The document discusses best practices for security in cloud adoption and the AWS Well-Architected Framework. It covers defining a security strategy as part of cloud adoption, delivering a security program, operating robust security, controlling identity and access, enabling traceability, protecting the network layer, applying security across layers, and automating security checks and management. Specific AWS services referenced include AWS Organizations, IAM, GuardDuty, VPC, WAF, Config, and automation tools.
Security Framework Shakedown: Chart Your Journey with AWS Best PracticesAmazon Web Services
As with everything in life there is an easy way and a hard way when it comes to adopting security framework recommendations. Featuring the AWS Well-Architected and Cloud Adoption Frameworks, we will walk you through a complete security journey. We'll start with identification of requirements, then move through a series of how-tos from classifying your data, automating controls, to running fun incident response game days.
Security Framework Shakedown: Chart Your Journey with AWS Best PracticesAmazon Web Services
As with everything in life there is an easy way and a hard way when it comes to adopting security framework recommendations. Featuring the AWS Well-Architected and Cloud Adoption Frameworks, we will walk you through a complete security journey. We'll start with identification of requirements, then move through a series of how-tos from classifying your data, automating controls, to running fun incident response game days.
스폰서 발표 세션 | 클라우드 세상에서 CIO로 살아남기
이한주 대표이사, Bespin Global
클라우드 세상에서 CIO로 살아남기 위해서는 어떻게 해야 할까요? 클라우드를 도입하는 건 더이상 선택의 문제가 아닙니다. 우리 삶에 이미 스며들어 비즈니스 연속성을 갖기 위해서 취해야 할 당연한 환경입니다. 이제 클라우드는 얼마나 빨리 최신 기술을 적용하여 시장에 내놓을 수 있는지, 비즈니스 확장과 스피드의 관점으로 바라봐야합니다. 기업에서는 클라우드를 어떻게 접근해야 할까요? 개발자, 운영자 CIO로서 나가야 할 방향과 디지털 트랜스포메이션을 주도해야 하는 CDO로서의 방향은 어떻게 되어야 할까요?
Leading Your Team Through a Cloud Transformation - Virtual Transformation Day...Amazon Web Services
Speaker: Thomas Blood
Moving to the cloud can help transform technical and non-technical aspects of your organization, enabling agility, scale, security, and cost savings. However, transformational change requires strong leadership at all levels of the organization. In this session, we will review strategies and best practices to help you lead the organization through a successful cloud journey.
AWS Transformation Day is designed for enterprise organizations looking to make the move to the cloud in order to become more responsive, agile and innovative, while still staying secure and compliant. Join us for this virtual event and we'll share our experiences of helping enterprise customers accelerate the pace of migration and adoption of strategic services.
We recommend this event for IT and business leaders who are looking to create sustainable benefits and a competitive advantage by using the AWS Cloud.
Speaker: Mike Wilner, Startup Business Development, Amazon Web Services
Is raising venture capital right for you? Join this session to learn about the process that serial founders execute with fundraising. Discover how to prospect the right investors, make contact and frame a fundraising narrative, and generate a sense of urgency with investors to close your round as quickly as possible. Make sure you can fundraise like the most experienced founders to avoid dragging it out.
Moderator: Jerrod Hill, VC Business Development, Amazon Web Services
Panelists: Nyla Koncurat, Managing Partner, Karlani Capital
Elizabeth D. Sigety, Esq., Director, Co-Founder, Delaware Crossing Investor Group
There's no perfect pitch deck. However, there are elements every investor will be looking for, and that your deck better have. If you are in the school of, “Why do I need a pitch deck at all?” it's time to change your thinking. A spiffy series of slides won't magically get you investors, customers, or those critical early hires. But it's a way in, especially for novice entrepreneurs. In this talk we'll cover what’s critical in a deck, what’s best left out, and how to combine everything to tell a compelling story about yourself and your startup.
Speaker: Alejandra Novack, Developer Relations, Amazon Web Services
Early stage startups are time and resource constrained and they need to quickly get to product market fit. In this session you’ll get an overview of how startups build MVPs using services like Amazon API Gateway, AWS Amplify, AWS Lambda, Amazon EKS, Amazon Lightsail, and database options. After this session, you’ll be able to pick the right technologies and use pre-configured architectures to speed up your development.
Most businesses depend on a portfolio of technology solutions to operate and be successful every day. How do you know if you and your team are following best practice, or what the risks in your architectures might be? This session will show how the AWS Well-Architected framework provides prescriptive architectural advice, and how the AWS Well-Architected Tool allows you to measure and improve your technology portfolio. We will explain how other customers are using AWS Well-Architected in their business, and we’ll share insights into what we have learned from reviewing tens of thousands of architectures across Operational Excellence, Security, Reliability, Performance Efficiency, and Cost Optimization.
All companies, regardless of size, should build with protection of customer data as a top priority. This session examines how to achieve this through topics including: control responsibilities; the automation of security baselines; the configuration of security; and the auditing of controls for AWS customer infrastructure, operating systems, services and applications. You'll learn key principles of how to build a secure organization and protect your customers’ data. Don't wait until your first security incident before putting these best practices in place.
Initiate Edinburgh 2019 - Moving to DevOps the Amazon WayAmazon Web Services
DevOps is currently one of the most sought after engineering models. One reason is that it helps enterprise transformations. The Amazon transformation to DevOps was born out of the desire to be even more customer obsessed, more agile, and more innovative. Come and learn from our journey as we share the playbook that helped us successfully implement and adopt DevOps as well as the lessons we learned the hard way.
스폰서 발표 세션 | 클라우드 세상에서 CIO로 살아남기
이한주 대표이사, Bespin Global
클라우드 세상에서 CIO로 살아남기 위해서는 어떻게 해야 할까요? 클라우드를 도입하는 건 더이상 선택의 문제가 아닙니다. 우리 삶에 이미 스며들어 비즈니스 연속성을 갖기 위해서 취해야 할 당연한 환경입니다. 이제 클라우드는 얼마나 빨리 최신 기술을 적용하여 시장에 내놓을 수 있는지, 비즈니스 확장과 스피드의 관점으로 바라봐야합니다. 기업에서는 클라우드를 어떻게 접근해야 할까요? 개발자, 운영자 CIO로서 나가야 할 방향과 디지털 트랜스포메이션을 주도해야 하는 CDO로서의 방향은 어떻게 되어야 할까요?
Leading Your Team Through a Cloud Transformation - Virtual Transformation Day...Amazon Web Services
Speaker: Thomas Blood
Moving to the cloud can help transform technical and non-technical aspects of your organization, enabling agility, scale, security, and cost savings. However, transformational change requires strong leadership at all levels of the organization. In this session, we will review strategies and best practices to help you lead the organization through a successful cloud journey.
AWS Transformation Day is designed for enterprise organizations looking to make the move to the cloud in order to become more responsive, agile and innovative, while still staying secure and compliant. Join us for this virtual event and we'll share our experiences of helping enterprise customers accelerate the pace of migration and adoption of strategic services.
We recommend this event for IT and business leaders who are looking to create sustainable benefits and a competitive advantage by using the AWS Cloud.
Speaker: Mike Wilner, Startup Business Development, Amazon Web Services
Is raising venture capital right for you? Join this session to learn about the process that serial founders execute with fundraising. Discover how to prospect the right investors, make contact and frame a fundraising narrative, and generate a sense of urgency with investors to close your round as quickly as possible. Make sure you can fundraise like the most experienced founders to avoid dragging it out.
Moderator: Jerrod Hill, VC Business Development, Amazon Web Services
Panelists: Nyla Koncurat, Managing Partner, Karlani Capital
Elizabeth D. Sigety, Esq., Director, Co-Founder, Delaware Crossing Investor Group
There's no perfect pitch deck. However, there are elements every investor will be looking for, and that your deck better have. If you are in the school of, “Why do I need a pitch deck at all?” it's time to change your thinking. A spiffy series of slides won't magically get you investors, customers, or those critical early hires. But it's a way in, especially for novice entrepreneurs. In this talk we'll cover what’s critical in a deck, what’s best left out, and how to combine everything to tell a compelling story about yourself and your startup.
Speaker: Alejandra Novack, Developer Relations, Amazon Web Services
Early stage startups are time and resource constrained and they need to quickly get to product market fit. In this session you’ll get an overview of how startups build MVPs using services like Amazon API Gateway, AWS Amplify, AWS Lambda, Amazon EKS, Amazon Lightsail, and database options. After this session, you’ll be able to pick the right technologies and use pre-configured architectures to speed up your development.
Most businesses depend on a portfolio of technology solutions to operate and be successful every day. How do you know if you and your team are following best practice, or what the risks in your architectures might be? This session will show how the AWS Well-Architected framework provides prescriptive architectural advice, and how the AWS Well-Architected Tool allows you to measure and improve your technology portfolio. We will explain how other customers are using AWS Well-Architected in their business, and we’ll share insights into what we have learned from reviewing tens of thousands of architectures across Operational Excellence, Security, Reliability, Performance Efficiency, and Cost Optimization.
All companies, regardless of size, should build with protection of customer data as a top priority. This session examines how to achieve this through topics including: control responsibilities; the automation of security baselines; the configuration of security; and the auditing of controls for AWS customer infrastructure, operating systems, services and applications. You'll learn key principles of how to build a secure organization and protect your customers’ data. Don't wait until your first security incident before putting these best practices in place.
Initiate Edinburgh 2019 - Moving to DevOps the Amazon WayAmazon Web Services
DevOps is currently one of the most sought after engineering models. One reason is that it helps enterprise transformations. The Amazon transformation to DevOps was born out of the desire to be even more customer obsessed, more agile, and more innovative. Come and learn from our journey as we share the playbook that helped us successfully implement and adopt DevOps as well as the lessons we learned the hard way.
Building the Technical Foundation for Your Security Practice (GPSCT205) - AWS...Amazon Web Services
Security is job zero at AWS. Come and learn how to build a modern security practice on AWS and supercharge it with AWS partners and serverless automation. Learn about the Security Perspectives found the AWS Well-Architected Framework, which equip your security program to not only keep your environment secure but also move fast. Learn advanced techniques to empower your teams with Amazon GuardDuty so you can elevate your team's ability to identify, protect, detect, respond, and recover from security events.
Introduction to the Well-Architected Framework and Tool - SVC212 - Santa Clar...Amazon Web Services
Most modern businesses depend on a portfolio of technology solutions to operate and be successful every day. How do you know whether your team is following best practices or the risks in your architectures? This session shows how the AWS Well-Architected Framework provides prescriptive advice on best practices and how the AWS Well-Architected Tool enables you to measure and improve your technology portfolio. We explain how other customers are using AWS Well-Architected in their businesses, and we share what we learned from reviewing tens of thousands of architectures across operational excellence, security, reliability, performance efficiency, and cost optimization.
The AWS Well-Architected Framework enables customers to understand best practices around security, reliability, performance, and cost optimisation when building systems on AWS. This approach helps customers make informed decisions and weigh the pros and cons of application design patterns for the cloud. In this session, you'll learn about the Well-Architected Framework, and the steps you can take to help ensure your solution is Well Architected.
Speaker: Brian Farnhill, Solutions Architect, AWS
e커머스 통합운영 자동화 사례 및 보안강화 방안 - 양수연 상무, 삼성SDS / 임선진 팀장, 삼성SDS :: AWS Summit Seou...Amazon Web Services Korea
스폰서 발표 세션 | e커머스 통합운영 자동화 사례 및 보안강화 방안
양수연 상무, 삼성SDS
임선진 팀장, 삼성SDS
최근 많은 기업들이 글로벌 e커머스 사이트를 운영하고 있습니다. 그러나 글로벌 e커머스 시스템은 국가별로 다양한 환경을 수용해야 하기 때문에 개발과 운영이 쉽지 않습니다. 삼성SDS는 이러한 문제점을 해결하기 위해 해외 각지의 개발자들과 협업 체계를 갖추고, 신속하고 효율적인 e커머스 시스템 개발/운영 체계를 구축하였습니다. 본 세션에서는 여기에 적용된 기술과 구현 방법에 대해 설명하고, e커머스의 보안 강화를 위해 적용할 수 있는 Misconfig 진단, Managed CASB 등 보안 서비스에 대해서도 소개해 드립니다.
Using AMS to get FSI Regulated Workloads on the Cloud, Fast - AWS Summit Sydn...Amazon Web Services
Using AMS to get FSI Regulated Workloads on the Cloud, Fast
Discover the different approaches to building effective Operating Models at Cloud Strategy stage using DIY, APN Partner or AWS Services. Then hear how AWS Managed Services (AMS) can help Australia's banks get regulated workloads stood up on cloud and achieve business outcomes faster due to high scale automation.
George Watts, Global Operations Integration Practice Manager, Amazon Web Services
How to Do it Right - Your First 90 Days - AWS Summit Sydney 2018Amazon Web Services
How To Do It Right - Your First 90 Days on the AWS Cloud
Has your business made a decision to go “all-in” on the AWS Cloud, and you aren’t sure of the next steps? Attend this session to learn what you should do in the first 90 days to make your cloud journey successful.
Anita Kaye, Technical Account Manager, Amazon Web Services
Secure Your Data with Recommended Best Practices Enabled by AWS Security and ...Amazon Web Services
Security is a growing concern. Misconfigurations and inconsistent deployments provide opportunities for attackers to find vulnerabilities. This underscores the need to enforce policies as more and more production workloads move to the cloud.
In this session, discover how customers are using AWS Service Catalog as a layered defense and an in-depth mechanism to mitigate misconfigurations and variability in workload deployments. Additionally, learn how AWS Control Tower provides guardrails for policy enforcement to help customers like World Bank enforce security and manage compliance.
Speakers:
Kaushik Mohanty, Principal BD, Service Catalog and Control Tower, AWS
Durga Prasad, Manager, Solutions Architect, AWS
Security Framework Shakedown: Chart Your Journey with AWS Best Practices (SEC...Amazon Web Services
As with everything in life there is an easy way and a hard way when it comes to adopting security framework recommendations. Featuring the AWS Well-Architected and Cloud Adoption Frameworks, we will walk you through a complete security journey. We'll start with identification of requirements, then move through a series of how-tos from classifying your data, automating controls, to running fun incident response game days. There will be code giveaways and more!
Security at the speed of cloud: How to think about it & how you can do it now...Amazon Web Services
In this session, we explain how customers can enable business agility by evolving their governance approach to run at the speed of cloud. Learn how to think about security in the AWS Cloud, and receive prescriptive guidance on implementing technology to support your business. Hear about what good looks like, and learn how you can apply this approach in your organization today.
Presenting Radar: Validation and remediation of AWS cloud resources - GRC343 ...Amazon Web Services
Liberty Mutual is opinionated about how application teams deliver and deploy code into AWS. Applications must be able to secure all data types, meet security standards, and deploy via automation. Radar is an event-driven, rules-based service for validating and remediating AWS cloud resources, and it ensures that security standards are enforced. In this session, learn about Radar, which is built on AWS and designed to ensure compliance across hundreds of AWS accounts in 14 regions while providing flexibility for rule variation. Whether risks are prevented during continuous integration or detected upon deployment and remediated, the goal is the same: all policy is enforced at the earliest moment of risk.
Privacy by design on AWS - FND202-R - AWS re:Inforce 2019 Amazon Web Services
This workshop is designed to support customers who apply due diligence and discovery efforts around data privacy regulations and compliance frameworks. We provide an introductory overview of AWS and data privacy. We also discuss the AWS shared responsibility model and where data can live in AWS environments. Finally, we give an overview of the available AWS services and features that support data privacy compliance.
Capital One case study: Addressing compliance and security within AWS - FND21...Amazon Web Services
Capital One is a leading global financial institution that has reimagined banking. Attend this session to learn how the company is governing and securing mission-critical infrastructure, its AWS environment, and its users and customers by building an integrated identity governance program that secures the organization and enables its workforce. Capital One shares its successes and lessons learned while building its identity strategy, and it covers what the company recommends that you consider when building or expanding your identity program. Learn how Capital One secures the wallet that it refers to when asking, “What’s in your wallet?”
In the cloud, the name of the game is securability! - SEP303 - AWS re:Inforce...Amazon Web Services
Do you ever feel like your efforts with security are futile? Change can lead to new, never-before-recognized opportunities to innovate. Security is no exception. Using measurements to drive us, we have found innovations in security that have led to greater collaboration and carefully curated security outcomes. The cloud has made never-before-seen security capabilities possible. Have you ever imagined talking about the five nines of security? We are! Come join the debate about how to make cloud workloads safer by adopting securability and a bounded measurable means of increasing the safety of software.
Designing, deploying and maintaining APIs for your mobile application is a challenge. In between authentication, authorization, data access, notifications, offline devices and the usual non functional requirements of availability, scalability and shrinking budgets.
During this session, I will show you how to deploy a GraphQL API, without requiring to be an API expert. I will show you how to easily integrate an authentication wall, with minimal coding. By attending this session you will be able to accelerate the development of your web & mobile applications by using simplified backends in the cloud.
Module 3: AWS Security
This module will cover how AWS approaches securing the cloud, along with the AWS Shared Responsibility Model, AWS Access Control and Management, AWS Security Compliance Programs, and resources available to aid you in better understanding AWS Cloud security options.
AWS DevDay Berlin 2019 - Simplify your Web & Mobile appswith cloud-based ser...Darko Mesaroš
Designing, deploying and maintaining APIs for your mobile application is a challenge. In between authentication, authorization, data access, notifications, offline devices and the usual non functional requirements of availability, scalability and shrinking budgets.During this session, I will show you how to deploy a GraphQL API, without requiring to be an API expert. I will show you how to easily integrate an authentication wall, with minimal coding. By attending this session you will be able to accelerate the development of your web & mobile applications by using simplified backends in the cloud.
Designing, deploying and maintaining APIs for your mobile application is a challenge. In between authentication, authorization, data access, notifications, offline devices and the usual non functional requirements of availability, scalability and shrinking budgets.
During this session, I will show you how to deploy a GraphQL API, without requiring to be an API expert. I will show you how to easily integrate an authentication wall, with minimal coding. By attending this session you will be able to accelerate the development of your web & mobile applications by using simplified backends in the cloud.
Similar to AWS Initiate - Security Framework Shakedown: Mapeie sua jornada com as melhores práticas da AWS (20)
En este webinar, aprenderá cómo las empresas pueden aprovechar la nube de AWS para automatizar los pipelines de desarrollo de software. Este enfoque permite que su equipo sea más ágil, mejorando su capacidad para entregar aplicaciones y servicios rápidamente.
Neste webinar, você aprenderá como as empresas podem se valer da nuvem da AWS para automatizar os pipelines de desenvolvimento de software. Essa abordagem permite que sua equipe seja mais ágil, melhorando sua capacidade para entregar aplicações e serviços mais rapidamente.
Las tecnologías como los contenedores y kubernetes pueden hacer que sus procesos de entrega de software sean más fáciles y más rápidos. En este webinar, hablaremos sobre cómo usar el Amazon Kubernetes Service (EKS) para construir aplicaciones modernas con grupos Kubernetes totalmente administrados.
Tecnologias como containers e Kubernetes podem tornar seus processos de entrega de software mais fáceis e rápidos. Neste webinar, falaremos sobre como usar o Amazon Elastic Kubernetes Service (EKS) para criar aplicativos modernos com clusters de Kubernetes totalmente gerenciados.
Ransomware é uma das ameaças de crescimento mais rápido para qualquer organização. Nenhuma empresa, grande ou pequena, está imune a ataques de cibercriminosos. Nesta sessão, mostramos como você pode aproveitar os serviços e recursos da nuvem AWS para proteger seus dados mais valiosos de ataques cibernéticos e acelerar a restauração de operações.
El ransomware es una de las amenazas de más rápido crecimiento para cualquier organización. Ninguna empresa, grande o pequeña, es inmune a los ataques de los ciberdelincuentes. En esta sesión, mostramos cómo puede aprovechar los servicios y las capacidades de la nube AWS para proteger sus datos más valiosos de los ataques cibernéticos y acelerar la restauración de las operaciones.
Ransomware é uma prática maliciosa que tem se popularizado nos últimos anos. Nessa sessão, mostraremos como através da Amazon Web Services nossos clientes podem desenvolver uma estratégia pró-ativa de mitigação a ataques de ransomware, tanto em cenários on-premises como operando na nuvem.
El ransomware es una práctica maliciosa que se ha popularizado en los últimos años. En esta sesión les mostraremos cómo desde Amazon Web Services nuestros clientes pueden desarrollar una estrategia proactiva de mitigación frente a ataques de ransomware, tanto en escenarios on-premises, como operando en la nube.
Al mover datos a la nube, los clientes deben comprender los métodos óptimos para los diferentes casos de uso, los tipos de datos que están moviendo y los recursos disponibles en la red, entre otros. Las soluciones de migración y transferencia de AWS contemplan desde la migración de datos con conectividad limitada, almacenamiento en la nube híbrida, transferencias frecuentes de archivos B2B, hasta transferencias de datos en línea y sin conexión. En esta sesión, le mostramos cómo puede acelerar la migración y transferencia de datos de manera simplificada desde y hacia la nube de AWS.
Ao mover dados para a nuvem, os clientes precisam entender os métodos ideais de movê-los para diferentes casos de uso, os tipos de dados que estão movendo e os recursos de rede disponíveis, entre outras considerações. As soluções de migração e transferência da AWS atendem desde a migração de dados com conectividade limitada, armazenamento em nuvem híbrida, transferências frequentes de arquivos B2B até transferências de dados online e offline. Nessa sessão, mostraremos como você pode simplificar e acelerar sua migração e transferência de dados de e para a nuvem AWS.
El almacenamiento de archivos tiene diversos casos de uso; como directorios de usuarios, datos de aplicaciones, archivos multimedia y almacenamiento compartido para cargas de trabajo de alto rendimiento. La administración del almacenamiento de archivos en instalaciones propias suele ser un trabajo pesado, indiferenciado, con altos costos de adquisición, carga operativa para configurar y administra, lo que conlleva a desafíos de escalabilidad. En esta sesión, le mostramos cómo puede aprovechar las soluciones de archivos totalmente administradas de AWS para dejar de preocuparse por la sobrecarga administrativa de configurar, proteger, mantener y realizar copias de seguridad de su infraestructura de archivos.
La visualización de datos analíticos es un reto al que se enfrentan muchas organizaciones, el poder crear tableros, alertas, agregar predicciones a sus datos y actuar de acuerdo a estas de manera rápida es una necesidad de todos los negocios actuales. Únase a nuestros arquitectos para aprender como Amazon QuickSight le permite agregar inteligencia de negocios a sus aplicaciones y crear predicciones a futuro de sus datos. Amazon QuickSight es un servicio de inteligencia de negocios escalable y serverless creado para la nube, a través del cual podrá explotar sus datos de negocio para convertirlos en insights para hacer decisiones informadas sobre su negocio sin preocuparse de la gestión, escalamiento y la disponibilidad de la infraestructura de cómputo.
A visualização de dados é um desafio que muitas organizações enfrentam hoje. Criar dashboards, alertas, fazer previsões e agir rapidamente de acordo com os insights dos dados é uma necessidade de todas as empresas. Junte-se aos nossos arquitetos para aprender como o Amazon QuickSight o ajudará a adicionar BI aos seus aplicativos. O Amazon Quicksight é um serviço de BI escalável e serverless criado para a nuvem. Com ele, você pode explorar seus dados para obter insights e tomar decisões embasadas em seus negócios, sem se preocupar em gerenciar e dimensionar servidores e manter a disponibilidade de sua infraestrutura.
Executar projetos de Big Data nunca foi tão simples. Com a AWS, você pode executar Hadoop, Spark, Hive, Flink e frameworks semelhantes de maneira mais rápida e econômica. Neste webinar, você aprenderá como melhorar o desempenho do processamento de seus dados e reduzir custos, especialmente quando comparado a um ambiente on-premises.
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
Let's dive deeper into the world of ODC! Ricardo Alves (OutSystems) will join us to tell all about the new Data Fabric. After that, Sezen de Bruijn (OutSystems) will get into the details on how to best design a sturdy architecture within ODC.
Se você não tem um check list de controle de segurança, escolha algum, como por exemplo o ISO ou o NIST, ou Central for Internet Security, Security Controls…
Pensando em metodologia ágil, temos sprints semanais…
IAM: não esquecer de falar Federação
Infra: WAF, SG, Route Tables, ACLs,
Data protection: Encryption in transit and at rest
Response plans e procedures: alarmes, monitoramento, notificações
Monitoramento de credenciais -> veja se estão usando
Se você está usando roles, você já está usando credenciais temporárias via STS (security token service)
GuardDuty: free-tier; VPC Flow logs, DNS logs, Cloud Trail logs
Cloudwatch logs and alerts
SIEM: Security Information and Event Management
Marketplace
Inspector
OWASP (open source): Open Web Application Security Project