The document discusses the evolution of big data architectures driven by increasing data volumes, velocities, and varieties. Early architectures focused on performance and rigid structures, but scalability and flexibility became more important with the growth of data. Key-value stores and NoSQL databases provided more flexible schemas and MapReduce enabled large-scale analytics on diverse data. Sharding and replication were developed to improve scalability and availability across many servers and locations.
The document contains a long string of binary digits that does not convey any clear meaning in 3 sentences or less. It appears to be random binary data without any discernible patterns or high-level concepts that could be summarized succinctly.
El resumen proporciona información sobre una entrevista realizada por una estudiante de maestría con una trabajadora social clínica de la agencia APS Health Care. La trabajadora social tiene 5 años de experiencia y se especializa en intervención en crisis para una variedad de pacientes. Explica los servicios y valores de la agencia, así como su enfoque de terapia de realidad para atender crisis y reducir el riesgo.
How effective is the combination of your main product and ancillary?CFGSSufiaB
The document analyzes the effectiveness of a film's poster and radio trailer as ancillary products that promote the main film product. It finds that both ancillary products are highly effective because they clearly link back to the main film through consistent use of military themes, characters, taglines, music and special effects. This consistency across the different media ensures the ancillary products will attract the intended target audience and promote the overall plot of the film without revealing too much.
Lunar new year celebrations TET QUY TYvinhbinh2010
The document provides an overview of Lunar New Year celebrations around the world in early 2013. Photos show people participating in traditions like temple visits, dragon dances, fireworks displays, and family reunions in countries across Asia, Europe, Africa, North and South America, and Oceania. Preparations for the holiday involved decorating with lanterns, snakes, and other symbols of prosperity.
Novel machine learning techniques comes from spending time with people that have distinct needs. This talk addresses how listening to end users can give rise to novel machine learning applications.
A few design patterns for Responsive Design.
Sources:
- http://www.lukew.com/ff/entry.asp?1514
- http://bradfrostweb.com/blog/web/responsive-nav-patterns/
The presentation for my talk on the GLAM projects of Bulgarian Wikipedia, given on 12 October 2013 at the 1st OpenGLAM Conference in Warsaw, Poland. The two presented projects are with Sofia Zoo and with the Bulgarian Archives State Agency.
Bruker Corporation reported financial results for Q3 2015. Revenues declined 6% year-over-year to $396.1 million due to currency headwinds, but grew 8% organically. Non-GAAP operating margins expanded significantly to 13.3% compared to 8.6% in Q3 2014. Non-GAAP earnings per share grew 36% despite a higher tax rate. The CALID and BioSpin groups drove organic revenue growth, while currency impacts and divestitures reduced reported revenues. Bruker is on track to meet its full-year guidance targets through margin expansion and earnings growth.
The document contains a long string of binary digits that does not convey any clear meaning in 3 sentences or less. It appears to be random binary data without any discernible patterns or high-level concepts that could be summarized succinctly.
El resumen proporciona información sobre una entrevista realizada por una estudiante de maestría con una trabajadora social clínica de la agencia APS Health Care. La trabajadora social tiene 5 años de experiencia y se especializa en intervención en crisis para una variedad de pacientes. Explica los servicios y valores de la agencia, así como su enfoque de terapia de realidad para atender crisis y reducir el riesgo.
How effective is the combination of your main product and ancillary?CFGSSufiaB
The document analyzes the effectiveness of a film's poster and radio trailer as ancillary products that promote the main film product. It finds that both ancillary products are highly effective because they clearly link back to the main film through consistent use of military themes, characters, taglines, music and special effects. This consistency across the different media ensures the ancillary products will attract the intended target audience and promote the overall plot of the film without revealing too much.
Lunar new year celebrations TET QUY TYvinhbinh2010
The document provides an overview of Lunar New Year celebrations around the world in early 2013. Photos show people participating in traditions like temple visits, dragon dances, fireworks displays, and family reunions in countries across Asia, Europe, Africa, North and South America, and Oceania. Preparations for the holiday involved decorating with lanterns, snakes, and other symbols of prosperity.
Novel machine learning techniques comes from spending time with people that have distinct needs. This talk addresses how listening to end users can give rise to novel machine learning applications.
A few design patterns for Responsive Design.
Sources:
- http://www.lukew.com/ff/entry.asp?1514
- http://bradfrostweb.com/blog/web/responsive-nav-patterns/
The presentation for my talk on the GLAM projects of Bulgarian Wikipedia, given on 12 October 2013 at the 1st OpenGLAM Conference in Warsaw, Poland. The two presented projects are with Sofia Zoo and with the Bulgarian Archives State Agency.
Bruker Corporation reported financial results for Q3 2015. Revenues declined 6% year-over-year to $396.1 million due to currency headwinds, but grew 8% organically. Non-GAAP operating margins expanded significantly to 13.3% compared to 8.6% in Q3 2014. Non-GAAP earnings per share grew 36% despite a higher tax rate. The CALID and BioSpin groups drove organic revenue growth, while currency impacts and divestitures reduced reported revenues. Bruker is on track to meet its full-year guidance targets through margin expansion and earnings growth.
True Life: I work at an advertising agencyKait1788
Engauge is a large independent advertising agency that leverages creativity and technology to develop ideas connecting brands to people. Kaitlyn Dennihy is a digital strategist who worked on campaigns for Coca-Cola and Chick-fil-A. For Coca-Cola's 125th anniversary, she created a summer social program with rotating themes to drive engagement. For Chick-fil-A's Cow Appreciation Day, she developed a campaign connecting physical and digital experiences that shattered records for online interactions and store traffic.
IT Performance – what differentiates the LeadersCapgemini
CIO’s - release funds for innovation and transformation by adopting best practices in managing your application portfolios. How do Leaders reduce their costs while also
reducing time to market and enabling innovation? After five years of in-depth research, Capgemini has built a unique knowledge base that reflects the way IT teams manage their
application portfolios. It contains more than a million data points, gathered from more than a hundred portfolios across all industries. This rich information resource has been exploited through the use of analytics and big data techniques to identify best practices. Data shows that adopting those best practices produces significant benefits.
Speaker:
Philippe Roques,
Senior Vice President, Global LINKS/ITP leader
Marcos Dussoni, Regional CFO at Sodexo - Acquisitions in complex markets: tak...Global Business Events
The document discusses strategies for acquisitions in complex markets. It emphasizes that companies should select targets that provide both medium-term value and long-term strategic advantages. When pursuing deals in emerging markets, transaction structuring is difficult due to legal, political, and accounting risks. Due diligence is important to understand ownership structures, cultural differences, and develop an integration plan and business model resilient to volatility.
Radio frequency identification (RFID) uses radio waves to identify physical objects. An RFID system has three main components: tags attached to objects, readers that can read or write tag data, and backend databases that correlate tag data with objects. RFID has a long history including early military applications for identifying friendly aircraft. Commercial uses now include supply chain management, inventory control, and retail checkout. However, RFID also raises security and privacy concerns due to potential hacking of tags.
Knobbe Martens Partner Ron Schoenbaum hosted an hour-long seminar on September 29 at Plug & Play Tech Center in Sunnyvale, CA. He covered the following topics:
- How patent rights are commonly lost
- 10 strategies startup companies need to know to aggressively build a patent portfolio
The document describes a student project to implement speech recognition using FPGA technology. It aims to identify single words in a hardware system that is cost-effective, reliable and simple. Background theory on speech recognition is provided, including how sounds are converted to fingerprints using FFT and averaged amplitudes in the frequency domain for training. MATLAB code was created to test the concept before hardware implementation.
The document summarizes a multiple sorting method called SketchSort for performing all pairs similarity search on large-scale datasets. It maps vector data to binary sketches to reduce memory usage, then applies locality sensitive hashing and multiple sorting to efficiently find all pairs of data points within a given distance threshold. The method is evaluated on large image, chemical compound, and genome sequence datasets and is shown to outperform other state-of-the-art similarity search methods.
The document discusses the Commerce Data Usability Project, which aims to make government data more usable and accessible to the public. It notes that data is often only useful for the purpose it was collected for and usability is not typically considered in dissemination. The project seeks to make usability a higher priority and has created a website at commerce.gov/datausability to showcase demonstrations of how data can be analyzed and visualized to answer important questions. It encourages others to visit the site and contribute as partners to build a robust community around the initiative.
The document provides instructions for a binary code sequence that represents a message summarizing key events. When translated from binary to text, the message states that an important announcement will be made tomorrow regarding new discoveries. People are asked to wait patiently for the announcement and share the message with others.
The document provides instructions for a binary code sequence that represents a message. It begins with start bits and ends with stop bits to delineate the message. The binary code uses 1s and 0s to encode letters and words conveying some type of information.
The document appears to be a transcript from a talk given by Josh Berkus of the PostgreSQL Core Team at OSCON 2008. The talk discusses why database security is important for application developers and common misconceptions about database security.
Digitizing Your Publishing Practice for the Museum Publishing Seminar 2012Elizabeth Neely
I apologize, upon further review I do not have enough context to provide an accurate summary of the given document. The document appears to be a random string of binary code without any meaningful words or sentences. Please provide a document with actual text content if you would like me to attempt a summary.
The document discusses information transmission through physical signals of different natures like electrical signals, electromagnetic radiation, and optical signals. Depending on the signal type, different transmission media are used, including wired and wireless. It also briefly describes computer networks and transmission speed in computer networks being defined as the number of binary digits transmitted through a medium per unit of time.
The document discusses various methods of classifying websites based on factors such as accessibility of services, nature of content, user interaction methods, physical placement, and content organization structure. Some of the classifications mentioned include open, semi-open, and closed sites as well as static, dynamic, passive, and interactive sites.
The document discusses emerging opportunities in the service industry. It identifies three major trends: 1) Increased complexity as services use more channels, 2) A shifting of power to customers as they demand more control and involvement, and 3) An explosion of available data from sensors and customer interactions. For each trend, the document provides examples of implications for services and recommends ways services can design for the trend, such as having a clear purpose, celebrating amateurs, and using data to contextualize services and drive engagement. The presentation concludes by reflecting on what these trends mean for the customer-centric design of Finpro's services.
A look at big data beyond the buzzword, explaining its growing role in our lives, and its growing importance in real world scenarios - from policing to box office returns. With the growth of connected devices, augmented reality and the quantified self, big data is almost certainly more than a buzzword.
The data that your business collects is constantly growing, making it increasingly difficult for traditional systems to keep up with resource demands. Understanding your big data can help you serve your customers better, improve product quality, and grow your revenue, but you need a platform that can handle the strain.
In hands-on tests in our datacenter, the Scalable Modular Server DX2000 from NEC processed big data quickly and scaled nearly linearly as we added server nodes. In our k-means data cluster analysis test, a DX2000 solution running Apache Spark and Red Hat Enterprise Linux OpenStack Platform processed 100GB in approximately 2 minutes. We also saw that as we doubled the number of server nodes, the DX2000 solution cut analysis time in half when processing the same amount of data, producing excellent scalability.
The Scalable Modular Server DX2000 by NEC is a good choice when you’re ready to put big data to work for you.
This document describes an intelligent, unified platform for managing applications and infrastructure across multiple clouds, containers, and on-premise environments. The platform provides complete visibility from the end user experience to infrastructure, and is powered by machine learning for anomaly detection, clustering, prediction, and correlation. It offers a suite of services including discovery and monitoring, configuration and compliance, automation and orchestration, and analytics and planning. The platform is designed to provide greater agility, increased efficiency, and fewer outages for managing applications and infrastructure at scale.
This document summarizes the decoding of messages and updates to a website called jackblack12.info. Key events include:
- Messages 1-3 were decoded with cryptic texts.
- A barcode on the site was decoded to say "blackjackisgo".
- The site was updated with counters and a binary code.
- A hidden text "Code corrupted. Insert fresh copy" was discovered.
- A new message instructed to send a clear blue overnight package for a timedown.
True Life: I work at an advertising agencyKait1788
Engauge is a large independent advertising agency that leverages creativity and technology to develop ideas connecting brands to people. Kaitlyn Dennihy is a digital strategist who worked on campaigns for Coca-Cola and Chick-fil-A. For Coca-Cola's 125th anniversary, she created a summer social program with rotating themes to drive engagement. For Chick-fil-A's Cow Appreciation Day, she developed a campaign connecting physical and digital experiences that shattered records for online interactions and store traffic.
IT Performance – what differentiates the LeadersCapgemini
CIO’s - release funds for innovation and transformation by adopting best practices in managing your application portfolios. How do Leaders reduce their costs while also
reducing time to market and enabling innovation? After five years of in-depth research, Capgemini has built a unique knowledge base that reflects the way IT teams manage their
application portfolios. It contains more than a million data points, gathered from more than a hundred portfolios across all industries. This rich information resource has been exploited through the use of analytics and big data techniques to identify best practices. Data shows that adopting those best practices produces significant benefits.
Speaker:
Philippe Roques,
Senior Vice President, Global LINKS/ITP leader
Marcos Dussoni, Regional CFO at Sodexo - Acquisitions in complex markets: tak...Global Business Events
The document discusses strategies for acquisitions in complex markets. It emphasizes that companies should select targets that provide both medium-term value and long-term strategic advantages. When pursuing deals in emerging markets, transaction structuring is difficult due to legal, political, and accounting risks. Due diligence is important to understand ownership structures, cultural differences, and develop an integration plan and business model resilient to volatility.
Radio frequency identification (RFID) uses radio waves to identify physical objects. An RFID system has three main components: tags attached to objects, readers that can read or write tag data, and backend databases that correlate tag data with objects. RFID has a long history including early military applications for identifying friendly aircraft. Commercial uses now include supply chain management, inventory control, and retail checkout. However, RFID also raises security and privacy concerns due to potential hacking of tags.
Knobbe Martens Partner Ron Schoenbaum hosted an hour-long seminar on September 29 at Plug & Play Tech Center in Sunnyvale, CA. He covered the following topics:
- How patent rights are commonly lost
- 10 strategies startup companies need to know to aggressively build a patent portfolio
The document describes a student project to implement speech recognition using FPGA technology. It aims to identify single words in a hardware system that is cost-effective, reliable and simple. Background theory on speech recognition is provided, including how sounds are converted to fingerprints using FFT and averaged amplitudes in the frequency domain for training. MATLAB code was created to test the concept before hardware implementation.
The document summarizes a multiple sorting method called SketchSort for performing all pairs similarity search on large-scale datasets. It maps vector data to binary sketches to reduce memory usage, then applies locality sensitive hashing and multiple sorting to efficiently find all pairs of data points within a given distance threshold. The method is evaluated on large image, chemical compound, and genome sequence datasets and is shown to outperform other state-of-the-art similarity search methods.
The document discusses the Commerce Data Usability Project, which aims to make government data more usable and accessible to the public. It notes that data is often only useful for the purpose it was collected for and usability is not typically considered in dissemination. The project seeks to make usability a higher priority and has created a website at commerce.gov/datausability to showcase demonstrations of how data can be analyzed and visualized to answer important questions. It encourages others to visit the site and contribute as partners to build a robust community around the initiative.
The document provides instructions for a binary code sequence that represents a message summarizing key events. When translated from binary to text, the message states that an important announcement will be made tomorrow regarding new discoveries. People are asked to wait patiently for the announcement and share the message with others.
The document provides instructions for a binary code sequence that represents a message. It begins with start bits and ends with stop bits to delineate the message. The binary code uses 1s and 0s to encode letters and words conveying some type of information.
The document appears to be a transcript from a talk given by Josh Berkus of the PostgreSQL Core Team at OSCON 2008. The talk discusses why database security is important for application developers and common misconceptions about database security.
Digitizing Your Publishing Practice for the Museum Publishing Seminar 2012Elizabeth Neely
I apologize, upon further review I do not have enough context to provide an accurate summary of the given document. The document appears to be a random string of binary code without any meaningful words or sentences. Please provide a document with actual text content if you would like me to attempt a summary.
The document discusses information transmission through physical signals of different natures like electrical signals, electromagnetic radiation, and optical signals. Depending on the signal type, different transmission media are used, including wired and wireless. It also briefly describes computer networks and transmission speed in computer networks being defined as the number of binary digits transmitted through a medium per unit of time.
The document discusses various methods of classifying websites based on factors such as accessibility of services, nature of content, user interaction methods, physical placement, and content organization structure. Some of the classifications mentioned include open, semi-open, and closed sites as well as static, dynamic, passive, and interactive sites.
The document discusses emerging opportunities in the service industry. It identifies three major trends: 1) Increased complexity as services use more channels, 2) A shifting of power to customers as they demand more control and involvement, and 3) An explosion of available data from sensors and customer interactions. For each trend, the document provides examples of implications for services and recommends ways services can design for the trend, such as having a clear purpose, celebrating amateurs, and using data to contextualize services and drive engagement. The presentation concludes by reflecting on what these trends mean for the customer-centric design of Finpro's services.
A look at big data beyond the buzzword, explaining its growing role in our lives, and its growing importance in real world scenarios - from policing to box office returns. With the growth of connected devices, augmented reality and the quantified self, big data is almost certainly more than a buzzword.
The data that your business collects is constantly growing, making it increasingly difficult for traditional systems to keep up with resource demands. Understanding your big data can help you serve your customers better, improve product quality, and grow your revenue, but you need a platform that can handle the strain.
In hands-on tests in our datacenter, the Scalable Modular Server DX2000 from NEC processed big data quickly and scaled nearly linearly as we added server nodes. In our k-means data cluster analysis test, a DX2000 solution running Apache Spark and Red Hat Enterprise Linux OpenStack Platform processed 100GB in approximately 2 minutes. We also saw that as we doubled the number of server nodes, the DX2000 solution cut analysis time in half when processing the same amount of data, producing excellent scalability.
The Scalable Modular Server DX2000 by NEC is a good choice when you’re ready to put big data to work for you.
This document describes an intelligent, unified platform for managing applications and infrastructure across multiple clouds, containers, and on-premise environments. The platform provides complete visibility from the end user experience to infrastructure, and is powered by machine learning for anomaly detection, clustering, prediction, and correlation. It offers a suite of services including discovery and monitoring, configuration and compliance, automation and orchestration, and analytics and planning. The platform is designed to provide greater agility, increased efficiency, and fewer outages for managing applications and infrastructure at scale.
This document summarizes the decoding of messages and updates to a website called jackblack12.info. Key events include:
- Messages 1-3 were decoded with cryptic texts.
- A barcode on the site was decoded to say "blackjackisgo".
- The site was updated with counters and a binary code.
- A hidden text "Code corrupted. Insert fresh copy" was discovered.
- A new message instructed to send a clear blue overnight package for a timedown.
- The document describes a multiple sorting method called SketchSort for efficiently finding all pairs of similar items in large-scale datasets.
- SketchSort maps high-dimensional vector data to binary sketches while preserving distances. It then performs multiple sorting on the sketches to enumerate similar item pairs.
- Experiments show SketchSort can efficiently find neighbor pairs in large image and genetic datasets, outperforming other state-of-the-art methods. It enables applications like clustering and information retrieval in big data domains.
Introduction To Uae & Mena Trading Strategies By Peter Barrpetebarr
The document consists of a repeating binary pattern of 1s and 0s with no other distinguishing information. It appears to be encoding a simple repetitive message using binary digits.
Two sample slides of what a Data Quality Organization should look like in a Large Organization. They form part of a Data Quality Program Assessment offered by Kanayma LLC
This is the story of how I built an all-seeing eye with Ruby, and how I use it to defend the sanctity of my suburban home.
Using a Raspberry Pi and some homemade motion detection software I've developed a home security system that can send me notifications on my phone and photograph intruders. It uses perceptual hashes to detect image changes and archives anything unusual. I can even set a custom alerting threshold and graph disturbances over time.
If you've ever had the desire to be an evil wizard with a glowing fireball of an eye this talk is perfect for you. Come play with Sauron.
Similar to Ashish thusoo evolution of big data architectures (20)
Web security-–-everything-we-know-is-wrong-eoin-kearydrewz lin
1) Web application security is often approached incorrectly, focusing too much on annual penetration tests and compliance, rather than ongoing monitoring and prevention through the development process.
2) Many vulnerabilities are introduced through third party libraries and dependencies, which are not properly tested or managed. Continuous testing across the full software supply chain is needed.
3) Not all vulnerabilities are equal - context is important. A risk-based approach should prioritize the most critical issues based on factors like impact, likelihood, and the development environment. Compliance alone does not ensure real security.
This document summarizes a presentation about the mobile security Linux distribution Santoku Linux. It discusses how Santoku Linux was created by modifying Lubuntu to include mobile forensic and security tools from the company viaForensics. Some key tools discussed include AFLogical OSE for Android logical acquisitions, iPhone Backup Analyzer, and utilities for analyzing mobile malware samples. Real-world examples of analyzing the Any.DO task manager app and Korean banking malware are also provided.
This document discusses sandboxing untrusted JavaScript from third parties to improve security. It proposes a two-tier sandbox architecture that uses JavaScript libraries and wrappers, without requiring browser modifications. Untrusted code is executed in an isolated environment defined by policy code, and can only access approved APIs. This approach aims to mediate access between code and the browser securely and efficiently while maintaining compatibility with existing third-party scripts.
This document discusses how HTML5 features can be used for authentication purposes and addresses some security challenges. It describes APIs like local storage, canvas, geolocation, and notifications that could be leveraged for authentication factors like passwords, patterns, and one-time passwords. However, it also notes risks like storing sensitive data on devices, spoofing locations, and notifications not being reliable. The document advocates using HTML5 responsibly and understanding privacy and user behavior when designing authentication solutions.
Owasp advanced mobile-application-code-review-techniques-v0.2drewz lin
The document discusses code review techniques for advanced mobile applications. It begins with an overview of why mobile security is important given the rise in mobile usage. It then discusses different mobile application types and architectures that can be code reviewed, including native, hybrid, and HTML5 applications. The document outlines the goals of mobile application code reviews, such as understanding the application and finding security vulnerabilities. It provides the methodology for conducting code reviews, which includes gaining access to source code, understanding the technology, threat modeling, analyzing the code, and creating automation scripts. Finally, it discusses specific vulnerabilities that may be found in Windows Phone, hybrid, Android, and iOS applications.
The document discusses research conducted by Gregg Ganley and Gavin Black at MITRE in FY13-14 on iOS mobile application security. It describes their work on a tool called iMAS (iOS Mobile Application Security) which aims to provide additional security controls and containment for native iOS applications. iMAS addresses vulnerabilities related to runtime access, device access, application access, data at rest, and threats from app stores/malware. It utilizes techniques like encrypted code modules, forced inlining, secure MDM and more to raise security levels above standard iOS but below a fully customized/rooted mobile device environment. The document outlines the motivation, capabilities and future research directions for the iMAS project.
Defeating xss-and-xsrf-with-my faces-frameworks-steve-wolfdrewz lin
This document discusses how to defeat cross-site scripting (XSS) and cross-site request forgery (XSRF) when using JavaServer Faces (JSF) frameworks. It covers validating user input, encoding output, and protecting view states to prevent XSS, as well as configuring JSF implementations to protect against XSRF by encrypting view states and adding tokens to URLs. The presentation emphasizes testing validation, encoding, and protection in specific JSF implementations since behaviors can differ.
This document summarizes a presentation on defending against CSRF (cross-site request forgery) attacks. It discusses four main design patterns for CSRF defenses: the synchronizer token pattern, double submit cookies, challenge-response systems, and checking the referrer header. It then provides details on implementing these patterns, specifically looking at libraries and features in .NET, .NET MVC, Anticsrf, CSRFGuard, and HDIV that can help implement CSRF tokens and validation. The document covers the tradeoffs of different approaches and considerations for using them effectively on the code and server level.
Chuck willis-owaspbwa-beyond-1.0-app secusa-2013-11-21drewz lin
This document provides an overview of the OWASP Broken Web Applications (OWASP BWA) project. It discusses the background and motivation for the project, describes the current status including what applications are included in the virtual machine, outlines future plans, and solicits feedback to help guide and expand the project. The goal of OWASP BWA is to provide a free, open-source virtual machine containing a variety of intentionally vulnerable web applications to aid in testing tools and techniques for finding and addressing security issues.
This document provides a summary of a presentation by Robert Hansen on the future of browser security. Hansen argues that while browser developers want to improve security and privacy, their companies' business models focused on advertising revenue prohibit them from doing so. He outlines various techniques used by advertisers and browser companies to track users against their preferences. Hansen advocates for technical controls that allow users to opt out of tracking through a "can not track" approach, rather than relying on ineffective "do not track" policies. He concludes by discussing WhiteHat Security's focus on privacy and their plans to add more security and privacy features to their Aviator browser.
Appsec usa2013 js_libinsecurity_stefanodipaoladrewz lin
This document summarizes Stefano di Paola's talk on security issues with JavaScript libraries. It discusses how jQuery's $() method can be considered a "sink" that executes HTML passed to it, including examples of XSS via jQuery selectors and AJAX calls. It also covers problems with JSON parsing regular expressions, AngularJS expression injection, and credentials exposed in URLs. Solutions proposed include validating all input, auditing third-party libraries, and moving away from approaches like eval() that execute untrusted code.
Appsec2013 presentation-dickson final-with_all_final_editsdrewz lin
(1) A study surveyed 600 software developers and found that most did not have a basic understanding of software security concepts, with 73% failing an initial survey and the average score being 59% before training. (2) However, after training, developers' understanding of key concepts increased, with some areas like cross-site scripting seeing a 20 percentage point gain. (3) The study concluded that targeted security training can improve developers' knowledge in the short-term, though retention of this knowledge may require refresher training over time.
This document summarizes Bruno Gonçalves de Oliveira's talk on hacking web file servers for iOS. It introduces Bruno and his background in offensive security and discusses how iOS devices store a lot of information and mobile applications are often poorly designed and vulnerable. It provides examples of vulnerable file storage apps, outlines features and vulnerabilities like lack of encryption, authentication, XSS issues, and path traversal flaws. The document demonstrates exploits like unauthorized access to file systems on jailbroken devices and how to find vulnerable systems through mDNS queries. It concludes that mobile apps are the future but designers still do not prioritize security and there are too many apps for users to vet carefully.
Appsec 2013-krehel-ondrej-forensic-investigations-of-web-exploitationsdrewz lin
This document discusses forensic investigations of web exploitations. It presents a scenario where a web server in a DMZ zone was exploited but logs are unavailable, so network traffic must be analyzed. Wireshark will be used to analyze a PCAP file of recorded traffic to determine what happened and find any traces of commands or malware. The document also provides information on the costs of different types of cyber attacks, how to decode HTTP requests, and discusses tools that can be used for network forensics investigations like Wireshark, tcpdump, and Xplico.
Appsec2013 assurance tagging-robert martindrewz lin
The document discusses engineering software systems to be more secure against attacks. It notes that reducing a system's attack surface alone is not enough, as software and networks are too complex and it is impossible to know all vulnerabilities. It then discusses characteristics of advanced persistent threats, including that the initial attack may go unnoticed and adversaries cannot be fully kept out. Finally, it argues that taking a threat-driven perspective beyond just operational defense can help balance mitigation with detection and response.
The document summarizes a presentation on vulnerabilities found in SCADA systems between 2009-2013. It analyzed vulnerabilities by component, with the majority (66%) found in communication components like Modbus and DNP3 protocols. Examples of vulnerabilities are described for several devices. Real-world issues with SCADA systems are discussed like lack of authentication and patching. Recommendations are provided like auditing SCADA networks, implementing secure protocols and password policies, and keeping systems updated.
This 3-page document discusses the real-world challenges of implementing an agile software development lifecycle (SDLC) approach from the perspectives of Chris Eng and Ryan O'Boyle. It was presented at the OWASP AppSec USA conference on November 20, 2013 and focuses on practical lessons learned and best practices for incorporating security throughout an agile SDLC.
This document outlines a presentation given by Simón Roses Femerling on software security verification tools. It discusses BinSecSweeper, an open source tool created by VulnEx to scan binaries and check that security best practices were followed in development. The presentation covers using BinSecSweeper to verify in-house software, assess a company's software security posture, and compare the security of popular browsers. Examples of plugin checks and reports generated by BinSecSweeper are also provided.
Have you ever been confused by the myriad of choices offered by AWS for hosting a website or an API?
Lambda, Elastic Beanstalk, Lightsail, Amplify, S3 (and more!) can each host websites + APIs. But which one should we choose?
Which one is cheapest? Which one is fastest? Which one will scale to meet our needs?
Join me in this session as we dive into each AWS hosting service to determine which one is best for your scenario and explain why!
Taking AI to the Next Level in Manufacturing.pdfssuserfac0301
Read Taking AI to the Next Level in Manufacturing to gain insights on AI adoption in the manufacturing industry, such as:
1. How quickly AI is being implemented in manufacturing.
2. Which barriers stand in the way of AI adoption.
3. How data quality and governance form the backbone of AI.
4. Organizational processes and structures that may inhibit effective AI adoption.
6. Ideas and approaches to help build your organization's AI strategy.
HCL Notes and Domino License Cost Reduction in the World of DLAUpanagenda
Webinar Recording: https://www.panagenda.com/webinars/hcl-notes-and-domino-license-cost-reduction-in-the-world-of-dlau/
The introduction of DLAU and the CCB & CCX licensing model caused quite a stir in the HCL community. As a Notes and Domino customer, you may have faced challenges with unexpected user counts and license costs. You probably have questions on how this new licensing approach works and how to benefit from it. Most importantly, you likely have budget constraints and want to save money where possible. Don’t worry, we can help with all of this!
We’ll show you how to fix common misconfigurations that cause higher-than-expected user counts, and how to identify accounts which you can deactivate to save money. There are also frequent patterns that can cause unnecessary cost, like using a person document instead of a mail-in for shared mailboxes. We’ll provide examples and solutions for those as well. And naturally we’ll explain the new licensing model.
Join HCL Ambassador Marc Thomas in this webinar with a special guest appearance from Franz Walder. It will give you the tools and know-how to stay on top of what is going on with Domino licensing. You will be able lower your cost through an optimized configuration and keep it low going forward.
These topics will be covered
- Reducing license cost by finding and fixing misconfigurations and superfluous accounts
- How do CCB and CCX licenses really work?
- Understanding the DLAU tool and how to best utilize it
- Tips for common problem areas, like team mailboxes, functional/test users, etc
- Practical examples and best practices to implement right away
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slackshyamraj55
Discover the seamless integration of RPA (Robotic Process Automation), COMPOSER, and APM with AWS IDP enhanced with Slack notifications. Explore how these technologies converge to streamline workflows, optimize performance, and ensure secure access, all while leveraging the power of AWS IDP and real-time communication via Slack notifications.
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAUpanagenda
Webinar Recording: https://www.panagenda.com/webinars/hcl-notes-und-domino-lizenzkostenreduzierung-in-der-welt-von-dlau/
DLAU und die Lizenzen nach dem CCB- und CCX-Modell sind für viele in der HCL-Community seit letztem Jahr ein heißes Thema. Als Notes- oder Domino-Kunde haben Sie vielleicht mit unerwartet hohen Benutzerzahlen und Lizenzgebühren zu kämpfen. Sie fragen sich vielleicht, wie diese neue Art der Lizenzierung funktioniert und welchen Nutzen sie Ihnen bringt. Vor allem wollen Sie sicherlich Ihr Budget einhalten und Kosten sparen, wo immer möglich. Das verstehen wir und wir möchten Ihnen dabei helfen!
Wir erklären Ihnen, wie Sie häufige Konfigurationsprobleme lösen können, die dazu führen können, dass mehr Benutzer gezählt werden als nötig, und wie Sie überflüssige oder ungenutzte Konten identifizieren und entfernen können, um Geld zu sparen. Es gibt auch einige Ansätze, die zu unnötigen Ausgaben führen können, z. B. wenn ein Personendokument anstelle eines Mail-Ins für geteilte Mailboxen verwendet wird. Wir zeigen Ihnen solche Fälle und deren Lösungen. Und natürlich erklären wir Ihnen das neue Lizenzmodell.
Nehmen Sie an diesem Webinar teil, bei dem HCL-Ambassador Marc Thomas und Gastredner Franz Walder Ihnen diese neue Welt näherbringen. Es vermittelt Ihnen die Tools und das Know-how, um den Überblick zu bewahren. Sie werden in der Lage sein, Ihre Kosten durch eine optimierte Domino-Konfiguration zu reduzieren und auch in Zukunft gering zu halten.
Diese Themen werden behandelt
- Reduzierung der Lizenzkosten durch Auffinden und Beheben von Fehlkonfigurationen und überflüssigen Konten
- Wie funktionieren CCB- und CCX-Lizenzen wirklich?
- Verstehen des DLAU-Tools und wie man es am besten nutzt
- Tipps für häufige Problembereiche, wie z. B. Team-Postfächer, Funktions-/Testbenutzer usw.
- Praxisbeispiele und Best Practices zum sofortigen Umsetzen
Skybuffer SAM4U tool for SAP license adoptionTatiana Kojar
Manage and optimize your license adoption and consumption with SAM4U, an SAP free customer software asset management tool.
SAM4U, an SAP complimentary software asset management tool for customers, delivers a detailed and well-structured overview of license inventory and usage with a user-friendly interface. We offer a hosted, cost-effective, and performance-optimized SAM4U setup in the Skybuffer Cloud environment. You retain ownership of the system and data, while we manage the ABAP 7.58 infrastructure, ensuring fixed Total Cost of Ownership (TCO) and exceptional services through the SAP Fiori interface.
Main news related to the CCS TSI 2023 (2023/1695)Jakub Marek
An English 🇬🇧 translation of a presentation to the speech I gave about the main changes brought by CCS TSI 2023 at the biggest Czech conference on Communications and signalling systems on Railways, which was held in Clarion Hotel Olomouc from 7th to 9th November 2023 (konferenceszt.cz). Attended by around 500 participants and 200 on-line followers.
The original Czech 🇨🇿 version of the presentation can be found here: https://www.slideshare.net/slideshow/hlavni-novinky-souvisejici-s-ccs-tsi-2023-2023-1695/269688092 .
The videorecording (in Czech) from the presentation is available here: https://youtu.be/WzjJWm4IyPk?si=SImb06tuXGb30BEH .
Ivanti’s Patch Tuesday breakdown goes beyond patching your applications and brings you the intelligence and guidance needed to prioritize where to focus your attention first. Catch early analysis on our Ivanti blog, then join industry expert Chris Goettl for the Patch Tuesday Webinar Event. There we’ll do a deep dive into each of the bulletins and give guidance on the risks associated with the newly-identified vulnerabilities.
OpenID AuthZEN Interop Read Out - AuthorizationDavid Brossard
During Identiverse 2024 and EIC 2024, members of the OpenID AuthZEN WG got together and demoed their authorization endpoints conforming to the AuthZEN API
UiPath Test Automation using UiPath Test Suite series, part 6DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 6. In this session, we will cover Test Automation with generative AI and Open AI.
UiPath Test Automation with generative AI and Open AI webinar offers an in-depth exploration of leveraging cutting-edge technologies for test automation within the UiPath platform. Attendees will delve into the integration of generative AI, a test automation solution, with Open AI advanced natural language processing capabilities.
Throughout the session, participants will discover how this synergy empowers testers to automate repetitive tasks, enhance testing accuracy, and expedite the software testing life cycle. Topics covered include the seamless integration process, practical use cases, and the benefits of harnessing AI-driven automation for UiPath testing initiatives. By attending this webinar, testers, and automation professionals can gain valuable insights into harnessing the power of AI to optimize their test automation workflows within the UiPath ecosystem, ultimately driving efficiency and quality in software development processes.
What will you get from this session?
1. Insights into integrating generative AI.
2. Understanding how this integration enhances test automation within the UiPath platform
3. Practical demonstrations
4. Exploration of real-world use cases illustrating the benefits of AI-driven test automation for UiPath
Topics covered:
What is generative AI
Test Automation with generative AI and Open AI.
UiPath integration with generative AI
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Project Management Semester Long Project - Acuityjpupo2018
Acuity is an innovative learning app designed to transform the way you engage with knowledge. Powered by AI technology, Acuity takes complex topics and distills them into concise, interactive summaries that are easy to read & understand. Whether you're exploring the depths of quantum mechanics or seeking insight into historical events, Acuity provides the key information you need without the burden of lengthy texts.
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdfMalak Abu Hammad
Discover how MongoDB Atlas and vector search technology can revolutionize your application's search capabilities. This comprehensive presentation covers:
* What is Vector Search?
* Importance and benefits of vector search
* Practical use cases across various industries
* Step-by-step implementation guide
* Live demos with code snippets
* Enhancing LLM capabilities with vector search
* Best practices and optimization strategies
Perfect for developers, AI enthusiasts, and tech leaders. Learn how to leverage MongoDB Atlas to deliver highly relevant, context-aware search results, transforming your data retrieval process. Stay ahead in tech innovation and maximize the potential of your applications.
#MongoDB #VectorSearch #AI #SemanticSearch #TechInnovation #DataScience #LLM #MachineLearning #SearchTechnology
Threats to mobile devices are more prevalent and increasing in scope and complexity. Users of mobile devices desire to take full advantage of the features
available on those devices, but many of the features provide convenience and capability but sacrifice security. This best practices guide outlines steps the users can take to better protect personal devices and information.
Webinar: Designing a schema for a Data WarehouseFederico Razzoli
Are you new to data warehouses (DWH)? Do you need to check whether your data warehouse follows the best practices for a good design? In both cases, this webinar is for you.
A data warehouse is a central relational database that contains all measurements about a business or an organisation. This data comes from a variety of heterogeneous data sources, which includes databases of any type that back the applications used by the company, data files exported by some applications, or APIs provided by internal or external services.
But designing a data warehouse correctly is a hard task, which requires gathering information about the business processes that need to be analysed in the first place. These processes must be translated into so-called star schemas, which means, denormalised databases where each table represents a dimension or facts.
We will discuss these topics:
- How to gather information about a business;
- Understanding dictionaries and how to identify business entities;
- Dimensions and facts;
- Setting a table granularity;
- Types of facts;
- Types of dimensions;
- Snowflakes and how to avoid them;
- Expanding existing dimensions and facts.
Monitoring and Managing Anomaly Detection on OpenShift.pdfTosin Akinosho
Monitoring and Managing Anomaly Detection on OpenShift
Overview
Dive into the world of anomaly detection on edge devices with our comprehensive hands-on tutorial. This SlideShare presentation will guide you through the entire process, from data collection and model training to edge deployment and real-time monitoring. Perfect for those looking to implement robust anomaly detection systems on resource-constrained IoT/edge devices.
Key Topics Covered
1. Introduction to Anomaly Detection
- Understand the fundamentals of anomaly detection and its importance in identifying unusual behavior or failures in systems.
2. Understanding Edge (IoT)
- Learn about edge computing and IoT, and how they enable real-time data processing and decision-making at the source.
3. What is ArgoCD?
- Discover ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes, and its role in deploying applications on edge devices.
4. Deployment Using ArgoCD for Edge Devices
- Step-by-step guide on deploying anomaly detection models on edge devices using ArgoCD.
5. Introduction to Apache Kafka and S3
- Explore Apache Kafka for real-time data streaming and Amazon S3 for scalable storage solutions.
6. Viewing Kafka Messages in the Data Lake
- Learn how to view and analyze Kafka messages stored in a data lake for better insights.
7. What is Prometheus?
- Get to know Prometheus, an open-source monitoring and alerting toolkit, and its application in monitoring edge devices.
8. Monitoring Application Metrics with Prometheus
- Detailed instructions on setting up Prometheus to monitor the performance and health of your anomaly detection system.
9. What is Camel K?
- Introduction to Camel K, a lightweight integration framework built on Apache Camel, designed for Kubernetes.
10. Configuring Camel K Integrations for Data Pipelines
- Learn how to configure Camel K for seamless data pipeline integrations in your anomaly detection workflow.
11. What is a Jupyter Notebook?
- Overview of Jupyter Notebooks, an open-source web application for creating and sharing documents with live code, equations, visualizations, and narrative text.
12. Jupyter Notebooks with Code Examples
- Hands-on examples and code snippets in Jupyter Notebooks to help you implement and test anomaly detection models.
Driving Business Innovation: Latest Generative AI Advancements & Success StorySafe Software
Are you ready to revolutionize how you handle data? Join us for a webinar where we’ll bring you up to speed with the latest advancements in Generative AI technology and discover how leveraging FME with tools from giants like Google Gemini, Amazon, and Microsoft OpenAI can supercharge your workflow efficiency.
During the hour, we’ll take you through:
Guest Speaker Segment with Hannah Barrington: Dive into the world of dynamic real estate marketing with Hannah, the Marketing Manager at Workspace Group. Hear firsthand how their team generates engaging descriptions for thousands of office units by integrating diverse data sources—from PDF floorplans to web pages—using FME transformers, like OpenAIVisionConnector and AnthropicVisionConnector. This use case will show you how GenAI can streamline content creation for marketing across the board.
Ollama Use Case: Learn how Scenario Specialist Dmitri Bagh has utilized Ollama within FME to input data, create custom models, and enhance security protocols. This segment will include demos to illustrate the full capabilities of FME in AI-driven processes.
Custom AI Models: Discover how to leverage FME to build personalized AI models using your data. Whether it’s populating a model with local data for added security or integrating public AI tools, find out how FME facilitates a versatile and secure approach to AI.
We’ll wrap up with a live Q&A session where you can engage with our experts on your specific use cases, and learn more about optimizing your data workflows with AI.
This webinar is ideal for professionals seeking to harness the power of AI within their data management systems while ensuring high levels of customization and security. Whether you're a novice or an expert, gain actionable insights and strategies to elevate your data processes. Join us to see how FME and AI can revolutionize how you work with data!
19. Towards Scalability
Solution: SHARDING (Divide and Conquer)
11011000110000011001001011111010
11011000110000011001001011111010 11011000110000011001001011111010
11011000110000011001001011111010
11011000110000011001001011111010 11011000110000011001001011111010
11011000110000011001001011111010 11011000110000011001001011111010
11011000110000011001001011111010
11011000110000011001001011111010 11011000110000011001001011111010
11011000110000011001001011111010
20. Towards Scalability
How do we quickly route a record to a shard?
11011000110000011001001011111010
11011000110000011001001011111010
fn( )
11011000110000011001001011111010
11011000110000011001001011111010 11011000110000011001001011111010
- Consistent Hashing 11011000110000011001001011111010
11011000110000011001001011111010
- Mapping Table
21. Towards Scalability
What happens is part of the record is in one shard and part
in another?
11011000110000011001001011111010
11011000110000011001001011111010
11011000110000011001001011111010
11011000110000011001001011111010 11011000110000011001001011111010 11011000110000011001001011111010
11011000110000011001001011111010
11011000110000011001001011111010
22. Towards Scalability
Keep it Simple: Application deals with atomicity &
consistency semantics
11011000110000011001001011111010
11011000110000011001001011111010
11011000110000011001001011111010 11011000110000011001001011111010
11011000110000011001001011111010
11011000110000011001001011111010
11011000110000011001001011111010
11011000110000011001001011111010
23. Towards Availability
What if my shard is down? Where do I put my record?
X
11011000110000011001001011111010
11011000110000011001001011111010
11011000110000011001001011111010
? 11011000110000011001001011111010
11011000110000011001001011111010
11011000110000011001001011111010
11011000110000011001001011111010
24. Towards Availability
Lets just replicate the shards and pray that one is available :)
X
11011000110000011001001011111010 11011000110000011001001011111010 11011000110000011001001011111010
11011000110000011001001011111010 11011000110000011001001011111010 11011000110000011001001011111010
11011000110000011001001011111010 11011000110000011001001011111010 11011000110000011001001011111010
11011000110000011001001011111010
11011000110000011001001011111010 11011000110000011001001011111010 11011000110000011001001011111010
11011000110000011001001011111010 11011000110000011001001011111010 11011000110000011001001011111010
11011000110000011001001011111010 11011000110000011001001011111010 11011000110000011001001011111010
28. Towards Flexibility
Problem
Does structure in a database make it slower to write
applications (sprint vs waterfall model)?
My data is not records and tables?
29. Towards Flexibility
How knowing my record structure help by data system?
Helps to optimize execution plans
Helps to optimize my storage layouts
Trade off?
Application change means database schema change,
rebuilding indexes etc. etc.
30. Towards Flexibility
Most of my operations are simple lookups, range lookups
and updates
Since the execution is simple we don’t need all the
structure
Keep enough structure to support fast gets and puts
32. Towards Flexibility
Need to update related “values” of a key (Some Atomicity)
KEY VALUE
11011000110 11011000110000011001001011111010
11011000110 11011000110000011001001011111010
11011000110 11011000110000011001001011111010
11011000110 11011000110000011001001011111010
11011000110 11011000110000011001001011111010
11011000110 11011000110000011001001011111010
33. Towards Flexibility
Need update related “values” of a key (Some Atomicity)
KEY TAG VALUE
11011000110 11011000110 11011000110000011001001011111010
11011000110 11011000110 11011000110000011001001011111010
11011000110 11011000110 11011000110000011001001011111010
11011000110 11011000110 11011000110000011001001011111010 TAG = COLUMN FAMILY
11011000110 11011000110 11011000110000011001001011111010
11011000110 11011000110 11011000110000011001001011111010
34. Towards Flexibility
gets and puts are fine for online applications BUT..
What about Analytics?
Transformations can be really complicated...
35. Towards Flexibility
Is there a simple construct that can solve a number of
analytics queries
of course: SORT
And it can be parallelized too
36. Towards Flexibility
MAP/REDUCE (Scalable Parallel Pluggable SORT)
Mappers Reducers
11011000110000011001001011111010
11011000110000011001001011111010
11011000110000011001001011111010
11011000110000011001001011111010
11011000110000011001001011111010
11011000110000011001001011111010
m{ } r{ }
11011000110000011001001011111010
11011000110000011001001011111010 11011000110000011001001011111010
11011000110000011001001011111010 11011000110000011001001011111010
11011000110000011001001011111010
11011000110000011001001011111010
11011000110000011001001011111010
11011000110000011001001011111010
11011000110000011001001011111010
11011000110000011001001011111010
m: user defined map function 11011000110000011001001011111010
r: user defined reduce function
37. Towards Flexibility
MAP/REDUCE and Failures
Mappers Reducers
11011000110000011001001011111010
11011000110000011001001011111010
11011000110000011001001011111010
11011000110000011001001011111010
X
11011000110000011001001011111010
11011000110000011001001011111010
11011000110000011001001011111010
11011000110000011001001011111010
11011000110000011001001011111010
11011000110000011001001011111010
11011000110000011001001011111010
11011000110000011001001011111010
38. 1990s vs 2000s
Different Focus: 1990s (Raw Performance)
Structure important for speed optimizations
Stream everything through Query plan
2000s (Sprint mode of application development)
Support dev efficiency and data variety
Checkpointing for restartability
40. The New Meets The Old
Disruption?
Well we still need SQL
We still need to make these work with other components
Guess what? Efficiency is also important at scale
41. Where Does New Fail?
Transactions?
Moving money from one account to another
Graphs?
Networks everywhere
How to do second order analysis on graphs