The document discusses different types of databases and when each may be suitable. It begins with an introduction to the author and their background. It then discusses key differences between SQL and NoSQL databases, such as how SQL databases are better for large amounts of structured data while NoSQL databases can be useful for unstructured or distributed data. The document emphasizes that the type of database chosen depends on factors like the size and shape of the data as well as how the data will be used. Specific databases are described like MongoDB, Elasticsearch, Neo4j and others.
This talk introduces microservices as a tool in an API developer's arsenal. We'll introduce what they are, see how and why they could fit into a modern application (and when they may not), and tools that will make dealing with a microservices architecture easier than ever before.
Statistical Programming with JavaScriptDavid Simons
Almost every application needs data to function - and if you don't know how to be nice to your data, then things will start to go wrong. This talk aims to convince JavaScript developers that they do need to care about statistics, and then talk about how to do so. We look at some theory and lots of case studies and real-world advice to deal with a range of scenarios.
The talk aims to touch on the entire data life cycle: We'll dive into data modelling and how the shape and size of your data affects your architecture, and how to build these architectures using JavaScript. Once the data is in the front-end, we'll touch on the wide range of libraries that allows your code to react based on the data, and the wrappers on top that aid visualisation and readability.
All too often front-end JavaScript code has been considered a second class citizen, and when treated without due care and attention it can be buggy and hard to maintain. This attitude is changing though, and thanks to the rapid growth in popularity of JavaScript as a first-class language, there is a large and expanding ecosystem of tools that a developer should know to make their client-side code as “clean” as the rest of their stack.
This talk aims to introduce and discuss how to implement modularisation, functional idioms and testing in JavaScript in an idiomatic way, to allow you to code JavaScript to a higher quality and, ultimately, more sustainably.
Data Modelling is an important tool in the toolbox of a developer. By building and communicating a shared understanding of the domain they're working with, their applications and APIs are more useable and maintainable. However, as you scale up your technical teams, how do you keep these benefits whilst avoiding time-consuming meetings every time something new comes along? This talk reminds ourselves of key data modelling technique and how our use of Kafka changes and informs them. It then examines how these patterns change as more teams join your organisation and how Kafka comes into its own in this world.
From Content Strategy to Drupal Site Building - Connecting the dotsRonald Ashri
Content strategy is, undoubtedly, a hot topic these days. A lot is being said that spans the range from concerns regarding the ability to display content on any device to the ability to drive engagement and increase traffic through better content creation and social media strategies. In this presentation we will connect the dots between these issues and practical Drupal site-building concerns with tools that are readily available now.
We will show, through specific examples and references to available modules, how different approaches to content strategy can be practically implemented on Drupal sites. The aim is to equip Drupal site-builders with a handy toolkit that will allow them to both implement a content strategy for their sites as well as better exchange information with content strategists.
The examples will include:
- Different approaches to building content types so as to empower content creators to create a range of different structures.
- Best practices in using vocabularies (fixed, open, user-generated, moderated, etc) or where alternative categorization methods may be relevant.
We will also discuss:
- Editorial calendars and scheduling.
- The true benefit of workflows (and how, sometimes, they can be a disadvantage).
- Analytics and how the ability to measure the effects of any strategy is as important as defining the strategy itself.
Attendees will go away with practical examples and techniques that they can apply to their sites as well as a better understanding of what content strategy really is and how they can use it to improve their sites.
The examples are a result of our own experiences in helping both clients develop their content strategy as well as applying it on italymagazine.com, an in-house product of ours. We grew italymagazine.com to a relevant online digital brand with a strong community by expressing our content strategy ideas through the tools that Drupal 7 made available to us. The resulting ~250% increase in traffic over 3 months is a testament to both the value of a content strategy as well as the power of Drupal to allow you to flexibly and iteratively support it.
This talk introduces microservices as a tool in an API developer's arsenal. We'll introduce what they are, see how and why they could fit into a modern application (and when they may not), and tools that will make dealing with a microservices architecture easier than ever before.
Statistical Programming with JavaScriptDavid Simons
Almost every application needs data to function - and if you don't know how to be nice to your data, then things will start to go wrong. This talk aims to convince JavaScript developers that they do need to care about statistics, and then talk about how to do so. We look at some theory and lots of case studies and real-world advice to deal with a range of scenarios.
The talk aims to touch on the entire data life cycle: We'll dive into data modelling and how the shape and size of your data affects your architecture, and how to build these architectures using JavaScript. Once the data is in the front-end, we'll touch on the wide range of libraries that allows your code to react based on the data, and the wrappers on top that aid visualisation and readability.
All too often front-end JavaScript code has been considered a second class citizen, and when treated without due care and attention it can be buggy and hard to maintain. This attitude is changing though, and thanks to the rapid growth in popularity of JavaScript as a first-class language, there is a large and expanding ecosystem of tools that a developer should know to make their client-side code as “clean” as the rest of their stack.
This talk aims to introduce and discuss how to implement modularisation, functional idioms and testing in JavaScript in an idiomatic way, to allow you to code JavaScript to a higher quality and, ultimately, more sustainably.
Data Modelling is an important tool in the toolbox of a developer. By building and communicating a shared understanding of the domain they're working with, their applications and APIs are more useable and maintainable. However, as you scale up your technical teams, how do you keep these benefits whilst avoiding time-consuming meetings every time something new comes along? This talk reminds ourselves of key data modelling technique and how our use of Kafka changes and informs them. It then examines how these patterns change as more teams join your organisation and how Kafka comes into its own in this world.
From Content Strategy to Drupal Site Building - Connecting the dotsRonald Ashri
Content strategy is, undoubtedly, a hot topic these days. A lot is being said that spans the range from concerns regarding the ability to display content on any device to the ability to drive engagement and increase traffic through better content creation and social media strategies. In this presentation we will connect the dots between these issues and practical Drupal site-building concerns with tools that are readily available now.
We will show, through specific examples and references to available modules, how different approaches to content strategy can be practically implemented on Drupal sites. The aim is to equip Drupal site-builders with a handy toolkit that will allow them to both implement a content strategy for their sites as well as better exchange information with content strategists.
The examples will include:
- Different approaches to building content types so as to empower content creators to create a range of different structures.
- Best practices in using vocabularies (fixed, open, user-generated, moderated, etc) or where alternative categorization methods may be relevant.
We will also discuss:
- Editorial calendars and scheduling.
- The true benefit of workflows (and how, sometimes, they can be a disadvantage).
- Analytics and how the ability to measure the effects of any strategy is as important as defining the strategy itself.
Attendees will go away with practical examples and techniques that they can apply to their sites as well as a better understanding of what content strategy really is and how they can use it to improve their sites.
The examples are a result of our own experiences in helping both clients develop their content strategy as well as applying it on italymagazine.com, an in-house product of ours. We grew italymagazine.com to a relevant online digital brand with a strong community by expressing our content strategy ideas through the tools that Drupal 7 made available to us. The resulting ~250% increase in traffic over 3 months is a testament to both the value of a content strategy as well as the power of Drupal to allow you to flexibly and iteratively support it.
A presentation on Social Network Analysis & network graphing using #Python, NetworkX, Graph-Tool and Gephi. Presented to the Ottawa Python Meetup group on August 27, 2015.
Examples include graphing of twitter data for the #Rstats and #Python communities based on 1000 tweet samples per community.
Mining Events from Multimedia Streams (WAIS Research group seminar June 2014)Jonathon Hare
Web and Internet Science research group seminar series. University of Southampton. 25th June 2014.
The aggregation of items from social media streams, such as Flickr photos and Twitter tweets, into meaningful groups can help users contextualise and effectively consume the torrents of information on the social web. This task is challenging due to the scale of the streams and the inherently multimodal nature of the information being contextualised.
In this talk I'll describe some of our recent work on trend and event detection in multimedia data streams. We focus on scalable streaming algorithms that can be applied to multimedia data streams from the web and the social web. The talk will cover two particular aspects of our work: mining Twitter for trending images by detecting near duplicates; and detecting social events in multimedia data with streaming clustering algorithms. I'll will describe in detail our techniques, and explore open questions and areas of potential future work, in both these tasks.
SEWM'14 keynote: Mining Events from Multimedia StreamsJonathon Hare
Keynote at the ICMR 2014 Workshop on Social Events in Web Multimedia (SEWM). Glasgow, UK. 1st April 2014.
The aggregation of items from social media streams, such as Flickr photos and Twitter tweets, into meaningful groups can help users contextualise and effectively consume the torrents of information on the social web. This task is challenging due to the scale of the streams and the inherently multimodal nature of the information being contextualised.
In this talk we’ll describe some of our recent work on trend and event detection in multimedia data streams. We focus on scalable streaming algorithms that can be applied to multimedia data streams from the web and the social web. The talk will cover two particular aspects of our work: mining Twitter for trending images by detecting near duplicates; and detecting social events in multimedia data with streaming clustering algorithms. We will describe in detail our techniques, and explore open questions and areas of potential future work, in both these tasks.
Transforming developer from Commodity to Premium - A tale of micorservicesKishore Yekkanti
The unprecedented growth of microservices changed the behavioural traits of an average developer. In this brief presentation, i'm going to touch up on various concepts of microservices which empowered an average developer to become and entrepreneur.
Gain Maximum Visibility into Your Applications - DEM03 - Chicago AWS SummitAmazon Web Services
Visibility into your applications and systems is critical to guarding against errors, maintaining uptime, and protecting performance. In this session, we show how DevOps enables us to build better systems by leveraging the perspectives of different teams in order to gain that visibility. This session is brought to you by AWS partner, Datadog.
Do you have a plugin (or several) in the WordPress.org repository? Have you ever wondered how to turn your plugin development skills into a sustaining income-based business? Not sure how to go about it?
In this session, Adam details his story of creating a sustainable plugin business. He shares actionable advice that audience members can put into practice immediately to grow not only a user-base, but also a customer-base.
Adam also explains the techniques he uses to guide free-users to premium product. Attendees will learn everything they need to know to create a plugin that people will love, and recommend to others.
Takeaways:
Use your free plugin to sell a Pro version.
How to market your plugin.
Learn the tools used create a digital plugin business.
Visibility into your applications and systems is critical in guarding against errors, maintaining uptime, and protecting performance. In this session, learn how DevOps enables us to build better systems by leveraging the perspectives of different teams in order to gain that visibility.
You Created a Plugin. Now What? WordCamp SacramentoAdam W. Warner
Do you have a plugin (or several) in the WordPress.org repository? Have you ever wondered how to turn your plugin development skills into a sustaining income-based business? Not sure how to go about it?
In this session, Adam details his story of creating a sustainable plugin business. He shares actionable advice that audience members can put into practice immediately to grow not only a user-base, but also a customer-base. Adam also explains the techniques he uses to guide free-users to premium products. Attendees will learn everything they need to know to create a plugin that people will love and recommend to others.
You Created a Plugin. Now What? WordCamp Orange CountyAdam W. Warner
Do you have a plugin (or several) in the WordPress.org repository? Have you ever wondered how to turn your plugin development skills into a sustaining income-based business? Not sure how to go about it?
In this session, Adam details his story of creating a sustainable plugin business. He shares actionable advice that audience members can put into practice immediately to grow not only a user-base but also a customer-base. Adam also explains the techniques he uses to guide free users to a premium product.
Attendees will learn everything they need to know to create a plugin that people will love and recommend to others.
Wrangle Your Defense Using Offensive Tactics BSides CT 2019Matt Dunn
The key to a good defense is understanding the offense. Grab your lasso and hop in the saddle because this talk will cover attack techniques that are regularly used to compromise networks and how they can be leveraged by the blue team to build a stronger defense. Forget vulnerability scanners, in this talk we cover issues they rarely catch, which include: Discovering unknown weaknesses externally and internally, weak passwords, in-memory credential theft and privilege abuse.
Learn how to discover, exploit and defend against those weaknesses using a number of free and/or open-source tools, as well as defense tips and the IOCs needed to tune your SIEM. Lastly, the MITRE ATT&CK framework will be introduced, so that you can utilize the same tactics on the entire gamut of known attack vectors.
The CIA Mindset: Securing Your WordPress Code” on March 19th. Using the classic CIA Security Triad, David will explore how developers can have more confidence in the Confidentiality, Integrity and Availablity regarding their own WordPress Sites, plugins and themes.
100% Visibility - Jason Yee - Codemotion Amsterdam 2018Codemotion
Monitoring systems has traditionally been the responsibility of Ops teams. But our goal is to align devs, ops, & other roles in the organization (aka DevOps), so we need to ensure they are all monitoring critical business systems & do so in ways that take advantage of the unique perspective that each role offers. In this session, I’ll break down the expansive monitoring landscape into 5 categories that each provide a unique view of your systems. I’ll show how each category allows your team to have complete observability, avoid blind spots, & work together to quickly resolve issues & outages.
How can documentation become inherently Agile?eBranding Ninja
How can you foster a culture that gets your developers excited about documentation? How can you foster a culture that gets your developers excited about pleasing their customers?
Documentation is still the most important thing developers continually respond as most affecting their decision making. Frankly caring about documentation shows you care about the developer, whether external or internal. Yet, documentation is constantly pushed to the wayside, aligning that idea with Waterfall and top-down development. How do you then foster a culture that gets your developers excited to create documentation? And as an extension, how do you get your developers excited about pleasing their customers?
Start out by automating what you can and then creating a process. Documentation is something that requires discipline. It’s up to your team to identify what interruptions are constantly being pointed to as excuses for not completing the documentation. Then, you can put an investment into your documentation, looking to first solve and reduce those interruptions, making documentation the way you address repeated issues and make your customers more autonomous.
Documentation is actually particularly important to the Scrum process, where "documented" is part of the definition of "Done." Documentation can also be a good team-building exercise as it invites everyone to take ownership of their own piece. It also keeps everyone cognizant of keeping the code itself simple and self-explanatory. And it's especially important for team communication and collaboration as, with microservices, containers and the like, our developers gain autonomy, but there's a struggle to work out loud so you know what everyone else is doing.
Finally, someone should be in charge of managing the documentation -- someone with a tech background but some marketing savviness -- to curate it all, helping to make sure it's there and that it tells a clear story that's easy to search through, but that also supports the overall business proposition.
This talk was first given at AgiNext 2017, London.
http://2017.aginext.io/
Images compliments of New Old Stock http://nos.twnsnd.co/
Knowledge and identification of Malware binaries is a crucial part of detection and incident response. There was a time when using MD5s was sufficient to ID binaries. The reverse engineering analysis conducted once would be useful anytime that same MD5 hash was seen again. This has rapidly changed in recent years. Polymorphic samples of the same specimen change the file hash (MD5, SHAx etc) without much effort by the attacker. Also, cyber criminals and advanced adversaries reuse their codebase to create newer versions of their malware, but changes in the file hash disallow any opportunity to connect and leverage previous analyses of similar samples by defenders. This gives them an asymmetric advantage.
In recent years, there has been research into “similarity metrics”― methods that can identify whether, or to what degree, two malware binaries are similar to each other. Imphash, ssdeep and sdhash are examples of such techniques. In this talk, Bhavna will review which of these techniques is more suitable for evaluating similarities in code for APT related samples. This presentation will take a data analytics approach. We will look at binary samples from APT events from Jan- Mar 2015 and create clusters of similar binaries based on each of the three similarity metrics under consideration. We will then evaluate the accuracy of the clusters and examine their implications on the effectiveness of each technique in identifying provenance of an APT related binary. This can aid Incident responders in connecting otherwise disparate infections in their environment to a single threat group and apply past analyses of the abilities and motivations of that adversary to conduct more effective response.
From Content Strategy to Drupal Site Building - Connecting the DotsRonald Ashri
The actual presentation is available on YouTube here:
https://www.youtube.com/watch?v=agcQsQfCFow
Content strategy is, undoubtedly, a hot topic these days. A lot is being said that spans the range from concerns regarding the ability to display content on any device to the ability to drive engagement and increase traffic through better content creation and social media strategies. In this presentation we will connect the dots between these issues and practical Drupal site-building concerns with tools that are readily available now.
We will show, through specific examples and references to available modules, how different approaches to content strategy can be practically implemented on Drupal sites. The aim is to equip Drupal site-builders with a handy toolkit that will allow them to both implement a content strategy for their sites as well as better exchange information with content strategists.
The examples will include:
- Different approaches to building content types so as to empower content creators to create a range of different structures.
- Best practices in using vocabularies (fixed, open, user-generated, moderated, etc) or where alternative categorization methods may be relevant.
- Building menus and navigation.
We will also discuss:
- Editorial calendars and scheduling.
- The true benefit of workflows (and how, sometimes, they can be a disadvantage).
- Analytics and how the ability to measure the effects of any strategy is as important as defining the strategy itself.
Attendees will go away with practical examples and techniques that they can apply to their sites as well as a better understanding of what content strategy really is and how they can use it to improve their sites.
The examples are a result of our own experiences in helping both clients develop their content strategy as well as applying it on italymagazine.com, an in-house product of ours. We grew italymagazine.com to a relevant online digital brand with a strong community by expressing our content strategy ideas through the tools that Drupal 7 made available to us. The resulting ~250% increase in traffic over 3 months is a testament to both the value of a content strategy as well as the power of Drupal to allow you to flexibly and iteratively support it.
Hbase and phoenix usage at eHarmony. Presented the lambda architecture and implementation of HBase and phoenix usage in eharmony at Apache PhoenixCon 2016.
A presentation on Social Network Analysis & network graphing using #Python, NetworkX, Graph-Tool and Gephi. Presented to the Ottawa Python Meetup group on August 27, 2015.
Examples include graphing of twitter data for the #Rstats and #Python communities based on 1000 tweet samples per community.
Mining Events from Multimedia Streams (WAIS Research group seminar June 2014)Jonathon Hare
Web and Internet Science research group seminar series. University of Southampton. 25th June 2014.
The aggregation of items from social media streams, such as Flickr photos and Twitter tweets, into meaningful groups can help users contextualise and effectively consume the torrents of information on the social web. This task is challenging due to the scale of the streams and the inherently multimodal nature of the information being contextualised.
In this talk I'll describe some of our recent work on trend and event detection in multimedia data streams. We focus on scalable streaming algorithms that can be applied to multimedia data streams from the web and the social web. The talk will cover two particular aspects of our work: mining Twitter for trending images by detecting near duplicates; and detecting social events in multimedia data with streaming clustering algorithms. I'll will describe in detail our techniques, and explore open questions and areas of potential future work, in both these tasks.
SEWM'14 keynote: Mining Events from Multimedia StreamsJonathon Hare
Keynote at the ICMR 2014 Workshop on Social Events in Web Multimedia (SEWM). Glasgow, UK. 1st April 2014.
The aggregation of items from social media streams, such as Flickr photos and Twitter tweets, into meaningful groups can help users contextualise and effectively consume the torrents of information on the social web. This task is challenging due to the scale of the streams and the inherently multimodal nature of the information being contextualised.
In this talk we’ll describe some of our recent work on trend and event detection in multimedia data streams. We focus on scalable streaming algorithms that can be applied to multimedia data streams from the web and the social web. The talk will cover two particular aspects of our work: mining Twitter for trending images by detecting near duplicates; and detecting social events in multimedia data with streaming clustering algorithms. We will describe in detail our techniques, and explore open questions and areas of potential future work, in both these tasks.
Transforming developer from Commodity to Premium - A tale of micorservicesKishore Yekkanti
The unprecedented growth of microservices changed the behavioural traits of an average developer. In this brief presentation, i'm going to touch up on various concepts of microservices which empowered an average developer to become and entrepreneur.
Gain Maximum Visibility into Your Applications - DEM03 - Chicago AWS SummitAmazon Web Services
Visibility into your applications and systems is critical to guarding against errors, maintaining uptime, and protecting performance. In this session, we show how DevOps enables us to build better systems by leveraging the perspectives of different teams in order to gain that visibility. This session is brought to you by AWS partner, Datadog.
Do you have a plugin (or several) in the WordPress.org repository? Have you ever wondered how to turn your plugin development skills into a sustaining income-based business? Not sure how to go about it?
In this session, Adam details his story of creating a sustainable plugin business. He shares actionable advice that audience members can put into practice immediately to grow not only a user-base, but also a customer-base.
Adam also explains the techniques he uses to guide free-users to premium product. Attendees will learn everything they need to know to create a plugin that people will love, and recommend to others.
Takeaways:
Use your free plugin to sell a Pro version.
How to market your plugin.
Learn the tools used create a digital plugin business.
Visibility into your applications and systems is critical in guarding against errors, maintaining uptime, and protecting performance. In this session, learn how DevOps enables us to build better systems by leveraging the perspectives of different teams in order to gain that visibility.
You Created a Plugin. Now What? WordCamp SacramentoAdam W. Warner
Do you have a plugin (or several) in the WordPress.org repository? Have you ever wondered how to turn your plugin development skills into a sustaining income-based business? Not sure how to go about it?
In this session, Adam details his story of creating a sustainable plugin business. He shares actionable advice that audience members can put into practice immediately to grow not only a user-base, but also a customer-base. Adam also explains the techniques he uses to guide free-users to premium products. Attendees will learn everything they need to know to create a plugin that people will love and recommend to others.
You Created a Plugin. Now What? WordCamp Orange CountyAdam W. Warner
Do you have a plugin (or several) in the WordPress.org repository? Have you ever wondered how to turn your plugin development skills into a sustaining income-based business? Not sure how to go about it?
In this session, Adam details his story of creating a sustainable plugin business. He shares actionable advice that audience members can put into practice immediately to grow not only a user-base but also a customer-base. Adam also explains the techniques he uses to guide free users to a premium product.
Attendees will learn everything they need to know to create a plugin that people will love and recommend to others.
Wrangle Your Defense Using Offensive Tactics BSides CT 2019Matt Dunn
The key to a good defense is understanding the offense. Grab your lasso and hop in the saddle because this talk will cover attack techniques that are regularly used to compromise networks and how they can be leveraged by the blue team to build a stronger defense. Forget vulnerability scanners, in this talk we cover issues they rarely catch, which include: Discovering unknown weaknesses externally and internally, weak passwords, in-memory credential theft and privilege abuse.
Learn how to discover, exploit and defend against those weaknesses using a number of free and/or open-source tools, as well as defense tips and the IOCs needed to tune your SIEM. Lastly, the MITRE ATT&CK framework will be introduced, so that you can utilize the same tactics on the entire gamut of known attack vectors.
The CIA Mindset: Securing Your WordPress Code” on March 19th. Using the classic CIA Security Triad, David will explore how developers can have more confidence in the Confidentiality, Integrity and Availablity regarding their own WordPress Sites, plugins and themes.
100% Visibility - Jason Yee - Codemotion Amsterdam 2018Codemotion
Monitoring systems has traditionally been the responsibility of Ops teams. But our goal is to align devs, ops, & other roles in the organization (aka DevOps), so we need to ensure they are all monitoring critical business systems & do so in ways that take advantage of the unique perspective that each role offers. In this session, I’ll break down the expansive monitoring landscape into 5 categories that each provide a unique view of your systems. I’ll show how each category allows your team to have complete observability, avoid blind spots, & work together to quickly resolve issues & outages.
How can documentation become inherently Agile?eBranding Ninja
How can you foster a culture that gets your developers excited about documentation? How can you foster a culture that gets your developers excited about pleasing their customers?
Documentation is still the most important thing developers continually respond as most affecting their decision making. Frankly caring about documentation shows you care about the developer, whether external or internal. Yet, documentation is constantly pushed to the wayside, aligning that idea with Waterfall and top-down development. How do you then foster a culture that gets your developers excited to create documentation? And as an extension, how do you get your developers excited about pleasing their customers?
Start out by automating what you can and then creating a process. Documentation is something that requires discipline. It’s up to your team to identify what interruptions are constantly being pointed to as excuses for not completing the documentation. Then, you can put an investment into your documentation, looking to first solve and reduce those interruptions, making documentation the way you address repeated issues and make your customers more autonomous.
Documentation is actually particularly important to the Scrum process, where "documented" is part of the definition of "Done." Documentation can also be a good team-building exercise as it invites everyone to take ownership of their own piece. It also keeps everyone cognizant of keeping the code itself simple and self-explanatory. And it's especially important for team communication and collaboration as, with microservices, containers and the like, our developers gain autonomy, but there's a struggle to work out loud so you know what everyone else is doing.
Finally, someone should be in charge of managing the documentation -- someone with a tech background but some marketing savviness -- to curate it all, helping to make sure it's there and that it tells a clear story that's easy to search through, but that also supports the overall business proposition.
This talk was first given at AgiNext 2017, London.
http://2017.aginext.io/
Images compliments of New Old Stock http://nos.twnsnd.co/
Knowledge and identification of Malware binaries is a crucial part of detection and incident response. There was a time when using MD5s was sufficient to ID binaries. The reverse engineering analysis conducted once would be useful anytime that same MD5 hash was seen again. This has rapidly changed in recent years. Polymorphic samples of the same specimen change the file hash (MD5, SHAx etc) without much effort by the attacker. Also, cyber criminals and advanced adversaries reuse their codebase to create newer versions of their malware, but changes in the file hash disallow any opportunity to connect and leverage previous analyses of similar samples by defenders. This gives them an asymmetric advantage.
In recent years, there has been research into “similarity metrics”― methods that can identify whether, or to what degree, two malware binaries are similar to each other. Imphash, ssdeep and sdhash are examples of such techniques. In this talk, Bhavna will review which of these techniques is more suitable for evaluating similarities in code for APT related samples. This presentation will take a data analytics approach. We will look at binary samples from APT events from Jan- Mar 2015 and create clusters of similar binaries based on each of the three similarity metrics under consideration. We will then evaluate the accuracy of the clusters and examine their implications on the effectiveness of each technique in identifying provenance of an APT related binary. This can aid Incident responders in connecting otherwise disparate infections in their environment to a single threat group and apply past analyses of the abilities and motivations of that adversary to conduct more effective response.
From Content Strategy to Drupal Site Building - Connecting the DotsRonald Ashri
The actual presentation is available on YouTube here:
https://www.youtube.com/watch?v=agcQsQfCFow
Content strategy is, undoubtedly, a hot topic these days. A lot is being said that spans the range from concerns regarding the ability to display content on any device to the ability to drive engagement and increase traffic through better content creation and social media strategies. In this presentation we will connect the dots between these issues and practical Drupal site-building concerns with tools that are readily available now.
We will show, through specific examples and references to available modules, how different approaches to content strategy can be practically implemented on Drupal sites. The aim is to equip Drupal site-builders with a handy toolkit that will allow them to both implement a content strategy for their sites as well as better exchange information with content strategists.
The examples will include:
- Different approaches to building content types so as to empower content creators to create a range of different structures.
- Best practices in using vocabularies (fixed, open, user-generated, moderated, etc) or where alternative categorization methods may be relevant.
- Building menus and navigation.
We will also discuss:
- Editorial calendars and scheduling.
- The true benefit of workflows (and how, sometimes, they can be a disadvantage).
- Analytics and how the ability to measure the effects of any strategy is as important as defining the strategy itself.
Attendees will go away with practical examples and techniques that they can apply to their sites as well as a better understanding of what content strategy really is and how they can use it to improve their sites.
The examples are a result of our own experiences in helping both clients develop their content strategy as well as applying it on italymagazine.com, an in-house product of ours. We grew italymagazine.com to a relevant online digital brand with a strong community by expressing our content strategy ideas through the tools that Drupal 7 made available to us. The resulting ~250% increase in traffic over 3 months is a testament to both the value of a content strategy as well as the power of Drupal to allow you to flexibly and iteratively support it.
Hbase and phoenix usage at eHarmony. Presented the lambda architecture and implementation of HBase and phoenix usage in eharmony at Apache PhoenixCon 2016.
Mirko Lorenz Data Driven Journalism Overview Seminar Ordine dei Giornalisti d...Massimiliano Crosato
A seminar by Mirko Lorenz @MIRKOLORENZ (EJC European Journalism Center) on Data Driven Journalism topics at Ordine dei Giornalisti del Veneto, Venezia. 14 April 2015 #DDJ
Is CSS a simple technology for non programmers? It certainly seems simple at first. Let's explore the boundaries of CSS and cover the ways in which those boundaries are changing and what that means for how we think about ourselves as CSS authors.
Digital Data Commons - Emergence of AI Blockchain ConvergenceGokul Alex
My Session on the Emergence of AI Blockchain Convergence in the perspective of a new digital data commons presented in the Blockchain Hackathon organised by #Accubits and #BHub on January 2nd and 3rd 2018.
Workshop on getting to grips with digital strategy by thinking like a network. Understanding complex adaptive systems, terminology, exponential growth and how technology, behaviour and design all come together. Two exercises included are Stinky Fish and Jobs to be Done. Lots of stuff on Netflix in there too.
Introduction to neo4j and graph databases in generally - looking at what neo4j is, why we should use it, the Cypher query language and the wider ecosystem.
Palestra sobre domínio que usa os conceitos definidos por Eric Evans (DDD) para explicar domínios e traçar um paralelo entre o Conway's law e a falta de domínio.
Nelson Senna, Programador Mobile da Tripda, fez a palestra "ROA – Resource Oriented Architecture", no PHP Experience 2016.
O iMasters PHP Experience 2016 aconteceu nos dias 21 e 22 de Março de 2015, no Hotel Tivoli em São Paulo-SP
http://phpexperience2016.imasters.com.br/
A short overview of the simplest style of data mart schema that can be used to construct data warehouses. It helps reduce the complexities in joining tables when presenting your data through reports and data visualizations.
The slides cover Introduction to Big Data and Data Science, as well as go over our current and future projects @eHarmony.
eHarmony was founded to give people a better chance to find happy, passionate and fulfilling relationships.
During this talk I will describe steps that we go through to create Compatible matches and how we leverage Big Data technologies to accomplish that goal.
I will specifically talk on how we take Billion+ potential matches that we find through MongoDB, store them in Voldemort NoSQL datastore and then run multiple Hadoop jobs to come up with filtered list based on Machine Learned models.
Our hadoop clusters are in-house, high density, low power Seamicro installations and we use Spring Batch and Spring Data Hadoop to orchestrate the hadoop jobs.
Did you know that eHarmony is responsible for 5% of all new US marriages and that more than 600,000 people already got married through us?
Introducing four different complementary architectural - CQRS, Event Sourcing, CQS and Domain Driven Design. Looking at an architecture that would use all of these. Acknowledging that it's never been truly successful.
Cassandra Data Modelling with CQL (OSCON 2015)twentyideas
Usually data modeling is independent of the query language used to implement that data model. When CQL3 was introduced, however, it added a relational-database-centric abstraction that hides many key details of the underlying storage. What’s worse, many data modeling articles reference the deprecated Thrift interface, making it difficult to transfer their wisdom into CQL3. Though CQL can be an efficient and convenient tool to use when querying, knowing how CQL actually maps to Cassandra’s storage structure is key to being able to create scalable and flexible data models.
As needs continue to increase for highly-scalable applications (e.g. Internet of Things, Big Data Collect Everything), Cassandra provides an excellent solution when high-concurrency writes, no-master, near-linear-scalability, and user-chosen consistency are a must. In the broad family of NoSQL data stores, Cassandra is distinct from the document-store model of MongoDB.
Talk given at neo4j conference "Graph Connect" - discussing some graph theory (old and new), and why knowing your stuff can come in handy on a software project.
Slides from the Lightning Talk I gave at NoSQL Matters 2014 in Cologne.
Motivation and examples of the attempt to open the UK's previous election results.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
UiPath Test Automation using UiPath Test Suite series, part 5DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 5. In this session, we will cover CI/CD with devops.
Topics covered:
CI/CD with in UiPath
End-to-end overview of CI/CD pipeline with Azure devops
Speaker:
Lyndsey Byblow, Test Suite Sales Engineer @ UiPath, Inc.
Climate Impact of Software Testing at Nordic Testing DaysKari Kakkonen
My slides at Nordic Testing Days 6.6.2024
Climate impact / sustainability of software testing discussed on the talk. ICT and testing must carry their part of global responsibility to help with the climat warming. We can minimize the carbon footprint but we can also have a carbon handprint, a positive impact on the climate. Quality characteristics can be added with sustainability, and then measured continuously. Test environments can be used less, and in smaller scale and on demand. Test techniques can be used in optimizing or minimizing number of tests. Test automation can be used to speed up testing.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
GridMate - End to end testing is a critical piece to ensure quality and avoid...ThomasParaiso2
End to end testing is a critical piece to ensure quality and avoid regressions. In this session, we share our journey building an E2E testing pipeline for GridMate components (LWC and Aura) using Cypress, JSForce, FakerJS…
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
Unlocking Productivity: Leveraging the Potential of Copilot in Microsoft 365, a presentation by Christoforos Vlachos, Senior Solutions Manager – Modern Workplace, Uni Systems
In his public lecture, Christian Timmerer provides insights into the fascinating history of video streaming, starting from its humble beginnings before YouTube to the groundbreaking technologies that now dominate platforms like Netflix and ORF ON. Timmerer also presents provocative contributions of his own that have significantly influenced the industry. He concludes by looking at future challenges and invites the audience to join in a discussion.
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfPaige Cruz
Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack.
While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack.
I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024Neo4j
Neha Bajwa, Vice President of Product Marketing, Neo4j
Join us as we explore breakthrough innovations enabled by interconnected data and AI. Discover firsthand how organizations use relationships in data to uncover contextual insights and solve our most pressing challenges – from optimizing supply chains, detecting fraud, and improving customer experiences to accelerating drug discoveries.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
8. T H AT ’ S T H E W H O L E
P O I N T
W E L L D U H …
9. I M A G I N I N G A
N E W S Y S T E M
C O U L D G E T U S
T O T H E S A M E
P L A C E B E T T E R
T H E ‘ Y E S ’ C A M PA I G N
WA S N O T…
10. R E - E X A M I N I N G
W H AT M A K E
T H E S Y S T E M
G O O D
T H E ‘ Y E S ’ C A M PA I G N WA S …
11.
12. W H AT D O E S
T H I S H AV E T O
D O W I T H
D ATA B A S E S ?
E R R R …
13. SQL
Clear Market
Standard
• Denormalisation
• Relational Data
• Foreign Keys
• Data Integrity Checks
• Amazing Indexing
• Maturity and Robustness
• SQL as a query language
• Large Community Support
• All the plug-in/library
integration
• Available Support
Contracts
14. W H Y A R E
P E O P L E
A D V O C AT I N G
N O S Q L
D ATA B A S E S ?
S O …
15. T H E Y T H I N K T H E
G O A L P O S T S A R E W R O N G
16. N O S Q L
S O L U T I O N S
C A N ’ T [ V E R B ]
B U T …
17. I T ’ S N O T
M E A N T T O
S O LV E A
P R O B L E M T H AT
N E E D S
[ V E R B ] I N G
B E C A U S E …
18. T O D AY…
• What should we be asking
when we look at
databases?
• What do the results of
those questions mean for
your database?
19. How big is your data?
What shape is your data?
Are you happy to pay?
What uses your data?
20. S Q L I S P R E T T Y
G O O D F O R
L A R G E A M O U N T S
O F D ATA
T R U T H F U L LY
21. W I T H E N O U G H
D ATA , Y O U
H AV E T O
D I S T R I B U T E
T H E H A R D T R U T H
22. W H AT H A P P E N S
W H E N O N E
I N S TA N C E G O E S
D O W N ?
B U T …
23. C A P T H E O R E M
• Choose Two:
• Consistency
• Availability
• Partition Tolerance
24. P R O V I S O
There is a lot of thought in this area,
I am giving a simplified description
that would make many database people
pull their hair out.
https://martin.kleppmann.com/2015/05/11/
please-stop-calling-databases-cp-or-ap.html
25. C A P T H E O R E M
CP AP
Consistent
& Partition Tolerant
Available
& Partition Tolerant
26. C A P T H E O R E M
A
BC
Data = “Cat”
Data = “Cat”
Data = “Cat”
27. C A P T H E O R E M
A
BC
Data = “Cat”
Data = “Dog”
Data = “Cat”
28. C A P T H E O R E M
A
BC
Data = “Dog”
Data = “Dog”
Data = “Dog”
29. C A P T H E O R E M
A
BC
Data = “Dog”
Data = “Dog” Data = “Dog”
30. AVA I L A B L E ( “ A P ” ) S Y S T E M S
A
BC
Data = “Wolf”
Data = “Dog” Data = “Dog”
31. AVA I L A B L E ( “ A P ” ) S Y S T E M S
A
BC
Data = “Wolf”
Data = “Dog” Data = “Wolf”
32. C O N S I S T E N T ( “ C P ” ) S Y S T E M
A
BC
Data = “Dog”
Data = “Dog” Data = “Dog”
33. C O N S I S T E N T ( “ C P ” ) S Y S T E M
A
BC
Data = “Dog”
Data = “Dog” Data = “Dog”
34. C O N S I S T E N T ( “ C P ” ) S Y S T E M
A
BC
Data = “Wolf”
Data = “Dog” Data = “Wolf”
35. T H E R E ’ S A L O T
O F VA L U E I N
C O N S I S T E N C Y…
36. – D Y N A M O : A M A Z O N ’ S H I G H LY AVA I L A B L E K E Y- VA L U E
S T O R E
“Reliability at massive scale is one of the biggest
challenges we face at Amazon.com. Even the
slightest outage has significant financial
consequences and impacts customer trust.”
37. – D Y N A M O : A M A Z O N ’ S H I G H LY AVA I L A B L E K E Y- VA L U E
S T O R E
“Dynamo targets applications that operate with
weaker consistency if this results in high
availability.”
39. N O T
G U A R A N T E E D
C O N S I S T E N C Y
T H E C O S T ?
40.
41.
42.
43.
44.
45.
46. “open source software project that enables distributed processing of large
data sets across clusters of commodity servers”
47. N O T A LWAY S
AVA I L A B L E
T H E C O S T ?
48. W H AT I F W E
D O N ’ T N E E D
T O D I S T R I B U T E ?
B U T …
49. How big is your data?
What shape is your data?
Are you happy to pay?
What uses your data?
50. R D B M S
( R E L AT I O N A L D ATA B A S E
M A N A G E M E N T S Y S T E M )
51. E V E RY R O W I S A “ T H I N G ”
Name Species
1 Puss
2 Dinah
3 Einstein
4 Jess
52. S E T- B A S E D
O P E R AT I O N
R E A D D A TA O U T W I T H
53. “ W H E R E ” ( I N T E R S E C T I O N )
Name Species
1 Puss
2 Dinah
3 Einstein
4 Jess
54. U N I O N S
Name Species
1 Puss
2 Dinah
3 Einstein
4 Jess
5 Nemo
6 Moby Dick
7 Wanda
55. J O I N S
Name Species
Species Coolness
Rating
1 Puss 0
2 Dinah 0
3 Einstein 10
4 Jess 0
56. C A R T E S I A N P R O D U C T S
0 10
0 10
0 10
57. C A R T E S I A N P R O D U C T S
0 10
0 10
0 10
58. W H AT S Q L
D O E S W E L L
• Modelling objects:
• With a fixed structure
and shape
• With a limited number of
relations
• With no opinion or
opinion of any deeper
underlying domain
R D B M S
( R E L AT I O N A L D ATA B A S E
M A N A G E M E N T S Y S T E M )
59. T H E R E A R E
P R O B L E M S T H I S
I S B A D F O R
B U T …
73. D ATA
S T O R A G E
• Nodes and edges are all:
• Stored as first-class
objects on the file system
• “typed”
• Key-value stores
74. D ATA I N T H E
R E L AT I O N S
• “Joins” are first class
objects in the database
that can be queried at no
additional cost
• Certain queries become
trivial (e.g. Joins)
75. P R O T O T Y P I N G
• Easy to see and work with
data
• Schemaless
• Active community with a
lot of libraries
80. K E Y / VA L U E
S T O R E S
P O S S I B L E S O L U T I O N
81. K E Y / VA L U E
S T O R E S
P O S S I B L E S O L U T I O N
DynamoDB
Used by BBC for managing scaled
scheduled processes
Used by Twitter for caching
your timeline
89. E V E RY R O W I S A “ T H I N G ”
N A M E = P U S S
C O O L N E S S = 0
!
N A M E = J E S S
C O O L N E S S = 0
!
N A M E = D I N A H
C O O L N E S S = 0
!
N A M E = E I N S T E I N
C O O L N E S S = 1 0
!
D O C U M E N T
114. E V E RY R O W I S A “ T H I N G ”
N A M E = P U S S
C O O L N E S S = 0
!
N A M E = J E S S
C O O L N E S S = 0
!
N A M E = D I N A H
C O O L N E S S = 0
!
N A M E = E I N S T E I N
C O O L N E S S = 1 0
!
D O C U M E N T
116. “Apache Lucene is a high-performance, full-
featured text search engine library … It is a
technology suitable for nearly any application that
requires full-text search”
117. F O C U S E D
A R O U N D
T E X T
S E A R C H I N G
Q U E R I E S
122. D ATA B A S E S W E ’ V E TA L K E D A B O U T
T O D AY…
• SQL (Industry standard RDBMS coming on many flavours of different cost. used by many)
• Cassandra (Eventually consistent Dynamo implementation)
• Riak (Eventually consistent Dynamo implementation)
• Hadoop (Large ecosystem focused around scalability - focused on consistency and utilising many nodes. Used by
Facebook for their messenging)
• Neo4j (Graph Database, with poor scalability but high-fidelity data model. Used by many companies for highly
relational data)
• Redis (In-memory key-value store, used by twitter for their caching as a lightweight solution.)
• DynamoDB (AWS managed DBaaS, used by the BBC among others for light-weight key-value store needs such as
locking)
• MongoDB (Document store database, schedules with some interesting indexes. Used well by New York Times and
Foursquar.e Used purely by Diaspora v1)
• Apache Marmotta (Bleeding Edge DB used by Red Bull Media House to comply with Linked Data framework,
allowing easy integration)
• ElasticSearch (Document store database, providing easy searching out the box. Used by github and StackOverflow
among others)
123. How big is your data?
What shape is your
data?
Are you happy to pay?
What uses your
data?
If it gets big enough,
you have to distribute
AP (available)
vs.
CP (consistent)
124. How big is your data?
What shape is your
data?
Are you happy to pay?
What uses your
data?
If it’s not big, you can
use
high-fidelity data
models
Time Series
Graph DBs
Denormalised Rows
.. and more!
125. How big is your data?
What shape is your
data?
Are you happy to pay?
What uses your
data?
You may have to make
sacrifices…
126. How big is your data?
What shape is your
data?
Are you happy to pay?
What uses your
data?
Think about the
queries you’ll be
running up-front…
… this can prevent
costly rearchitecting
down the line
127. How big is your data?
What shape is your
data?
Are you happy to pay?
What uses your
data?
Your system is
unique
NoSQL is not
one thing -
there’s a range
of solutions
Consider them
on their own
merits!
128. A N Y Q U E S T I O N S >
D a v i d S i m o n s
@ S w a m W i t h Tu r t l e s