OpenSocial is a specification that allows third-party applications called gadgets to be included into social networking services. A gadget can access a user's social graph and social data through the OpenSocial API. Gadgets are rendered within a container/host site through the use of a proxy server called Shindig that handles authentication and API calls on behalf of the gadget to work around same-origin policy limitations. The presentation provided examples of how OpenSocial allows for embedded experiences, templates, authorization flows, and other features to enable cross-site development of social applications.
A talk given at PHP London on 4th November 2010. This provides an introduction to OAuth and a simplistic PHP implementation of a consumer, as well as a few things to think about when creating a provider.
Approaching the unknown - Windows Phone application security assessment guideSecuRing
Windows Phone should be gone by now.
But somehow it survived, hanging around few percent of mobile OS market share. Maybe good camera which is in those phones does it.
Sometimes even an application dedicated to WP platform shows up on pentest.
How to do it?
What tools to use?
What to check?
This talk will give you an overview of WP application security assessment, including some tips & tricks as well.
We will cover topics like:
- application internal structure
- data storage
- traffic interception
- testing on emulator vs testing on rooted phone
- code analysis of WP application
- overview of security mechanisms available on WP
There even will be a real phone with Windows Phone on it to see.
What the Heck is OAuth and OpenID Connect - RWX 2017Matt Raible
OAuth is not an API or a service: it is an open standard for authorization and any developer can implement it. OAuth is a standard that applications can use to provide client applications with “secure delegated access”. OAuth works over HTTP and authorizes Devices, APIs, Servers and Applications with access tokens rather than credentials, which we will go over in depth below. OpenID Connect (OIDC) is built on top of the OAuth 2.0 protocol. It allows clients to verify the identity of the user and, as well as to obtain their basic profile information.
This session covers how OAuth/OIDC works, when to use them, and frameworks/services that simplify authentication.
Blog post: https://developer.okta.com/blog/2017/06/21/what-the-heck-is-oauth
A talk given at PHP London on 4th November 2010. This provides an introduction to OAuth and a simplistic PHP implementation of a consumer, as well as a few things to think about when creating a provider.
Approaching the unknown - Windows Phone application security assessment guideSecuRing
Windows Phone should be gone by now.
But somehow it survived, hanging around few percent of mobile OS market share. Maybe good camera which is in those phones does it.
Sometimes even an application dedicated to WP platform shows up on pentest.
How to do it?
What tools to use?
What to check?
This talk will give you an overview of WP application security assessment, including some tips & tricks as well.
We will cover topics like:
- application internal structure
- data storage
- traffic interception
- testing on emulator vs testing on rooted phone
- code analysis of WP application
- overview of security mechanisms available on WP
There even will be a real phone with Windows Phone on it to see.
What the Heck is OAuth and OpenID Connect - RWX 2017Matt Raible
OAuth is not an API or a service: it is an open standard for authorization and any developer can implement it. OAuth is a standard that applications can use to provide client applications with “secure delegated access”. OAuth works over HTTP and authorizes Devices, APIs, Servers and Applications with access tokens rather than credentials, which we will go over in depth below. OpenID Connect (OIDC) is built on top of the OAuth 2.0 protocol. It allows clients to verify the identity of the user and, as well as to obtain their basic profile information.
This session covers how OAuth/OIDC works, when to use them, and frameworks/services that simplify authentication.
Blog post: https://developer.okta.com/blog/2017/06/21/what-the-heck-is-oauth
Presented at WordCamp Malaysia 2010.
Slideshare also does not resize my cropped images properly, thus resulting in squished images. This is noticeable on my squished code.
This talk is about how to secure your front-end + backend applications using a RESTful approach. As opposed to traditional and monolithic server-side applications (where the HTTP session is used), when your front-end application is running on a browser and not securely from the server, there are few things you need to consider.
In this session Alvaro will explore standards like OAuth or JWT to achieve a stateless, token-based authentication and authorization using Spring Security in Grails.
Sebastien Gourdon, Open Innovation Director, SpecialChemKGS Global
ACCELERATE YOUR PRODUCT DEVELOPMENT WITH OPEN
INNOVATION
• How to Scout Novel Chemicals & Materials Technologies?
• How to Find Technologies Closer to commercialization?
• How To Incorporate these Technologies into your Product
Development?
Understanding Identity in the World of Web APIs – Ronnie Mitra, API Architec...CA API Management
Web Based APIs have become a powerful tool for reaching end users in an increasingly fragmented market. The emergence of public and private APIs have introduced new challenges in identity management and access control. Attend this session to get a crash course in Web APIs, the risks they introduce and the emerging standards that can make them safer to use (including OAuth 2 and Open ID Connect)
So, you heard "the Web is Programmable, Internet of Things, Digitalization", but have NO to little programming skills. Nevertheless, this is 2016, and you want to get enough about Web Programming to be part of the some fun and exciting Web challenge, participate in an Hackathon may be …
Well, I am happy we meet. I suggest you take the tour “from ZERO to REST in a hour”: we’ll teach you to forge your own HTTP requests against the Github API. After this tour, you’ll know enough to interact with any RESTful Web APIs. Worth mentionning this presentation is entirely scripted: so give attention to each slide comments.
Did you enjoy the tour ? look forward to learn more ?
Post your comments below about enhancements, and for any subjects you’d like to see covered.
2. Join the Cisco developers community : https://developer.cisco.com/
3. Take a free online Coding Lab (REST, Python, Parsing JSON, RAML, Git…)
https://learninglabs.cisco.com/labs/tags/Coding
4. Meet DevNet teams at a physical event: conferences, hackathons
https://developer.cisco.com/site/devnet/events-contests/events/
An application programming interface (API) is a way for two different pieces of software to communicate with each other. In your WordPress plugins and themes, you’ll often want to pull data from or send data to a third-party service that has an API. In this talk, Randy will explain the terminology you need to know to get started, share best practices and techniques for integrating with APIs, and walk through two real-world examples. You’ll leave with code snippets to help you get started integrating.
Presented at WordCamp Malaysia 2010.
Slideshare also does not resize my cropped images properly, thus resulting in squished images. This is noticeable on my squished code.
This talk is about how to secure your front-end + backend applications using a RESTful approach. As opposed to traditional and monolithic server-side applications (where the HTTP session is used), when your front-end application is running on a browser and not securely from the server, there are few things you need to consider.
In this session Alvaro will explore standards like OAuth or JWT to achieve a stateless, token-based authentication and authorization using Spring Security in Grails.
Sebastien Gourdon, Open Innovation Director, SpecialChemKGS Global
ACCELERATE YOUR PRODUCT DEVELOPMENT WITH OPEN
INNOVATION
• How to Scout Novel Chemicals & Materials Technologies?
• How to Find Technologies Closer to commercialization?
• How To Incorporate these Technologies into your Product
Development?
Understanding Identity in the World of Web APIs – Ronnie Mitra, API Architec...CA API Management
Web Based APIs have become a powerful tool for reaching end users in an increasingly fragmented market. The emergence of public and private APIs have introduced new challenges in identity management and access control. Attend this session to get a crash course in Web APIs, the risks they introduce and the emerging standards that can make them safer to use (including OAuth 2 and Open ID Connect)
So, you heard "the Web is Programmable, Internet of Things, Digitalization", but have NO to little programming skills. Nevertheless, this is 2016, and you want to get enough about Web Programming to be part of the some fun and exciting Web challenge, participate in an Hackathon may be …
Well, I am happy we meet. I suggest you take the tour “from ZERO to REST in a hour”: we’ll teach you to forge your own HTTP requests against the Github API. After this tour, you’ll know enough to interact with any RESTful Web APIs. Worth mentionning this presentation is entirely scripted: so give attention to each slide comments.
Did you enjoy the tour ? look forward to learn more ?
Post your comments below about enhancements, and for any subjects you’d like to see covered.
2. Join the Cisco developers community : https://developer.cisco.com/
3. Take a free online Coding Lab (REST, Python, Parsing JSON, RAML, Git…)
https://learninglabs.cisco.com/labs/tags/Coding
4. Meet DevNet teams at a physical event: conferences, hackathons
https://developer.cisco.com/site/devnet/events-contests/events/
An application programming interface (API) is a way for two different pieces of software to communicate with each other. In your WordPress plugins and themes, you’ll often want to pull data from or send data to a third-party service that has an API. In this talk, Randy will explain the terminology you need to know to get started, share best practices and techniques for integrating with APIs, and walk through two real-world examples. You’ll leave with code snippets to help you get started integrating.
Tired of “just use JWT!” tutorials? Learn how you could move your existing legacy authn/authz to a centralised service working together with your ingress gateway. Convert basic, bearer or other authentication mechanisms into a common format, even handling multiple auth types for all your endpoints.
Tired of “just use JWT!” tutorials? Learn how you could move your existing legacy authn/authz to a centralised service working together with your ingress gateway. Convert basic, bearer or other authentication mechanisms into a common format, even handling multiple auth types for all your endpoints.
These slides focus on documentation for REST APIs. See http://idratherbewriting.com for more detail. For the video recording, see http://youtu.be/0yfNd7tzH2Q. This deep dive is the second slide deck I used in the presentation.
Adding Identity Management and Access Control to your AppFIWARE
Adding Identity Management and Access Control to your App presentation, by Alvaro Alonso & Cyril Dangerville.
Security Chapter. 1st FIWARE Summit, Málaga Dec. 13-15, 2016.
The presentation done at Colombo White Hat Security Meetup for introducing OAuth framework to the security enthusiasts. The event details are in [1].
[1] https://www.meetup.com/Colombo-White-Hat-Security/events/255358391/
Best Practices for Architecting a Pragmatic Web API.Mario Cardinal
This presentation teach how to design a real-world and pragmatic web API. It draws from the experience Mario Cardinal have gained over the years being involved architecting many Web API. This presentation begins by differencing between a Web and a REST API, and then continue with the design process. We conclude with the core learnings of the session which is a review of the best practices when designing a web API. Armed with skills acquired, you can expect to see significant improvements in your ability to design a pragmatic web API.
http://www.springio.net/stateless-authentication-for-microservices/
This talk is about how to secure your front-end + backend applications using a RESTful approach. As opposed to traditional and monolithic server-side applications (where the HTTP session is used), when your front-end application is running on a browser and not securely from the server, there are few things you need to consider.
In this session Alvaro will explore standards like OAuth and JWT to achieve a stateless, token-based authentication and authorization using Spring Security in Grails. More specifically, the demonstration will be made using Spring Security REST, a popular Grails plugin written by Álvaro.
Nowadays many modern web applications are solely relying on JavaScript to render their frontend. But if you want to create mashups, load data from many different places or include external widgets into your site, you are quickly running into boundaries because of browser and security restrictions. In this presentation I will talk about techniques helping you with such problems.
Presentation for the NJIT OpenSocial Hackathon on OpenSocial and it's use cases, OpenSocial Templates and Proxied Content, the OpenSocial Foundation, Apache Shindig and OpenSocial 2.0
Opening up the Social Web - Standards that are bridging the Islands Bastian Hofmann
Social networks are not closed off to the rest of the web anymore. Various standards like ActivityStreams, PubSubHubbub, WebFinger, OpenSocial, Salmon, OEmbed, XAuth or OExchange are emerging to open them up to other websites. I will introduce these protocols, show how they work together, how you can benefit from them and give an outlook on how they will change the world of social networks.
Generating a custom Ruby SDK for your web service or Rails API using Smithyg2nightmarescribd
Have you ever wanted a Ruby client API to communicate with your web service? Smithy is a protocol-agnostic language for defining services and SDKs. Smithy Ruby is an implementation of Smithy that generates a Ruby SDK using a Smithy model. In this talk, we will explore Smithy and Smithy Ruby to learn how to generate custom feature-rich SDKs that can communicate with any web service, such as a Rails JSON API.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
52. var html="<ul>";
for (var i=0; i < viewers.length; i++) {
html += "<li>" + viewers[i].displayName
+ "</li>";
}
html += "<ul>";
document.getElementById("div").innerHTML =
html;
Where is the error?
73. From: notifications@socialnetwork.com
To: johndoe@example.com
Subject: Social Network: Mary Has Commented On Your Status
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="XXXXboundary text"
--XXXXboundary text
Content-Type: text/html
<html>
<!-- HTML representation here -->
</html>
--XXXXboundary text
Content-Type: application/embed+json
{
"gadget" : "http://www.socialnetwork.com/embedded/
commentgadget.xml",
"context" : 123
}