A brief intro to Compliance and Azure platform.
Overview of tools available on Azure such as Policies, BluePrints. It has a demo of Azure DevOps Kit (aka azsk PowerShell module) to continuously assure your compliance.
As presented at Wellington Code Camp.
DevOps is not just about deploying software, it’s about reducing bottlenecks and bringing value to the business. By utilizing DevOps techniques we can build a strong security practice that everybody is invested in, even your Developers and Operations Teams!
Transform your DevOps practices with SecurityPaul Czarkowski
DevOps is not just about deploying software, it’s about reducing bottlenecks and bringing value to the business. By utilizing DevOps techniques we can build a strong security practice that everybody is invested in, even your Developers and Operations Teams!
What’s New with NGINX Controller Load Balancing Module 2.0?NGINX, Inc.
On-Demand Link: https://www.nginx.com/resources/webinars/new-nginx-controller-load-balancing-module-2-0/
Speaker:
Karthik Krishnaswamy
Sr Product Marketing Manager
NGINX, Inc.
About the webinar
Achieving consistency in application performance begins with a consistent load balancing configuration. NGINX Controller Load Balancing Module 2.0 introduces a policy-driven approach to configuration management resulting in consistent configuration across multiple NGINX Plus instances. This can be achieved with the push of a button, saving time and effort for I&O teams. We will also showcase NGINX Controller’s integration with ServiceNow which seamlessly blends into your IT service management workflows.
The webinar includes a live demo of the Load Balancing Module in action.
Making Git Work for the Enterprise Through the Power of Perforce HelixPerforce
Git is increasingly a part of the enterprise because developers love its speed and flexibility. Yet Git also poses a variety of challenges for non-developers: security, scalability, visibility, and more. See live demonstrations of how GitSwarm, the complete Git management solution, addresses and serves the needs of every stakeholder through the power of Helix.
Dr. Robert Burnett, director of software engineering at L3 Communications Corporation presented "Continuous Integration––An Overview." For more information, please visit us at www.blackducksoftware.com
An unusual number of recent news articles spotlighting SSL security flaws including HeartBleed, POODLE, and FREAK, has forced major security policy changes in communication software and compliance standards. In order to meet the future security challenges, and to continue providing business, this session will highlight how Rocket MV product family can help you to fortify your data communications, and meet compliance requirements of today and tomorrow.
Get the Most Out of Kubernetes with NGINXNGINX, Inc.
On-demand Link
https://www.nginx.com/resources/webinars/kubernetes-nginx/
About the Webinar
Many enterprises are adopting Kubernetes at breakneck speed as part of their DevOps‑centric digital transformation initiative. And yet the rise of DevOps in no way reduces the role of NetOps teams, who still have responsibility for the operation of the entire platform and its enterprise-wide application services. NetOps’s control of these global‑scale services is still vital to deploying stable and secure aps. In fact, where both NetOps and DevOps have an interest in an application service such as ADC or WAF, we often see duplication of that service. This is not an inefficiency, but rather reflects the differing needs and goals of the parties as they each make use of that service.
In this webinar we explore the benefits of duplicating application services inside Kubernetes and look at some well‑established practices for deploying services such as WAF for applications that are running in Kubernetes, including trade‑offs between different options and the criteria that matter most to help you make the best decisions. Our presenters will also provide a demo of how to use NGINX Ingress Controller to provision NGINX App Protect in Red Hat OpenShift.
As presented at Wellington Code Camp.
DevOps is not just about deploying software, it’s about reducing bottlenecks and bringing value to the business. By utilizing DevOps techniques we can build a strong security practice that everybody is invested in, even your Developers and Operations Teams!
Transform your DevOps practices with SecurityPaul Czarkowski
DevOps is not just about deploying software, it’s about reducing bottlenecks and bringing value to the business. By utilizing DevOps techniques we can build a strong security practice that everybody is invested in, even your Developers and Operations Teams!
What’s New with NGINX Controller Load Balancing Module 2.0?NGINX, Inc.
On-Demand Link: https://www.nginx.com/resources/webinars/new-nginx-controller-load-balancing-module-2-0/
Speaker:
Karthik Krishnaswamy
Sr Product Marketing Manager
NGINX, Inc.
About the webinar
Achieving consistency in application performance begins with a consistent load balancing configuration. NGINX Controller Load Balancing Module 2.0 introduces a policy-driven approach to configuration management resulting in consistent configuration across multiple NGINX Plus instances. This can be achieved with the push of a button, saving time and effort for I&O teams. We will also showcase NGINX Controller’s integration with ServiceNow which seamlessly blends into your IT service management workflows.
The webinar includes a live demo of the Load Balancing Module in action.
Making Git Work for the Enterprise Through the Power of Perforce HelixPerforce
Git is increasingly a part of the enterprise because developers love its speed and flexibility. Yet Git also poses a variety of challenges for non-developers: security, scalability, visibility, and more. See live demonstrations of how GitSwarm, the complete Git management solution, addresses and serves the needs of every stakeholder through the power of Helix.
Dr. Robert Burnett, director of software engineering at L3 Communications Corporation presented "Continuous Integration––An Overview." For more information, please visit us at www.blackducksoftware.com
An unusual number of recent news articles spotlighting SSL security flaws including HeartBleed, POODLE, and FREAK, has forced major security policy changes in communication software and compliance standards. In order to meet the future security challenges, and to continue providing business, this session will highlight how Rocket MV product family can help you to fortify your data communications, and meet compliance requirements of today and tomorrow.
Get the Most Out of Kubernetes with NGINXNGINX, Inc.
On-demand Link
https://www.nginx.com/resources/webinars/kubernetes-nginx/
About the Webinar
Many enterprises are adopting Kubernetes at breakneck speed as part of their DevOps‑centric digital transformation initiative. And yet the rise of DevOps in no way reduces the role of NetOps teams, who still have responsibility for the operation of the entire platform and its enterprise-wide application services. NetOps’s control of these global‑scale services is still vital to deploying stable and secure aps. In fact, where both NetOps and DevOps have an interest in an application service such as ADC or WAF, we often see duplication of that service. This is not an inefficiency, but rather reflects the differing needs and goals of the parties as they each make use of that service.
In this webinar we explore the benefits of duplicating application services inside Kubernetes and look at some well‑established practices for deploying services such as WAF for applications that are running in Kubernetes, including trade‑offs between different options and the criteria that matter most to help you make the best decisions. Our presenters will also provide a demo of how to use NGINX Ingress Controller to provision NGINX App Protect in Red Hat OpenShift.
Chris Van Tuin, Chief Technologist, Red Hat presented, "A DevOps State of Mind: Continuous Security with Kubernetes." For more information please visit our website at www.blackducksoftware.com.
Moving Data Efficiently with Real-Time StreamingWSO2
Moving data from one place to another is a common problem that every system has to handle. Data streaming is becoming an increasingly popular technique used for data integration as it enables to transmit data efficiently with low resource usage and, more importantly, consumers receive notifications about new data/changes in real-time.
The usage of streaming to move data, a.k.a Streaming ETL, is a new technique that is becoming popular as an alternative to traditional ETL. Traditional ETL was predominantly designed to integrate data across files and DBs. But now there are various types of data sources and destinations. Therefore, the techniques used in traditional ETL might not suffice. Moreover, now users want to see data in real-time; this makes Streaming-based ETL the only choice for certain use cases.
WSO2 Enterprise Integrator is equipped with rich data streaming capabilities. It can listen to streaming data sources as well as source events from static data sources, such as files and DBs, making it possible to treat all data sources as data streams. The solution can be used as an effective tool to move large volumes of data in a streaming manner regardless of the data source.
In this webinar, we'll explore what functionalities are offered to build robust streaming ETL pipelines and introduce the developer experience offered to build streaming apps, as well as the basics you need to know to build your first streaming application with WSO2 Enterprise Integrator.
By attending this webinar, you will be able to understand what streaming ETL is and its importance and how to build a simple streaming application with WSO2 Enterprise Integrator.
During the webinar, we will cover:
What is streaming ETL? And why is it better?
Consuming streaming data and sourcing events
Processing streaming data with stream processing
Integrating streaming data with various destinations
Building a simple streaming app with WSO2 Enterprise Integrator
View the on-demand webinar: https://wso2.com/library/webinars/moving-data-efficiently-with-real-time-streaming/
Driving a PHP Application with MultiValue DataRocket Software
This session’s focus is to provide insight on how to leverage the popular server side language of PHP to interface with your U2 or D3 MultiValued database. Learn how to call and consume Web Services content in an easy to learn web development language.
Red Hat multi-cluster management & what's new in OpenShiftKangaroot
More and more organisations are not only using container platforms but starting to run multiple clusters of containers. And with that comes new headaches of maintaining, securing, and updating those multiple clusters. In this session we'll look into how Red Hat has solved multi-cluster management, covering cluster lifecycle, app lifecycle, and governance/risk/compliance.
Pivotal Cloud Foundry 2.4: A First LookVMware Tanzu
Join Dan Baskette and Jared Ruckle for a view into Pivotal Cloud Foundry (PCF) 2.4 capabilities with demos and expert Q&A. We’ll review the latest features for Pivotal’s flagship app platform, including the following:
- Native zero downtime push and native zero downtime restarts
- Dynamic egress policies
- Operations Manager updates
- Zero downtime stack updates to cflinuxfs3
- Zero downtime OS updates
- New pathways protected by TLS
- New scanning tools to assist with compliance
Plus much more!
Presenters : Dan Baskette, Director, Technical Marketing, Jared Ruckle, Principal Product Marketing Manager
Achieve Full API Lifecycle Management Using NGINX Controller – EMEANGINX, Inc.
Attend this webinar and learn how to manage the entire lifecycle of your APIs using NGINX Controller. This includes defining, publishing, securing, routing, monitoring, troubleshooting, and analyzing usage of your APIs to assess their value. Get an overview and demo of NGINX Controller’s API Management Module.
Join this webinar to learn:
- How to manage API definitions and their component resources, define upstream groups and their backend servers, and route resources to upstreams
- How to boost developer productivity by enabling teams to deploy new APIs faster with environment‑specific, policy‑driven management
- How to mitigate DDoS attacks and protect your applications from being flooded with malicious or errant API calls by setting rate limits
- How you can meet and exceed SLAs by finding the root cause of performance issues and troubleshooting them quickly
https://www.nginx.com/resources/webinars/full-lifecycle-api-management-nginx-controller-emea
The twelve-factor app is designed for continuous deployment by keeping the gap between development and production small. For example, make the time gap small, make the personnel gap small & make the tools gap small. Learn more about how a Cloud vendor must provide a platform for 12-factor / Cloud Native development and deployment with identified anti-patterns.
Efficient Security Development and Testing Using Dynamic and Static Code Anal...Perforce
Be sure to register for a demo, if you would like to see how Klocwork can help ensure that your code is secure, reliable, and compliant.
https://www.perforce.com/products/klocwork/live-demo
Presenter - Peter Chestna, Veracode
If you are moving between methodologies, you are probably looking for a roadmap or at least lessons from someone that’s been through it already. Over its 10+ years, Veracode has moved from monolith to microservice and fromwaterfall to DevOps. We have learned a lot along the way and I’m eager to share the story.
As you consider the shift from waterfall to agile, or agile to continuous deployment and eventually DevOps, there is more to think about than just architecture. Peter Chestna, the Director of Developer Engagement at Veracode, led Veracode’s own transition from Waterfall to DevOps and in turn has helped hundreds of customers do the same.
Join us as Peter shares his own case study, how Veracode reengineered its own architecture but more importantly the overall process including team structure, the technologies to build a robust pipeline, security considerations and the cultural shifts required.
APIs: Intelligent Routing, Security, & ManagementNGINX, Inc.
Kevin Jones, Global Consulting Engineer from NGINX San Francisco, preseentation about how to accelerate your journey to microservices with a modernised full API lifecycle management solution. Learn how to cut costs, improve performance, and reduce load on API endpoints. This presentation, covers:
All elements of full lifecycle management including API creation, securing your backend infrastructure, managing traffic, and ongoing monitoring.
Innovative architecture that doesn't involve additional microgateways to process API calls
Differentiated pricing model that does not penalize API adoption
Monitoring Application Attack Surface to Integrate Security into DevOps Pipel...Denim Group
A web application’s attack surface is the combination of URLs it will respond to as well as the
inputs to those URLs that can change the behavior of the application. Understanding an
application’s attack surface is critical to being able to provide sufficient security test coverage,
and by watching an application’s attack surface change over time security and development
teams can help target and optimize testing activities. This presentation looks at methods of
calculating web application attack surface and tracking the evolution of attack surface over
time. In addition, it looks at metrics and thresholds that can be used to craft policies for
integrating different testing activities into Continuous Integration / Continuous Delivery (CI/CD)
pipelines for teams integrating security into their DevOps practices.
Architecting for now & the future with NGINX London April 19NGINX, Inc.
Presentations by Liam Crilly, Owen Garrett and Ed English NGINX at ‘Architecting for now & the future with NGINX’ Lunch and Learn in the Shangri-La Hotel, At The Shard, London. Presentations provide tips and insight into how NGINX can help to maximize performance and flexibility of cloud environments through laying the foundational building blocks for cloud-based microservices applications, API Management & Service Mesh initiatives.
Modernizing Applications by Replacing F5 with the NGINX Application Delivery ...NGINX, Inc.
F5’s rigid and centralized approach to load balancing and web application firewall (WAF) prevents enterprises from modernizing their applications. In this webinar we describe how replacing or augmenting your F5 deployment with the NGINX application delivery controller and Signal Sciences helps reduce costs and improve agility.
On-Demand Webinar:
https://www.nginx.com/resources/webinars/modernizing-replacing-f5-nginx-application-delivery-controller-signal-sciences/
Dev secops security and compliance at the speed of continuous delivery - owaspDag Rowe
Abstract:
See how an Ottawa company has built a SOC2 Type 2 audited software delivery system with less pain, and more value.
Build security, and compliance into the way software is delivered and operated to
* Make secure development easier
* Provide real customer value
* Avoid security theatre
* Reduce security and audit bottlenecks
Bio:
Dag Rowe is a BA in security and compliance. Passionate about improving systems of work, he is actively involved in the local software community. Dag helps to organize the Agile Ottawa Meetup group, and the Gatineau-Ottawa Agile Tour conference.
Speaker:
Owen Garrett
Sr. Director, Product Management
NGINX, Inc.
On-Deman Link: https://www.nginx.com/resources/webinars/need-service-mesh/
About the webinar:
Service mesh is one of the hottest emerging technologies. Even though it’s a nascent technology, many vendors have already released their implementation. But do you really need a service mesh?
Attend this webinar to learn about the levels of maturity on the journey to modernizing your apps using microservices, and the traffic management approaches best suited to each level. We’ll help you figure out if you really need a service mesh.
Innovation at Perforce never stops. Since the last MERGE conference, there have been continual updates across the board in response to user requests. In this session, we're going to look at what's new and take a peek at what's in the works so that you can start planning to exploit them when they're available.
Detecting Malicious Cloud Account Behavior: A Look at the New Native Platform...Priyanka Aash
Until recently, major public cloud providers have offered relatively basic toolsets for identifying suspicious activity occurring inside customer accounts that may indicate a compromise. Some organizations have invested significant resources to build their own tools or have leveraged industry vendor offerings to provide this visibility. The reality is, that barrier has meant that a large number of organizations haven't dedicated those resources to this problem and therefore operate without sufficient detection and response capabilities that monitor their cloud accounts for compromise.
Amazon Web Services, Google Cloud Platform, and Microsoft Azure have recently launched a new set of native platform threat and anomalous behavior detection services to help their customers better identify and respond to certain issues and activities occurring inside their cloud accounts. From detecting crypto-currency mining to identifying bot-infected systems to alerting on suspicious cloud credential usage to triggering on cloud-specific methods of data exfiltration, these new services aim to make these kinds of detections much easier and simpler to centrally manage.
But what new and unique insights do they offer? What configuration is required to achieve the full benefits of these detections? What types of activities are not yet covered? What attack methods and techniques can avoid detection by these systems and still be successful? What practical guidelines can be followed to make the best use of these services in an organization?
Follow along as we attempt to answer these questions using practical demonstrations that highlight the real threats facing cloud account owners and how the new threat detection capabilities perform in reducing the risks of operating workloads in the public cloud.
Chris Van Tuin, Chief Technologist, Red Hat presented, "A DevOps State of Mind: Continuous Security with Kubernetes." For more information please visit our website at www.blackducksoftware.com.
Moving Data Efficiently with Real-Time StreamingWSO2
Moving data from one place to another is a common problem that every system has to handle. Data streaming is becoming an increasingly popular technique used for data integration as it enables to transmit data efficiently with low resource usage and, more importantly, consumers receive notifications about new data/changes in real-time.
The usage of streaming to move data, a.k.a Streaming ETL, is a new technique that is becoming popular as an alternative to traditional ETL. Traditional ETL was predominantly designed to integrate data across files and DBs. But now there are various types of data sources and destinations. Therefore, the techniques used in traditional ETL might not suffice. Moreover, now users want to see data in real-time; this makes Streaming-based ETL the only choice for certain use cases.
WSO2 Enterprise Integrator is equipped with rich data streaming capabilities. It can listen to streaming data sources as well as source events from static data sources, such as files and DBs, making it possible to treat all data sources as data streams. The solution can be used as an effective tool to move large volumes of data in a streaming manner regardless of the data source.
In this webinar, we'll explore what functionalities are offered to build robust streaming ETL pipelines and introduce the developer experience offered to build streaming apps, as well as the basics you need to know to build your first streaming application with WSO2 Enterprise Integrator.
By attending this webinar, you will be able to understand what streaming ETL is and its importance and how to build a simple streaming application with WSO2 Enterprise Integrator.
During the webinar, we will cover:
What is streaming ETL? And why is it better?
Consuming streaming data and sourcing events
Processing streaming data with stream processing
Integrating streaming data with various destinations
Building a simple streaming app with WSO2 Enterprise Integrator
View the on-demand webinar: https://wso2.com/library/webinars/moving-data-efficiently-with-real-time-streaming/
Driving a PHP Application with MultiValue DataRocket Software
This session’s focus is to provide insight on how to leverage the popular server side language of PHP to interface with your U2 or D3 MultiValued database. Learn how to call and consume Web Services content in an easy to learn web development language.
Red Hat multi-cluster management & what's new in OpenShiftKangaroot
More and more organisations are not only using container platforms but starting to run multiple clusters of containers. And with that comes new headaches of maintaining, securing, and updating those multiple clusters. In this session we'll look into how Red Hat has solved multi-cluster management, covering cluster lifecycle, app lifecycle, and governance/risk/compliance.
Pivotal Cloud Foundry 2.4: A First LookVMware Tanzu
Join Dan Baskette and Jared Ruckle for a view into Pivotal Cloud Foundry (PCF) 2.4 capabilities with demos and expert Q&A. We’ll review the latest features for Pivotal’s flagship app platform, including the following:
- Native zero downtime push and native zero downtime restarts
- Dynamic egress policies
- Operations Manager updates
- Zero downtime stack updates to cflinuxfs3
- Zero downtime OS updates
- New pathways protected by TLS
- New scanning tools to assist with compliance
Plus much more!
Presenters : Dan Baskette, Director, Technical Marketing, Jared Ruckle, Principal Product Marketing Manager
Achieve Full API Lifecycle Management Using NGINX Controller – EMEANGINX, Inc.
Attend this webinar and learn how to manage the entire lifecycle of your APIs using NGINX Controller. This includes defining, publishing, securing, routing, monitoring, troubleshooting, and analyzing usage of your APIs to assess their value. Get an overview and demo of NGINX Controller’s API Management Module.
Join this webinar to learn:
- How to manage API definitions and their component resources, define upstream groups and their backend servers, and route resources to upstreams
- How to boost developer productivity by enabling teams to deploy new APIs faster with environment‑specific, policy‑driven management
- How to mitigate DDoS attacks and protect your applications from being flooded with malicious or errant API calls by setting rate limits
- How you can meet and exceed SLAs by finding the root cause of performance issues and troubleshooting them quickly
https://www.nginx.com/resources/webinars/full-lifecycle-api-management-nginx-controller-emea
The twelve-factor app is designed for continuous deployment by keeping the gap between development and production small. For example, make the time gap small, make the personnel gap small & make the tools gap small. Learn more about how a Cloud vendor must provide a platform for 12-factor / Cloud Native development and deployment with identified anti-patterns.
Efficient Security Development and Testing Using Dynamic and Static Code Anal...Perforce
Be sure to register for a demo, if you would like to see how Klocwork can help ensure that your code is secure, reliable, and compliant.
https://www.perforce.com/products/klocwork/live-demo
Presenter - Peter Chestna, Veracode
If you are moving between methodologies, you are probably looking for a roadmap or at least lessons from someone that’s been through it already. Over its 10+ years, Veracode has moved from monolith to microservice and fromwaterfall to DevOps. We have learned a lot along the way and I’m eager to share the story.
As you consider the shift from waterfall to agile, or agile to continuous deployment and eventually DevOps, there is more to think about than just architecture. Peter Chestna, the Director of Developer Engagement at Veracode, led Veracode’s own transition from Waterfall to DevOps and in turn has helped hundreds of customers do the same.
Join us as Peter shares his own case study, how Veracode reengineered its own architecture but more importantly the overall process including team structure, the technologies to build a robust pipeline, security considerations and the cultural shifts required.
APIs: Intelligent Routing, Security, & ManagementNGINX, Inc.
Kevin Jones, Global Consulting Engineer from NGINX San Francisco, preseentation about how to accelerate your journey to microservices with a modernised full API lifecycle management solution. Learn how to cut costs, improve performance, and reduce load on API endpoints. This presentation, covers:
All elements of full lifecycle management including API creation, securing your backend infrastructure, managing traffic, and ongoing monitoring.
Innovative architecture that doesn't involve additional microgateways to process API calls
Differentiated pricing model that does not penalize API adoption
Monitoring Application Attack Surface to Integrate Security into DevOps Pipel...Denim Group
A web application’s attack surface is the combination of URLs it will respond to as well as the
inputs to those URLs that can change the behavior of the application. Understanding an
application’s attack surface is critical to being able to provide sufficient security test coverage,
and by watching an application’s attack surface change over time security and development
teams can help target and optimize testing activities. This presentation looks at methods of
calculating web application attack surface and tracking the evolution of attack surface over
time. In addition, it looks at metrics and thresholds that can be used to craft policies for
integrating different testing activities into Continuous Integration / Continuous Delivery (CI/CD)
pipelines for teams integrating security into their DevOps practices.
Architecting for now & the future with NGINX London April 19NGINX, Inc.
Presentations by Liam Crilly, Owen Garrett and Ed English NGINX at ‘Architecting for now & the future with NGINX’ Lunch and Learn in the Shangri-La Hotel, At The Shard, London. Presentations provide tips and insight into how NGINX can help to maximize performance and flexibility of cloud environments through laying the foundational building blocks for cloud-based microservices applications, API Management & Service Mesh initiatives.
Modernizing Applications by Replacing F5 with the NGINX Application Delivery ...NGINX, Inc.
F5’s rigid and centralized approach to load balancing and web application firewall (WAF) prevents enterprises from modernizing their applications. In this webinar we describe how replacing or augmenting your F5 deployment with the NGINX application delivery controller and Signal Sciences helps reduce costs and improve agility.
On-Demand Webinar:
https://www.nginx.com/resources/webinars/modernizing-replacing-f5-nginx-application-delivery-controller-signal-sciences/
Dev secops security and compliance at the speed of continuous delivery - owaspDag Rowe
Abstract:
See how an Ottawa company has built a SOC2 Type 2 audited software delivery system with less pain, and more value.
Build security, and compliance into the way software is delivered and operated to
* Make secure development easier
* Provide real customer value
* Avoid security theatre
* Reduce security and audit bottlenecks
Bio:
Dag Rowe is a BA in security and compliance. Passionate about improving systems of work, he is actively involved in the local software community. Dag helps to organize the Agile Ottawa Meetup group, and the Gatineau-Ottawa Agile Tour conference.
Speaker:
Owen Garrett
Sr. Director, Product Management
NGINX, Inc.
On-Deman Link: https://www.nginx.com/resources/webinars/need-service-mesh/
About the webinar:
Service mesh is one of the hottest emerging technologies. Even though it’s a nascent technology, many vendors have already released their implementation. But do you really need a service mesh?
Attend this webinar to learn about the levels of maturity on the journey to modernizing your apps using microservices, and the traffic management approaches best suited to each level. We’ll help you figure out if you really need a service mesh.
Innovation at Perforce never stops. Since the last MERGE conference, there have been continual updates across the board in response to user requests. In this session, we're going to look at what's new and take a peek at what's in the works so that you can start planning to exploit them when they're available.
Detecting Malicious Cloud Account Behavior: A Look at the New Native Platform...Priyanka Aash
Until recently, major public cloud providers have offered relatively basic toolsets for identifying suspicious activity occurring inside customer accounts that may indicate a compromise. Some organizations have invested significant resources to build their own tools or have leveraged industry vendor offerings to provide this visibility. The reality is, that barrier has meant that a large number of organizations haven't dedicated those resources to this problem and therefore operate without sufficient detection and response capabilities that monitor their cloud accounts for compromise.
Amazon Web Services, Google Cloud Platform, and Microsoft Azure have recently launched a new set of native platform threat and anomalous behavior detection services to help their customers better identify and respond to certain issues and activities occurring inside their cloud accounts. From detecting crypto-currency mining to identifying bot-infected systems to alerting on suspicious cloud credential usage to triggering on cloud-specific methods of data exfiltration, these new services aim to make these kinds of detections much easier and simpler to centrally manage.
But what new and unique insights do they offer? What configuration is required to achieve the full benefits of these detections? What types of activities are not yet covered? What attack methods and techniques can avoid detection by these systems and still be successful? What practical guidelines can be followed to make the best use of these services in an organization?
Follow along as we attempt to answer these questions using practical demonstrations that highlight the real threats facing cloud account owners and how the new threat detection capabilities perform in reducing the risks of operating workloads in the public cloud.
Splunk Data Onboarding Overview - Splunk Data Collection ArchitectureSplunk
Splunk's Naman Joshi and Jon Harris presented the Splunk Data Onboarding overview at SplunkLive! Sydney. This presentation covers:
1. Splunk Data Collection Architecture 2. Apps and Technology Add-ons
3. Demos / Examples
4. Best Practices
5. Resources and Q&A
Getting Started with Runtime Security on Azure Kubernetes Service (AKS)DevOps.com
As containers and Kubernetes are adopted in production, security is a critical concern and DevOps teams need to go beyond image scanning. Use cases such as runtime security, network visibility and segmentation, incident response and compliance become priorities as your Kubernetes security framework matures.
In this talk, we’ll share an overview of runtime security, discuss approaches used by open source and commercial tools, and hear how users are getting started quickly without impacting developer productivity.
Machine-generated data is one of the fastest growing and complex areas of big data. It's also one of the most valuable, containing a definitive record of all user transactions, customer behavior, machine behavior, security threats, fraudulent activity and more. Join us as we explore the basics of machine data analysis and highlight techniques to help you turn your organization’s machine data into valuable insights. This introductory workshop includes a hands-on(bring your laptop) demonstration of Splunk’s technology and covers use cases both inside and outside IT. Learn why more than 12,000 customers in over 110 countries use Splunk to make business, government, and education more efficient, secure, and profitable.
DevOps is powering the computing environments of tomorrow. When properly configured, the Splunk platform allows us to gain real-time visibility into the velocity, quality, and business impact of DevOps-driven application delivery across all roles, departments, process, and systems. Splunk can be used by DevOps practitioners to provide continuous integration/deployment and the real-time feedback to help the organization with their operational intelligence. Join us for a exciting talk about Splunk’s current approach to DevOps, and for examples of how Splunk is being used by customers today to transform DevOps initiatives.
Scott M. Johnson, Lead PM - Technical Compliance presented, "How Docusign uses Black Duck for DevOps, AppSec and Compliance." For more information, visit our website at www.blackducksoftware.com.
batbern43 Events - Lessons learnt building an Enterprise Data BusBATbern
Swissport ist weltweit der führende Dienstleister im Groundhandling und bei Cargo. Über 300 Flughäfen in 50 Ländern werden bedient. Dabei spielen Daten eine führende Rolle: wann und wo hebt ein Flugzeug ab, wie lange dauerte die Betankung, welche Gepäcktücke sind auszuladen? Aufgrund von Wachstum durch Übernahmen ist die IT Landschaft durch eine Vielzahl von Silos charakterisiert - was übergreifende Analytik und die Nutzung von Daten in neuen Kontexten erschwert. Gleichzeitig werden weltweit verschiedene IT Governance Modelle verfolgt, was zu Inkonsistenzen in Prozessen, Datenzugriffen und Datenqualitätsverlusten führt. Diese Situation wird adressiert durch eine Vision für eine Eventgetriebene Architektur und deren Verankerung im Management Prozessen und Prinzipien zur Realisierung der Vision - sowie deren Umsetzung den Aufbau eines Enterprise Datenmodells, Governance für den Zugriff und die Dokumentation von Daten. Erfahrungen aus diesen Schritten werden in der Präsentation reflektiert. Dabei ist zu beachten, dass der Aufbau der zugrundeliegenden Plattform unter strikter Kostenkontrolle stand und lediglich 10 zweiwöchentliche Sprints für die erste Produktivsetzung genutzt werden konnten.
Who should attend? Beginner - New to Splunk and have not used it before.
Description: Machine-generated data is one of the fastest growing and complex areas of big data. It's also one of the most valuable, containing a definitive record of all user transactions, customer behavior, machine behavior, security threats, fraudulent activity and more. Join us as we explore the basics of machine data analysis and highlight techniques to help you turn your organization’s machine data into valuable insights. This introductory workshop includes a hands-on(bring your laptop) demonstration of Splunk’s technology and covers use cases both inside and outside IT. Learn why more than 13,000 customers in over 110 countries use Splunk to make business, government, and education more efficient, secure, and profitable.
Faster, more Secure Application Modernization and Replatforming with PKS - Ku...VMware Tanzu
Faster, more Secure Application Modernization and Replatforming with PKS - Kubernetes for the Enterprise - London
Alex Ley
Associate Director, App Transformation, Pivotal EMEA
28th March 2018
Multi-Cloud ist in aller Munde. Das Verbinden von Public und Private Cloud Angeboten bis hin zu SaaS Diensten zu einer Lösung bietet die Möglichkeit, das Beste aus allen Welten in einer gemeinsamen Lösung zu integrieren. Allerdings bringt eine entsprechende Lösung auch höhere Komplexität, die es gilt zu beherrschen. Wie erstellt man eine höhere Transparenz, bessere Kostenkontrolle, bessere Übersichten beim Demand- und Kapazitätsmanagement in heterogenen Cloud Umgebung? Was ist in diesem Kontext Splunk Hybrid Search? Wie kann man Azure, AWS, GCP, Docker Container bis hin zu Salesforce und andere SaaS Dienste unter einen Hut bringen? In 45 Minuten werden wir einen einen Überblick über diese Fragestellungen geben.
Adam Polak: Architektura oparto o mikroserwisy to temat ogromny. Wszyscy znamy teorię, ale jak to wygląda w praktyce? W jaki sposób ogarnąć kilka niezależnych aplikacji? Co z komunikacją pomiędzy nimi? Podczas prezentacji podzielę się naszymi doświadczeniami, problemami, które napotkaliśmy oraz rozwiązaniami, które znacznie ułatwiły nam cały proces wdrażania tejże architektury.
How to Decentralise Controls (Hint: BDD on Policies)Ebru Cucen Çüçen
Cloud onboarding journey does bring the challenge of implementing guardrails. This is how we enabled collaboration between central IT teams (control teams such as Security, Networking, Finance) and Application Teams by using BDD on Policies os they could agree on the same ubiquitous language.
Serverless journey on Azure, understanding the value of the abstraction of the infrastructure, scale without configuration, and how we should be prepared for it.
This is a basic pipeline setup with TeamCity [EC2 Linux instance created on AWS with CloudFormation] and Octopus Deploy [Windows 2012 R2 VM created on Azure with ARM templates] to build/package and deploy to Azure as WebApp
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
"Impact of front-end architecture on development cost", Viktor TurskyiFwdays
I have heard many times that architecture is not important for the front-end. Also, many times I have seen how developers implement features on the front-end just following the standard rules for a framework and think that this is enough to successfully launch the project, and then the project fails. How to prevent this and what approach to choose? I have launched dozens of complex projects and during the talk we will analyze which approaches have worked for me and which have not.
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
2. @ebrucucen 2019/02/11
WHO AM I?
▸ DevOps Consultant at Contino,
spent 11 years of 16 years of
career in consulting financial
institutions delivering
applications/platforms
Banksoft, AXA, BUPA, Investec,
VanquisBank, LloydsBank
▸ Life time student, with more
questions than answers,
developer in heart, loves APIs,
automation, cloud/hybrid
solutions, vegan, mum…
@ebrucucen 2019/02/11
3. @ebrucucen 2019/02/11
AGENDA
PART I
1. Compliance
2. Compliance On Azure
‣ Data Sources
‣ Metrics/Logs
‣ Monitoring
‣ Log Analytics
PART II
3. Governance on Azure
‣ Security Center
‣ BluePrints
4. AzSK
‣ CI/CD
‣ Customize
4. @ebrucucen 2019/02/11
THIS TALK IS NOT
▸ By a security expert
▸ a personal experience/battles with the Operations/
Security/Risk teams
▸ About saving money
▸ almost every solution will incur cost
6. @ebrucucen 2019/02/11
COMPLIANCE CHALLENGES
▸ Data Protection Compliance
▸ Risk assessment, auditing, operations, technology
▸ Industrial regulations and standards <> tech knowledge
▸ Multi-device/cloud/
▸ Cost:
▸ >200 updates from 750 regulatory bodies
▸ 32% of companies spend >4h/w to create/amend reports
Human effort required for organisational compliance
7. @ebrucucen 2019/02/11
COMPLIANCE ON CLOUD?
▸ Azure Complied with Shared Responsibility Model
▸ Azure
“MORE CERTIFICATIONS THAN ANY OTHER CLOUD PROVIDER”
8. @ebrucucen 2019/02/11
AZURE SUPPORT
▸ Documents
▸ Audit Reports
▸ Data Protection Guides
▸ Azure Security and Compliance BluePrints
https://servicetrust.microsoft.com/ViewPage/BlueprintOverview
http://aka.ms/pciblueprint
https://docs.microsoft.com/en-us/azure/security/blueprints/pcidss-paaswa-overview#compliance-documentation
Government Blueprints
FedRAMP Blueprint
UK OFFICIAL Blueprint
NIST SP 800-171 Blueprint
AU-PROTECTED
Additional Frameworks
Finance Blueprints
FFIEC Blueprint
PCI-DSS Blueprint
Healthcare Blueprints
HIPAA / HITRUST Blueprint
UK NHS Blueprint
Retail Blueprints
PCI-DSS Blueprint
Customer Responsibility Matrix
Reference Architecture
Implementation Matrix
Overview
Threat Model
Data Analytics/Data Warehouse/IAAS/PAAS
12. @ebrucucen 2019/02/11
▸ Are collected at regular intervals
▸ One minute by default
▸ Unique: Category = Metric + Namespace
▸ Stored for 93 days
▸ Multi-dimensional
▸ Properties [up to 10]
▸ Resource
▸ Type of Measurement
▸ Value
▸ Time
DATA SOURCES - METRICS
13. @ebrucucen 2019/02/11
▸ Properties
▸ Irregular
▸ Stored for x days
▸ Metrics -> Logs
▸ Types
▸ Control/Management Plane
▸ Data Plane
▸ Processed Events
DATA SOURCES - LOGS
14. @ebrucucen 2019/02/11
▸ Properties
▸ Irregular
▸ Stored for x days
▸ Metrics -> Logs
▸ Types
▸ Control/Management Plane
▸ Data Plane
▸ Processed Events
DATA SOURCES - LOGS
Audit Logs
Azure Tenant
Metrics
Application
Azure Subscription
Service Health
Activity Logs
Azure Resources
Diagnostic Logs
Monitoring Solutions
Guest OS
Application Insights
Dependency Agent
Log Analytics Agent
Diagnostics Extension
Azure
Custom API
Data Collector API
Non-Azure
Service Configuration
15. @ebrucucen 2019/02/11
AZURE AD LOGS
▸ Editions: Basic, Free, Premium P1, Premium P2
▸ Diagnostics Settings
▸ Audit Logs
▸ Sign-in Logs (PP2)
▸ Security Signals (opt-in IPC)
▸ Users at risk
▸ Risky sign-ins
▸ Activity Data is available 2 hours after turning on reporting
▸ 30 days of retention reports (PP1/PP2)
▸ 30/90 days of retention of security signals (PP1/PP2)
22. @ebrucucen 2019/02/11
▸ Low Latency (min 1 min interval)
▸ Control over metric condition
▸ Combined monitoring of multiple metrics
▸ Modular notification system
▸ Tip: Unify your alerts/sampling intervals for sanity
ALERTS (NEW)
37. @ebrucucen 2019/02/11
RESOURCE GRAPH
where type =~ 'Microsoft.Compute/virtualMachines'
| project name, properties.storageProfile.osDisk.osType
| top 5 by name desc
Search-AzGraph -Query "project tags | summarize buildschema(tags)”
# Use Resource Graph to get all NICs and store in the 'nic' variable
az graph query -q "where type =~ 'Microsoft.Compute/virtualMachines' | project nic =
tostring(properties['networkProfile']['networkInterfaces'][0]['id']) | where isnotempty(nic) | distinct nic |
limit 20" --output table | tail -n +3 > nics.txt
# Review the output of the query stored in 'nics.txt'
cat nics.txt
# Use Resource Graph with the 'nics.txt' file to get all related public IP addresses and store in 'publicIp.txt'
file
az graph query -q="where type =~ 'Microsoft.Network/networkInterfaces' | where id in ('$(awk -vORS="','" '{print
$0}' nics.txt | sed 's/,$//')') | project publicIp = tostring(properties['ipConfigurations'][0]['properties']
['publicIPAddress']['id']) | where isnotempty(publicIp) | distinct publicIp" --output table | tail -n +3 > ips.txt
# Review the output of the query stored in 'ips.txt'
cat ips.txt
# Use Resource Graph with the 'ips.txt' file to get the IP address of the public IP address resources
az graph query -q="where type =~ 'Microsoft.Network/publicIPAddresses' | where id in ('$(awk -vORS="','" '{print
$0}' ips.txt | sed 's/,$//')') | project ip = tostring(properties['ipAddress']) | where isnotempty(ip) | distinct
ip" --output table
ALL VM PUBLIC IPS: (AZ CLI)
ALL TAG NAMES: (POWERSHELL)
FIRST 5 VM OS TYPES: (KUSTO QUERY*)
https://docs.microsoft.com/en-us/azure/kusto/query/index
55. @ebrucucen 2019/02/11
EXTRAS: WEB APP - BEST PRACTICES
▸ Use Certs
▸ Authenticate users (with)
▸ Advanced auth
▸ Configure TLS mutual auth
▸ Managed Identity
▸ Reference secrets from Key Vault
▸ Restrict IPs
▸ Turn on Web Server/Application Logging
▸ Automate Backups
https://docs.microsoft.com/en-us/azure/app-service/web-sites-purchase-ssl-web-site
56. @ebrucucen 2019/02/11
EXTRAS: HARDENING VM
▸ Control VM access
▸ Reduce variability in your setup and
deployment of VMs
▸ Secure privileged access
▸ Use multiple VMs for better availability
▸ Protect against malware
▸ Keep VMs current
▸ Deploy and test a backup solution
▸ Encrypt your virtual hard disk files
https://docs.microsoft.com/en-us/azure/security/azure-security-iaas
57. @ebrucucen 2019/02/11
EXTRAS: HARDENING IDENTITY MANAGEMENT
Protect privileged accounts with MFA
1. Strengthen your credentials.
2. Reduce your attack surface area.
3. Automate threat response.
4. Increase your awareness of auditing
and monitoring.
5. Enable more predictable and complete
end-user security with self-help
https://docs.microsoft.com/en-us/azure/security/azure-ad-secure-steps
58. @ebrucucen 2019/02/11
EXTRAS: IDENTITY MANAGEMENT BEST PRACTICES
1. Treat Identity as the primary security perimeter
2. Centralise Identity Management
3. Enable SSO
4. Turn on Conditional Access
5. Enforce MFA
6. Use RBAC
7. Lower exposure of privileged accounts (JIT, 2 EmergencyAccess)
8. Actively monitor for suspicious activities
59. @ebrucucen 2019/02/11
EXTRAS: NETWORK SECURITY BEST PRACTICES
1. Logically segment subnets
2. Control routing behaviour
3. Enable forced tunnelling
4. Use virtual network appliances
5. Deploy perimeter network for security zones
6. Avoid exposure to Internet with dedicated WAN links
7. Optimise uptime and performance
8. Disable RDP/SSH to VMs
60. @ebrucucen 2019/02/11
EXTRAS: THREAT MODELLING
Threat Security property Potential Azure platform mitigation
Spoofing Authentication Require HTTPS connections.
Tampering Integrity
Validate SSL/TLS certificates.Applications that use SSL/TLS must fully
verify the X.509 certificates of the entities they connect to. Use Azure
Key Vault certificates to manage your x509 certificates.
Repudiation Non-repudiation Enable Azure monitoring and diagnostics.
Information
Disclosure
Confidentiality Encrypt sensitive data at rest and in transit.
Denial of
Service
Availability
Monitor performance metrics for potential denial of service conditions.
Implement connection filters. Azure DDoS protection combined with
application design best practices provides defense against DDoS
attacks.
Elevation of
Privilege
Authorization Use Azure Active Directory Privileged Identity Management.
61. @ebrucucen 2019/02/11
REFERENCES - BOOKS
▸ Microsoft Security Center
https://www.amazon.co.uk/Microsoft-Azure-Security-Center-Practices-ebook/
dp/B07D5J97JV
▸ Pentesting Azure Applications
https://www.amazon.co.uk/Pentesting-Azure-Definitive-Attack-Defense/dp/
1593278632
▸ Deep dive Presentation:
https://www.sans.org/cyber-security-summit/archives/file/summit-
archive-1540308627.pdf
▸ AZSK:
https://github.com/azsk/DevOpsKit-docs
▸ Security White Papers
https://docs.microsoft.com/en-us/azure/security/security-white-papers
62. @ebrucucen 2019/02/11
BRK3062 - Architecting Security and Governance Across your Azure Subscriptions
THR2291 - Secure architecting for Azure
BRK2368 - Practical guide for using Azure Security Center to protect hybrid cloud environment
BRK3384 - Best practices for protecting modern cloud application architectures
BRK2021 - Azure security & management
THR3085 - The wizarding world of Microsoft CloudApp Security
GS008 - Microsoft security: How the cloud helps us all be more secure
REFERENCES - VIDEOS IGNITE/2018
63. @ebrucucen 2019/02/11
SO AS A SUMMARY
▸ Enable Security Center
▸ Enable all the logs you can
▸ Automate your policy management: Think AZSK!
▸ Give AppDevs freedom on the ring fenced cloud!