Having a full set of Sametime features available on mobile devices has been a priority for IBM so if you are deploying, whether it’s the complete feature set including meetings audio and video or just instant messaging you can extend the functionality using IBM Connections Chat and IBM Connections Meetings applications which are available for most mobile platforms. In this session we will review both the backend server configuration and the features available via the mobile applications and discuss usability, bandwidth and security implications
How to configure IWA / SPNEGO for IBM Domino enabling Windows authenticated users to access Domino web applications without being prompted for further authentication
Planning and Completing an IBM Connections UpgradeGabriella Davis
So you have IBM Connections installed, but now you need to decide what and when to update. It could be a WebSphere fix or a DB2 fixpack, a new application, a database schema or an entirely new version. Some updates are for security, some for performance and some for new features. In this session we'll discuss how you can decide when and what to upgrade, how to plan for and perform a safe upgrade regardless of its size, and test when it’s complete. We’ll also discuss what things can trip you up along the way.
Traveler management, security and performanceGabriella Davis
Traveler is a core component of most companies’ mail infrastructure, but its maintenance and security goes far beyond Domino server management. In this session we’ll look at a Traveler environment from daily tasks to enforcing TLS and starting with understanding how Traveler behaves. We’ll review both standalone and high availability configurations and discuss common problems, as well how best to plan and design a secure and stable infrastructure.
Planning & Completing An IBM Connections UpgradeGabriella Davis
Presentation from ICON UK in London Sept 2015 on approaches to upgrading IBM Connections whether it's a WebSphere iFix, TDI, DB2 or the Connections applications themselves
Having a full set of Sametime features available on mobile devices has been a priority for IBM so if you are deploying, whether it’s the complete feature set including meetings audio and video or just instant messaging you can extend the functionality using IBM Connections Chat and IBM Connections Meetings applications which are available for most mobile platforms. In this session we will review both the backend server configuration and the features available via the mobile applications and discuss usability, bandwidth and security implications
How to configure IWA / SPNEGO for IBM Domino enabling Windows authenticated users to access Domino web applications without being prompted for further authentication
Planning and Completing an IBM Connections UpgradeGabriella Davis
So you have IBM Connections installed, but now you need to decide what and when to update. It could be a WebSphere fix or a DB2 fixpack, a new application, a database schema or an entirely new version. Some updates are for security, some for performance and some for new features. In this session we'll discuss how you can decide when and what to upgrade, how to plan for and perform a safe upgrade regardless of its size, and test when it’s complete. We’ll also discuss what things can trip you up along the way.
Traveler management, security and performanceGabriella Davis
Traveler is a core component of most companies’ mail infrastructure, but its maintenance and security goes far beyond Domino server management. In this session we’ll look at a Traveler environment from daily tasks to enforcing TLS and starting with understanding how Traveler behaves. We’ll review both standalone and high availability configurations and discuss common problems, as well how best to plan and design a secure and stable infrastructure.
Planning & Completing An IBM Connections UpgradeGabriella Davis
Presentation from ICON UK in London Sept 2015 on approaches to upgrading IBM Connections whether it's a WebSphere iFix, TDI, DB2 or the Connections applications themselves
Presentation on building Sametime 9.0.1 step by step from Domino server through to SSC, Sametime Proxy and SSL configuration. Given at IBM Connect 2014 with Paul Mooney SHOW401
In this recorded online session we looked at all the options to upgrade your existing Sametime environment to Sametime 9.0.1. Whether you have only a single Community server on an early Sametime version or an entire infrastructure including audio and video on 9.0 we outlined how to plan for an upgrade and the pros and cons of doing the work side by side vs in place.
What We Wish We Had Known: Becoming an IBM Connections AdministratorGabriella Davis
Presentation on IBM Connections given by Gab Davis and Paul Mooney at IBM Connect 2014. In this session we shared our experiences of Connections as administrators and what we feel is useful information for every admin to know.
In this session we looked at the architecture behind the Sametime mobile applications for chat and meetings. What do you need to deploy to support mobile users and what features are available to them on the different mobile platforms. We also looked at potential bottlenecks, security and troubleshooting for the mobile clients.
1084: Planning and Completing an IBM Connections UpgradeGabriella Davis
So we have IBM Connections installed, but now it’s time to consider what and when to update. It could be a WebSphere fix or a DB2 fixpack, a new application, or database scheme. Some updates are for security, some for performance and some for new features. In this session we'll discuss how you can decide when and what to upgrade, how to plan for and perform a safe upgrade, test when it’s complete and what things can trip you up along the way. All of this is based on lessons learned over hundreds of deployments.
Setting Up a Hybrid Domino Environment to Ease your Way to the CloudGabriella Davis
Are you looking at Cloud options and wondering how and if you can get there from where you are? If you have Domino on premises and are considering Cloud then a good option is a hybrid architecture which maintains all your on premises configuration managed by your own administrators but adds Cloud client access managed by IBM. We will look at how simple it is to create this hybrid solution using Domino passthru servers and review how things like user and directory maintenance, client access and mail routing will then work. From Domino Admin to Domino Hybrid Admin in a few simple steps.
In this session from MWLUG 2017 I introduce the concepts of containerisation and discuss Docker architecture, design, deployment considerations and risks.
IBM Traveler Management, Security and PerformanceGabriella Davis
Traveler is a core component of most companies’ mail infrastructure but its maintenance and security goes far beyond Domino server management. In this session we’ll look at a Traveler environment from daily tasks to enforcing TLS and starting with understanding how Traveler behaves. We’ll review both standalone and high availability configurations and discuss common problems, as well how best to plan and design a secure and stable infrastructure.
IAmLUG presentation: Domino Admin Best Practices - Hunting the GremlinsDavid Hablewitz
Notes / Domino administrator best practices for finding the gremlins in your environment and avoiding them. This session was presented at IamLUG by David Hablewitz and Kim Greene.
If you're Sametime environment is going to include Audio and Video you will probably want to be able to talk to people outside your own company, or at least to your own users on their mobile devices who aren't connected via VPN. In this recorded online session as part of IBM's New Way To Work initiative we reviewed the infrastructure behind the Audio and Video elements of Sametime and how best to extend those features beyond your firewall.
How long does it really take to install and configure IBM Connections - 99% of your time is taken up by waiting for things to install.
In this 45 minute presentation everything you need to know about installing and configuring your first connections install
Practical solutions for connections administrators liteSharon James
A shorter version of our session given at Connect 14 - this version for the Engage by BLUG conference includes new features such as the community re-parenting script and an improved menu.
Please see - https://github.com/stoeps13/ibmcnxscripting - for examples of all the scripts written mainly by Christoph Stoettner and collated in this repository
Domino Security - not knowing is not an option - MWLUG 2015Darren Duke
There have been a ton of changes to Domino security over the past few months. See what they are, why you need them and how to implement them, including but not limited to: SSL/TLS Notes port encryption reverse proxies SHA2 certificates SAML/NFL Perfect Forward Secrecy Learn. Implement. Sleep well.
Presentation on building Sametime 9.0.1 step by step from Domino server through to SSC, Sametime Proxy and SSL configuration. Given at IBM Connect 2014 with Paul Mooney SHOW401
In this recorded online session we looked at all the options to upgrade your existing Sametime environment to Sametime 9.0.1. Whether you have only a single Community server on an early Sametime version or an entire infrastructure including audio and video on 9.0 we outlined how to plan for an upgrade and the pros and cons of doing the work side by side vs in place.
What We Wish We Had Known: Becoming an IBM Connections AdministratorGabriella Davis
Presentation on IBM Connections given by Gab Davis and Paul Mooney at IBM Connect 2014. In this session we shared our experiences of Connections as administrators and what we feel is useful information for every admin to know.
In this session we looked at the architecture behind the Sametime mobile applications for chat and meetings. What do you need to deploy to support mobile users and what features are available to them on the different mobile platforms. We also looked at potential bottlenecks, security and troubleshooting for the mobile clients.
1084: Planning and Completing an IBM Connections UpgradeGabriella Davis
So we have IBM Connections installed, but now it’s time to consider what and when to update. It could be a WebSphere fix or a DB2 fixpack, a new application, or database scheme. Some updates are for security, some for performance and some for new features. In this session we'll discuss how you can decide when and what to upgrade, how to plan for and perform a safe upgrade, test when it’s complete and what things can trip you up along the way. All of this is based on lessons learned over hundreds of deployments.
Setting Up a Hybrid Domino Environment to Ease your Way to the CloudGabriella Davis
Are you looking at Cloud options and wondering how and if you can get there from where you are? If you have Domino on premises and are considering Cloud then a good option is a hybrid architecture which maintains all your on premises configuration managed by your own administrators but adds Cloud client access managed by IBM. We will look at how simple it is to create this hybrid solution using Domino passthru servers and review how things like user and directory maintenance, client access and mail routing will then work. From Domino Admin to Domino Hybrid Admin in a few simple steps.
In this session from MWLUG 2017 I introduce the concepts of containerisation and discuss Docker architecture, design, deployment considerations and risks.
IBM Traveler Management, Security and PerformanceGabriella Davis
Traveler is a core component of most companies’ mail infrastructure but its maintenance and security goes far beyond Domino server management. In this session we’ll look at a Traveler environment from daily tasks to enforcing TLS and starting with understanding how Traveler behaves. We’ll review both standalone and high availability configurations and discuss common problems, as well how best to plan and design a secure and stable infrastructure.
IAmLUG presentation: Domino Admin Best Practices - Hunting the GremlinsDavid Hablewitz
Notes / Domino administrator best practices for finding the gremlins in your environment and avoiding them. This session was presented at IamLUG by David Hablewitz and Kim Greene.
If you're Sametime environment is going to include Audio and Video you will probably want to be able to talk to people outside your own company, or at least to your own users on their mobile devices who aren't connected via VPN. In this recorded online session as part of IBM's New Way To Work initiative we reviewed the infrastructure behind the Audio and Video elements of Sametime and how best to extend those features beyond your firewall.
How long does it really take to install and configure IBM Connections - 99% of your time is taken up by waiting for things to install.
In this 45 minute presentation everything you need to know about installing and configuring your first connections install
Practical solutions for connections administrators liteSharon James
A shorter version of our session given at Connect 14 - this version for the Engage by BLUG conference includes new features such as the community re-parenting script and an improved menu.
Please see - https://github.com/stoeps13/ibmcnxscripting - for examples of all the scripts written mainly by Christoph Stoettner and collated in this repository
Domino Security - not knowing is not an option - MWLUG 2015Darren Duke
There have been a ton of changes to Domino security over the past few months. See what they are, why you need them and how to implement them, including but not limited to: SSL/TLS Notes port encryption reverse proxies SHA2 certificates SAML/NFL Perfect Forward Secrecy Learn. Implement. Sleep well.
How often do you hear that the business is discussing moving mail platforms because “our users want X” where X is nothing to do with the server and everything to do with the client UI. Domino remains the best mail server available but often user dissatisfaction drives a move and that comes from being asked to use the wrong client or from a bad deployment. If you’re using Domino you have an ever expanding range of clients to choose from browsers, iNotes, Verse, Traveler with iOS integration, Android applications, POP3 and IMAP. Come to this session to learn how to find the right client to fit the business and keep your Domino infrastructure.
The SSL Problem and How to Deploy SHA2 CertificatesGabriella Davis
Two years ago enabling your site with SSL was a simple affair, buy a certificate or create your own, install it, then just remember to renew it every couple of years. Then, suddenly security holes are being found in SSL virtually every month , popular browsers stop connecting to your site to protect themselves, and you’re continually being told your users data is at risk. In this session we will discuss how it all went wrong and can go wrong again, then go through each step of requesting, generating and deploying a 4096 SHA-2 certificate to use in a keyfile by Domino, IBM Connections, IBM Sametime and other WebSphere products. If you work with these IBM products and need to secure them with confidence this session will show you how!
Benefits and Risks of a Single Identity - IBM Connect 2017Gabriella Davis
What is valuable about a single identity, why is that something people want and how achievable is it? As people work across multiple systems they encounter an equal number of barriers where they must authenticate or otherwise prove their identity in order to gain access. Ideally we always want to be showing the same information about ourselves regardless of where someone searches or how we are found. In this session we’ll discuss the issues behind both creating a single identity and simplifying authentication. We’ll also review the risks you need to be aware of, the technologies available to you and the importance of good and current personal information.
This is an updated presentation that includes some speaker notes for clarity
The Dev-Admin Chimera: Customising Connections (with Gab Davis)Mark Myers
IBM Connections customisation comes in many flavours, from modifying branding, adding languages and customising menu items to developing and adding your own widgets. Some of it is as simple as changing XML files or style sheets, some take us into the dark world of JSPs and ear files. We'll take you through the highlights of what can be customised and what skills you need to achieve different effects. Some are simple enough for even an administrator to manage and all of them need the work of an administrator to deploy. If you're a Administrator who fancies making a few simple Connections changes or a Developer who fancies deploying your own changes onto a server, Mark and Gab will explain why it's better to work together to build a customised maintainable system with little of no bloodshed and the minimum of ritual sacrifice.
Debugging IBM Connections for the Impatient Admin - Social Connections VIIMartin Leyrer
With relational databases, LDAP servers, files shares and a lot of Java components, IBM Connections is a complex environment to install and operate. A diverse set of settings and tools is needed in case something does not work as expected.
In this talk I will present you the “Best Practices” and debugging settings for Connections that will offer additional information quick, in case something goes wrong. Also, I will offer you recommendations for tools your customer should provide you on the server so you can work out any issues efficiently.
This presentation will provide a high level overview of the current role that desktop applications play in enterprise environments, and the general risks associated with different deployment models. It will also cover common methodologies, techniques, and tools used to identify vulnerabilities in typical desktop application implementations. Although there will be some technical content. The discussion should be interesting and accessible to both operational and management levels.
More security blogs by the authors can be found @
https://www.netspi.com/blog/
AWS Summit Stockholm 2014 – T5 – Deploy, manage and scale applications on AWSAmazon Web Services
AWS offers a number of services that help you easily deploy and run applications in the cloud. Come to this session to learn how to choose among these options. Through interactive demonstrations, this session will show you how to get an application running using AWS OpsWorks and AWS Elastic Beanstalk application management services. You will also learn how to use AWS CloudFormation templates to document, version control, and share your application configuration. This session will cover topics like application updates, customization, and working with resources such as load balancers and databases.
This session is recommended for people who understand AWS and want to know more about deployment options for their applications.
Roberto Boccadoro / ELD Engineering
Sharon Bellamy James / BCC
If Connections is not working or there are issues, where do you look to determine the problem ?
In this session we will cover logging, tracing and throw in some tips and tricks that will help you in troubleshooting.
Everything you need to know about creating, managing and debugging Java applications on IBM Bluemix. This presentation covers the features the IBM WebSphere Application Server Liberty Buildpack provides to make Java development on the cloud easier. It also covers the Eclipse tooling support including remote debugging, incremental update, etc.
1049: Best and Worst Practices for Deploying IBM Connections - IBM Connect 2016panagenda
Depending on deployment size, operating system and security considerations you have different options to configure IBM Connections. This session show good and bad examples on how to do it from multiple customer deployments. Christoph Stoettner describes things he found and how you can optimize your systems. Main topics include simple (documented) tasks that should be applied, missing documentation, automated user synchronization, TDI solutions and user synchronization, performance tuning, security optimizing and planning Single Sign On for mail, IBM Sametime and SPNEGO. This is valuable information that will help you to be successful in your next IBM Connections deployment project.
A presentation from Christoph Stoettner (panagenda).
This presentation includes
-Introduction to Continuous Integration (CI) and Continuous Deployment (CD)
-Introduction to Importance and Drawbacks of CI/CD
-Salesforce CI/CD Best Practices
-Implementation of CI/CD on Salesforce
AIMDek is positioned to cater end-to-end Salesforce services with faster time-to-market roll outs at minimal operational costs while ensuring you get a tactical package evaluation and roadmap, robust implementations and rollouts, product development and support and build exceptional customer experiences. Learn more here http://bit.ly/2ZdBWfW
Red Hat Summit - Discover the foundations of digital transformationEric D. Schabell
The core of digital transformation is the ability to provide technology solutions in a fast-paced world to your customers while satisfying business aspirations. Many organizations are following the story line and fighting the good fight, but how can Red Hat and open source guide your journey? This session takes you on a journey to start laying the foundations of your digital transformation story based on use cases and examples that you can explore when you return home. Join us for this hour of power, where you'll get the inspiration to start building your digital foundations.
Session talk at Red Hat Summit 2017 by Eric D. Schabell, Global Technology Evangelist Director, @ericschabell
Deployment automation efforts tend to start with easier scenarios like moving builds of web applications to servers and getting them installed. However, some parts of our applications aren’t simple builds. They may be updated incrementally; changes may be non-repeatable; or they may be dependent on knowledge contained within some other tool or framework. When we fail to automate changes to these “tricky” parts of our application, errors and delays materialize.
Eric Minick from IBM, and Robert Reeves, database guru from Datical, discuss what makes certain things hard to deploy, and practical techniques and tools for deploying them. Topics covered include:
* What causes certain deployments to be trickier to automate than others
* Successful patterns for overcoming those challenges
* Application of those techniques to mainframe changes, WebSphere configuration and database schema updates
MongoDB World 2019: Why NBCUniversal Migrated to MongoDB AtlasMongoDB
NBCUniversal, a worldwide mass media corporation, was looking for a more affordable and easier way to manage their database solution that hosts their extensive online digital assets. With Datavail’s assistance, NBCUniversal, made the move from MongoDB 3.6 to MongoDB Atlas on AWS.
Hacking Samsung's Tizen: The OS of Everything - Hack In the Box 2015Ajin Abraham
Samsung’s first Tizen-based devices are set to launch in the middle of 2015. This paper presents the research outcome on the security analysis of Tizen OS and it’s underlying security architecture. The paper begins with a quick introduction to Tizen architecture and explains the various components of Tizen OS. This will be followed by Tizen’s security model where application sandboxing and resource access control will be explained. Moving on, an overview of Tizen’s Content Security Framework which acts as an in-built malware detection API will be covered.
Various vulnerabilities in Tizen will be discussed including issues like Tizen WebKit2 address spoofing and content injection, Tizen WebKit CSP bypass and issues in Tizen’s memory protection (ASLR and DEP).
Similar to Becoming A Connections Administrator (20)
If you are a Domino Administrator in any size company you already have a range of skills that make you an expert administrator across many platforms and technologies.
In this session Gab explains how to apply those skills and that knowledge to take your career wherever you want to go.
Presentation from Engage 2022 in Bruges
From day to day administration to advanced configuration from automated maintenance to running the best multi client mail server on the market, from advanced security to data access.
. Design Decisions: Developing for Mobile - The Template Experience ProjectGabriella Davis
HCL Nomad allows us to access our Notes applications on tablet and mobile. Currently available for iOS the team behind Template Experience have been working with HCL development and UI design to redesign the standard discussions template for Notes and produce a whitepaper based on that work to assist you with your own mobile development. The beta of that template and whitepaper have now been published and this presentation accompanies that work
Domino Server Health - Monitoring and ManagingGabriella Davis
If you're a Domino administrator how do you decide what to monitor on your servers and how to manage them ? What are the key things to monitor? How do good practice management tools such as statistics reporting, DDM, cluster symmetry, database repair and policy settings make your work lighter and faster. Finally we’ll talk about some of the “must dos” in the day, week and month of a Domino admin.
Presented at Engage.ug in Brussels May 2019
How do Exchange on premises and the various Outlook clients line up against Domino on premises and its clients? In this session we'll look at the configuration options and management interfaces for each server as well as the client options and client behaviours. We'll also discuss the general ecosystems, considerations for migrating or co-existing and lessons learned. A great session for Domino admins who want to know more about the other side.
Presented at Engage.ug in Brussels May 2019
Admin Tips In 60 Minutes
In this high speed session I take you through the best admin tips for Domino, Notes, Sametime, Traveler and more. From notes.ini values, to server configuration settings and valuable customisations.
Some tips will be new to v10 and some have been around but rarely used for years.
Whatever your experience there will be something new for you to take away and enjoy.
Presented at Engage.ug in Brussels May 2019
Adminlicious - A Guide To TCO Features In Domino v10Gabriella Davis
With v10 of EVERYTHING due out in Q4 and the public beta now available it’s time to talk about what we know is coming and how to plan for upgrades. In this session I show the features I'm most inspired by (NDAs allowing!) talk about how I'm getting ready and why this is a really exciting time to be an admin!
An Introduction to Configuring Domino for DockerGabriella Davis
You may know that docker is a container solution but what does that mean and how could it affect your Domino infrstructure? In this session I will explain what Docker may offer, highlight the decisions to consider when designing container architecture , how to construct a container, how to install and run Domino inside one and discuss options for clustering. Is Docker for you?
Presented at CollabSphere 2018 in Ann Arbor, MI
An Introduction To The DMARC SMTP Validation RequirementsGabriella Davis
DMARC is a SMTP security standard being increasingly requested by customers to protect against email spoofing. It uses a combination of SPF (Sender Policy Framework) records and DKIM (DomainKeys Identified Mail). Using DMARC you would publicly specify how your outbound mail is sent and the receiving server would verify that the mail it receives matches your requirements. In this session we’ll discuss DMARC deployments and what to do if your mail server (like IBM Domino or SmartCloud) does not yet support DKIM?
Presented at Collabsphere 2018 in Ann Arbor, MI
× The Road To A #Perfect10 - How To Get Ready For Domino, Sametime, VOP and T...Gabriella Davis
Later this year HCL will be releasing the first major updates for Domino, Sametime, Traveler and Verse on Premises for several years. We've already heard about developments on the way such as a Notes client for tablet and phone as well as structural changes like the removal of the 64GB file limit. The more up to date and well designed your infrastructure is, the easier these upgrades are going to be so In this session Gab will explain how to audit, evaluate and fix your environment as well as what changes you can (and should) do in preparation so you can be fast to move when the products arrive..
Presented At CollabSphere 2018 in Ann Arbor, MI
An introduction to configuring Domino for DockerGabriella Davis
9.0.1 FP10 brings support for Domino on a docker platform. You may know that docker is a container solution but what does that mean and how could it affect your Domino infrstructure? In this session we'll review how to install and run Domino in a docker container, whether it can support external clustering and the decisions to consider when designing container architecture.
In this session, presented as a workshop outline, we will walk you through your GDPR responsibilities and how to assess your risk. We’ll give some recommendations on high priority but easy to fix issues and how to discover, secure and take ownership of existing data. At the end of the session we will share the workshop outline to help with your own planning.
Prepared for Social Connections 13 in Philadelphia April 2018
An Introduction To The DMARC SMTP Validation RequirementsGabriella Davis
Presented at Social Connections 13 in Philadelphia April 2018.
DMARC is a SMTP security standard being increasingly requested by customers to protect against email spoofing. It uses a combination of SPF (Sender Policy Framework) records and DKIM (DomainKeys Identified Mail). Using DMARC you would publicly specify how your outbound mail is sent and the receiving server would verify that the mail it receives matches your requirements. In this session we’ll discuss DMARC deployments and what to do if your mail server (like IBM Domino or SmartCloud) does not yet support DKIM?
In this session presented during Community Day at IBM Think, Gabriella Davis discusses the importance of a personal brand, why you have one, how to create one and how to move your brand to a new space.
A Guide To Single Sign-On for IBM Collaboration SolutionsGabriella Davis
Single sign-on, single identity and even password synchronization—in this session, we will take you through all the options available to minimize or eradicate logins across IBM's Collaboration Solutions (ICS); whether it is a Domino web server, IHS, Notes client, Traveler, Sametime, Connections or Verse, on-premises or cloud. The discussion will cover security certificates, password synchronization, IWA, SPNEGO and SAML Federation. We will explain what you can (and can't) do, and how to do it. Presented at Think 2018
In this group discussion Gabriella Davis with Tony Holder from Panagenda, Maria Nordin from Infoware Solutions and Jon Schultz from Prominic discuss their personal battles with the Imposter Syndrome.
In this session we introduce administrators to the concepts of Docker and discuss architectural decisions that will come into play when deploying containers. Although this session was originally presented as part of IBM's New Way To Learn initiative it does not discuss any specific aspects of IBM technology
Presentation from IBM InterConnect in Las Vegas March 2017.
Enabling Internet of Things (IoT) so your employees and your customers can have a simplified experience with new services and products sounds exciting. In this session, we will dig into the top ten risks that come with the IoT experience. Due to the rapidly evolving nature of IoT and associated threats, there are risks in allowing access to your enterprise resources. Custom firmware, embedded operating systems and wi-fi connectivity of IoT devices offer many possible areas for exploits and misuse. Come explore current security offerings and get a first look at best practices. Walk away with an immediate checklist to benefit your enterprise as it deploys and offers IoT access.
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdfPeter Spielvogel
Building better applications for business users with SAP Fiori.
• What is SAP Fiori and why it matters to you
• How a better user experience drives measurable business benefits
• How to get started with SAP Fiori today
• How SAP Fiori elements accelerates application development
• How SAP Build Code includes SAP Fiori tools and other generative artificial intelligence capabilities
• How SAP Fiori paves the way for using AI in SAP apps
Removing Uninteresting Bytes in Software FuzzingAftab Hussain
Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process.
In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds.
- These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.
A tale of scale & speed: How the US Navy is enabling software delivery from l...sonjaschweigert1
Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved:
- Reduction in onboarding time from 5 weeks to 1 day
- Improved developer experience and productivity through actionable findings and reduction of false positives
- Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO)
Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production.
We will cover:
- How to remove silos in DevSecOps
- How to build efficient development pipeline roles and component templates
- How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence)
- How to streamline operations with automated policy checks on container images
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionAggregage
Join Maher Hanafi, VP of Engineering at Betterworks, in this new session where he'll share a practical framework to transform Gen AI prototypes into impactful products! He'll delve into the complexities of data collection and management, model selection and optimization, and ensuring security, scalability, and responsible use.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
Climate Impact of Software Testing at Nordic Testing DaysKari Kakkonen
My slides at Nordic Testing Days 6.6.2024
Climate impact / sustainability of software testing discussed on the talk. ICT and testing must carry their part of global responsibility to help with the climat warming. We can minimize the carbon footprint but we can also have a carbon handprint, a positive impact on the climate. Quality characteristics can be added with sustainability, and then measured continuously. Test environments can be used less, and in smaller scale and on demand. Test techniques can be used in optimizing or minimizing number of tests. Test automation can be used to speed up testing.
2. !
Gab Davis - Technical Director
The Turtle Partnership
gabriella@turtlepartnership.com ▪Administrator, Problem Solver,
Stubborn Fixer of Things
▪Working with IBM technologies
and all the things surrounding and
integrating with those
▪Based in London, about half the
time
2
4. 4
• A Connections Administrator
is knowledgeable about
many different products and
tools that have a wider
application than just IBM
Connections
• A Connections developer can
use development tools from
CSS to OpenSocial gadgets to
Java and more, all have a
much wider application than
just IBM Connections
25. Population Wizard
Simple: Manual
1 LDAP Source > Profile
XML Files From TDISOL
1 LDAP Source > Profile
Some data manipulation
Assemblyline
Advanced: Realtime
Multiple Data Sources
Full data manipulation
28. HTTPD.CONF
In HTTPServerbin
Can be modified in WebSphere
PLUGIN-CFG.XML
Generated by WebSphere
Mappings for every application
Distributed to HTTPServer
29. DANGER!
!
The httpd.conf file can be easily broken as
it’s not validated on save
!
A faulty httpd.conf will prevent IHS from starting
36. Websphere Administration
▪ Application security - the rights users have to applications
• Not granular “one size fits all”
• New roles that change behaviour aren’t something you can add
!
• Wsadmin
• command line administration tool
• also used to make changes to application configuration settings
38. WSAdmin – sending commands
▪ Start in the BIN directory of the deployment manager
– C:IBMWebSphereAppServerprofilesDmgr01bin
!
▪ Call wsadmin by typing
wsadmin(.sh) –lang jython –username [name] –password [password]
▪ Choose which application you want to work with
execfile(“profilesAdmin.py”)
▪ Any changes you make here will be pushed out to all the nodes
– Wsadmin commands are case sensitive regardless of your platform
43. Do’s & do nots
▪ Backup your configuration using backupconfig before making changes to the configuration
– Never manually edit an XML configuration file, always use wsadmin which verifies the
XML structure as it’s checked back in
– Schedule the database reorg maintenance scripts to run regularly,
– Set up specific credentials for developers to use to access the Connections data, don’t re-
use administration credentials
– Ensure you have a test / staging server to test customisations, enhancements and
developments on
– Never skip post installation steps , or any steps, follow the documentation
!
– Never let your developer have ISC access or wsadmin access to a production
environment!
44. HOWTO FIND ME
Twitter, blogs, Instagram, Facebook and more
gabriella@turtlepartnership.com
GabriellaDavis (skype)
http://turtleblog.info
gabturtle on twitter and elsewhere