Attack notification and
reporting
24x7 access to DDoS
Response Team
AWS bill protection
48. Low suspicion attributes
Normal packet or request header
Traffic composition and volume is
typical given its source
Traffic valid for its destination
High suspicion attributes
Suspicious packet or request headers
Entropy in traffic by header attribute
Entropy in traffic source and volume
Traffic source has a poor reputation
Traffic invalid for its destination
Request with cache-busting attributes
Layer 3/4 infrastructure protection
Traffic prioritization based on scoring
49. Layer 3/4 infrastructure protection
Inline inspection and scoring
Preferentially discard lower priority (attack) traffic
False positives are avoided and legitimate viewers are protected
High-suspicion
packets dropped
Low-suspicion
packets retained
Traffic prioritization based on scoring
50. Layer 3/4 infrastructure protection
Distributed scrubbing and bandwidth capacity
Automated routing policies to absorb large attacks
Manual traffic engineering
Bring Additional mitigation capacity Inline for Large
and Sophisticated DDoS Attacks
Advanced routing policies
57. Always-on monitoring &
detection
Advanced L3/4 & L7 DDoS
protection
24x7 access to DDoS
Response Team
AWS bill protection
AWS Shield Advanced
Attack notification and
reporting
58. Attack notification and reporting
Attack monitoring
and detection
Real-time notification of attacks via Amazon CloudWatch
Near real-time metrics and packet captures for attack forensics
Historical attack reports
59. Always-on monitoring &
detection
Advanced L3/4 & L7 DDoS
protection
Attack notification and
reporting
AWS bill protection
AWS Shield Advanced
24x7 access to DDoS
Response Team
60. 24x7 access to DDoS Response Team
Critical and urgent priority cases are
answered quickly and routed directly
to DDoS experts
Complex cases can be escalated to the
AWS DDoS Response Team (DRT), who
have deep experience in protecting AWS
as well as Amazon.com and its subsidiaries
61. 24x7 access to DDoS Response Team
Before Attack
Proactive consultation
and best practice guidance
During Attack
Attack mitigation
After Attack
Post-mortem
analysis
62. AWS Shield Advanced
Always-on monitoring &
detection
Advanced L3/4 & L7 DDoS
protection
Attack notification and
reporting
24x7 access to DDoS
Response Team
AWS bill protection
65. No commitment
No additional cost
AWS DDoS Shield: Pricing
1 year subscription commitment
Monthly fee: $3,000
Data transfer fees
Data Transfer Price ($ per GB)
CloudFront ELB
First 100 TB $0.025 0.050
Next 400 TB $0.020 0.040
Next 500 TB $0.015 0.030
Next 4 PB $0.010 Contact Us
Above 5 PB Contact Us Contact Us
Standard Protection Advanced Protection
66. For protection against most
common DDoS attacks, and
access to tools and best practices
to build a DDoS resilient
architecture on AWS.
AWS DDoS Shield: How to choose
For additional protection against
larger and more sophisticated
attacks, visibility into attacks, and
24X7 access to DDoS experts for
complex cases.
Standard Protection Advanced Protection
67. You get it automatically
AWS Shield: Getting started
Enable via the
AWS Console
Standard Protection Advanced Protection