This document provides security tips and recommendations from Sami Laiho, a senior technical fellow specializing in Windows security. Some of the key recommendations include: implementing whitelisting like AppLocker and following the principle of least privilege; using Windows 10 Enterprise over Windows 7 for improved security features; choosing hardware with TPM and virtualization support; applying full disk encryption with BitLocker; restricting administrative access and using tools like Avecto DefendPoint for privilege elevation; and implementing password policies and end user training. Contact information is provided to learn more about security training and services.
Zero Trust And Best Practices for Securing Endpoint Apps on May 24th 2021Teemu Tiainen
The great cyber security expert Sami Laiho returned as a keynote speaker with the theme of Zero Trust, but this time from the point of view of securing endpoint applications.
Sami Laiho is an internationally renowned and recognized specialist in access rights and endpoint security. In this webinar, Laiho and Centero's Juha Haapsaari discussed the Zero Trust model and securing endpoint applications – even in environments of over 100,000 workstations.
These are some of the themes we covered:
• How to ease your workload with allow-listing.
• Is allow-listing difficult? (A hint: it is not.)
• Implementing AppLocker to trim down your application portfolio.
• Restricting admin rights to control your IT environment.
• Managing and updating applications after allow-listing operations.
Zero Trust is a new paradigm for cyber security in organizations. Modern IT environments are complex by nature, and both users and devices are constantly on the move. Traditional methods are not sufficient to properly secure this kind of environment, and that’s where Zero Trust comes in.
The biggest challenge in performance tuning is identifying the root cause of the bottleneck. Once you find it, the fix often becomes trivial. However, this detective work takes patience, skills, and effort, so we often attempt to guess the cause, by trying out tentative fixes. The result: messy code, waste of time and money, and frustration. During this talk you will learn how to correctly zoom in on the bottleneck using three levels of profiling: distributed tracing with Zipkin, metrics with Micrometer, and profiling with the Java Flight Recorder already built into your JVM. We’ll focus on the latter and learn how to read a flame graph to trace some common issues of backend systems like connection/thread pool starvation, time-consuming aspects, hot methods, and lock contention, even if these occur in library code you did not write.
MySQL Administrator
Basic course
- MySQL 개요
- MySQL 설치 / 설정
- MySQL 아키텍처 - MySQL 스토리지 엔진
- MySQL 관리
- MySQL 백업 / 복구
- MySQL 모니터링
Advanced course
- MySQL Optimization
- MariaDB / Percona
- MySQL HA (High Availability)
- MySQL troubleshooting
네오클로바
http://neoclova.co.kr/
Zero Trust And Best Practices for Securing Endpoint Apps on May 24th 2021Teemu Tiainen
The great cyber security expert Sami Laiho returned as a keynote speaker with the theme of Zero Trust, but this time from the point of view of securing endpoint applications.
Sami Laiho is an internationally renowned and recognized specialist in access rights and endpoint security. In this webinar, Laiho and Centero's Juha Haapsaari discussed the Zero Trust model and securing endpoint applications – even in environments of over 100,000 workstations.
These are some of the themes we covered:
• How to ease your workload with allow-listing.
• Is allow-listing difficult? (A hint: it is not.)
• Implementing AppLocker to trim down your application portfolio.
• Restricting admin rights to control your IT environment.
• Managing and updating applications after allow-listing operations.
Zero Trust is a new paradigm for cyber security in organizations. Modern IT environments are complex by nature, and both users and devices are constantly on the move. Traditional methods are not sufficient to properly secure this kind of environment, and that’s where Zero Trust comes in.
The biggest challenge in performance tuning is identifying the root cause of the bottleneck. Once you find it, the fix often becomes trivial. However, this detective work takes patience, skills, and effort, so we often attempt to guess the cause, by trying out tentative fixes. The result: messy code, waste of time and money, and frustration. During this talk you will learn how to correctly zoom in on the bottleneck using three levels of profiling: distributed tracing with Zipkin, metrics with Micrometer, and profiling with the Java Flight Recorder already built into your JVM. We’ll focus on the latter and learn how to read a flame graph to trace some common issues of backend systems like connection/thread pool starvation, time-consuming aspects, hot methods, and lock contention, even if these occur in library code you did not write.
MySQL Administrator
Basic course
- MySQL 개요
- MySQL 설치 / 설정
- MySQL 아키텍처 - MySQL 스토리지 엔진
- MySQL 관리
- MySQL 백업 / 복구
- MySQL 모니터링
Advanced course
- MySQL Optimization
- MariaDB / Percona
- MySQL HA (High Availability)
- MySQL troubleshooting
네오클로바
http://neoclova.co.kr/
How to become DNSSEC-ure
DNSSEC (short for DNS Security Extensions) adds security to the Domain Name System.
The original design of the Domain Name System (DNS) did not include security; instead it was designed to be a scalable distributed system. The Domain Name System Security Extensions (DNSSEC) attempts to add security, while maintaining backwards compatibility.
Observabilidade: Será que você está fazendo do jeito certo?Janssen Lima
Por muitos anos as equipes de TI mediam a disponibilidade e performance de suas aplicações através da coleta de métricas e procuravam por problemas lendo logs. No atual cenário que vivemos, com sistemas complexos e distribuídos em microsserviços, o monitoramento não é mais a técnica ideal para entender e resolver problemas. Os sistemas modernos introduziram complexidade adicional, fazendo com que as falhas sejam mais difíceis de prever, detectar e solucionar. Porém, o monitoramento ainda é confundido com observabilidade. A observabilidade precisa ser entendida no aspecto técnico e cultural pelas equipes que desejam adotá-la da maneira certa para entender como seus sistemas estão funcionando.
MySQL Performance Schema in Action: the Complete TutorialSveta Smirnova
Performance Schema is powerful diagnostic instrument for:
- Query performance
- Complicated locking issues
- Memory leaks
- Resource usage
- Problematic behavior, caused by inappropriate settings
- More
It comes with hundreds of options which allow precisely tune what to instrument. More than 100 consumers store collected data.
In this tutorial we will try all important instruments out. We will provide test environment and few typical problems which could be hardly solved without Performance Schema. You will not only learn how to collect and use this information, but have experience with it.
Made it on PerconaLive Frankfurt, 2018: https://www.percona.com/live/e18/sessions/mysql-performance-schema-in-action-the-complete-tutorial
MySQL exposes a collection of tunable parameters and indicators that is frankly intimidating. But a poorly tuned MySQL server is a bottleneck for your PHP application scalability. This session shows how to do InnoDB tuning and read the InnoDB status report in MySQL 5.5.
Joram Barrez and Tijs Rademakers, Principal Software Engineer at Flowable present the current state of (Flowable)things.
It was presented at the Flowfest 2018 in Barcelona, Spain
Technical Introduction to PostgreSQL and PPASAshnikbiz
Let's take a look at:
PostgreSQL and buzz it has created
Architecture
Oracle Compatibility
Performance Feature
Security Features
High Availability Features
DBA Tools
User Stories
What’s coming up in v9.3
How to start adopting
Using the Terraform Enterprise GUI is perfect to start working with Terraform...Mitchell Pronschinske
Using the Terraform Enterprise GUI is perfect to start working with Terraform as a human, but it's not when implementing a machine to machine interaction. Joern will present some examples of how to demystify the Terraform Enterprise API.
Up to MySQL 5.5, replication was not crash safe: after an unclean shutdown, it would fail with “duplicate key” or “row not found” error, or might generate silent data corruption. It looks like 5.6 is much better, right ? The short answer is maybe: in the simplest case, it is possible to achieve replication crash safety, but it is not the default setting. MySQL 5.7 is not much better, 8.0 has better defaults, but it is still not replication crash-safe by default, and it is still easy to get things wrong.
Crash safety is impacted by replication positioning (File+Position or GTID), type (single-threaded or MTS), MTS settings (Database or Logical Clock, and with or without slave preserve commit order), the sync-ing of relay logs, the presence of binary logs, log-slave-updates and the sync-ing of binary logs. This is very complicated stuff and even the manual is sometimes confused about it.
In this talk, I will explain the impact of the above and help you find the path to crash safety nirvana. I will also give details about replication internals, so you might learn a thing or two.
Security teams are often seen as roadblocks to rapid development or operations implementations, slowing down production code pushes. As a result, security organizations will likely have to change so they can fully support and facilitate cloud operations.
This presentation will explain how DevOps and information security can co-exist through the application of a new approach referred to as DevSecOps.
The traditional human-machine interface (HMI) is a hardware-and-software solution used to view and track data in all kinds of industrial settings. Lately, supply-chain problems have led to long wait times when ordering traditional HMIs. But don't worry: It’s easy to turn any panel PC into an Ignition HMI solution, and in this webinar we'll show you how!
How Google works and how can you benefit from it? Test drive now a complete Microservices application with Istio, gRPC, Redis, BigQuery, Spring Boot, Spring Cloud and Stackdriver on Google Cloud Platform: https://git.io/fhzCx
Understanding my database through SQL*Plus using the free tool eDB360Carlos Sierra
This session introduces eDB360 - a free tool that is executed from SQL*Plus and generates a set of reports providing a 360-degree view of an Oracle database; all without installing anything on the database.
If using Oracle Enterprise Manager (OEM) is off-limits for you or your team, and you can only access the database thorough a SQL*Plus connection with no direct access to the database server, then this tool is a perfect fit to provide you with a broad overview of the database configuration, performance, top SQL and much more. You only need a SQL*Plus account with read access to the data dictionary, and common Oracle licenses like the Diagnostics or the Tuning Pack.
Typical uses of this eDB360 tool include: databases health-checks, performance assessments, pre or post upgrade verifications, snapshots of the environment for later use, compare between two similar environments, documenting the state of a database when taking ownership of it, etc.
Once you learn how to use eDB360 and get to appreciate its value, you may want to execute this tool on all your databases on a regular basis, so you can keep track of things for long periods of time. This tool is becoming part of a large collection of goodies many DBAs use today.
During this session you will learn the basics about the free eDB360 tool, plus some cool tricks. The target audience is: DBAs, developers and consultants (some managers could also benefit).
Security Automation by integrating SAST(Static Application Security Testing),DAST(Dynamic Application Secuirty Testing) and SIEM (Security Information and Event Management) tools with Jenkins.
By automating Security(SAST,DAST,SIEM) developers can them selves perform VA and monitor on application without going to IT and Security team
Below Tools are used to Automate everything:
SAST - Fortify,CheckMarx
DAST - IBM App Scan,OWASP ZAP,HP Web Inspect
SIEM - Alien Vault
In the last few years, the popularity of DevSecOps and rich cloud services have been driving the adoption of containers in the software industry. Container architectures become increasingly complex, and organizations cannot escape using them. At the same time, attackers are finding new ways of exploiting containers and container architectures.
Are you still new to containerization and infrastructure as code? Do you feel that your knowledge of application security suddenly doesn’t apply to the way applications are built and deployed using containers? Do you get lost in the IaC and container terminology soup? If so, this talk will help clear things up and answer your questions.
We start with an introduction into container technologies, briefly go through the key terminology, explain the value that containers bring today, and why they are so popular. Then we will talk about the challenges that DevSecOps engineers have when using contains and the security aspects that they face. This presentation includes descriptions of common container threats and real-world examples of recent attacks. These threats will guide our discussion of the typical vulnerabilities and attack vectors. We will touch on well-known standards and resources for container security, such as OWASP Docker Top 10 project, Container Security Verification Standard, NIST Application Container Security Guide, and CIS Benchmarks. And we conclude with guidelines on how to secure containers and listing best practices that most organizations follow today.
Stefan is currently working on a new exciting project, GitOps Toolkit (https://github.com/fluxcd/toolkit), which is an experimental toolkit for assembling CD pipelines the GitOps way
How to become DNSSEC-ure
DNSSEC (short for DNS Security Extensions) adds security to the Domain Name System.
The original design of the Domain Name System (DNS) did not include security; instead it was designed to be a scalable distributed system. The Domain Name System Security Extensions (DNSSEC) attempts to add security, while maintaining backwards compatibility.
Observabilidade: Será que você está fazendo do jeito certo?Janssen Lima
Por muitos anos as equipes de TI mediam a disponibilidade e performance de suas aplicações através da coleta de métricas e procuravam por problemas lendo logs. No atual cenário que vivemos, com sistemas complexos e distribuídos em microsserviços, o monitoramento não é mais a técnica ideal para entender e resolver problemas. Os sistemas modernos introduziram complexidade adicional, fazendo com que as falhas sejam mais difíceis de prever, detectar e solucionar. Porém, o monitoramento ainda é confundido com observabilidade. A observabilidade precisa ser entendida no aspecto técnico e cultural pelas equipes que desejam adotá-la da maneira certa para entender como seus sistemas estão funcionando.
MySQL Performance Schema in Action: the Complete TutorialSveta Smirnova
Performance Schema is powerful diagnostic instrument for:
- Query performance
- Complicated locking issues
- Memory leaks
- Resource usage
- Problematic behavior, caused by inappropriate settings
- More
It comes with hundreds of options which allow precisely tune what to instrument. More than 100 consumers store collected data.
In this tutorial we will try all important instruments out. We will provide test environment and few typical problems which could be hardly solved without Performance Schema. You will not only learn how to collect and use this information, but have experience with it.
Made it on PerconaLive Frankfurt, 2018: https://www.percona.com/live/e18/sessions/mysql-performance-schema-in-action-the-complete-tutorial
MySQL exposes a collection of tunable parameters and indicators that is frankly intimidating. But a poorly tuned MySQL server is a bottleneck for your PHP application scalability. This session shows how to do InnoDB tuning and read the InnoDB status report in MySQL 5.5.
Joram Barrez and Tijs Rademakers, Principal Software Engineer at Flowable present the current state of (Flowable)things.
It was presented at the Flowfest 2018 in Barcelona, Spain
Technical Introduction to PostgreSQL and PPASAshnikbiz
Let's take a look at:
PostgreSQL and buzz it has created
Architecture
Oracle Compatibility
Performance Feature
Security Features
High Availability Features
DBA Tools
User Stories
What’s coming up in v9.3
How to start adopting
Using the Terraform Enterprise GUI is perfect to start working with Terraform...Mitchell Pronschinske
Using the Terraform Enterprise GUI is perfect to start working with Terraform as a human, but it's not when implementing a machine to machine interaction. Joern will present some examples of how to demystify the Terraform Enterprise API.
Up to MySQL 5.5, replication was not crash safe: after an unclean shutdown, it would fail with “duplicate key” or “row not found” error, or might generate silent data corruption. It looks like 5.6 is much better, right ? The short answer is maybe: in the simplest case, it is possible to achieve replication crash safety, but it is not the default setting. MySQL 5.7 is not much better, 8.0 has better defaults, but it is still not replication crash-safe by default, and it is still easy to get things wrong.
Crash safety is impacted by replication positioning (File+Position or GTID), type (single-threaded or MTS), MTS settings (Database or Logical Clock, and with or without slave preserve commit order), the sync-ing of relay logs, the presence of binary logs, log-slave-updates and the sync-ing of binary logs. This is very complicated stuff and even the manual is sometimes confused about it.
In this talk, I will explain the impact of the above and help you find the path to crash safety nirvana. I will also give details about replication internals, so you might learn a thing or two.
Security teams are often seen as roadblocks to rapid development or operations implementations, slowing down production code pushes. As a result, security organizations will likely have to change so they can fully support and facilitate cloud operations.
This presentation will explain how DevOps and information security can co-exist through the application of a new approach referred to as DevSecOps.
The traditional human-machine interface (HMI) is a hardware-and-software solution used to view and track data in all kinds of industrial settings. Lately, supply-chain problems have led to long wait times when ordering traditional HMIs. But don't worry: It’s easy to turn any panel PC into an Ignition HMI solution, and in this webinar we'll show you how!
How Google works and how can you benefit from it? Test drive now a complete Microservices application with Istio, gRPC, Redis, BigQuery, Spring Boot, Spring Cloud and Stackdriver on Google Cloud Platform: https://git.io/fhzCx
Understanding my database through SQL*Plus using the free tool eDB360Carlos Sierra
This session introduces eDB360 - a free tool that is executed from SQL*Plus and generates a set of reports providing a 360-degree view of an Oracle database; all without installing anything on the database.
If using Oracle Enterprise Manager (OEM) is off-limits for you or your team, and you can only access the database thorough a SQL*Plus connection with no direct access to the database server, then this tool is a perfect fit to provide you with a broad overview of the database configuration, performance, top SQL and much more. You only need a SQL*Plus account with read access to the data dictionary, and common Oracle licenses like the Diagnostics or the Tuning Pack.
Typical uses of this eDB360 tool include: databases health-checks, performance assessments, pre or post upgrade verifications, snapshots of the environment for later use, compare between two similar environments, documenting the state of a database when taking ownership of it, etc.
Once you learn how to use eDB360 and get to appreciate its value, you may want to execute this tool on all your databases on a regular basis, so you can keep track of things for long periods of time. This tool is becoming part of a large collection of goodies many DBAs use today.
During this session you will learn the basics about the free eDB360 tool, plus some cool tricks. The target audience is: DBAs, developers and consultants (some managers could also benefit).
Security Automation by integrating SAST(Static Application Security Testing),DAST(Dynamic Application Secuirty Testing) and SIEM (Security Information and Event Management) tools with Jenkins.
By automating Security(SAST,DAST,SIEM) developers can them selves perform VA and monitor on application without going to IT and Security team
Below Tools are used to Automate everything:
SAST - Fortify,CheckMarx
DAST - IBM App Scan,OWASP ZAP,HP Web Inspect
SIEM - Alien Vault
In the last few years, the popularity of DevSecOps and rich cloud services have been driving the adoption of containers in the software industry. Container architectures become increasingly complex, and organizations cannot escape using them. At the same time, attackers are finding new ways of exploiting containers and container architectures.
Are you still new to containerization and infrastructure as code? Do you feel that your knowledge of application security suddenly doesn’t apply to the way applications are built and deployed using containers? Do you get lost in the IaC and container terminology soup? If so, this talk will help clear things up and answer your questions.
We start with an introduction into container technologies, briefly go through the key terminology, explain the value that containers bring today, and why they are so popular. Then we will talk about the challenges that DevSecOps engineers have when using contains and the security aspects that they face. This presentation includes descriptions of common container threats and real-world examples of recent attacks. These threats will guide our discussion of the typical vulnerabilities and attack vectors. We will touch on well-known standards and resources for container security, such as OWASP Docker Top 10 project, Container Security Verification Standard, NIST Application Container Security Guide, and CIS Benchmarks. And we conclude with guidelines on how to secure containers and listing best practices that most organizations follow today.
Stefan is currently working on a new exciting project, GitOps Toolkit (https://github.com/fluxcd/toolkit), which is an experimental toolkit for assembling CD pipelines the GitOps way
Security of Oracle EBS - How I can Protect my System (UKOUG APPS 18 edition)Andrejs Prokopjevs
Nowadays having a proper security configuration is a huge challenge, especially looking at the global hacks and personal data leak incidents that happened in IT a while back. Oracle EBS is not perfect and has lots of vulnerabilities covered by Oracle almost every quarter. A very small percent of Apps DBAs know all the features and options available, and usually, do not go over firewall/reverse proxy layer.
This presentation is going to cover an overview and recommendations of options and security features that are available and can be used out-of-the-box, and some of the non-trivial configurations that can help to keep your Oracle EBS system protected, per our experience.
Заполучили права администратора домена? Игра еще не оконченаPositive Hack Days
Получение прав администратора домена не всегда означает, что сразу появляется доступ ко всем хостам, общим ресурсам или базам данных сети. Хитрость в том, чтобы найти нужный аккаунт. Докладчик приведет примеры различных сценариев внутреннего тестирования на проникновение, расскажет о сложностях, с которыми столкнулась его команда и о том, как разрабатывался инструмент, позволивший справиться с ними.
This presentation was presented at MORENet 2015 Annual Conference by Josh Rickard and focused on educating IT Professionals on using Microsoft Group Policy to secure their Windows environment.
Visit http://msadministrator.com for more information.
Pentest Apocalypse-That's when you hire a pentester, and they walk all over your network. To avoid this, organizations need to be prepared before the first packet is sent in order to get the most value from the tester. There is no excuse for pentesters to find critical vulnerabilities that are six years old on an assessment. And who needs a zero-day when employees leave credentials on wide-open shares? Just like how Doomsday Preppers helps you prepare for the apocalypse, this presentation will help you prepare for, and avoid, a pentest apocalypse by describing common vulnerabilities found on many assessments. Being prepared for common pentester activities will not only help add value to a pentest but will also help prevent attackers from using the same tactics to compromise your organization.
For More Information Please Visit:- http://bsidestampa.net
http://www.irongeek.com/i.php?page=videos/bsidestampa2015/104-pentest-apocalypse-beau-bullock
Soccnx10: Best and worst practices deploying IBM Connectionspanagenda
Depending on deployment size, operating system and security considerations you have different options to configure IBM Connections. This session will show good and bad examples on how to do it from multiple customer deployments. We will describe things we found and how you can optimize your systems. Main topics include simple (documented) tasks that should be applied, missing documentation, automated user synchronization, TDI solutions and user synchronization, performance tuning, security optimizing and planning Single Sign On for mail, IBM Sametime and SPNEGO. This is valuable information that will help you to be successful in your next IBM Connections deployment project.
A presentation by Christoph Stoettner & Nico Meisenzahl
IBM Lotus Notes Client Management Done Right – Beginning to Endpanagenda
This presentation provides information on a complete lifecycle of an IBM Notes client, its evolution compared to previous releases, the challenges that IT organisations have to cope with and how panagenda MarvelClient will standardize, automate and manage it.
Automatic Data Encryption (ADE) is a security tool available for UniData and UniVerse. This session will concentrate on more real world topics rather than ‘how to’ . The intent is to provide the knowledge required for creating a strategy for your application and customers.
Similar to CSF18 - The Night is Dark and Full of Hackers - Sami Laiho (20)
Let's dive deeper into the world of ODC! Ricardo Alves (OutSystems) will join us to tell all about the new Data Fabric. After that, Sezen de Bruijn (OutSystems) will get into the details on how to best design a sturdy architecture within ODC.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
"Impact of front-end architecture on development cost", Viktor TurskyiFwdays
I have heard many times that architecture is not important for the front-end. Also, many times I have seen how developers implement features on the front-end just following the standard rules for a framework and think that this is enough to successfully launch the project, and then the project fails. How to prevent this and what approach to choose? I have launched dozens of complex projects and during the talk we will analyze which approaches have worked for me and which have not.
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
CSF18 - The Night is Dark and Full of Hackers - Sami Laiho
1.
2. The Night is Dark and full of
Hackers: Security Tips & Tricks
from Beyond the Wall
AKA: ”Security affordable – this is how I do it!”
2
3. Sami Laiho
Senior Technical Fellow
adminize.com
• IT Admin since 1996
• MVP in Windows OS since 2011
• Specializes in and trains:
• Troubleshooting
• Security
• Windows Internals
• Trophies:
• Best and 3rd session at MCT Summit 2018
• Best two Sessions at IGNITE 2018! (out of 1708 session in total)
• Best Session at AppManagEvent 2017 and 2018, Utrecht
• Best External Speaker at Ignite 2017
• Best Sessions (#1 and #2) at TechTalks 2017, Helsinki
• TechDays Sweden 2016 – Best Speaker
• NIC 2016, 2017 - Best Speaker
• Ignite 2015 – Best male presenter ;) (#2 out of 1000 speakers)
• TechEd Europe and North America 2014 - Best session, Best
speaker
6. • Established in 1983
• Just Me, Myself and I
• We deliver:
• Training!
• Private classes anywhere in the World!
• Around 1000€/1200$ per head for 4 days
• Security Audit for Windows environments
• Two days onsite/online
• Two days of reporting/documenting offsite
• 10000€/12000$
• AppLocker/Whitelisting implementation
• 10000€/12000$ + t&e
• Takes around 4 days
• VoD Training
• https://win-fu.com/dojo
• Best at a very cheap price!
• I deliver training through PluralSight as well but not the
same content
Adminize.com
11. Most Important Rules in Windows Security
• You have no security in Windows unless
• You have Full Disk Encryption
• You follow the Principle of Least Privilege
12. Gartner, NIST and others
• Say that the most important security feature to implement in 2018 is
Whitelisting
• #2 is Principle of Least Privilege
• #3 is Hard Disk Encryption
12
14. Choosing Harware
• 64-bit
• UEFI with SecureBoot
• Virtualization support: Intel VT or
AMD-V
• SLAT: Intel EPT or AMD RVI
• TPM
• 1.2 ok for Windows 7
• 2.0 for Windows 10 is better
• DMA-ports?
• No on Windows 7
• TB3 on Windows 10 is OK
• Nice to have:
• IO-MMU
• Intel VT-d or AMD-Vi
• I would require:
• PXE boot available and ON
• Virtualization and TPM ON
• For Windows 7 SecureBoot OFF
14
15. Operating System
• I would go for Windows 10 Enterprise if I can choose
• SecureKernel stuff like Credential Guard, Device Guard
• Windows Defender Application Guard
• AppLocker
• Windows 7 Enteprise is fine as well
• General rule: get the hell away from Windows 8 and 8.1
15
16. Network Infrastructure
• Managed network devices that are easy to manage and monitor
• Meraki (Awesome if money is no object)
• Unifi (I’m in love with these because of the price)
• I prefer my devices to connect to corporate network with Direct
Access
• BUT…
16
17. AD-infrastructure
• Domain names
• No company name
• TLD to be .local or .ds
• Always build two DFS-roots
• One for shares used by users
• One for IT’s needs and AD’s use
• If you have insecure remote locations use RODC
• Use Redircmp and Redirusr
17
19. Admin Access
• No end user get admin access to their device
• Not the Boss, not the girlfriend and not the devs
• No IT-admin interactively logs on to their box with an administrative
account
• They use Runas-solutions like UAC
19
20. Avecto DefendPoint
• You can
• Auto elevate
• Auto elevate with a warning
• Auto elevate with a question for reason
• Elevate with a managers approval
• Elevate with a challenge code
20
21. Examples
• Applications that require admin rights
• Updating things you don’t have to time manage
• IP-addresses and Networking
• Joining the domain
• Hyper-V Management
• Visual Studio
21
22. Extra from Avecto
• Whitelisting is better than AppLocker
• Better pinpointing at a task
• Grey list
• Better messaging
• Sandboxing for browsers
• Neat but not without some problems
• No admin + good whitelisting = very little need for this…
22
24. Randomizing Passwords
• LAPS is fine
• Randomizes passwords
• AD-Domains only
• Needs online access to AD
• Doesn’t change password based on usage
• This is a good thing for some people
• I use Adminizer ;)
• Randomizes passwords
• Workgroups, Azure AD, BYOD etc.
• Totally Offline and self-sufficient
• Changes password both based on usage and based on time
24
25. Other stuff
• I let the local Administrator be named Administrator as it will anyway
have the same SID
• I don’t intentionally disable them either
• Guest I disable but don’t rename
25
27. Enterprise and Schema Admins
• These group are and stay empty
• Only added a domain admin user when needed
• If you doubt yourself or colleagues just create a scheduled task on a
DC to clear them
• Schema Admins are only needed when changing the schema
• Enterprise Admins are needed mainly for
• DHCP authorize
• Adding or removing domains
• Site applied GPOs
27
28. Domain Admins
• Only used for administering DC’s or AD
• Remember to administer from an administration Work Station or Server –
NOT BY LOGGING ON TO A DC!!
• Are denied from logging on to anywhere else but Domain Controllers
– By Policy!
28
29. Mitigating PtH?
• Split your environment into three layers
• Never allow higher layer admins to logon to lower layers
Power
(DCs)
Data (Servers and
Apps)
Access (Endpoints)
Domain Admins
Server Admins Workstation Admins
31. BitLocker
• BitLocker on all machines that are outside of the server rooms
• Unless you can’t trust your admins → Include Servers
• Aim for TPM only
• Make sure your recovery keys are stored in AD
• Increase encryption to 256 with a diffuser
31
34. Normal UAC
• No changes to security needed but I always disable UAC Virtualization
34
35. High Secure UAC
• Change the prompt for UAC to ask for credentials for admins
• Kills all BadUSB and Rubber Ducky –attacks
• Also disable UAC virtualization
35
38. My customer devices
• Basic rules + AccessChk revealed exceptions
• Use certificates if you can (and trust the company)
• Then add required network locations with
• UNC
• IP
• FQDN
• Then add local applications outside of the default folders with Certs,
Folders (if they can be blocked from writing to by limited users)
• Problematic ones
• Self-updating, not signed and stored in users profile
38
40. Share settings are easy
• Always change two things
1. Block Offline use by default
2. EVERYONE – FULL CONTROL
• NTFS-ACL’s are always more granular and better
• I won’t kill you if you want to set different for user redirected folders
• EVERYONE – CHANGE
• Blocks users from sharing their files with other as they will by default get Full
Control to these
40
44. Things to note about Defender
• Only things that Defender can’t do
• Centralized Reporting
• Centralized Management
• Talk to the Firewall
• We can say that the engine of Defender is just fine
• 1% more found malware in tests currently means 10000 malware samples that were
not detected → Basically useless!
• I choose by
• The size of the wallet
• Burden on the OS
• Honestly:
• If you have System Center use SCEP
• Take a look at ATP!
44
46. How I use IPsec
• Require Inbound, Request Outbound
• Kerberos for users and computers
• Exclude DC’s and hard cases – You don’t need to get to 100%!
• Buy printers (etc) that can have a certificate if possible
46
49. My Policies
• Document with the Group Policy Settings Reference
• Many policies are not needed anymore for most, like:
• Always wait for the network on startup and logon
• Disable System Restore
• I nowadays try to avoid GPUPDATE /FORCE by changing group policy
CSE’s to process even if the policy has not changed
• For troubleshooting I always change a few things as well:
49
53. End User Training on Good Passwords
• For everyone
• Minimum length of 8 characters (but don’t advertise this)
• Complexity required
• Numbers
• at the beginning and end
OR
• in the middle
• For important users like admins it’s
• Minimum length of 15 characters
53
54. End User Training on Good Passwords
• Show people http://haveibeenpwned.com/ and teach to use different
passwords on every site
• Like
• Flower10SkypeGrows!
• Flower10DropbGrows!
• Massively10HardIL
• Massively10HardPO
• Massively10HardBM
54