The CA Technologies | Veracode Platform: A 360-Degree View of Your Applicatio...CA Technologies
The CA Technologies | Veracode Platform: A 360-Degree View of Your Application's Security
For more information on DevSecOps, please visit: http://ow.ly/LcyX50g63fO
DevSecOps - Building continuous security into it and app infrastructuresPriyanka Aash
Cloud services, Continuous Integration, and Continuous Deployment require security teams to adapt security controls to DevOps processes. This session will explore how security delivered as a service helps security teams work with DevOps to embed continuous security into IT and application infrastructure for improved and automated auditing, compliance and control of applications.
(Source : RSA Conference USA 2017)
At the Synopsys Security Event - Israel, Ofer Mao, Director of Solutions Management reviews how to make application security testing work in a CI/CD envirronment. For more information, please visit us at www.synopsys.com/software
During a recent webinar, Meera Rao, DevSecOps Practice Director with Synopsys Software Integrity Group spoke on Risk Based Adaptive DevSecOps.
Building security automation into the DevOps pipeline is a key pain point for many organizations. Some firms deploy to production as frequently as every five minutes—a velocity that security struggles to match. Implementing intelligence within the DevOps pipeline supports security activities by matching the team’s velocity, providing intelligent feedback, and supporting organizations as they scale their security testing activities.
For more information, please visit our website at https://www.synopsys.com/devops
Securing 100 products - How hard can it be?Priyanka Aash
Many companies establish their Secure Development Lifecycle. The adoption of it crucial especially for corporations with dozens of applications. The main challenges they face are the diversity of architecture, dev languages, methodologies, compliance, regulations, etc. This talk will shed light on scaling up and out the application security capabilities and maximizing the software security maturity.
(Source : RSA Conference USA 2017)
Today’s security professionals and software developers not only have to do more in less time; they have to do it securely. This means mitigating risk and addressing compliance requirements in an environment where:
• The threat landscape continues to evolve.
• Application portfolios and their risk profiles continue to shift.
• Security tools are difficult to deploy, configure, and integrate into workflows.
• Consumption models continue to change.
How can your internal resources keep pace in this dynamic environment? Managed application security testing can be just the relief valve your organization needs. In this webinar, we’ll discuss the need for managed application security testing, the sweet spots where it offers maximum value, what you should look for in a managed application security testing provider, and highlights from Synopsys’ Managed Services offering.
Today’s security professionals and software developers not only have to do more in less time; they have to do it securely. This means mitigating risk and addressing compliance requirements in an environment where:
• The threat landscape continues to evolve.
• Application portfolios and their risk profiles continue to shift.
• Security tools are difficult to deploy, configure, and integrate into workflows.
• Consumption models continue to change.
How can your internal resources keep pace in this dynamic environment? Managed application security testing can be just the relief valve your organization needs. In this webinar, we’ll discuss the need for managed application security testing, the sweet spots where it offers maximum value, what you should look for in a managed application security testing provider, and highlights from Synopsys’ Managed Services offering.
For more information, please visit our website at https://www.synopsys.com/software-integrity/managed-services.html
Lessons from a recovering runtime application self protection addictPriyanka Aash
This talk will detail knowledge gained from years spent building runtime application self-protection technology. RASP sounds like a silver bullet—security pixie dust that protects vulnerable code. But does it solve real problems? Who integrates and operates it? Is it fast enough? Accurate enough? Reliable enough? Will answering these questions change your thinking on RASP?
(Source : RSA Conference USA 2017)
Talk to executives in IT divisions of large enterprises about security and invariably the conversation will hover around
DevSecOps pipeline.
Is DevSecOps the only thing you need to do for security in your IT division or is there more?
What impact does bringing in secure culture in an engineering context mean?
What handshake is needed between the IT function and the security / risk function for large enterprises?
How does this impact roles and responsibilities of a developer?
This talk is an attempt to answer questions such as these using a real world examples of transformations seen in Fortune 100 companies.
The CA Technologies | Veracode Platform: A 360-Degree View of Your Applicatio...CA Technologies
The CA Technologies | Veracode Platform: A 360-Degree View of Your Application's Security
For more information on DevSecOps, please visit: http://ow.ly/LcyX50g63fO
DevSecOps - Building continuous security into it and app infrastructuresPriyanka Aash
Cloud services, Continuous Integration, and Continuous Deployment require security teams to adapt security controls to DevOps processes. This session will explore how security delivered as a service helps security teams work with DevOps to embed continuous security into IT and application infrastructure for improved and automated auditing, compliance and control of applications.
(Source : RSA Conference USA 2017)
At the Synopsys Security Event - Israel, Ofer Mao, Director of Solutions Management reviews how to make application security testing work in a CI/CD envirronment. For more information, please visit us at www.synopsys.com/software
During a recent webinar, Meera Rao, DevSecOps Practice Director with Synopsys Software Integrity Group spoke on Risk Based Adaptive DevSecOps.
Building security automation into the DevOps pipeline is a key pain point for many organizations. Some firms deploy to production as frequently as every five minutes—a velocity that security struggles to match. Implementing intelligence within the DevOps pipeline supports security activities by matching the team’s velocity, providing intelligent feedback, and supporting organizations as they scale their security testing activities.
For more information, please visit our website at https://www.synopsys.com/devops
Securing 100 products - How hard can it be?Priyanka Aash
Many companies establish their Secure Development Lifecycle. The adoption of it crucial especially for corporations with dozens of applications. The main challenges they face are the diversity of architecture, dev languages, methodologies, compliance, regulations, etc. This talk will shed light on scaling up and out the application security capabilities and maximizing the software security maturity.
(Source : RSA Conference USA 2017)
Today’s security professionals and software developers not only have to do more in less time; they have to do it securely. This means mitigating risk and addressing compliance requirements in an environment where:
• The threat landscape continues to evolve.
• Application portfolios and their risk profiles continue to shift.
• Security tools are difficult to deploy, configure, and integrate into workflows.
• Consumption models continue to change.
How can your internal resources keep pace in this dynamic environment? Managed application security testing can be just the relief valve your organization needs. In this webinar, we’ll discuss the need for managed application security testing, the sweet spots where it offers maximum value, what you should look for in a managed application security testing provider, and highlights from Synopsys’ Managed Services offering.
Today’s security professionals and software developers not only have to do more in less time; they have to do it securely. This means mitigating risk and addressing compliance requirements in an environment where:
• The threat landscape continues to evolve.
• Application portfolios and their risk profiles continue to shift.
• Security tools are difficult to deploy, configure, and integrate into workflows.
• Consumption models continue to change.
How can your internal resources keep pace in this dynamic environment? Managed application security testing can be just the relief valve your organization needs. In this webinar, we’ll discuss the need for managed application security testing, the sweet spots where it offers maximum value, what you should look for in a managed application security testing provider, and highlights from Synopsys’ Managed Services offering.
For more information, please visit our website at https://www.synopsys.com/software-integrity/managed-services.html
Lessons from a recovering runtime application self protection addictPriyanka Aash
This talk will detail knowledge gained from years spent building runtime application self-protection technology. RASP sounds like a silver bullet—security pixie dust that protects vulnerable code. But does it solve real problems? Who integrates and operates it? Is it fast enough? Accurate enough? Reliable enough? Will answering these questions change your thinking on RASP?
(Source : RSA Conference USA 2017)
Talk to executives in IT divisions of large enterprises about security and invariably the conversation will hover around
DevSecOps pipeline.
Is DevSecOps the only thing you need to do for security in your IT division or is there more?
What impact does bringing in secure culture in an engineering context mean?
What handshake is needed between the IT function and the security / risk function for large enterprises?
How does this impact roles and responsibilities of a developer?
This talk is an attempt to answer questions such as these using a real world examples of transformations seen in Fortune 100 companies.
8 Patterns For Continuous Code Security by Veracode CTO Chris WysopalThreat Stack
Deploying insecure web applications into production can be risky -- resulting in potential loss of customer data, corporate intellectual property and/or brand value. Yet many organizations still deploy public-facing applications without assessing them for common and easily-exploitable vulnerabilities such as SQL Injection and Cross-Site Scripting (XSS).
This is because traditional approaches to application security are typically complex, manual and time-consuming – deterring agile teams from incorporating code analysis into their sprints.
But it doesn’t have to be that way. By incorporating key SecDevOps concepts into the Software Development Lifecycle (SDLC) – including centralized policies and tighter collaboration and visibility between security and DevOps teams – we can now embed continuous code-level security and assessment into our agile development processes. We’ve uncovered eight patterns that work together to transform cumbersome waterfall methodologies into efficient and secure agile development.
How to transform developers into security peoplePriyanka Aash
Developers should be the first line of security defense. Security teams purchase secure coding classes and claim success. Hours of training does not change the developer mindset. When developers hear security, they respond as either unlearned, overworked, apathetic or gung ho. This session will explore why developers reject security and will provide a programmatic approach to answer the challenges.
(Source : RSA Conference USA 2017)
Practical appsec lessons learned in the age of agile and DevOpsPriyanka Aash
The SDLC has been the model for web application security over the last decade. However, the SDLC was originally designed in a Waterfall world and often causes more problems than it solves in the shift to agile, DevOps and CI/CD. This talk will share actionable tips on the most effective application security techniques in today’s increasingly rapid environment of application creation and delivery.
(Source : RSA Conference USA 2017)
Empowering Financial Institutions to Use Open Source With ConfidenceWhiteSource
The days when financial institutions relied solemnly on proprietary code are over. Today, even the largest financial services firms have realized the benefits of using open source technology to build powerful, innovative applications at a reduced time-to-market. However, the financial services industry faces strict regulatory requirements that present it with a unique set of challenges, especially when it comes to open source usage (both consumption and contribution).
FINOS is a non-profit organization whose purpose is to accelerate collaboration and innovation in financial services through the adoption of open source software, standards and best practices. Together with WhiteSource, they are able to provide a safe environment for developers to use open source components freely and fearlessly.
Join FINOS and WhiteSource as they discuss:
The challenges of open source usage
The state of open source vulnerabilities management
How FINOS uses WhiteSource to ensure the security and IP compliance of FINOS-produced open source software
Collaborative security : Securing open source softwarePriyanka Aash
There’s no guarantee that software will ever be free from vulnerabilities, whether it is open source or proprietary, but there is still plenty we can do. The Linux Foundation CTO Nicko van Someren will discuss new tools and techniques that help improve the security and quality of open source projects, presenting data from various open source projects including pre- and post-Heartbleed OpenSSL.
(Source : RSA Conference USA 2017)
Delivered at DevSecOps Days 2018, RSA Conference
j. Wolfgang Goerlich
About J. Wolfgang Goerlich
About J Wolfgang Goerlich
CBI (Creative Breakthroughs, Inc.)
Cyber Security Strategist
J Wolfgang Goerlich provides strategic guidance for securing development and DevOps programs in the healthcare, education, financial services, and energy. He is currently with CBI, a cyber security consultancy, as the VP for strategic security programs. Wolfgang also leads the CBI Academy teams, providing mentoring and coaching to the junior-level talent. Prior roles included VP for a managed security services provider, VP for an IT firm specializing in high speed high secure networks, and IT security officer and manager for a financial services firm. He is an active part of the security community; co-founding the Converge Detroit and organizing the BSides Detroit conferences. Wolfgang regularly advises on and presents on the topics of secure development life cycle, DevOps, risk management, incident response, business continuity, and more.
DevSecOps Training Bootcamp - A Practical DevSecOps CourseTonex
DevSecOps means considering application and infrastructure security from the beginning. This also means automating some security doors to prevent the DevOps workflow from slowing down.
The goal of DevSecOps (development, security, and operations) is to make everyone responsible for security, with the main target on implementing security decisions and actions at an equivalent scale and speed as development and operations decisions and actions.
Implementing DevSecOps are often an elaborate process for a corporation , but well worthwhile when considering the advantages .
Implementation usually includes the subsequent stages:
Planning and development
Building and testing
Deployment and operation
Monitoring and scaling
Tonex's DevSecOps Training Bootcamp
DevSecOps training Bootcamp is a practical DevSecOps course, participants can acquire in-depth knowledge and skills to apply, implement and improve IT security in modern DevOps.
Participants understand DevOps and DevSecOps to take full advantage of the agility and responsiveness of the secure DevOps method, IT security on SDLC, and the entire life cycle of the application.
DevSecOps Training Bootcamp focuses on:
Concepts
Principles
Processes
Policies
Guidelines
Mitigation
Applied Risk Management Framework (RMF)
Technical Skills
Audience:
Security Staff
IT Leadership
IT Infrastructure
CIOs / CTOs /CSO
Configuration Managers
Developers and Application Team Members and Leads
IT Operations Staff
IT Project & Program Managers
Product Owners and Managers
Release Engineers
Agile Staff and ScrumMasters
Software Developers
Software Team Leads
System Admin
Training Objectives:
Identify and explain the phases of the DevOps life cycle
Define the roles and responsibilities that support the DevOps environment
Describe the security components of DevOps and determine its risk principles
Analyze, evaluate and automate DevOps application security across SDLC
Identify and explain the characteristics required to meet the definition of DevOps computing security
Discuss strategies for maintaining DevOps methods
Perform gap analysis between DevOps security benchmarks and industry standard best practices
Evaluate and implement the safety controls necessary to make sure confidentiality, integrity and availability (CIA) in DevOps environments
Perform risk assessments of existing and proposed DevOps environments
Integrate RMF with DevOps
Explain the role of encryption in protecting data and specific strategies for key management
And more.
Course Content:
DevOps vs. DevSecOps
DevOps Security Requirements
DevOps Typical Security Activities
Tools for Securing DevOps
Principles Behind DevSecOps
DevSecOps and Application Security
How to DevSecOps
DevSecOps Maturity
RMF, DevOps and DevSecOps
For More Information:
https://www.tonex.com/training-courses/devsecops-training-bootcamp/
Organizations today are utilizing DevOps to accelerate the software development and deployment pace with the goal of releasing better quality software more reliably. But as more high profile data breaches occur they help to awaken interest in how to integrate security into this practice without inhibiting the DevOps agility. Let's face it, attacks on web applications have become a menace, and the volume of data breaches caused by them is rapidly rising each year. Rogue actors are taking advantage of the weaknesses in our software and processes. How do we strike back against this? Enter a new hope: DevSecOps!
DevSecOps is the solution that is talked about, but not always understood. In this talk, we discuss:
* What is DevSecOps
* Changing the security mindset
* The Do's and Don'ts for success
When You Test Matters: Why Testing Early in the SDLC is ImportantCA Technologies
"This is the second presentation in the series on building application security programs. DevSecOps is starting to ease the tension between security professionals and developers. The more collaborative approach to software development means supporting developers in their responsibility to create functional, high-quality code securing applications no longer sits solely in the realm of security professionals. Developers are responsible for creating secure code as part of creating functional, high-quality code. While the positive impact on developers' and security professionals’ relationships cannot be understated, it does mean that conducting security tests needs to happen earlier in the software development lifecycle (SDLC) than ever before.
Join this presentation to understand why testing early results in higher-quality, secure code and how your organization can bring testing into the earliest phase of the SDLC—all while improving the relationship between developers and security professionals.
Attendees will also get a first-hand look at the tools developers can use to conduct these security tests.
For more information on DevSecOps, please visit: http://ow.ly/s26T50g63eQ
The DevSecOps Showdown: How to Bridge the Gap Between Security and DevelopersDevOps.com
DevSecOps requires processes and tools that enable weaving security throughout the DevOps pipeline. It is much more than a buzzword, and if you'd ask most organizations, well, they believe they are in the process of adopting DevSecOps tools and practices. But, are they?
In order to deeply understand the state of DevSecOps implementation we need to learn more about the relationship between developers and security teams. After surveying more than 560 application security professionals and software developers we found several insights.
Join Jeff Martin, associate VP of product management, and Rhys Arkins, director of product management at WhiteSource, to learn about:
The current challenges of the security and development teams when it comes to AppSec
The contradicting views and gaps between the teams on DevSecOps maturity
How to break the silos and advance toward DevSecOps maturity
At the Synopsys Security Event - Israel, Tim Mackey, Senior Technical Evangelist at Black Duck by Synopsys presents on open source and containers. For more information, please visit our website at www.synopsys.com/software.
Bridging the Security Testing Gap in Your CI/CD PipelineDevOps.com
Are you struggling with application security testing? Do you wish it was easier, faster, and better? Join us to learn more about IAST, a next-generation application security tool that provides highly accurate, real-time vulnerability results without the need for application or source code scans. Learn how this nondisruptive tool can:
Run in the background and report vulnerabilities during functional testing, CI/CD, and QA activities.
Auto verify, prioritize and triage vulnerability findings in real time with 100% confidence.
Fully automate secure app delivery and deployment, without the need for extra security scans or processes.
Free up DevOps resources to focus on strategic or mission-critical tasks and contributions.
A worldwide journey to build a secure development environmentPriyanka Aash
We know we need to identify and protect critical assets. But how? If your company develops a multitude of hardware and software products in a global environment it is very challenging. This session will describe how we approached the design and building of a Secure Development Environment (SDE), giving you a jump start your own SDE using our lessons learned to help balance security and productivity.
(Source : RSA Conference USA 2017)
From Zero to DevSecOps: How to Implement Security at the Speed of DevOps WhiteSource
Your organization has already embraced the DevOps methodology? That’s a great start. But what about security?
It’s a fact - many organizations fear that adding security to their DevOps practices will severely slow down their development processes. But this doesn’t need to be the case.
Tune in to hear Jeff Martin, Senior Director of Product at WhiteSource and Anders Wallgren, VP of Technology Strategy at Cloudbees, as they discuss:
- Why traditional DevOps has shifted, and what this will mean
- Who should own security in the age of DevOps
- Which tools and strategies are needed to implement continuous security throughout the DevOps pipeline
Veritis helps organizations in proactively adopting DevSecOps and redefining their operations, engineering and security to work in cohesion towards business success.
Securing Your Enterprise Continuous Delivery Pipelines with CA Automation Sol...CA Technologies
Securing Your Enterprise Continuous Delivery Pipelines with CA Automation Solutions (Formerly Automic) and CA Privileged Access Manager
For more information on DevSecOps, please visit: http://ow.ly/u2pN50g63tN
Do You Manage Software? Understanding Your Role in Cybersecurity DefenseFlexera
Organizations are under constant attack by hackers targeting applications used by the business. The University of Maryland recently quantified the near-constant rate of attacks on computers with Internet access to every 39 seconds. The best defense requires a holistic approach and collaboration of different teams in a concerted effort to reduce the attack surface for hackers. In this webinar we will discuss the roles and the impact that activities, not always associated with security, have in reducing risk. Whether you are an asset manager, a desktop or datacenter manager, or an IT security professional, your role has a significant impact on your organizations ability to reduce the risk of cyber-attack.
8 Patterns For Continuous Code Security by Veracode CTO Chris WysopalThreat Stack
Deploying insecure web applications into production can be risky -- resulting in potential loss of customer data, corporate intellectual property and/or brand value. Yet many organizations still deploy public-facing applications without assessing them for common and easily-exploitable vulnerabilities such as SQL Injection and Cross-Site Scripting (XSS).
This is because traditional approaches to application security are typically complex, manual and time-consuming – deterring agile teams from incorporating code analysis into their sprints.
But it doesn’t have to be that way. By incorporating key SecDevOps concepts into the Software Development Lifecycle (SDLC) – including centralized policies and tighter collaboration and visibility between security and DevOps teams – we can now embed continuous code-level security and assessment into our agile development processes. We’ve uncovered eight patterns that work together to transform cumbersome waterfall methodologies into efficient and secure agile development.
How to transform developers into security peoplePriyanka Aash
Developers should be the first line of security defense. Security teams purchase secure coding classes and claim success. Hours of training does not change the developer mindset. When developers hear security, they respond as either unlearned, overworked, apathetic or gung ho. This session will explore why developers reject security and will provide a programmatic approach to answer the challenges.
(Source : RSA Conference USA 2017)
Practical appsec lessons learned in the age of agile and DevOpsPriyanka Aash
The SDLC has been the model for web application security over the last decade. However, the SDLC was originally designed in a Waterfall world and often causes more problems than it solves in the shift to agile, DevOps and CI/CD. This talk will share actionable tips on the most effective application security techniques in today’s increasingly rapid environment of application creation and delivery.
(Source : RSA Conference USA 2017)
Empowering Financial Institutions to Use Open Source With ConfidenceWhiteSource
The days when financial institutions relied solemnly on proprietary code are over. Today, even the largest financial services firms have realized the benefits of using open source technology to build powerful, innovative applications at a reduced time-to-market. However, the financial services industry faces strict regulatory requirements that present it with a unique set of challenges, especially when it comes to open source usage (both consumption and contribution).
FINOS is a non-profit organization whose purpose is to accelerate collaboration and innovation in financial services through the adoption of open source software, standards and best practices. Together with WhiteSource, they are able to provide a safe environment for developers to use open source components freely and fearlessly.
Join FINOS and WhiteSource as they discuss:
The challenges of open source usage
The state of open source vulnerabilities management
How FINOS uses WhiteSource to ensure the security and IP compliance of FINOS-produced open source software
Collaborative security : Securing open source softwarePriyanka Aash
There’s no guarantee that software will ever be free from vulnerabilities, whether it is open source or proprietary, but there is still plenty we can do. The Linux Foundation CTO Nicko van Someren will discuss new tools and techniques that help improve the security and quality of open source projects, presenting data from various open source projects including pre- and post-Heartbleed OpenSSL.
(Source : RSA Conference USA 2017)
Delivered at DevSecOps Days 2018, RSA Conference
j. Wolfgang Goerlich
About J. Wolfgang Goerlich
About J Wolfgang Goerlich
CBI (Creative Breakthroughs, Inc.)
Cyber Security Strategist
J Wolfgang Goerlich provides strategic guidance for securing development and DevOps programs in the healthcare, education, financial services, and energy. He is currently with CBI, a cyber security consultancy, as the VP for strategic security programs. Wolfgang also leads the CBI Academy teams, providing mentoring and coaching to the junior-level talent. Prior roles included VP for a managed security services provider, VP for an IT firm specializing in high speed high secure networks, and IT security officer and manager for a financial services firm. He is an active part of the security community; co-founding the Converge Detroit and organizing the BSides Detroit conferences. Wolfgang regularly advises on and presents on the topics of secure development life cycle, DevOps, risk management, incident response, business continuity, and more.
DevSecOps Training Bootcamp - A Practical DevSecOps CourseTonex
DevSecOps means considering application and infrastructure security from the beginning. This also means automating some security doors to prevent the DevOps workflow from slowing down.
The goal of DevSecOps (development, security, and operations) is to make everyone responsible for security, with the main target on implementing security decisions and actions at an equivalent scale and speed as development and operations decisions and actions.
Implementing DevSecOps are often an elaborate process for a corporation , but well worthwhile when considering the advantages .
Implementation usually includes the subsequent stages:
Planning and development
Building and testing
Deployment and operation
Monitoring and scaling
Tonex's DevSecOps Training Bootcamp
DevSecOps training Bootcamp is a practical DevSecOps course, participants can acquire in-depth knowledge and skills to apply, implement and improve IT security in modern DevOps.
Participants understand DevOps and DevSecOps to take full advantage of the agility and responsiveness of the secure DevOps method, IT security on SDLC, and the entire life cycle of the application.
DevSecOps Training Bootcamp focuses on:
Concepts
Principles
Processes
Policies
Guidelines
Mitigation
Applied Risk Management Framework (RMF)
Technical Skills
Audience:
Security Staff
IT Leadership
IT Infrastructure
CIOs / CTOs /CSO
Configuration Managers
Developers and Application Team Members and Leads
IT Operations Staff
IT Project & Program Managers
Product Owners and Managers
Release Engineers
Agile Staff and ScrumMasters
Software Developers
Software Team Leads
System Admin
Training Objectives:
Identify and explain the phases of the DevOps life cycle
Define the roles and responsibilities that support the DevOps environment
Describe the security components of DevOps and determine its risk principles
Analyze, evaluate and automate DevOps application security across SDLC
Identify and explain the characteristics required to meet the definition of DevOps computing security
Discuss strategies for maintaining DevOps methods
Perform gap analysis between DevOps security benchmarks and industry standard best practices
Evaluate and implement the safety controls necessary to make sure confidentiality, integrity and availability (CIA) in DevOps environments
Perform risk assessments of existing and proposed DevOps environments
Integrate RMF with DevOps
Explain the role of encryption in protecting data and specific strategies for key management
And more.
Course Content:
DevOps vs. DevSecOps
DevOps Security Requirements
DevOps Typical Security Activities
Tools for Securing DevOps
Principles Behind DevSecOps
DevSecOps and Application Security
How to DevSecOps
DevSecOps Maturity
RMF, DevOps and DevSecOps
For More Information:
https://www.tonex.com/training-courses/devsecops-training-bootcamp/
Organizations today are utilizing DevOps to accelerate the software development and deployment pace with the goal of releasing better quality software more reliably. But as more high profile data breaches occur they help to awaken interest in how to integrate security into this practice without inhibiting the DevOps agility. Let's face it, attacks on web applications have become a menace, and the volume of data breaches caused by them is rapidly rising each year. Rogue actors are taking advantage of the weaknesses in our software and processes. How do we strike back against this? Enter a new hope: DevSecOps!
DevSecOps is the solution that is talked about, but not always understood. In this talk, we discuss:
* What is DevSecOps
* Changing the security mindset
* The Do's and Don'ts for success
When You Test Matters: Why Testing Early in the SDLC is ImportantCA Technologies
"This is the second presentation in the series on building application security programs. DevSecOps is starting to ease the tension between security professionals and developers. The more collaborative approach to software development means supporting developers in their responsibility to create functional, high-quality code securing applications no longer sits solely in the realm of security professionals. Developers are responsible for creating secure code as part of creating functional, high-quality code. While the positive impact on developers' and security professionals’ relationships cannot be understated, it does mean that conducting security tests needs to happen earlier in the software development lifecycle (SDLC) than ever before.
Join this presentation to understand why testing early results in higher-quality, secure code and how your organization can bring testing into the earliest phase of the SDLC—all while improving the relationship between developers and security professionals.
Attendees will also get a first-hand look at the tools developers can use to conduct these security tests.
For more information on DevSecOps, please visit: http://ow.ly/s26T50g63eQ
The DevSecOps Showdown: How to Bridge the Gap Between Security and DevelopersDevOps.com
DevSecOps requires processes and tools that enable weaving security throughout the DevOps pipeline. It is much more than a buzzword, and if you'd ask most organizations, well, they believe they are in the process of adopting DevSecOps tools and practices. But, are they?
In order to deeply understand the state of DevSecOps implementation we need to learn more about the relationship between developers and security teams. After surveying more than 560 application security professionals and software developers we found several insights.
Join Jeff Martin, associate VP of product management, and Rhys Arkins, director of product management at WhiteSource, to learn about:
The current challenges of the security and development teams when it comes to AppSec
The contradicting views and gaps between the teams on DevSecOps maturity
How to break the silos and advance toward DevSecOps maturity
At the Synopsys Security Event - Israel, Tim Mackey, Senior Technical Evangelist at Black Duck by Synopsys presents on open source and containers. For more information, please visit our website at www.synopsys.com/software.
Bridging the Security Testing Gap in Your CI/CD PipelineDevOps.com
Are you struggling with application security testing? Do you wish it was easier, faster, and better? Join us to learn more about IAST, a next-generation application security tool that provides highly accurate, real-time vulnerability results without the need for application or source code scans. Learn how this nondisruptive tool can:
Run in the background and report vulnerabilities during functional testing, CI/CD, and QA activities.
Auto verify, prioritize and triage vulnerability findings in real time with 100% confidence.
Fully automate secure app delivery and deployment, without the need for extra security scans or processes.
Free up DevOps resources to focus on strategic or mission-critical tasks and contributions.
A worldwide journey to build a secure development environmentPriyanka Aash
We know we need to identify and protect critical assets. But how? If your company develops a multitude of hardware and software products in a global environment it is very challenging. This session will describe how we approached the design and building of a Secure Development Environment (SDE), giving you a jump start your own SDE using our lessons learned to help balance security and productivity.
(Source : RSA Conference USA 2017)
From Zero to DevSecOps: How to Implement Security at the Speed of DevOps WhiteSource
Your organization has already embraced the DevOps methodology? That’s a great start. But what about security?
It’s a fact - many organizations fear that adding security to their DevOps practices will severely slow down their development processes. But this doesn’t need to be the case.
Tune in to hear Jeff Martin, Senior Director of Product at WhiteSource and Anders Wallgren, VP of Technology Strategy at Cloudbees, as they discuss:
- Why traditional DevOps has shifted, and what this will mean
- Who should own security in the age of DevOps
- Which tools and strategies are needed to implement continuous security throughout the DevOps pipeline
Veritis helps organizations in proactively adopting DevSecOps and redefining their operations, engineering and security to work in cohesion towards business success.
Securing Your Enterprise Continuous Delivery Pipelines with CA Automation Sol...CA Technologies
Securing Your Enterprise Continuous Delivery Pipelines with CA Automation Solutions (Formerly Automic) and CA Privileged Access Manager
For more information on DevSecOps, please visit: http://ow.ly/u2pN50g63tN
Do You Manage Software? Understanding Your Role in Cybersecurity DefenseFlexera
Organizations are under constant attack by hackers targeting applications used by the business. The University of Maryland recently quantified the near-constant rate of attacks on computers with Internet access to every 39 seconds. The best defense requires a holistic approach and collaboration of different teams in a concerted effort to reduce the attack surface for hackers. In this webinar we will discuss the roles and the impact that activities, not always associated with security, have in reducing risk. Whether you are an asset manager, a desktop or datacenter manager, or an IT security professional, your role has a significant impact on your organizations ability to reduce the risk of cyber-attack.
Application Experience Analytics Services: The Strategic Digital Transformati...CA Technologies
Application Experience Analytics Services: The Strategic Digital Transformation Play for Service Providers
For more information: Download the white paper, “Five Technologies for the Built-to-Change Business—and How You Can Monetize Them” at: https://www.ca.com/content/dam/ca/us/files/white-paper/five-technologies-built-to- change-business.pdf
Leveraging Monitoring Governance: How Service Providers Can Boost Operational...CA Technologies
Leveraging Monitoring Governance: How Service Providers Can Boost Operational Efficiency and Scalability
For more information on MSP, please visit: http://ow.ly/oQ1o50gby0m
The Next Big Service Provider Opportunity—Beyond Infrastructure: Architecting...CA Technologies
The Next Big Service Provider Opportunity—Beyond Infrastructure: Architecting Your Customer’s Modern Software Factory
For more information on MSP, please visit: http://ow.ly/kWsH50gbxYh
Making Security Work—Implementing a Transformational Security ProgramCA Technologies
Recent newsworthy data breaches have business and IT leaders asking, “Are we learning from the mistakes of others?” In an ever-increasing threat environment, security leaders face mounting pressures to deliver effective security capabilities that protect business assets while balancing budgets, security risks and regulatory issues.
For more information on Security, please visit: http://cainc.to/CAW17-Security
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...Eric Vanderburg
Timothy Opsitnick and Eric Vanderburg of TCDI presented at the Risk Management Society's 2017 Northeast Ohio Regional Conference on Cybersecurity incident response strategies and tactics.
SAP Hybris solutions are all about providing a connected front office. But the customer experience can easily get damaged if the data from your business partners or end customers is not secure. With the new EU General Data Protection Regulation (GDPR) coming into effect in May 2018, the need to protect your customers’ data is essential for your business. Learn how to reduce cost by integrating security into your implementation process to be ahead of the curve for future cyberattacks.
This session provides an overview of the CA automation strategy—from mainframe to cloud. It will explain our strategy for the complete automation portfolio of CA Technologies, including the role automation plays in enabling your Modern Software Factory and operating an agile, fully automated enterprise. Using customer examples, we will examine how you can automate business processes and empower innovative new applications to drive revenue and retain customers.
For more information on Automation, please visit: http://ow.ly/mHLO50fQCZd
This session provides an overview of the CA automation strategy—from mainframe to cloud. It will explain our strategy for the complete automation portfolio of CA Technologies, including the role automation plays in enabling your Modern Software Factory and operating an agile, fully automated enterprise. Using customer examples, we will examine how you can automate business processes and empower innovative new applications to drive revenue and retain customers.
For more information on Automation, please visit: http://ow.ly/Zdt750fJY5Y
Are you responsible for more than just AppSec? What do you do when you have more teams to support than security experts? How can you make security champions out of dissenters in the development team?
There just aren’t enough security experts to go around. You have to support the multitude of Agile and DevOps teams that are making production software changes anywhere from once a month to several times a day. The lack of resources coupled with the ever increasing responsibilities can make you feel like a rouge warrior in the battle against cybercrime. What’s a security professional to do? Whether you are a team of one or five, there aren’t enough hours in the day and even if there was more budget, good luck finding someone to fill that security role. What if I told you that through careful selection and good training it is possible to build your own army from the very people who own the development process?
What you will learn:
1. Who to recruit as security champions
2. How to train these champions in productive application security
3. How to measure success
4. How to build a scalable security program
5. What to expect from champions (responsibilities)
Deliver the ‘Right’ Customer Experience without Compromising Data SecuritySPLICE Software
Today’s customers are demanding more real-time interaction. Yet, in this digital world, data vulnerability and cyber-attacks against insurers and financial institutions are becoming an increasingly frequent and sophisticated reality. This webinar shares key insights needed to implement modern solutions that improve your customer’s experience while reducing the risk of cyber threats - protecting your company and your customers from attacks.
At the Synopsys Security Event - Israel, Girish Janardhanudu, VP Security Consulting, Synopsys presented on software security. For more information, please visit us at www.synopsys.com/software
Your vibe attracts your tribe: Create an experience that secures top talent |...LinkedIn Talent Solutions
Jill Larsen, Cisco’s Talent Acquisition Leader shares how the new Cisco experience for candidates, recruiters, and hiring managers influenced the Company’s talent brand personality. Creating a “VIBE” team to drive innovation and provide honest feedback has introduced TA improvements resulting in the team overachieving their KPIs. A career site revamp, a new ATS, and utilization of net promoter score helps Cisco know their magical “VIBE” is being shared.
Check out the best of Talent Connect: https://lnkd.in/gTcVZ3x
Similar to Application Security in a DevOps World (20)
In medicine - an MRI can quickly reveal a hidden ailment and actionable insight to get better. For IT and business leaders whose key concern with the mainframe is the platform costs and lean operations - the CA Mainframe Resource Intelligene reveals multiple sources of hidden mainframe costs and operational inefficiencies along with actionable recommendations.View this slideshare to understand how this new SaaS offering from CA brings together automation, speed, analytics and mainframe expertise of 40+ years. CA Mainframe Resource Intelligence reports answer your CIO’s toughest questions about mainframe optimization and potential for digital transformation.
For more information, please contact your account director or mainframe specialist at:
http://ow.ly/PALG50htHgF
Mainframe as a Service: Sample a Buffet of IBM z/OS® Platform ExcellenceCA Technologies
Join this session for a taste of mainframe excellence deconstructed, with Jean Louis Vignaud, VP of Product Management, sharing the CA Technologies vision for how mainframe as a service breaks silos through a unified, enterprise-grade toolset deployed mobile to mainframe. Learn how a menu of IBM z Systems® services can be intelligently configured and provisioned to deliver at scale delight for the entire IT team—reduced TCO and flawless SLA delivery for CIOs, unparalleled security and compliance management for CISOs, and greater accessibility to mainframe code and data through a redesigned, “cloud-like experience” for enterprise architects and developers.
For more information on Mainframe, please visit: http://ow.ly/GwKO50gkixl
Case Study: How CA Went From 40 Days to Three Days Building Crystal-Clear Tes...CA Technologies
Here at CA Technologies, our development teams share many of the same challenges producing quality software as our customers.
For more information on DevOps: Continuous Delivery, please visit: http://cainc.to/CAW17-CD
Case Study: How The Home Depot Built Quality Into Software DevelopmentCA Technologies
This session will cover how The Home Depot built quality into its software development as it migrated from waterfall to agile delivery.
For more information on DevOps: Continuous Delivery, please visit: http://cainc.to/CAW17-CD
Pre-Con Ed: Privileged Identity Governance: Are You Certifying Privileged Use...CA Technologies
Many organizations have a solution to control the actions of privileged users. But that’s not enough for a complete privileged user management solution—you must also govern access to make sure that only the correct users have elevated privileges, and that they have only the privileges that they need. In this session, you will get an in-depth understanding of how you can reduce your risk through this capability unique to CA.
For more information on Security, please visit: http://cainc.to/CAW17-Security
Case Study: Privileged Access in a World on TimeCA Technologies
Today there are more privileged users than ever before. Providing access is not optional it is a business necessity. But how do you avoid excessive access? Providing the right access at the right time is the formula for reducing your risk and securing a world of data. At FedEx empowering the right people at the right time is not only good business, but it's also good security.
For more information on Security, please visit: http://cainc.to/CAW17-Security
Case Study: How SGN Used Attack Path Mapping to Control Privileged Access in ...CA Technologies
As one of the most forward thinking critical infrastructure companies in the UK, SGN is blazing a trail by becoming the first UK critical infrastructure company to run 100% in the cloud and using innovative IoT technologies to revolutionize the management of gas pipelines. To manage the risk, SGN embarked on a mission to shape the attack path of intruders. In this session, Mo Ahddoud, CISO at SGN will share how he used a technique called attack path mapping to put privileged access at the center of SGN's digital transformation.
For more information on Security, please visit: http://cainc.to/CAW17-Security
Case Study: Putting Citizens at The Center of Digital GovernmentCA Technologies
Around the globe, citizens are demanding 24/7 access to government, and this is driving a dramatic re-architecture of public services putting citizens in control, increasing participation and access to services. From two different parts of the world, The State of Louisiana & The State of Amazonas in Brazil have both become centers for innovation. In this session, they will share and demonstrate how they are designing a government built to change and breaking down silos to make the citizen the center of government.
For more information on Security, please visit: http://cainc.to/CAW17-Security
Keynote: Making Security a Competitive AdvantageCA Technologies
Keynote: Making Security a Competitive Advantage
For more information on Security, please visit: http://cainc.to/CAW17-Security
For more information on DevSecOps, please visit: http://cainc.to/CAW17-DevSecOps For more information on Veracode, please visit: http://community.veracode.com
The Unmet Demand for Premium Cloud Monitoring Services—and How Service Provid...CA Technologies
The Unmet Demand for Premium Cloud Monitoring Services—and How Service Providers Can Capitalize
For more information on MSP, please visit: http://ow.ly/CrAA50gbyfJ
Application Experience Analytics Services: The Strategic Digital Transformati...CA Technologies
Join this session for a taste of mainframe excellence deconstructed, with Jean Louis Vignaud, VP of Product Management, sharing the CA Technologies vision for how mainframe as a service breaks silos through a unified, enterprise-grade toolset deployed mobile to mainframe. Learn how a menu of IBM z Systems® services can be intelligently configured and provisioned to deliver at scale delight for the entire IT team—reduced TCO and flawless SLA delivery for CIOs, unparalleled security and compliance management for CISOs, and greater accessibility to mainframe code and data through a redesigned, “cloud-like experience” for enterprise architects and developers.
Stay connected at: http://ow.ly/d0f350g68Bq Thank you.
Strategic Direction Session: Deliver Next-Gen IT Ops with CA Mainframe Operat...CA Technologies
In this roadmap session, join us to explore how bleeding-edge data science algorithms are now being incorporated in real life into CA Mainframe Operational Intelligence to better predict performance issues and prevent costly downtime and capacity spikes across the IT landscape. See how you can get real-time insight to what may happen sooner and in-depth guidance on what you should do about it. And, learn how to use open tools that can pull in data feeders from other systems, to improve results. Whether you’re a mainframe novice or a seasoned operations expert, you'll find new tools can improve your SLA performance, MTTR and more.
For more information on Mainframe, please visit: http://ow.ly/pbDM50g68zT
Strategic Direction Session: Enhancing Data Privacy with Data-Centric Securit...CA Technologies
With great power comes great responsibility. Mainframes have both: the power of data and transactions that run the application economy, and the responsibility to keep that data protected. Join this roadmap session to learn from CA data privacy leaders and see the future of the data-centric security strategy, covering key products such as CA Data Content Discovery for z/OS, CA Compliance Event Manager and more. Learn how to enhance your data privacy and simplify regulatory compliance, plus get a view into the roadmap of what's to come in the mainframe security and compliance portfolio.
For more information on Mainframe, please visit: http://ow.ly/Ik2H50g66cN
Blockchain: Strategies for Moving From Hype to Realities of DeploymentCA Technologies
The promise of blockchain, or specifically distributed ledger technology, has captured the attention of business and IT leaders across multiple industries. Now is the time to move from hype to reality. This session will examine use cases of pioneering companies that apply blockchain in a multi-party entity environment with immutable smart contracts. We’ll share how some DevSecOps requirements are fundamentally different for blockchain pilots and full deployment—from getting started with the right development environment to concerns of security, encryption and operational visibility. We will also discuss integration of blockchain with existing systems of record and the use of shadow blockchain as an evolutionary step towards adoption. Join this session to learn more about developing, deploying, and securing blockchain.
For more information on Mainframe, please visit: http://ow.ly/VnBh50g66bO
Establish Digital Trust as the Currency of Digital EnterpriseCA Technologies
In this keynote session, hear from Ashok Reddy, GM for CA Mainframe to learn how you can establish digital trust using the power of the new IBM Z and the Modern Software Factory to become a digital enterprise. CIO’s can deliver better economics and TCO. IT operations teams can enable self-driving mainframe data centers to deliver 100% SLA’s. CISO’s and auditors can protect sensitive data to avoid fines tied to GDPR and regulations. Enterprise Architects and Developers can use the same open, modern DevSecOps toolset, mobile-to-mainframe. And, get a sneak peek at new innovations: Mainframe as a Service and Blockchain which can put you in the driver’s seat to transform the way your company does business. Joining Ashok will be key leaders from IBM, General Motors, and Southwest Gas who will share their perspectives on digital transformation.
Stay connected at http://ow.ly/4NOy50g63Ji
Case Study: How The Home Depot Built Quality Into Software DevelopmentCA Technologies
This session will cover how The Home Depot built quality into its software development as it migrated from waterfall to agile delivery.
For more information on DevOps: Continuous Delivery, please visit: http://ow.ly/hAXz50g62ZM
Case Study: How CA Went From 40 Days to Three Days Building Crystal-Clear Tes...CA Technologies
Here at CA Technologies, our development teams share many of the same challenges producing quality software as our customers.
For more information on DevOps: Continuous Delivery, please visit: http://ow.ly/3X1E50g62YC
Case Study: Continuous Delivery in a Tech Debt Laden World by Talk Talk.CA Technologies
You have one website, one Web service and a database. If you have an architecture like this, then continuous delivery is trivial. In the real world, the challenges are much more pronounced. Imagine a system of apps and databases measured in the hundreds. Imagine that those apps have been developed over 15 years, fuelled by the growth of the business and numerous acquisitions.
This is the challenge most enterprise-level organizations face. This is not your three-tier beauty but the real world of interconnected systems that lack documentation and subject matter experts. This session will focus on the challenge of getting an estate the size of Talk Talk's into a state where automation gives value. It will focus on the work Talk Talk has done with CA Technologies and where the tooling allows it to reduce technical debt and start on the automation journey, culminating at continuous delivery.
For more information on DevOps: Continuous Delivery, please visit: http://ow.ly/Ycwj50g62tf
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
"Impact of front-end architecture on development cost", Viktor TurskyiFwdays
I have heard many times that architecture is not important for the front-end. Also, many times I have seen how developers implement features on the front-end just following the standard rules for a framework and think that this is enough to successfully launch the project, and then the project fails. How to prevent this and what approach to choose? I have launched dozens of complex projects and during the talk we will analyze which approaches have worked for me and which have not.
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
Let's dive deeper into the world of ODC! Ricardo Alves (OutSystems) will join us to tell all about the new Data Fabric. After that, Sezen de Bruijn (OutSystems) will get into the details on how to best design a sturdy architecture within ODC.
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Search and Society: Reimagining Information Access for Radical FuturesBhaskar Mitra
The field of Information retrieval (IR) is currently undergoing a transformative shift, at least partly due to the emerging applications of generative AI to information access. In this talk, we will deliberate on the sociotechnical implications of generative AI for information access. We will argue that there is both a critical necessity and an exciting opportunity for the IR community to re-center our research agendas on societal needs while dismantling the artificial separation between the work on fairness, accountability, transparency, and ethics in IR and the rest of IR research. Instead of adopting a reactionary strategy of trying to mitigate potential social harms from emerging technologies, the community should aim to proactively set the research agenda for the kinds of systems we should build inspired by diverse explicitly stated sociotechnical imaginaries. The sociotechnical imaginaries that underpin the design and development of information access technologies needs to be explicitly articulated, and we need to develop theories of change in context of these diverse perspectives. Our guiding future imaginaries must be informed by other academic fields, such as democratic theory and critical theory, and should be co-developed with social science scholars, legal scholars, civil rights and social justice activists, and artists, among others.
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.