Preview delle ultime novità di prodotto Sourcefire IPS Entriamo in dettaglio delle novità di prodotto annunciate da Sourcefire nell\’ultimo mese, incluso:
New 3D8000 Series Sensors with FirePOWER
New Defense Center Models
New IPSx Solution
Advanced threat security - Cyber Security For The Real WorldCisco Canada
Cisco delivers intelligent cybersecurity for the real world, providing one of the industry's most comprehensive advanced threat protection portfolio of solutions and services that are integrated, pervasive, continuous and open.
Cisco's threat-centric approach to security reduces complexity, while providing unmatched visibility, continuous control and advanced threat protection across the entire attack continuum, allowing customers to act smarter and more quickly -- before, during, and after an attack.
More information on security here: http://bit.ly/1paUnZV
Preview delle ultime novità di prodotto Sourcefire IPS Entriamo in dettaglio delle novità di prodotto annunciate da Sourcefire nell\’ultimo mese, incluso:
New 3D8000 Series Sensors with FirePOWER
New Defense Center Models
New IPSx Solution
Advanced threat security - Cyber Security For The Real WorldCisco Canada
Cisco delivers intelligent cybersecurity for the real world, providing one of the industry's most comprehensive advanced threat protection portfolio of solutions and services that are integrated, pervasive, continuous and open.
Cisco's threat-centric approach to security reduces complexity, while providing unmatched visibility, continuous control and advanced threat protection across the entire attack continuum, allowing customers to act smarter and more quickly -- before, during, and after an attack.
More information on security here: http://bit.ly/1paUnZV
New OSSIM v5.0 - Get Security Visibility Faster & Easier Than EverAlienVault
With a focus on simplifying asset management, OSSIM v5.0 (available 4/20) makes it faster and easier than ever to get the insights you need. Join us for this user training to learn how to get the most out of these new enhancements:
Assign custom labels for assets, groups and networks
Search, filter and group assets by OS, IP address, device type, custom labels and more
Run vulnerability and asset scans on custom asset groups with one click
Filter by asset groups in alarms, security events and raw logs
Update configuration, sensor assignment, asset value and more on multiple assets and groups of assets at once
...and more!
This presentations highlights the Cisco Security Architecture. For more information Cisco's security products and solutions please visit our website here: http://www.cisco.com/web/CA/products/vpn.html
The session will be focusing how cloud-native security platform can continuously discovers workloads, identifies risk, and enforces security policies in any multi-cloud environment. Additionally it will also cover the Automated policy generation through agent-less security controls makes protecting data and applications the easiest thing to do in the cloud.
The Speaker of the session will be Dr. Ratinder Paul Singh Ahuja, Founder and Chief Research and Development Officer, Shield X, USA
Dr. Ratinder leads ShieldX and its mission as its central pivot point. Drawing from a career as a successful serial entrepreneur and corporate leader, he brings his unique blend of business acumen, industry network and deep technical knowledge.
At his previous start-ups, Internet Junction, Webstacks and Reconnex he served as Chief Technology Officer and Vice President of the Mobile and Network Security Business Units. His knowledge of innovation and emerging trends in networking, network security, and data-loss prevention are derived from years of industry experience. Dr. Ahuja holds a BS in Electronics & Electrical Engineering from Thapar University, in India, and a Masters and Ph.D. in Computer Engineering from Iowa State University. Dr. Ahuja has been granted 61 patents for security-based technologies, and has presented in many public forums, including the Content Protection Summit, IC3, IEEE Computer Society, McAfee FOCUS, and the Cloud Expo.
F5 keeps customers protected with new IP Intelligence service. F5's BIG-IP solutions now offer a cloud-based service to guard against malicious activity, emerging threats, and IP address-related attacks.
Cloud summit demystifying cloud securityDavid De Vos
During this session we’ll cover the key solutions and steps to securing a cloud environment.
We’ll cover policy creation, security posture management & cybersecurity incident analysis. You’ll see how compliance is made easy in the cloud and how continuous monitoring works. We’ll explain how multi-cloud security works as well!
As we walk through the solutions, we’ll share some best practices and use cases from our experience.
Your network holds the key to defending your organization. The Cisco switches, routers, and wireless solutions you deploy can complement and empower your security systems. Cisco provides a broad portfolio of capabilities to improve your defenses across the entire attack continuum. This presentation outlines how you can use your network as a sensor to protect your data, your customers, and your reputation.
Register to Watch Webcast: http://cs.co/9003CRsH
Join the Conversation: http://cs.co/9008CRt6
Palo Alto Networks - инновационная платформа сетевой безопасности ядром которой является next generation firewall, на базе уникальной, разработанной PA Networks технологии App-ID, обеспечивает безопасность сети на уровне приложений, пользователей и контента с использованием как физической так и виртуальной архитектуры. Решения сетевой защиты PAN соответствуют самым высоким требованиям к сетевой безопасности, как по производительности так и по функциональности, и являются безусловными лидерами отрасли, что подтверждено отчетами Gartner, количеством пользователей и растущим объемом продаж компании.
Network security specialist Catherine Paquetl fills you in on advanced threat protection that integrates real-time contextual awareness, intelligent security automation and superior performance with industry-leading network intrusion prevention, Sourcefire.
ABOUT THE PRESENTER
Catherine Paquet, CCSI, CCNP Security, CCNP Routing and Switching, is a network security specialist. She began her internetworking career as a LAN manager, then MAN manager, and eventually became a nationwide WAN manager with the Department of National Defence. Paquet lectures around the world on security topics, including firewalls, VPNs, intrusion prevention, identity systems, email and Web security, and router and switch security. During her spare time, she authors Cisco Press books, and she volunteers as a network security analyst to nonprofit organizations. Paquet attended the Royal Military College Saint-Jean (Canada) and holds an MBA in Management Information Systems (MIS) from York University.
Detecting Malicious Cloud Account Behavior: A Look at the New Native Platform...Priyanka Aash
Until recently, major public cloud providers have offered relatively basic toolsets for identifying suspicious activity occurring inside customer accounts that may indicate a compromise. Some organizations have invested significant resources to build their own tools or have leveraged industry vendor offerings to provide this visibility. The reality is, that barrier has meant that a large number of organizations haven't dedicated those resources to this problem and therefore operate without sufficient detection and response capabilities that monitor their cloud accounts for compromise.
Amazon Web Services, Google Cloud Platform, and Microsoft Azure have recently launched a new set of native platform threat and anomalous behavior detection services to help their customers better identify and respond to certain issues and activities occurring inside their cloud accounts. From detecting crypto-currency mining to identifying bot-infected systems to alerting on suspicious cloud credential usage to triggering on cloud-specific methods of data exfiltration, these new services aim to make these kinds of detections much easier and simpler to centrally manage.
But what new and unique insights do they offer? What configuration is required to achieve the full benefits of these detections? What types of activities are not yet covered? What attack methods and techniques can avoid detection by these systems and still be successful? What practical guidelines can be followed to make the best use of these services in an organization?
Follow along as we attempt to answer these questions using practical demonstrations that highlight the real threats facing cloud account owners and how the new threat detection capabilities perform in reducing the risks of operating workloads in the public cloud.
Session Sponsored by Trend Micro: 3 Secrets to Becoming a Cloud Security Supe...Amazon Web Services
While security is a top concern in every organization these days, it often gets a bad rap. In many minds, security has the reputation of the bothersome villain who attempts to hinder performance or restrain agility. In this session we will outline three strategies to protect your valuable workloads, without falling into traditional security traps. We will walk through three stories of EC2 security superheroes who saved the day by overcoming compliance and design challenges, using a (not so) secret arsenal of AWS and Trend Micro security tools.
Key takeaways from this session include how to:
- Design a workload-centric security architecture
- Improve visibility of AWS-only or hybrid environments
- Stop patching live instances but still prevent exploits
Speaker: Sasha Pavlovic, Director, Cloud & Datacentre Security, Asia Pacific, Trend Micro
New OSSIM v5.0 - Get Security Visibility Faster & Easier Than EverAlienVault
With a focus on simplifying asset management, OSSIM v5.0 (available 4/20) makes it faster and easier than ever to get the insights you need. Join us for this user training to learn how to get the most out of these new enhancements:
Assign custom labels for assets, groups and networks
Search, filter and group assets by OS, IP address, device type, custom labels and more
Run vulnerability and asset scans on custom asset groups with one click
Filter by asset groups in alarms, security events and raw logs
Update configuration, sensor assignment, asset value and more on multiple assets and groups of assets at once
...and more!
This presentations highlights the Cisco Security Architecture. For more information Cisco's security products and solutions please visit our website here: http://www.cisco.com/web/CA/products/vpn.html
The session will be focusing how cloud-native security platform can continuously discovers workloads, identifies risk, and enforces security policies in any multi-cloud environment. Additionally it will also cover the Automated policy generation through agent-less security controls makes protecting data and applications the easiest thing to do in the cloud.
The Speaker of the session will be Dr. Ratinder Paul Singh Ahuja, Founder and Chief Research and Development Officer, Shield X, USA
Dr. Ratinder leads ShieldX and its mission as its central pivot point. Drawing from a career as a successful serial entrepreneur and corporate leader, he brings his unique blend of business acumen, industry network and deep technical knowledge.
At his previous start-ups, Internet Junction, Webstacks and Reconnex he served as Chief Technology Officer and Vice President of the Mobile and Network Security Business Units. His knowledge of innovation and emerging trends in networking, network security, and data-loss prevention are derived from years of industry experience. Dr. Ahuja holds a BS in Electronics & Electrical Engineering from Thapar University, in India, and a Masters and Ph.D. in Computer Engineering from Iowa State University. Dr. Ahuja has been granted 61 patents for security-based technologies, and has presented in many public forums, including the Content Protection Summit, IC3, IEEE Computer Society, McAfee FOCUS, and the Cloud Expo.
F5 keeps customers protected with new IP Intelligence service. F5's BIG-IP solutions now offer a cloud-based service to guard against malicious activity, emerging threats, and IP address-related attacks.
Cloud summit demystifying cloud securityDavid De Vos
During this session we’ll cover the key solutions and steps to securing a cloud environment.
We’ll cover policy creation, security posture management & cybersecurity incident analysis. You’ll see how compliance is made easy in the cloud and how continuous monitoring works. We’ll explain how multi-cloud security works as well!
As we walk through the solutions, we’ll share some best practices and use cases from our experience.
Your network holds the key to defending your organization. The Cisco switches, routers, and wireless solutions you deploy can complement and empower your security systems. Cisco provides a broad portfolio of capabilities to improve your defenses across the entire attack continuum. This presentation outlines how you can use your network as a sensor to protect your data, your customers, and your reputation.
Register to Watch Webcast: http://cs.co/9003CRsH
Join the Conversation: http://cs.co/9008CRt6
Palo Alto Networks - инновационная платформа сетевой безопасности ядром которой является next generation firewall, на базе уникальной, разработанной PA Networks технологии App-ID, обеспечивает безопасность сети на уровне приложений, пользователей и контента с использованием как физической так и виртуальной архитектуры. Решения сетевой защиты PAN соответствуют самым высоким требованиям к сетевой безопасности, как по производительности так и по функциональности, и являются безусловными лидерами отрасли, что подтверждено отчетами Gartner, количеством пользователей и растущим объемом продаж компании.
Network security specialist Catherine Paquetl fills you in on advanced threat protection that integrates real-time contextual awareness, intelligent security automation and superior performance with industry-leading network intrusion prevention, Sourcefire.
ABOUT THE PRESENTER
Catherine Paquet, CCSI, CCNP Security, CCNP Routing and Switching, is a network security specialist. She began her internetworking career as a LAN manager, then MAN manager, and eventually became a nationwide WAN manager with the Department of National Defence. Paquet lectures around the world on security topics, including firewalls, VPNs, intrusion prevention, identity systems, email and Web security, and router and switch security. During her spare time, she authors Cisco Press books, and she volunteers as a network security analyst to nonprofit organizations. Paquet attended the Royal Military College Saint-Jean (Canada) and holds an MBA in Management Information Systems (MIS) from York University.
Detecting Malicious Cloud Account Behavior: A Look at the New Native Platform...Priyanka Aash
Until recently, major public cloud providers have offered relatively basic toolsets for identifying suspicious activity occurring inside customer accounts that may indicate a compromise. Some organizations have invested significant resources to build their own tools or have leveraged industry vendor offerings to provide this visibility. The reality is, that barrier has meant that a large number of organizations haven't dedicated those resources to this problem and therefore operate without sufficient detection and response capabilities that monitor their cloud accounts for compromise.
Amazon Web Services, Google Cloud Platform, and Microsoft Azure have recently launched a new set of native platform threat and anomalous behavior detection services to help their customers better identify and respond to certain issues and activities occurring inside their cloud accounts. From detecting crypto-currency mining to identifying bot-infected systems to alerting on suspicious cloud credential usage to triggering on cloud-specific methods of data exfiltration, these new services aim to make these kinds of detections much easier and simpler to centrally manage.
But what new and unique insights do they offer? What configuration is required to achieve the full benefits of these detections? What types of activities are not yet covered? What attack methods and techniques can avoid detection by these systems and still be successful? What practical guidelines can be followed to make the best use of these services in an organization?
Follow along as we attempt to answer these questions using practical demonstrations that highlight the real threats facing cloud account owners and how the new threat detection capabilities perform in reducing the risks of operating workloads in the public cloud.
Session Sponsored by Trend Micro: 3 Secrets to Becoming a Cloud Security Supe...Amazon Web Services
While security is a top concern in every organization these days, it often gets a bad rap. In many minds, security has the reputation of the bothersome villain who attempts to hinder performance or restrain agility. In this session we will outline three strategies to protect your valuable workloads, without falling into traditional security traps. We will walk through three stories of EC2 security superheroes who saved the day by overcoming compliance and design challenges, using a (not so) secret arsenal of AWS and Trend Micro security tools.
Key takeaways from this session include how to:
- Design a workload-centric security architecture
- Improve visibility of AWS-only or hybrid environments
- Stop patching live instances but still prevent exploits
Speaker: Sasha Pavlovic, Director, Cloud & Datacentre Security, Asia Pacific, Trend Micro
McAfee Skyhigh: Elevating Your AWS Security Posture (SEC307-S) - AWS re:Inven...Amazon Web Services
According to Gartner, the IaaS market grew at a blistering 42.8% in 2017—twice as fast as SaaS. And with last year’s high-profile data exposures, the focus on bolstering IaaS security practices has increased. We’ve worked with AWS and hundreds of IaaS security professionals to develop a list of security practices specifically designed to protect AWS environments and the applications and data within them. In this session, you’ll discover: common yet preventable scenarios that can result in the loss of corporate data, security best practices for user and admin behavior monitoring, secure auditable configuration, Amazon S3 data loss and threat prevention, blueprints for how a solution-based approach (including bridging to your on-premises best practices) can provide IaaS visibility and control, step-by-step guidance on how to gain visibility across all workloads, protect against advanced threats, and discover insights into lateral threat movements, and recommendations for creating a successful DevOps workflow that integrates security.
How to Overcome Network Access Control Limitations for Better Network SecurityCryptzone
This eBook discusses network access control (NAC) limitations offering details on why a Software-Defined Perimeter delivers better network security for today's enterprise.
클라우드 환경에서의 SIEMLESS 통합 보안 서비스, Alert Logic - 채현주 보안기술본부장, Openbase :: AWS Sum...Amazon Web Services Korea
스폰서 발표 세션 | 클라우드 환경에서의 SIEMLESS 통합 보안 서비스, Alert Logic
채현주 보안기술본부장, Openbase
클라우드 환경의 다양한 서비스로 인해 자산을 지키는 보안을 위한 작업은 더욱 복잡해지고 있다. 기존 온프라미스에서 해 오던 방식으로 클라우드 보안에 접근하는 것은 비용 및 자원활용 측면에서도 낭비이며, 기술의 발전 속도를 따라가기도 어렵다. 본 세션에서는 클라우드 환경의 보안 특성을 살펴보고 효율적인 보안시스템 구축을 위한 가이드를 제시하며, 아울러 전문적인 보안 지식이나 자체 구축 보안시스템 없이도 즉시 활용할 수 있는 Alert Logic의 보안 서비스를 소개한다.
AWS Security Best Practices, SaaS and ComplianceGaurav "GP" Pal
As more SaaS businesses come online it is critical they follow security architecture and operational best practices. The changing regulatory framework from agencies such as SEC, FTC and other agencies requires SaaS companies to implement security best practices.
Protecting your mission-critical data and applications in the cloud can best be accomplished through a joint effort between your organization and your cloud services provider (CSP).
Make sure you exercise due diligence when selecting a cloud service provider.
Make sure the cloud environment supports the regulatory requirements of your industry and data.
Conduct data classification to understand the sensitivity of your data before moving to the cloud.
Clearly define who owns the data and how it will be “returned” to you and the timing in the event you cancel your agreement.
Understand if you are leveraging the cloud in IaaS, PaaS, SaaS or other model.
Remote connectivity is crucial for enterprise productivity and SSL has gained fast popularity as a remote access
tool. In fact, SSL VPNs as a technology have shown promise in eliminating many of the client side issues associated
with IPSec, and other forms of remote access. Furthermore, SSL VPNs offer a smooth migration to a more costeffective,
easier to deploy remote access solution than IPSec. SSL VPN’s combination of flexibility and functionality
makes it competitive with IPSec even when deployed for enterprise’s “power users.”
In today’s crowded SSL VPN market, it’s easy to become overwhelmed by the wide range of solutions available.
Obviously, there are many factors to consider when purchasing an SSL VPN product, and you want to make the
best choice possible. This SSL VPN Evaluation Guide serves as an important resource in identifying, describing, and
prioritizing the criteria you should consider when selecting an SSL VPN provider that best fits the needs of your
organization.
Selection Criteria
In coming up with a selection criteria, the functions offered by SSL VPNs have to be evaluated against two key
aspects: security and user experience. A truly successful deployment of a secure access solution cannot be achieved
without taking both aspects into consideration. Look for an SSL VPN that can also serve the organization’s longterm
needs, integrates seamlessly with the network architecture, and provides powerful management tools. The
optimal provider will exceed in these key areas:
n Performance and scalability
n Security
n Ease of use
n Company reputation
n Technology leadership
Cyxtera - Operational Complexity: The Biggest Security Threat to Your AWS Env...Cyxtera Technologies
Learn how to remove operational complexity from achieving secure – and easily auditable – user access to your AWS systems. Automate tightly controlled user access in highly dynamic AWS environments. Painlessly report exactly who accessed which resources, from where, and when – in near real-time – and save your teams thousands of hours in audit prep work.
The Top 10 Most Common Weaknesses in Serverless Applications 2018PureSec
Top 10 Most Common Weaknesses in Serverless Applications (2018). By PureSec. A walkthrough of the Top 10 most common security mistakes and weaknesses found in serverless applications such as AWS Lambda and Azure Functions
Will Your Cloud Be Compliant? OpenStack SecurityScott Carlson
Presentation from 2014 Atlanta OpenStack Summit
Will Your Cloud Be Compliant?
Scott Carlson - PayPal
Evgeniya Schumakher - Mirantis
https://www.youtube.com/watch?v=gTqyWsV5nzI&list=PLF2SitUlktI43byuCqY8L_KVT34NnpciS
Similar to Cloud Security:Threats & Mitgations (20)
Http2 is here! And why the web needs itIndicThreads
Presented at the IndicThreads.com Software Development Conference 2016 held in Pune, India. More at http://www.IndicThreads.com and http://Pune16.IndicThreads.com
--
Understanding Bitcoin (Blockchain) and its Potential for Disruptive ApplicationsIndicThreads
Presented at the IndicThreads.com Software Development Conference 2016 held in Pune, India. More at http://www.IndicThreads.com and http://Pune16.IndicThreads.com
--
Go Programming Language - Learning The Go Lang wayIndicThreads
Presented at the IndicThreads.com Software Development Conference 2016 held in Pune, India. More at http://www.IndicThreads.com and http://Pune16.IndicThreads.com
--
Presented at the IndicThreads.com Software Development Conference 2016 held in Pune, India. More at http://www.IndicThreads.com and http://Pune16.IndicThreads.com
--
How to Think in RxJava Before ReactingIndicThreads
Presented at the IndicThreads.com Software Development Conference 2016 held in Pune, India. More at http://www.IndicThreads.com and http://Pune16.IndicThreads.com
--
Presented at the IndicThreads.com Software Development Conference 2016 held in Pune, India. More at http://www.IndicThreads.com and http://Pune16.IndicThreads.com
--
Presented at the IndicThreads.com Software Development Conference 2016 held in Pune, India. More at http://www.IndicThreads.com and http://Pune16.IndicThreads.com
--
IoT testing and quality assurance indicthreadsIndicThreads
Presented at the IndicThreads.com Software Development Conference 2016 held in Pune, India. More at http://www.IndicThreads.com and http://Pune16.IndicThreads.com
--
Functional Programming Past Present FutureIndicThreads
Presented at the IndicThreads.com Software Development Conference 2016 held in Pune, India. More at http://www.IndicThreads.com and http://Pune16.IndicThreads.com
--
Harnessing the Power of Java 8 Streams IndicThreads
Presented at the IndicThreads.com Software Development Conference 2016 held in Pune, India. More at http://www.IndicThreads.com and http://Pune16.IndicThreads.com
--
Internet of things architecture perspective - IndicThreads ConferenceIndicThreads
Internet of Things is gaining unprecedented amount of traction across the globe. And the large organizations are making huge investments on IoT, which is going to change the shape of the 'Connected World'. Hence, it becomes necessarily important to understand the components, technologies and their interaction in the world of IoT.
The session would cover the Introduction of IoT, its components, the forces that have brought the ecosystem to mainstream and its adoption across industries. Then along with the Reference Architecture, I would discuss a few of industry implementations in IOT area with reference to the architecture. Next would be a comparative analysis of various IOT platforms available in the market and their architectures. And finally I would take up the challenges in making IOT as pervasive as it is believed to be.
A key take away would be the architectural appreciation of IOT landscape. As of now, any and every player in the market has begun to advertise their product as an IOT platform but a comprehensive review of fundamental design and architecture would bring this plethora of products (including open source ones) in the right purview. And that's the objective of this talk.
Session at the IndicThreads.com Confence held in Pune, India on 27-28 Feb 2015
http://www.indicthreads.com
http://pune15.indicthreads.com
Cars and Computers: Building a Java CarputerIndicThreads
The average family car of today has significantly more computing power than got the first astronauts to the moon and back. Modern cars contain more and more computers to monitor and control every aspect of driving, from anti-lock brakes to engine management to satellite navigation.
This session will look at how Java can (and is) used in cars to add more data collection. This will cover a project that was written to collect a variety of data from a car whilst driving (including video) and then play it back later so driving style and performance could be evaluated. There will be plenty of demonstrations.
Session at the IndicThreads.com Confence held in Pune, India on 27-28 Feb 2015
http://www.indicthreads.com
http://pune15.indicthreads.com
Remember the last time you tried to write a MapReduce job (obviously something non trivial than a word count)? It sure did the work, but has lot of pain points from getting an idea to implement it in terms of map reduce. Did you wonder how life will be much simple if you had to code like doing collection operations and hence being transparent* to its distributed nature? Did you want/hope for more performant/low latency jobs? Well, seems like you are in luck.
In this talk, we will be covering a different way to do MapReduce kind of operations without being just limited to map and reduce, yes, we will be talking about Apache Spark. We will compare and contrast Spark programming model with Map Reduce. We will see where it shines, and why to use it, how to use it. We’ll be covering aspects like testability, maintainability, conciseness of the code, and some features like iterative processing, optional in-memory caching and others. We will see how Spark, being just a cluster computing engine, abstracts the underlying distributed storage, and cluster management aspects, giving us a uniform interface to consume/process/query the data. We will explore the basic abstraction of RDD which gives us so many awesome features making Apache Spark a very good choice for your big data applications. We will see this through some non trivial code examples.
Session at the IndicThreads.com Confence held in Pune, India on 27-28 Feb 2015
http://www.indicthreads.com
http://pune15.indicthreads.com
Continuous Integration (CI) and Continuous Delivery (CD) using Jenkins & DockerIndicThreads
Continuous Integration (CI) is one of the most important tenets of agile practices. And Continuous Delivery (CD) is impossible without continuous integration. All practices are good and enhance productivity when other good practices and tools back them. For example CI & CD without proper automation test cases can be a killer. It kills the team productivity and puts deliver on risk. Via this session I will try to share my experiences of how CI and CD can be done in optimized fashion (specifically for feature branch based development approach)
We will discuss the best practices and ways of ensuring proper CI and CD in feature branch based development approach.
I will showcase an automated Jenkins based setup, which is geared to ensure that all feature branches and master remain in cohesive harmony.
At the end we will conclude on what are the essential components for ensuring successful CI and CD. We will also discuss what are the associated must haves to make it a success.
Take away for participants
1. Understanding of CI and CD and how CI can lead to CD.
2. How a devops engineer can leverage Jenkins and scripting to automate the CI and CD for feature branch based development.
3. Demo of CI setup devloped on Jenkins.
4. Generic understanding and Q&A related to CI and CD.
5. Learning of how docker can be used in such scenarios.
Session at the IndicThreads.com Confence held in Pune India on 27-28 Feb 2015
http://www.indicthreads.com
http://pune15.indicthreads.com
Speed up your build pipeline for faster feedbackIndicThreads
In this talk I will share how we brought down our Jenkins build pipeline time down from over 90 minutes to under 12 minutes. I will share specific techniques which helped and also some, which logically made sense, but actually did not help. If your team is trying to optimize their build times, then this session might give you some ideas on how to approach the problem.
Development Impact – The number of builds in a day have increased over a period of time as the build time has reduced. Frequency of code check-in has increased; Wait time has reduced; failed test case faster to isolate and fix.
The sessions will look at: Why long running pipeline was hurting, Key Principles to Speed Up Your Build Pipeline, Bottlenecks , Disk IO examples and alternatives, Insights from CPU Profiling, Divide and Conquer, Fail Fast, Results
The talk will highlight: Importance of getting fast feedback, How to investigate long running tests, How to run Tests concurrently, RAM Disks, SSD, Hybrid disks, Why you should not assume; but validate your hypothesis.
Session at the IndicThreads.com Confence held in Pune India on 27-28 Feb 2015
http://www.indicthreads.com
http://pune15.indicthreads.com
OpenStack – an open source initiative for cloud management – has become a sensation is today’s Infrastructure as a Service (IaaS) cloud space. With more than 10 subprojects to manage server, storage, network, security and monitoring of the cloud, OpenStack has provided a competitive and scalable open source solution in cloud space. Big giants in public and private cloud such as VMware, Amazon and IBM are actively investing into OpenStack and developing their products to integrate with it.
The session will talk about the architecture of OpenStack and will discuss why it has become a differentiating factor for business in cloud space through scalability, automation, intuitiveness and flexibility. The session will also discuss how it integrates with the Platform as a Service (PaaS) layer and scales to public and private cloud.
The session will also contain a live demo of how a simple private cloud can be set up using OpenStack. The demo will explain how OpenStack makes the cloud management easy even for universities and small enterprises to rapidly adapt to their business needs at almost no costs.
Finally, the session will discuss current challenges and trends in OpenStack community and how can one contribute to OpenStack as an enterprise or individual.
The speaker leads development of IBM’s new OpenStack based Infrastructure As A Service (IaaS) solution and will share his insights into OpenStack services and components.
Session at the IndicThreads.com Confence held in Pune, India on 27-28 Feb 2015
http://www.indicthreads.com
http://pune15.indicthreads.com
Digital Transformation of the Enterprise. What IT leaders need to know!IndicThreads
This presentation will be about the changing times and nature of IT services delivered to the consumer. In the past, it used to be delivered through thick or thin clients on the desktop. Today, these are primarily delivered to the mobile in the form of a digital service.
While a lot of talk is about disruption that the smart phones have brought, the truth is, that the backend has to be more industrialised than ever before due to the massive number of transactions that terminate in the legacy IT infrastructure. Companies need both, industrial IT and innovation IT to be able to compete effectively in the digital marketplace. This presentation will be about the different imperatives the new IT leaders have to think about in the digital era.
Session at the IndicThreads.com Confence held in Pune, India on 27-28 Feb 2015
http://www.indicthreads.com
http://pune15.indicthreads.com
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...SOFTTECHHUB
The choice of an operating system plays a pivotal role in shaping our computing experience. For decades, Microsoft's Windows has dominated the market, offering a familiar and widely adopted platform for personal and professional use. However, as technological advancements continue to push the boundaries of innovation, alternative operating systems have emerged, challenging the status quo and offering users a fresh perspective on computing.
One such alternative that has garnered significant attention and acclaim is Nitrux Linux 3.5.0, a sleek, powerful, and user-friendly Linux distribution that promises to redefine the way we interact with our devices. With its focus on performance, security, and customization, Nitrux Linux presents a compelling case for those seeking to break free from the constraints of proprietary software and embrace the freedom and flexibility of open-source computing.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Essentials of Automations: The Art of Triggers and Actions in FMESafe Software
In this second installment of our Essentials of Automations webinar series, we’ll explore the landscape of triggers and actions, guiding you through the nuances of authoring and adapting workspaces for seamless automations. Gain an understanding of the full spectrum of triggers and actions available in FME, empowering you to enhance your workspaces for efficient automation.
We’ll kick things off by showcasing the most commonly used event-based triggers, introducing you to various automation workflows like manual triggers, schedules, directory watchers, and more. Plus, see how these elements play out in real scenarios.
Whether you’re tweaking your current setup or building from the ground up, this session will arm you with the tools and insights needed to transform your FME usage into a powerhouse of productivity. Join us to discover effective strategies that simplify complex processes, enhancing your productivity and transforming your data management practices with FME. Let’s turn complexity into clarity and make your workspaces work wonders!
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
Removing Uninteresting Bytes in Software FuzzingAftab Hussain
Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process.
In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds.
- These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdfPeter Spielvogel
Building better applications for business users with SAP Fiori.
• What is SAP Fiori and why it matters to you
• How a better user experience drives measurable business benefits
• How to get started with SAP Fiori today
• How SAP Fiori elements accelerates application development
• How SAP Build Code includes SAP Fiori tools and other generative artificial intelligence capabilities
• How SAP Fiori paves the way for using AI in SAP apps
The Metaverse and AI: how can decision-makers harness the Metaverse for their...Jen Stirrup
The Metaverse is popularized in science fiction, and now it is becoming closer to being a part of our daily lives through the use of social media and shopping companies. How can businesses survive in a world where Artificial Intelligence is becoming the present as well as the future of technology, and how does the Metaverse fit into business strategy when futurist ideas are developing into reality at accelerated rates? How do we do this when our data isn't up to scratch? How can we move towards success with our data so we are set up for the Metaverse when it arrives?
How can you help your company evolve, adapt, and succeed using Artificial Intelligence and the Metaverse to stay ahead of the competition? What are the potential issues, complications, and benefits that these technologies could bring to us and our organizations? In this session, Jen Stirrup will explain how to start thinking about these technologies as an organisation.
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex ProofsAlex Pruden
This paper presents Reef, a system for generating publicly verifiable succinct non-interactive zero-knowledge proofs that a committed document matches or does not match a regular expression. We describe applications such as proving the strength of passwords, the provenance of email despite redactions, the validity of oblivious DNS queries, and the existence of mutations in DNA. Reef supports the Perl Compatible Regular Expression syntax, including wildcards, alternation, ranges, capture groups, Kleene star, negations, and lookarounds. Reef introduces a new type of automata, Skipping Alternating Finite Automata (SAFA), that skips irrelevant parts of a document when producing proofs without undermining soundness, and instantiates SAFA with a lookup argument. Our experimental evaluation confirms that Reef can generate proofs for documents with 32M characters; the proofs are small and cheap to verify (under a second).
Paper: https://eprint.iacr.org/2023/1886
In his public lecture, Christian Timmerer provides insights into the fascinating history of video streaming, starting from its humble beginnings before YouTube to the groundbreaking technologies that now dominate platforms like Netflix and ORF ON. Timmerer also presents provocative contributions of his own that have significantly influenced the industry. He concludes by looking at future challenges and invites the audience to join in a discussion.
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfPaige Cruz
Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack.
While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack.
I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
2. What are we gonna talk about?
What we need to know to get started
Its your responsibility
Threats and Remediations: Hacker v/s Developer
2
3. What Security
Physical security – controls implemented at and for
physical facilities (offices, datacenters)
Network security – controls implemented for network
(firewall, anti-DDoS, auth controls)
System security – controls implemented for the IT
systems (anti-virus, active directory)
Application security – controls implemented for
business applications (AAA, API Security, release
management)
Maturity, effectiveness & completeness of security
controls implemented
3
4. First Step Towards Cloud Security
Your assets on the cloud - Data, Applications &
Processes
Evaluate all assets in terms of
Confidentiality
What if the asset becomes publicly accessible?
What if the cloud provider employee accessed your asset?
Integrity
What if the process was manipulated by an outsider?
What if the process failed to provide expected results?
What if the data got unexpectedly changed?
Availability
What if the asset were unavailable for a period of time?
4
5. Cloud Service Models
➢ Provider secures the physical infrastructure (server locations)
➢ Provider may give basic firewall like protection for running instances
➢ Consumer implements additional Network, System and Application security
IAAS controls
➢ Zero application like features, enormous extensibility
● Provider takes care of securing the infrastructure (server locations, servers,
network, OS and storage)
● Consumer implements Application security controls
PAAS ● Intended to enable developers to build their apps on top of the platform
● Provider implements the Network, System & Application security
● Service levels, security, liability expectations are contractually enforced
● Most integrated functionality
SAAS ● And hence, Least consumer extensibility
5
6. Lets Begin the Debate
The first Threat:
Unknown Risk Profile
Applies To: IaaS PaaS SaaS
6
7. Well, Yeah !
But we have to start somewhere:
Educate ourselves
Read the Contract Carefully ! Disagree when you are not
comfortable
Ask the provider for Disclosure of applicable logs and data.
Get Partial/full disclosure of infrastructure details (e.g.,
patch levels, firewalls, etc.).
Setup best possible Monitoring and alerting on necessary
information
TOOLS: NAGIOS, AIDE
7
9. I choose my friends wisely!
Look for providers with Stricter initial registration
and validation processes.
Check levels of credit card fraud monitoring and
coordination used by the provider
Is the provider capable of running a Comprehensive
introspection of customer network traffic
Monitor public blacklists for one’s own network
blocks.
9
11. Yeah, thats a tough one!
Analyze the security model of cloud provider's
interfaces.
Ensure strong authentication and access controls are
implemented in concert with encrypted transmission.
Understand the Dependency Chain associated with
the API.
11
13. You can trust no one !
Enforce strict supply chain management and conduct
a comprehensive supplier assessment.
Specify human resource requirements as part of legal
contracts.
Require transparency into overall information
security and management practices, as well as
compliance reporting.
Determine security breach notification processes
13
15. Get your own Bag !
Implement security best practices for installation/
configuration.
Monitor environment for unauthorized changes/
activity.
Promote strong authentication and access control for
administrative access and operations.
Enforce service level agreements for patching and
vulnerability remediation.
Conduct vulnerability scanning and configuration
audits
15
16. Data Loss or Leakage
Applies To: IaaS PaaS SaaS
16
17. I know its Confidential
Implement strong API access control.
Encrypt and protect integrity of data in transit.
Analyze data protection at both design and run time.
Implement strong key generation, storage and
management, and destruction practices.
Contractually demand providers wipe persistent
media before it is released into the pool.
Contractually specify provider backup and retention
strategies.
17
19. Do I really know you?
Prohibit the sharing of account credentials between
users and services.
Leverage strong two-factor authentication techniques
where possible.
Employ proactive monitoring to detect unauthorized
activity.
Understand cloud provider security policies and SLAs.
19
21. Lets Brace Ourselves
Basic Security
Install libpam for enforcing stricter password scheme
Defined a policy for groups and users
Disable root login
Don't share user logins
Assign user privileges based on requirements
Minimize the login accounts that have root access
Enable user action logging (**)
Don't run webserver and database as root user
Restrict SSH access by groups or users
Allow SSH login using identity keys only
Change default SSH port
21
22. Server / OS Hardening
Chkrootkit – Checks for root kits installed, if any
SNORT - Intrusion Detection
AIDE - File Integrity Checking, can alert you if any file
is changed on the machine
psad – Port Scan Attack Detection – Well !
Bastille – Best Firewall configuration tool
NAGIOS – Open source remote monitoring of the
server and all important services running on it
Keep a Reference Machine Image
22
23. Apache web server Hardening
Download server binary from trusted sources only and
verify download integrity
Disable modules that are not required
Change the default webserver user and group
Follow appropriate security forums & apply security
patches ASAP
23
24. Application Security -Authentication
Authentication must be on HTTPS
Choose strong authentication scheme, especially if
you are going to provide an API access
Prefer Basic authentication over HTTPS as against
Digest authentication.
Maintain a strong password policy
Implement captcha or response slow down when
multiple failed login attempts are detected
24
25. Application Security – the rest
Educate yourself on application security, learn to use
a http intercepting proxy – WebScarab/Burp
Top Ten Vulnerabilities according to the OWASP
Project – Remember these are just the TOP TEN
Injection, Cross-Site Scripting (XSS), Broken Authentication
and Session Management, Insecure Direct Object
References, Cross-Site Request Forgery (CSRF), Security
Misconfiguration, Insecure Cryptographic Storage, Failure
to Restrict URL Access, Insufficient Transport Layer
Protection, Unvalidated Redirects and Forwards
25
26. What happens next?"
"I'm not sure, exactly. But this world is ours now.
It's what we make of it." - 9 (2009)
26