Developers can discover, learn about, and get access to APIs through SDKs and samples to build applications. API publishers can abstract, secure, manage the lifecycle of, monitor, and monetize their APIs. Azure API Management acts as a gateway and mediator between developers and publishers.
The Cloud promises - Global Azure Bootcamp Paris 2019Alex Danvy
The Cloud promises.
Keynote of the Global Azure Bootcamp 2019 in Paris on April 27th.
The cloud promises of lot of benefit (AI everywhere, IAAS replacement with PAAS) but also some side effects (IT jobs at risk). I took a look back and gave some perspectives.
aOS Monaco 2019 - A7 - Sécurisez votre SI et vos services Office 365 partie 2...aOS Community
This document discusses Microsoft threat protection services, including Azure Advanced Threat Protection (AATP), Azure Security Center, and Azure Sentinel. It provides an overview of how each service detects and protects against threats. AATP monitors user behavior and activities to detect compromised identities and insider threats. Azure Security Center continuously assesses security state, manages policies and compliance, and provides recommendations to optimize security. Azure Sentinel provides log analytics and security automation across data sources to detect threats and support investigations.
aOS Monaco 2019 - B1 - Construire son infrastructure sur Azure un jeu d'enfan...aOS Community
This document discusses building infrastructure on Azure using templates and provides resources for doing so. It begins with an introduction and thanks to sponsors. It then provides links to useful Azure Resource Manager templates and documentation. It discusses exporting templates from the Azure portal and deploying templates at the subscription, resource group, and resource level. It also covers using ARM functions like copy and condition in templates as well as user-defined functions and outputs. Finally, it discusses automating template deployments from Azure DevOps.
This document discusses various methods for securing a WordPress site, including updating plugins and themes regularly, using strong credentials, limiting login attempts, installing security plugins, implementing two-factor authentication, scanning for malware, restricting admin access by IP address, optimizing database security, and using caching plugins to improve page speed. The document emphasizes the importance of security for protecting site visitors and reducing costs and outlines both basic and advanced security measures to lock down a WordPress site.
The document discusses getting started with Azure AI tools and services. It provides an overview of Azure AI platforms including tools for knowledge mining, machine learning, and AI apps and agents. It then discusses how to use these tools through demos of the Azure Bot Service, LINE chat integration, Computer Vision API, and Cognitive Services APIs. Tutorial links are also provided.
DevSecOps, or SecDevOps has the ambitious goal of integrating development, security and operations teams together, encouraging faster decision making and reducing issue resolution times. This session will cover the current state of DevOps, how DevSecOps can help, integration pathways between teams and how to reduce fear, uncertainty and doubt. We will look at how to move to security as code, and integrating security into our infrastructure and software deployment processes.
WSO2Con EU 2016: Securing APIs: How, What, Why, WhenWSO2
Businesses today are rapidly moving from being service enabled to being API enabled. Moving into the world of APIs brings with it its own set of complexities and challenges that are tough to tackle. API security is a key area to be focusing your engineering efforts on. This talk will focus on various security protocols that are available and on leveraging the extensive feature set and extensible nature of the WSO2 platform to secure your APIs.
Developers can discover, learn about, and get access to APIs through SDKs and samples to build applications. API publishers can abstract, secure, manage the lifecycle of, monitor, and monetize their APIs. Azure API Management acts as a gateway and mediator between developers and publishers.
The Cloud promises - Global Azure Bootcamp Paris 2019Alex Danvy
The Cloud promises.
Keynote of the Global Azure Bootcamp 2019 in Paris on April 27th.
The cloud promises of lot of benefit (AI everywhere, IAAS replacement with PAAS) but also some side effects (IT jobs at risk). I took a look back and gave some perspectives.
aOS Monaco 2019 - A7 - Sécurisez votre SI et vos services Office 365 partie 2...aOS Community
This document discusses Microsoft threat protection services, including Azure Advanced Threat Protection (AATP), Azure Security Center, and Azure Sentinel. It provides an overview of how each service detects and protects against threats. AATP monitors user behavior and activities to detect compromised identities and insider threats. Azure Security Center continuously assesses security state, manages policies and compliance, and provides recommendations to optimize security. Azure Sentinel provides log analytics and security automation across data sources to detect threats and support investigations.
aOS Monaco 2019 - B1 - Construire son infrastructure sur Azure un jeu d'enfan...aOS Community
This document discusses building infrastructure on Azure using templates and provides resources for doing so. It begins with an introduction and thanks to sponsors. It then provides links to useful Azure Resource Manager templates and documentation. It discusses exporting templates from the Azure portal and deploying templates at the subscription, resource group, and resource level. It also covers using ARM functions like copy and condition in templates as well as user-defined functions and outputs. Finally, it discusses automating template deployments from Azure DevOps.
This document discusses various methods for securing a WordPress site, including updating plugins and themes regularly, using strong credentials, limiting login attempts, installing security plugins, implementing two-factor authentication, scanning for malware, restricting admin access by IP address, optimizing database security, and using caching plugins to improve page speed. The document emphasizes the importance of security for protecting site visitors and reducing costs and outlines both basic and advanced security measures to lock down a WordPress site.
The document discusses getting started with Azure AI tools and services. It provides an overview of Azure AI platforms including tools for knowledge mining, machine learning, and AI apps and agents. It then discusses how to use these tools through demos of the Azure Bot Service, LINE chat integration, Computer Vision API, and Cognitive Services APIs. Tutorial links are also provided.
DevSecOps, or SecDevOps has the ambitious goal of integrating development, security and operations teams together, encouraging faster decision making and reducing issue resolution times. This session will cover the current state of DevOps, how DevSecOps can help, integration pathways between teams and how to reduce fear, uncertainty and doubt. We will look at how to move to security as code, and integrating security into our infrastructure and software deployment processes.
WSO2Con EU 2016: Securing APIs: How, What, Why, WhenWSO2
Businesses today are rapidly moving from being service enabled to being API enabled. Moving into the world of APIs brings with it its own set of complexities and challenges that are tough to tackle. API security is a key area to be focusing your engineering efforts on. This talk will focus on various security protocols that are available and on leveraging the extensive feature set and extensible nature of the WSO2 platform to secure your APIs.
UpdateConf 2018: Top 18 Azure security fails and how to avoid themKarl Ots
As presented on 22th of November 2018 in Prague.
Karl Ots has assessed the security of over 100 Azure solutions. He has found that there are 18 security pitfalls that are common across all industry verticals and company sizes. In this session, he will share what these security pitfalls are, why do they matter and how to mitigate them.
Top 18 azure security fails and how to avoid themKarl Ots
As presented in CloudBrew conference in Mechelen, Belgium on 13th of October 2018.
Karl Ots has assessed the security of over 100 Azure solutions. He has found that there are 18 security pitfalls that are common across all industry verticals and company sizes. In this session, he will share what these security pitfalls are, why do they matter and how to mitigate them.
Assume breach, layered security in Azure tested and explainedMartyn Coupland
Learn how to add your security to your Microsoft Azure infrastructure and platforms to keep your organization secure from today's threats. In this session we will explore the security options available in Azure fabric components, platform as a service components and virtual machines.
This document discusses DevOps practices in the cloud, including continuous deployment using Visual Studio Online and Azure Websites for deploying code changes automatically. It also covers monitoring web applications with Application Insights for performance monitoring and load testing web apps. Different cloud platforms like IaaS, PaaS websites, and PaaS cloud services are mentioned.
On this webinar, AWS Solution Architect Mike Deck joined PureSec CTO, Ory Segal, to go in-depth on Lambda Security. Mike explained how Lambda works under the hood and went through the AWS Lambda Security Best Practices. Ory then went through the best practices for securing serverless applications.
Why Protection From DDoS Attacks is Critical For Your BusinessWP Engine
DDoS attacks are getting smarter and more frequent and we are hearing about a resurgence in ransom-driven threats. If your site is attacked, your business and your customers can suffer. This is why at WP Engine we are committed to delivering enterprise grade security to our customers and have embedded security best-practices throughout all of our products and services. In this session, you will hear from Casey Raim, Product Manager, Michael Smith, Senior Technical Architect and Sarah Wells, Product Marketing Manager all from WP Engine about what we deliver to our customers and best practices for what you can do to ensure that your site (regardless of where you are hosting) is the most secure.
This document promotes Azure CDN and accelerated availability and performance. It is sponsored by Abhimanyu Kumar Vatsa, a Microsoft MVP who works at Knorish Frameworks. The document encourages readers to always review case studies before using Azure CDN and provides contact information for the sponsor through various social media platforms.
The AWS platform offers a rich set of capabilities that can be leveraged by the customer to better control applications state, configuration, and supporting infrastructure throughout the service lifecycle – all while operating with security best practices such as audit and accountability, access control, change review and governance, and systems integrity. We will showcase and discuss design patterns for using these capabilities in synergy with fast-paced and agile application development methodologies – such as DevOps – to achieve an integrated security operations program.
The document discusses some of the challenges of practicing Site Reliability Engineering (SRE) on AWS. It notes that with over 200 AWS services and frequent updates, it can be difficult to keep up with the changing optimal solutions. When implementing service level indicators (SLI) and service level objectives (SLO) to measure reliability, the many AWS services need to be considered to determine how to define and measure the SLI metrics. The document also emphasizes that while SRE practices like SLOs are important, not all companies need to implement everything described in the SRE book from the start, as Google-scale reliability may not initially be required for all services and businesses.
Global Azure Bootcamp - Azure Logic Apps in practice by Praveen NairPraveen Nair
This document summarizes Azure Logic Apps, which allows users to build automated workflows or "flows" between various services and platforms without having to manage infrastructure. It discusses the use cases for Logic Apps, how they provide a serverless environment in Azure, and compares Logic Apps to other workflow tools like PowerApps, WebJobs, and Functions. The document also provides pricing details for Logic Apps and outlines how users can develop and deploy Logic App workflows.
Top Azure security fails and how to avoid themKarl Ots
The document discusses top Azure security fails and how to avoid them. It begins by introducing the speaker and their experience with Azure security. It then covers common security controls in Azure and the concept of role-based access control (RBAC). The document identifies seven common security fails including giving all users owner permissions, overprivileged service principals, untrusted authentication providers, unprotected public endpoints, misused storage access keys, lack of monitoring and alerting, and missing virtual machine updates. It demonstrates how to avoid these fails using tools like Azure Security Center and the Secure DevOps kit for Azure.
AWS Paris Summit 2014 - Keynote Stephen Schmidt - AWS SecurityAmazon Web Services
The document discusses security on AWS and how AWS provides more visibility, auditability and control over security compared to traditional data centers. It highlights AWS security capabilities like IAM, encryption, monitoring with CloudTrail and provides customer examples like NASA and Axway who say AWS improves their security posture. The document emphasizes that security is a shared responsibility with AWS providing secure infrastructure and customers choosing security best practices for their workloads.
Microsoft hosted its annual developer conference called Build from May 6-8, 2019 in Seattle. The conference covered a wide range of topics including Azure, AI, Kubernetes, serverless computing, containers and more. Hirosuke Hiraoka from Microsoft Japan gave a talk on using various Azure services like App Service, Functions, and Kubernetes. The document also shared several links to resources from Build including session videos, blog posts, and announcements about new Azure features.
Securing AWS environments by Ankit GiriOWASP Delhi
This document provides an overview of securing environments in AWS. It discusses IAM users and roles for access management. It also covers security groups for network access control and S3 bucket policies for object storage permissions. Best practices are presented for protecting the AWS account from unauthorized access, including disabling root access, enforcing MFA, granting least privilege, and regularly changing keys. In-house tools are also mentioned like an audit script and using hardened AMIs from CIS benchmarks.
Infrastructure Saturday - Level Up to DevSecOpskieranjacobsen
DevSecOps, or SecDevOps has the ambitious goal of integrating development, security and operations teams together, encouraging faster decision making and reducing issue resolution times. This session will cover the current state of DevOps, how DevSecOps can help, integration pathways between teams and how to reduce fear, uncertainty and doubt. We will look at how to move to security as code, and integrating security into our infrastructure and software deployment processes.
How do you protect a hybrid PaaS-IaaS solution, built entirely in the cloud?Lorenzo Barbieri
Security can be applied at various levels. We’ll see the adventure of two friends building a web solution, but one of them is trying to sabotage from the inside. We’ll see if the loyal friend will succeed in protecting all the work, and how the solution should evolve to be more secure!
UpdateConf 2018: Top 18 Azure security fails and how to avoid themKarl Ots
As presented on 22th of November 2018 in Prague.
Karl Ots has assessed the security of over 100 Azure solutions. He has found that there are 18 security pitfalls that are common across all industry verticals and company sizes. In this session, he will share what these security pitfalls are, why do they matter and how to mitigate them.
Top 18 azure security fails and how to avoid themKarl Ots
As presented in CloudBrew conference in Mechelen, Belgium on 13th of October 2018.
Karl Ots has assessed the security of over 100 Azure solutions. He has found that there are 18 security pitfalls that are common across all industry verticals and company sizes. In this session, he will share what these security pitfalls are, why do they matter and how to mitigate them.
Assume breach, layered security in Azure tested and explainedMartyn Coupland
Learn how to add your security to your Microsoft Azure infrastructure and platforms to keep your organization secure from today's threats. In this session we will explore the security options available in Azure fabric components, platform as a service components and virtual machines.
This document discusses DevOps practices in the cloud, including continuous deployment using Visual Studio Online and Azure Websites for deploying code changes automatically. It also covers monitoring web applications with Application Insights for performance monitoring and load testing web apps. Different cloud platforms like IaaS, PaaS websites, and PaaS cloud services are mentioned.
On this webinar, AWS Solution Architect Mike Deck joined PureSec CTO, Ory Segal, to go in-depth on Lambda Security. Mike explained how Lambda works under the hood and went through the AWS Lambda Security Best Practices. Ory then went through the best practices for securing serverless applications.
Why Protection From DDoS Attacks is Critical For Your BusinessWP Engine
DDoS attacks are getting smarter and more frequent and we are hearing about a resurgence in ransom-driven threats. If your site is attacked, your business and your customers can suffer. This is why at WP Engine we are committed to delivering enterprise grade security to our customers and have embedded security best-practices throughout all of our products and services. In this session, you will hear from Casey Raim, Product Manager, Michael Smith, Senior Technical Architect and Sarah Wells, Product Marketing Manager all from WP Engine about what we deliver to our customers and best practices for what you can do to ensure that your site (regardless of where you are hosting) is the most secure.
This document promotes Azure CDN and accelerated availability and performance. It is sponsored by Abhimanyu Kumar Vatsa, a Microsoft MVP who works at Knorish Frameworks. The document encourages readers to always review case studies before using Azure CDN and provides contact information for the sponsor through various social media platforms.
The AWS platform offers a rich set of capabilities that can be leveraged by the customer to better control applications state, configuration, and supporting infrastructure throughout the service lifecycle – all while operating with security best practices such as audit and accountability, access control, change review and governance, and systems integrity. We will showcase and discuss design patterns for using these capabilities in synergy with fast-paced and agile application development methodologies – such as DevOps – to achieve an integrated security operations program.
The document discusses some of the challenges of practicing Site Reliability Engineering (SRE) on AWS. It notes that with over 200 AWS services and frequent updates, it can be difficult to keep up with the changing optimal solutions. When implementing service level indicators (SLI) and service level objectives (SLO) to measure reliability, the many AWS services need to be considered to determine how to define and measure the SLI metrics. The document also emphasizes that while SRE practices like SLOs are important, not all companies need to implement everything described in the SRE book from the start, as Google-scale reliability may not initially be required for all services and businesses.
Global Azure Bootcamp - Azure Logic Apps in practice by Praveen NairPraveen Nair
This document summarizes Azure Logic Apps, which allows users to build automated workflows or "flows" between various services and platforms without having to manage infrastructure. It discusses the use cases for Logic Apps, how they provide a serverless environment in Azure, and compares Logic Apps to other workflow tools like PowerApps, WebJobs, and Functions. The document also provides pricing details for Logic Apps and outlines how users can develop and deploy Logic App workflows.
Top Azure security fails and how to avoid themKarl Ots
The document discusses top Azure security fails and how to avoid them. It begins by introducing the speaker and their experience with Azure security. It then covers common security controls in Azure and the concept of role-based access control (RBAC). The document identifies seven common security fails including giving all users owner permissions, overprivileged service principals, untrusted authentication providers, unprotected public endpoints, misused storage access keys, lack of monitoring and alerting, and missing virtual machine updates. It demonstrates how to avoid these fails using tools like Azure Security Center and the Secure DevOps kit for Azure.
AWS Paris Summit 2014 - Keynote Stephen Schmidt - AWS SecurityAmazon Web Services
The document discusses security on AWS and how AWS provides more visibility, auditability and control over security compared to traditional data centers. It highlights AWS security capabilities like IAM, encryption, monitoring with CloudTrail and provides customer examples like NASA and Axway who say AWS improves their security posture. The document emphasizes that security is a shared responsibility with AWS providing secure infrastructure and customers choosing security best practices for their workloads.
Microsoft hosted its annual developer conference called Build from May 6-8, 2019 in Seattle. The conference covered a wide range of topics including Azure, AI, Kubernetes, serverless computing, containers and more. Hirosuke Hiraoka from Microsoft Japan gave a talk on using various Azure services like App Service, Functions, and Kubernetes. The document also shared several links to resources from Build including session videos, blog posts, and announcements about new Azure features.
Securing AWS environments by Ankit GiriOWASP Delhi
This document provides an overview of securing environments in AWS. It discusses IAM users and roles for access management. It also covers security groups for network access control and S3 bucket policies for object storage permissions. Best practices are presented for protecting the AWS account from unauthorized access, including disabling root access, enforcing MFA, granting least privilege, and regularly changing keys. In-house tools are also mentioned like an audit script and using hardened AMIs from CIS benchmarks.
Infrastructure Saturday - Level Up to DevSecOpskieranjacobsen
DevSecOps, or SecDevOps has the ambitious goal of integrating development, security and operations teams together, encouraging faster decision making and reducing issue resolution times. This session will cover the current state of DevOps, how DevSecOps can help, integration pathways between teams and how to reduce fear, uncertainty and doubt. We will look at how to move to security as code, and integrating security into our infrastructure and software deployment processes.
How do you protect a hybrid PaaS-IaaS solution, built entirely in the cloud?Lorenzo Barbieri
Security can be applied at various levels. We’ll see the adventure of two friends building a web solution, but one of them is trying to sabotage from the inside. We’ll see if the loyal friend will succeed in protecting all the work, and how the solution should evolve to be more secure!
How do you protect a hybrid PaaS-IaaS solution, built entirely in the cloudLorenzo Barbieri
This document discusses strategies for securing cloud resources and applications from various types of attacks. It outlines five hypothetical "strikes" or attack scenarios and the corresponding mitigation and remediation steps. These include protecting resources with infrastructure as code, role-based access control, monitoring, private endpoints, and key management. The document concludes with a recap of seven golden rules for security and an overview of Microsoft's physical and virtual security controls for the Azure cloud platform.
December 2022 Microsoft 365 Need to Know WebinarRobert Crane
Slides from CIAOPS December 2021 webinar that provided Microsoft 365 news update, open Q & A as well as a focus session on Azure. Video recording is available at www.ciaopsacademy.com
Capture the Cloud with Azure, delivered at Angelbeat @ Arlington VA. Learn how about Azure can help you build cloud solutions with virtual machines, web apps, mobile apps, databases and analytics.
This document discusses three often overlooked capabilities in Azure Active Directory (Azure AD): Azure AD Domain Services, Azure AD App Proxy, and Azure Managed Service Identity.
Azure AD Domain Services allows organizations to set up an Active Directory domain in Azure that can be joined by virtual machines for authentication using Kerberos and NTLM. Azure AD App Proxy enables secure remote access to on-premises web apps by routing traffic through the Azure AD proxy service. Managed Service Identity provides a way for Azure resources like virtual machines to authenticate to Azure services without needing credentials stored in the resource.
Azure Key Vault with a PaaS Architecture and ARM Template DeploymentRoy Kim
This is a presentation I held at a local Azure user group. The session abstract: Azure Key Vault is a tool for securely storing and accessing secrets. We will go through a popular Azure PaaS Architecture pattern using Key Vault to store a password. I will demo and walk through the general configuration of a dedicated Azure Function app, Azure SQL and Key Vault that was deployed with automation. I will then go through fairly advanced techniques and best practices on how to deploy Azure Key Vault and a password secret with ARM templates. Finally, a very brief look at my Azure DevOps Pipeline to deploy the ARM template. You will come away with an understanding of an applied use case of leveraging Azure Key vault for a PaaS solution in better managing a password secret.
This document provides an overview of hybrid cloud scenarios using Microsoft Azure. It discusses using Azure to extend infrastructure to the cloud, processing data in the cloud, and accessing data and applications across cloud and on-premises. It provides examples of hybrid scenarios for infrastructure as a service, platform as a service, development/test, backup/recovery, and enterprise mobility. It also discusses networking options and enhancements for hybrid configurations including virtual networks, gateways, and security groups.
Capture the Cloud with Azure, delivered at Angelbeat @ Arlington VA. Learn how about Azure can help you build cloud solutions with virtual machines, web apps, mobile apps, databases and analytics.
Microsoft Azure Platform-as-a-Service (PaaS)Chris Dufour
Azure is Microsoft’s cloud computing platform made up of a growing collection of integrated services: compute, storage, data, networking and apps.
Azure is the only major cloud platform ranked by Gartner as an industry leader for both Infrastructure-as-a-Service (IaaS) and Platform-as-a-Service (PaaS). This powerful combination of managed and unmanaged services lets you build, deploy and manage applications in any way you like for unmatched productivity.
In this talk we will take a look at Microsoft’s cloud strategy and see how you can leverage PaaS in your environment.
DockerCon SF 2015: Faster, Cheaper, SaferDocker, Inc.
This document discusses how Docker can help organizations achieve faster, cheaper, and safer development and operations. It outlines how Docker enables microservices architectures and continuous delivery for faster development. Using Docker allows consolidating resources for cheaper and more efficient infrastructure. Following security best practices like immutable deployments and role-based access helps ensure safer applications. The document provides examples of how different types of workloads can benefit from Docker in production environments.
Riwut Libinuko is a Microsoft SharePoint Server MVP living in Singapore who has over 10 years of experience in the IT industry. He has a master's degree in computer system engineering and enjoys coding, robotics, and food. Some of his projects include creating a PBX using a Raspberry Pi and Sipura 3102. He is an active contributor on forums and open source projects. The presentation discusses application virtualization strategies on the Microsoft Azure platform, providing an overview of Remote Desktop Services and Azure RemoteApp. It covers how to set up and manage RemoteApp collections, including publishing applications, managing users, and creating custom images.
The document discusses Microsoft Azure cloud services for solution architects, providing an overview of Platform as a Service (PaaS) and Infrastructure as a Service (IaaS) offerings, how to design for scalability and performance, and the importance of using proof of concepts to identify architectural risks early in the design process. It also emphasizes how the agility of Azure allows for rapidly prototyping solutions through a mix of PaaS and IaaS.
This document provides an overview of migrating applications and workloads to the Microsoft Azure cloud platform. It discusses Ethos, a Microsoft preferred cloud computing partner, and some of their case studies helping companies migrate to Azure. Specific topics covered include SQL Azure, design considerations, performance, security best practices, migration approaches, and tools to help with the process.
Azure en Nutanix: your journey to the hybrid cloudICT-Partners
Op zoek naar oplossingen voor een flexibel, schaalbaar, kostenefficiënt en toekomstvast datacenter? Ontdek dan nu de kracht van Microsoft Azure & Nutanix: twee moderne platformen waarmee u de voordelen van uw on-premise infrastructuur kunt combineren met de voordelen van de public cloud.
Presentatie van 30 april 2015
Cloud Reference Architecture - Part 1 FoundationAmmar Hasayen
This presentation covers a practical approach for adopting and migrating on premises systems and applications to the Public Cloud. Based on a clear migration master plan, it helps companies and enterprises to be prepared for Cloud computing, what and how to successfully migrate or deploy systems on Cloud, preparing your IT organization with a sound Cloud Governance model, Security in the Cloud and how to reach the benefits of Cloud computing by automation and optimizing your cost and workloads.
Many organizations still make some incorrect assumptions while implementing the cloud.
While cloud certainly provides the capability of High Availability, High Scalability, Disaster Recovery. These cannot be assumed to be available by default.. Each enterprise will need to specifically design and architect for the same. However..
Do all applications including non-critical ones need an Active-Active DR? No
Do all applications need to scale to millions of users? No
Do all applications have the same performance requirements? Hope Not. .
Should all applications be designed as Micro-Services? Not necessarily
Do all applications need to be deployed across multiple regions? Absolutely Not
Do all applications need to be architected as SAAS, multi-tenanted applications? Certainly Not
What is the right WEB APPLICATION ARCHITECTURE in the CLOUD?
Similar to Azure Security: How to protect a hybrid PaaS-IaaS solution built entirely in the cloud (20)
Microsoft Ignite Milan: Copilot Adoption In ItalyLorenzo Barbieri
The document discusses Microsoft's AI assistant Copilot and its various applications. It outlines Copilot's capabilities across web, productivity, business, analytics, security, development, and Azure administration domains. It then discusses security and information protection of commercial data with Copilot in Italy along with licensing, Office versions, and handling pressure through imagination. It ends by providing a link to an Azure meetup in Milan and the author's contact details.
Can Santa Cloud survive the Generative AI revolution?Lorenzo Barbieri
This document discusses how Santa Cloud, Santa Claus' cloud computing business, could be impacted by generative AI technology. It notes that Santa's data collection practices may violate GDPR regulations. It then proposes adopting a new identity called Leonardo.Ai and using generative AI tools like Copilot to create content such as songs, videos, and voices. The document suggests both opportunities and risks of generative AI, and calls for human and AI collaboration to create a better future. It concludes by wishing readers a merry Christmas and happy new year.
Want to learn how to use OpenAI language models, including GPT-4, GPT-35-Turbo, and Embedings, to create innovative and smart applications? Join this event and learn how Azure OpenAI gives you access to the world’s most advanced language models with a simple interface and optimal scalability. You’ll see how to use Azure OpenAI Studio to explore and optimize models, and how to integrate them into your code.
Working remotely can present many challenges for programming and development teams. Luckily, there are several tools for remote software developers that can overcome these obstacles to keep collaboration and productivity high and costs and problems low.
We will discuss about:
• GitHub Copilot
• Microsoft Dev Box
• GitHub Codespaces
• Visual Studio Live Share
• Azure DevTest Labs
Personal Branding for Developers @ PyCon Italy 2023Lorenzo Barbieri
This document provides tips for developers to build their personal brand. It emphasizes that developers should focus on developing expertise in their field and understanding their audience. A personal brand is more than certifications or awards and should be defined by how one shares their knowledge with others. The document recommends blogging, speaking, writing, and participating in communities as ways to develop a personal brand and stand out in the market. Developers are encouraged to maintain brand consistency across platforms and regularly share valuable content with others.
The document provides tips and advice for effective public speaking. It emphasizes telling stories over self-introductions to engage audiences, rehearsing to feel comfortable, using power poses to manage nerves, adapting presentations for cultural differences, managing time effectively, and ensuring diversity and inclusion in speaker selections and language. The overall message is that public speaking is a learnable skill and speakers should focus on sharing value with audiences through well-prepared stories and conversations.
This document compares and contrasts Azure DevOps and GitHub for software development. It outlines that both can be used for cloud or on-premises projects and have different paid tiers. It also describes that partners can work with GitHub directly or through the Microsoft partner program. Key features of GitHub like issues, projects, discussions, codespaces, and actions are summarized. It emphasizes that Azure DevOps and GitHub can be used together for development.
Codemotion DevCast: App Modernization in the CloudLorenzo Barbieri
This document discusses app modernization and how moving applications to the cloud on Azure can provide benefits. It outlines the app modernization continuum from refactoring existing applications to rebuilding new serverless applications. Key techniques discussed are containers, microservices, and serverless computing. Containers can help with modernization by allowing existing applications to lift and shift to containers for improved scalability. Microservices and serverless options further improve agility, productivity and operational efficiency. The document emphasizes that Azure supports a hybrid cloud approach and provides services for infrastructure, platforms and serverless applications.
Azure Academyadi: Introduction to GitHub and AzureDevOpsLorenzo Barbieri
This document summarizes Azure DevOps and GitHub integration capabilities. It notes that Azure DevOps is Microsoft's internal DevOps tool used by over 90,000 employees, processing high volumes of code commits, builds, work items, and tests each month. It then outlines how Azure DevOps integrates with GitHub to enable continuous delivery across the development lifecycle from planning to deployment. Features like dependency tracking, automated security alerts, and secret scanning are highlighted. Resources for learning more about Azure DevOps, DevOps practices, and trunk-based development are also provided.
Slides (in English, only the first one in Italian) from my session at .NET Conf 2020 (https://dotnetconf.it/) about Kubernetes (AKS) versus Azure App Service for .NET Developers
The document provides tips for developers on personal branding, including knowing your audience and niche, being consistent in writing and speaking engagements, using multiple platforms like blogs, social media, and communities to engage others, and always including contact details and a clear call to action. Personal branding is about going beyond certifications and focusing on providing value to others through content, demos, and being part of the community. It is important to focus efforts using the Pareto principle and time management.
The document provides tips for preparing an effective pitch presentation. It recommends starting with the value proposition and telling a story that shows value. Presenters should ask a question that reveals value and explain why they are there beyond just their title. It also advises to memorize only the beginning and end of the presentation and to think about accessibility. Presenters are encouraged to find stories from sources like Dilbert comics and Wikipedia.
The document discusses different cloud computing technologies including IaaS, CaaS, PaaS, and FaaS. IaaS provides virtual machines and infrastructure hosting. CaaS focuses on container platforms like Kubernetes. PaaS offers application platforms like Azure App Service. FaaS enables serverless computing through functions and logic apps that scale to zero. The document then discusses advantages of Kubernetes and containers for portability, density, and rapid scaling of applications.
This document discusses how to create accessible PowerPoint presentations. It provides tips on using high color contrast, adding alternative text descriptions, choosing accessible slide layouts and text blocks, and checking the reading order. Additional recommendations include using captions and audio descriptions for videos, running the Accessibility Checker, and speaking at an appropriate pace while distributing needed materials for accessibility during presentations.
Kubernetes VS. App Service: When the orchestrator challenges the platformLorenzo Barbieri
The document discusses Kubernetes and how it can be used with Azure to deploy and manage containerized applications. It provides an overview of Kubernetes and how it works, then discusses how Azure services like Azure Kubernetes Service (AKS) can simplify tasks like provisioning clusters, upgrading, scaling, and providing additional capabilities for development, deployment, security and management without having to manage the underlying infrastructure.
Public Speaking For Geeks: Work from Home Edition!Lorenzo Barbieri
Speaking in public is not easy, especially for geeks, that tend to be too technical, or too shy, or too something...
Speaking in public REMOTELY is even worse.
In this session, we'll start with some basic tips, and we'll see how to dramatically improve our results using well-defined techniques.
Public speaking skills are not useful to conference speakers only, and everybody needs to improve them, especially geeks working from home!
Public Speaking for Geeks @ MS Ignite The Tour MilanLorenzo Barbieri
The new version of the "world-famous" Public Speaking for Geeks session. This is the version I did at Microsoft Ignite The Tour in Milan, with a lot of fresh content, including diversity & inclusion topics.
In the rapidly evolving landscape of technologies, XML continues to play a vital role in structuring, storing, and transporting data across diverse systems. The recent advancements in artificial intelligence (AI) present new methodologies for enhancing XML development workflows, introducing efficiency, automation, and intelligent capabilities. This presentation will outline the scope and perspective of utilizing AI in XML development. The potential benefits and the possible pitfalls will be highlighted, providing a balanced view of the subject.
We will explore the capabilities of AI in understanding XML markup languages and autonomously creating structured XML content. Additionally, we will examine the capacity of AI to enrich plain text with appropriate XML markup. Practical examples and methodological guidelines will be provided to elucidate how AI can be effectively prompted to interpret and generate accurate XML markup.
Further emphasis will be placed on the role of AI in developing XSLT, or schemas such as XSD and Schematron. We will address the techniques and strategies adopted to create prompts for generating code, explaining code, or refactoring the code, and the results achieved.
The discussion will extend to how AI can be used to transform XML content. In particular, the focus will be on the use of AI XPath extension functions in XSLT, Schematron, Schematron Quick Fixes, or for XML content refactoring.
The presentation aims to deliver a comprehensive overview of AI usage in XML development, providing attendees with the necessary knowledge to make informed decisions. Whether you’re at the early stages of adopting AI or considering integrating it in advanced XML development, this presentation will cover all levels of expertise.
By highlighting the potential advantages and challenges of integrating AI with XML development tools and languages, the presentation seeks to inspire thoughtful conversation around the future of XML development. We’ll not only delve into the technical aspects of AI-powered XML development but also discuss practical implications and possible future directions.
Fueling AI with Great Data with Airbyte WebinarZilliz
This talk will focus on how to collect data from a variety of sources, leveraging this data for RAG and other GenAI use cases, and finally charting your course to productionalization.
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slackshyamraj55
Discover the seamless integration of RPA (Robotic Process Automation), COMPOSER, and APM with AWS IDP enhanced with Slack notifications. Explore how these technologies converge to streamline workflows, optimize performance, and ensure secure access, all while leveraging the power of AWS IDP and real-time communication via Slack notifications.
HCL Notes and Domino License Cost Reduction in the World of DLAUpanagenda
Webinar Recording: https://www.panagenda.com/webinars/hcl-notes-and-domino-license-cost-reduction-in-the-world-of-dlau/
The introduction of DLAU and the CCB & CCX licensing model caused quite a stir in the HCL community. As a Notes and Domino customer, you may have faced challenges with unexpected user counts and license costs. You probably have questions on how this new licensing approach works and how to benefit from it. Most importantly, you likely have budget constraints and want to save money where possible. Don’t worry, we can help with all of this!
We’ll show you how to fix common misconfigurations that cause higher-than-expected user counts, and how to identify accounts which you can deactivate to save money. There are also frequent patterns that can cause unnecessary cost, like using a person document instead of a mail-in for shared mailboxes. We’ll provide examples and solutions for those as well. And naturally we’ll explain the new licensing model.
Join HCL Ambassador Marc Thomas in this webinar with a special guest appearance from Franz Walder. It will give you the tools and know-how to stay on top of what is going on with Domino licensing. You will be able lower your cost through an optimized configuration and keep it low going forward.
These topics will be covered
- Reducing license cost by finding and fixing misconfigurations and superfluous accounts
- How do CCB and CCX licenses really work?
- Understanding the DLAU tool and how to best utilize it
- Tips for common problem areas, like team mailboxes, functional/test users, etc
- Practical examples and best practices to implement right away
OpenID AuthZEN Interop Read Out - AuthorizationDavid Brossard
During Identiverse 2024 and EIC 2024, members of the OpenID AuthZEN WG got together and demoed their authorization endpoints conforming to the AuthZEN API
How to Get CNIC Information System with Paksim Ga.pptxdanishmna97
Pakdata Cf is a groundbreaking system designed to streamline and facilitate access to CNIC information. This innovative platform leverages advanced technology to provide users with efficient and secure access to their CNIC details.
Programming Foundation Models with DSPy - Meetup SlidesZilliz
Prompting language models is hard, while programming language models is easy. In this talk, I will discuss the state-of-the-art framework DSPy for programming foundation models with its powerful optimizers and runtime constraint system.
Have you ever been confused by the myriad of choices offered by AWS for hosting a website or an API?
Lambda, Elastic Beanstalk, Lightsail, Amplify, S3 (and more!) can each host websites + APIs. But which one should we choose?
Which one is cheapest? Which one is fastest? Which one will scale to meet our needs?
Join me in this session as we dive into each AWS hosting service to determine which one is best for your scenario and explain why!
GraphRAG for Life Science to increase LLM accuracyTomaz Bratanic
GraphRAG for life science domain, where you retriever information from biomedical knowledge graphs using LLMs to increase the accuracy and performance of generated answers
AI 101: An Introduction to the Basics and Impact of Artificial IntelligenceIndexBug
Imagine a world where machines not only perform tasks but also learn, adapt, and make decisions. This is the promise of Artificial Intelligence (AI), a technology that's not just enhancing our lives but revolutionizing entire industries.
Driving Business Innovation: Latest Generative AI Advancements & Success StorySafe Software
Are you ready to revolutionize how you handle data? Join us for a webinar where we’ll bring you up to speed with the latest advancements in Generative AI technology and discover how leveraging FME with tools from giants like Google Gemini, Amazon, and Microsoft OpenAI can supercharge your workflow efficiency.
During the hour, we’ll take you through:
Guest Speaker Segment with Hannah Barrington: Dive into the world of dynamic real estate marketing with Hannah, the Marketing Manager at Workspace Group. Hear firsthand how their team generates engaging descriptions for thousands of office units by integrating diverse data sources—from PDF floorplans to web pages—using FME transformers, like OpenAIVisionConnector and AnthropicVisionConnector. This use case will show you how GenAI can streamline content creation for marketing across the board.
Ollama Use Case: Learn how Scenario Specialist Dmitri Bagh has utilized Ollama within FME to input data, create custom models, and enhance security protocols. This segment will include demos to illustrate the full capabilities of FME in AI-driven processes.
Custom AI Models: Discover how to leverage FME to build personalized AI models using your data. Whether it’s populating a model with local data for added security or integrating public AI tools, find out how FME facilitates a versatile and secure approach to AI.
We’ll wrap up with a live Q&A session where you can engage with our experts on your specific use cases, and learn more about optimizing your data workflows with AI.
This webinar is ideal for professionals seeking to harness the power of AI within their data management systems while ensuring high levels of customization and security. Whether you're a novice or an expert, gain actionable insights and strategies to elevate your data processes. Join us to see how FME and AI can revolutionize how you work with data!
Things to Consider When Choosing a Website Developer for your Website | FODUUFODUU
Choosing the right website developer is crucial for your business. This article covers essential factors to consider, including experience, portfolio, technical skills, communication, pricing, reputation & reviews, cost and budget considerations and post-launch support. Make an informed decision to ensure your website meets your business goals.
Building Production Ready Search Pipelines with Spark and MilvusZilliz
Spark is the widely used ETL tool for processing, indexing and ingesting data to serving stack for search. Milvus is the production-ready open-source vector database. In this talk we will show how to use Spark to process unstructured data to extract vector representations, and push the vectors to Milvus vector database for search serving.
In his public lecture, Christian Timmerer provides insights into the fascinating history of video streaming, starting from its humble beginnings before YouTube to the groundbreaking technologies that now dominate platforms like Netflix and ORF ON. Timmerer also presents provocative contributions of his own that have significantly influenced the industry. He concludes by looking at future challenges and invites the audience to join in a discussion.
Monitoring and Managing Anomaly Detection on OpenShift.pdfTosin Akinosho
Monitoring and Managing Anomaly Detection on OpenShift
Overview
Dive into the world of anomaly detection on edge devices with our comprehensive hands-on tutorial. This SlideShare presentation will guide you through the entire process, from data collection and model training to edge deployment and real-time monitoring. Perfect for those looking to implement robust anomaly detection systems on resource-constrained IoT/edge devices.
Key Topics Covered
1. Introduction to Anomaly Detection
- Understand the fundamentals of anomaly detection and its importance in identifying unusual behavior or failures in systems.
2. Understanding Edge (IoT)
- Learn about edge computing and IoT, and how they enable real-time data processing and decision-making at the source.
3. What is ArgoCD?
- Discover ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes, and its role in deploying applications on edge devices.
4. Deployment Using ArgoCD for Edge Devices
- Step-by-step guide on deploying anomaly detection models on edge devices using ArgoCD.
5. Introduction to Apache Kafka and S3
- Explore Apache Kafka for real-time data streaming and Amazon S3 for scalable storage solutions.
6. Viewing Kafka Messages in the Data Lake
- Learn how to view and analyze Kafka messages stored in a data lake for better insights.
7. What is Prometheus?
- Get to know Prometheus, an open-source monitoring and alerting toolkit, and its application in monitoring edge devices.
8. Monitoring Application Metrics with Prometheus
- Detailed instructions on setting up Prometheus to monitor the performance and health of your anomaly detection system.
9. What is Camel K?
- Introduction to Camel K, a lightweight integration framework built on Apache Camel, designed for Kubernetes.
10. Configuring Camel K Integrations for Data Pipelines
- Learn how to configure Camel K for seamless data pipeline integrations in your anomaly detection workflow.
11. What is a Jupyter Notebook?
- Overview of Jupyter Notebooks, an open-source web application for creating and sharing documents with live code, equations, visualizations, and narrative text.
12. Jupyter Notebooks with Code Examples
- Hands-on examples and code snippets in Jupyter Notebooks to help you implement and test anomaly detection models.
Generating privacy-protected synthetic data using Secludy and MilvusZilliz
During this demo, the founders of Secludy will demonstrate how their system utilizes Milvus to store and manipulate embeddings for generating privacy-protected synthetic data. Their approach not only maintains the confidentiality of the original data but also enhances the utility and scalability of LLMs under privacy constraints. Attendees, including machine learning engineers, data scientists, and data managers, will witness first-hand how Secludy's integration with Milvus empowers organizations to harness the power of LLMs securely and efficiently.
2. EVERYTHING STARTS WITH A “GOOD”
ARCHITECTURE
Web UI
Users
Photos URLs
RAW Photos
Thumbnails
Watermarking
Photo resize
RG for
- Dev-Test
- Production
3. 1ST STRIKE
The case of
disappearing
resourcesAttack
one!
Destro
y ‘em
all!
Web UI
Users
Photos URLs
RAW Photos
Thumbnails
Watermarking
Photo resize
RG for
- Dev-Test
- Production
4. MITIGATION
Infrastructure as Code:
• Script & Backup
everything
• ARM & Azure Policy
PaaS safeguards:
o Azure Web App
Undelete
o SQL Point in time
Web UI
Users
Photos URLs
RAW Photos
Thumbnails
Watermarking
Photo resize
RG for
- Dev-Test
- Production
6. 2ND STRIKE
The case of
unexpected
load
Web UI
Users
Photos URLs
RAW Photos
Thumbnails
Watermarking
Photo resize
Attack
two…o…o…
oooo!
$$$
$RG for
- Dev-Test
- Production
7. MITIGATION
o Alert rules and
monitoring
o web.config based IP
restriction
o Functions in App
Service Plan
o GB*s daily quota
o App Service
Diagnostics
Web UI
Users
Photos URLs
RAW Photos
Thumbnails
Watermarking
Photo resize
+web.config
RG for
- Dev-Test
- Production
9. 3RD STRIKE
The case of
data and
storage loss
Web UI
Users
Photos URLs
RAW Photos
Thumbnails
Watermarking
Attack
three!
I know
your
secrets!
Photo resize
+web.config
RG for
- Dev-Test
- Production
10. MITIGATION
o Key rotation
o Least user
privilege (DB)
o Alert
Web UI
Users
Photos URLs
RAW Photos
Thumbnails
Watermarking
Photo resize
+web.config
RG for
- Dev-Test
- Production
11. REMEDIATION
o SQL DB Firewall
o VNET Storage
o Managed Service
Identity
Web UI
Users
Photos URLs
+SQL DB Firewall
RAW Photos
Thumbnails
Watermarking
Photo resize
+web.config
o Handle Disconnect
RG for
- Dev-Test
- Production
12. 4TH STRIKE
The case of
being Gitted
Web UI
Users
Photos URLs
+SQL DB Firewall
RAW Photos
Thumbnails
Watermarking
Fourth
Attack!
Keys
from the
octocat!
Photo resize
+web.config
RG for
- Dev-Test
- Production
13. REMEDIATION
o Move all the keys to
a secure path
o Use Azure Pipeline to
set them before
deployment
o Azure Key Vault
o Managed Service
Identity
Web UI
Users
Photos URLs
+SQL DB Firewall
RAW Photos
Thumbnails
Watermarking
Photo resize
+web.config
?
RG for
- Dev-Test
- Production
14. >_
SSH
5TH STRIKE
The case of
remote
connections
Web UI
Users
Photos URLs
+SQL DB Firewall
RAW Photos
Thumbnails
Watermarking
Remote
Attack!
Photo resize
+web.config
>_
SSH
RG for
- Dev-Test
- Production
15. MITIGATION
o Patching and
security policies
o Azure Security
Center
Not only for VMs, could check
networks, App Services, Blob Storage,
SQL, etc…
Web UI
Users
Photos URLs
+SQL DB Firewall
RAW Photos
Thumbnails
Watermarking
Photo resize
+web.config
>_
SSH
RG for
- Dev-Test
- Production
16. REMEDIATION
o Network Security
Groups
o VNET
Web UI
Users
Photos URLs
+SQL DB Firewall
RAW Photos
Thumbnails
Watermarking
Photo resize
+web.config
>_
SSH
RG for
- Dev-Test
- Production
17. A BETTER ARCHITECTURE
Web UI
Users
Photos URLs
+SQL DB Firewall
RAW Photos
Thumbnails
Watermarking
Photo resize
+web.config
RG for
- Dev-Test
- Production
18. RECAP – THE 7 GOLDEN RULES
• Script everything
• Backup everything
• Least user privilege
• Trust no one
• Monitor everything
• Assume cloud failure
• Protect your secrets
19. WHAT IS DOING
MICROSOFT TO
SECURE AZURE?
Built-in Partner
Controls
Unique Intelligence
Secure
Foundation
Unique Intelligence
Built in + Partner
Controls
21. Two-factor
authentication
with biometrics
Employee &
contractor vetting
Metal
detectors
Video coverage
rack front & back
Inability to identify
location of specific
customer data
Secure
destruction bins
Ongoing
roaming patrols
Video
coverage
Ongoing
roaming patrols
Front
entrance gate
1 defined
access point
Video
coverage
Perimeter
fencing
Two-factor
authentication
with biometrics
Video
coverage
No building
signage
24x7x365
security operations
Verified single
person entry
Ongoing
roaming patrols
Background
check
System
check
PHYSICAL DATACENTER SECURITY
Access
approval
Perimeter
Building
Server
environment
Built-in Partner
Controls
Unique Intelligence
Secure
Foundation
Unique Intelligence
Built in + Partner
Controls
22. Protect customer data
Data, network segregation.
DDoS protection at the edge.
Platform segregation.
Confidential computing.
Secure hardware
Custom-built hardware with
integrated security and attestation
Continuous testing
War game exercises by Microsoft
teams, vulnerability scanning &
continuous monitoring
CUSTOMER 2CUSTOMER 1
AZURE INFRASTRUCTURE SECURITYBuilt-in Partner
Controls
Unique Intelligence
Secure
Foundation
Unique Intelligence
Built in + Partner
Controls
23. Identity &
Access
Apps & Data
Security
Network
Security
Threat
Protection
Security
Management
Role based
access
Encryption
DDoS
Protection
Antimalware
Log
Management
Multi-Factor
Authentication
Confidential
Computing
NG Firewall
AI Based
Detection and
Response
Security Posture
Assessment
Central Identity
Management
Key
Management
Web App
Firewall
Cloud Workload
Protection
Policy and
governance
Identity
Protection
Certificate
Management
Private
Connections
SQL Threat
Protection
Regulatory
Compliance
Privileged
Identity
Management
Information
Protection
Network
Segmentation
IoT Security SIEM
Built-in Partner
Controls
Unique Intelligence
Unique Intelligence
24. VIRTUAL MACHINES APPLICATIONS STORAGE & DATABASES
PROTECT DATA AND COMMUNICATIONS
Enable built-in encryption across resources
Azure Storage Service Encryption
Azure Disk Encryption
SQL TDE/Always Encrypted
Encrypt data while in use
Azure confidential computing
Use delegated access to storage objects
Shared Access Signature enables more granular access
control
Use a key management system
Keep keys in a hardware HSM/don’t store key in
apps/GitHub
Use one Key Vault per security boundary/per app/per
region
Monitor/audit key usage-pipe information into SIEM for
analysis/threat detection
Use Key Vault to enroll and automatically renew certificates
Built-in Partner
Controls
Unique Intelligence
Unique Intelligence
25. Azure Security Center
with advanced analytics for threat detection
Virtual
machines Applications
Storage
& databases Network
PROTECT WORKLOADS AGAINST
EVOLVING ATTACKS
Mitigate potential vulnerabilities
proactively
Ensure up to date VMs with relevant security
patches
Enable host anti-malwareReduce surface area of attack
Enable just in time access to management
ports
Configure Application Whitelisting to
prevent malware execution
Detect threats early and respond
faster
Use actionable alerts and incidents
Interactive investigation tool and playbooks
to orchestrate responses
Built-in Partner
Controls
Unique Intelligence
Unique Intelligence
26. TAKE A LOOK AT AZURE SECURITY
CENTER
Built-in Partner
Controls
Unique Intelligence
Unique Intelligence
27. APP SERVICE DIAGNOSTICS
• An interactive and intelligent experience for
self-troubleshooting your app issues
• What does that actually mean?
• 🔒Diagnose and troubleshoot your app issues
and learn about best practices
• 🎨Use Genie to guide you through each
problem category tile
• 📈 Intelligent search capabilities
• 🌏Straight out-of-the box, no extra
configuration necessary
Built-in Partner
Controls
Unique Intelligence
Unique Intelligence