DevSecOps is propelling forward-thinking organizations by doing something simple – fostering collaboration of seemingly contradictory teams to align their disparate goals into a singular effort.
Continuous Compliance is achievable, provided you leverage the cloud infrastructure APIs and applying Continuous Monitoring to your deployed resources. Here's how Evident.io is doing cloud security right.
#ALSummit: Amazon Web Services: Understanding the Shared Security ModelAlert Logic
Bill Murray (Director of Security Programs, AWS)'s presentation on the Shared Security Model at the NYC Alert Logic Cloud Security Summit on June 14th, 2016.
Securing The Cloud: Top Down and Bottom UpDevOps.com
As organizations continue to move to the cloud for hosting applications and development, security teams must protect multiple attack surfaces, including the applications and cloud infrastructure. Additionally, attackers are automated and capable. While these attackers continuously probe and find access or vulnerabilities on many different levels, their success usually results from human error in code or infrastructure configurations, such as open admin ports and over privileged identity roles.
Join DisruptOps and NetSPI for this webinar to learn how to better secure both the application layer and cloud infrastructure, using both automated tools and capable penetration testers to uncover logic flaws and other soft spots. We will share how to find and remediate your own vulnerabilities more efficiently, before the attackers do.
DevSecOps practices help build security and quality into the software delivery process by making EVERYONE responsible for security at every stage. But, how do you make sure your process is doing the right things?
Join Patrick Debois, Snyk DevOps Evangelist and co-author of “The DevOps Handbook,” along with Anders Wallgren, CloudBees Field CTO, as they share tips to allow developers and operators to increase delivery velocity and harden their pipelines.
DevSecOps, or SecDevOps has the ambitious goal of integrating development, security and operations teams together, encouraging faster decision making and reducing issue resolution times. This session will cover the current state of DevOps, how DevSecOps can help, integration pathways between teams and how to reduce fear, uncertainty and doubt. We will look at how to move to security as code, and integrating security into our infrastructure and software deployment processes.
Talk to executives in IT divisions of large enterprises about security and invariably the conversation will hover around
DevSecOps pipeline.
Is DevSecOps the only thing you need to do for security in your IT division or is there more?
What impact does bringing in secure culture in an engineering context mean?
What handshake is needed between the IT function and the security / risk function for large enterprises?
How does this impact roles and responsibilities of a developer?
This talk is an attempt to answer questions such as these using a real world examples of transformations seen in Fortune 100 companies.
Continuous Compliance is achievable, provided you leverage the cloud infrastructure APIs and applying Continuous Monitoring to your deployed resources. Here's how Evident.io is doing cloud security right.
#ALSummit: Amazon Web Services: Understanding the Shared Security ModelAlert Logic
Bill Murray (Director of Security Programs, AWS)'s presentation on the Shared Security Model at the NYC Alert Logic Cloud Security Summit on June 14th, 2016.
Securing The Cloud: Top Down and Bottom UpDevOps.com
As organizations continue to move to the cloud for hosting applications and development, security teams must protect multiple attack surfaces, including the applications and cloud infrastructure. Additionally, attackers are automated and capable. While these attackers continuously probe and find access or vulnerabilities on many different levels, their success usually results from human error in code or infrastructure configurations, such as open admin ports and over privileged identity roles.
Join DisruptOps and NetSPI for this webinar to learn how to better secure both the application layer and cloud infrastructure, using both automated tools and capable penetration testers to uncover logic flaws and other soft spots. We will share how to find and remediate your own vulnerabilities more efficiently, before the attackers do.
DevSecOps practices help build security and quality into the software delivery process by making EVERYONE responsible for security at every stage. But, how do you make sure your process is doing the right things?
Join Patrick Debois, Snyk DevOps Evangelist and co-author of “The DevOps Handbook,” along with Anders Wallgren, CloudBees Field CTO, as they share tips to allow developers and operators to increase delivery velocity and harden their pipelines.
DevSecOps, or SecDevOps has the ambitious goal of integrating development, security and operations teams together, encouraging faster decision making and reducing issue resolution times. This session will cover the current state of DevOps, how DevSecOps can help, integration pathways between teams and how to reduce fear, uncertainty and doubt. We will look at how to move to security as code, and integrating security into our infrastructure and software deployment processes.
Talk to executives in IT divisions of large enterprises about security and invariably the conversation will hover around
DevSecOps pipeline.
Is DevSecOps the only thing you need to do for security in your IT division or is there more?
What impact does bringing in secure culture in an engineering context mean?
What handshake is needed between the IT function and the security / risk function for large enterprises?
How does this impact roles and responsibilities of a developer?
This talk is an attempt to answer questions such as these using a real world examples of transformations seen in Fortune 100 companies.
by Twistlock
With containers, teams worldwide are deploying faster than ever before. But traditional security practices are slow and manual - leaving many users a choice between strong security or DevOps speed. In this talk, we'll outline how adopting a new 'cloud native' approach to security lets you recognize all the benefits of containerized deployment - and enjoy stronger protection than ever before.
Leveraging AWS for your business provides a catalyst for security programs as customers inherit a faster pace of security innovation simply by using AWS. This session highlights design and architecture patterns customers can employ to measurably improve the security of their organization. In this session, customers explore design patterns for data security using encryption, strong access controls, and least privilege; for implementing detective security controls, such as logging and monitoring, at scale; and for implementing a defense-in-depth network security architecture.
Leveraging AWS for your business provides a catalyst for security programs as customers inherit a faster pace of security innovation simply by using AWS. This session highlights design and architecture patterns customers can employ to measurably improve the security of their organization. In this session, customers explore design patterns for data security using encryption, strong access controls, and least privilege; for implementing detective security controls, such as logging and monitoring, at scale; and for implementing a defense-in-depth network security architecture.
Veritis helps organizations in proactively adopting DevSecOps and redefining their operations, engineering and security to work in cohesion towards business success.
Ryan Holland (Cloud Platform Solution Director, Alert Logic) and Pat McDowell (Partner Solution Architect, Amazon Web Services)'s presentation on AWS security services like AWS Inspector, AWS WAF, and AWS Config Rules at the NYC Alert Logic Cloud Security Summit on June 14, 2016.
Modernizing Traditional Security - DEM13 - AWS re:Inforce 2019 Amazon Web Services
As containers become the commonplace method for delivering and deploying applications, we’ve seen more of our customers taking a “lift-and-shift” approach to migrating their existing applications. In this session, John Morello from Twistlock discusses a non-profit that provides environmental science and engineering oversight to some of the world’s largest civil waterworks projects. This organization relies on a critical 14-year-old app that models storm surge. The move to containers for this application delivered immediate benefits, making it easier to manage vulnerabilities, ensure regulatory compliance, and provide runtime defense. In this session, we break down the security advantages of containers relative to traditional architectures.
#ALSummit: Realities of Security in the CloudAlert Logic
James Brown (VP Technology Solutions Group, Alert Logic)'s presentation on the reality of securing your digital transformation to the cloud at the NYC Alert Logic Cloud Security Summit on June 14, 2016.
Skybox presentation from Security Interest Group Switzerland December 2014 meeting exploring current challenges of network security including vulnerability management and firewall change management.
DevSecOps, or SecDevOps has the ambitious goal of integrating development, security and operations teams together, encouraging faster decision making and reducing issue resolution times. This session will cover the current state of DevOps, how DevSecOps can help, integration pathways between teams and how to reduce fear, uncertainty and doubt. We will look at how to move to security as code, and integrating security into our infrastructure and software deployment processes.
#ALSummit: Architecting Security into your AWS EnvironmentAlert Logic
Ryan Holland (Cloud Platform Solutions Director, Alert Logic)'s presentation on securing your AWS environment at the NYC Alert Logic Cloud Security Summit on June 14, 2016.
#ALSummit: SCOR Velogica's Journey to SOC2/TYPE2 Via AWSAlert Logic
Clarke Rodgers (CISO, SCOR Velogica)'s presentation on SCOR's journey to SOC2/TYPE2 via AWS at the NYC Alert Logic Cloud Security Summit on June 14th, 2016.
Outpost24 webinar - Why security perfection is the enemy of DevSecOpsOutpost24
The chase for security perfection is not uncommon. The idea of ‘shift left’ - locating defects from the beginning of SDLC and rectifying them early is a well-founded approach. But in a competitive business landscape, companies must balance the tradeoff between speed and quality to keep their business moving. Join our application security webinar and learn how to implement an agile DevSecOps to carry out the necessary security checks without compromising on time-to-market.
The 7 Rules of IT Disaster Recovery by AcronisAcronis
http://bit.ly/1PhdEau
The ability of an organization to continue operations in the event of a natural or human-induced disaster is a critical concern for organizations of all shapes and sizes. Implementing IT Disaster Recovery may look simple, but without proper planning, it can quickly become expensive, complicated and unreliable. Experts from Acronis and Disaster Recovery Journal will share 7 best practices that IT organizations should consider when architecting and implementing Disaster Recovery Solutions. It includes
1) How to survive unplanned events
2) How to assure IT continuity through normal planned events
3) How to establish on-site and off-site protection
4) How to automate recovery procedures
5) How to proactively test your disaster recovery solution
6) How to ensure security and meet compliance requirements
7) How to select disaster recovery vendors partners
Security ideas to help you operate more securely in the cloud. Use the AWS platform and CICD as a mechanism to monitor security of what is being deployed. Limit risk with proper security controls, network implementation and logging mechanisms.
Your Resolution for 2018: Five Principles For Securing DevOpsDevOps.com
Organizations in today’s market must strike a balance between competitive differentiation and meeting evolving compliance standards-particularly related to software security. They need to obtain faster release and deployment cycles, improved collaboration between business stakeholders and application development and operations teams, and automation tools. DevOps, an innovative organizational and cultural way of organizing development and IT operations work, is addressing this challenge – driven by mounting evidence of its benefits to the business. However reaping these gains requires rethinking application security to deliver more secure code at DevOps speed.
Hard Lessons Learned from defending Adobe Creative Cloud on AWS! Insight into implementing a solid Security Architecture based on a mutual conversation between DevOps and SecOps!
James Whittaker, Microsoft
A Future Worth Wanting
Presented at Seattle Interactive Conference 2013
Always-on devices. The Internet of Things. The world’s information at our fingertips. It seems like the stars have finally aligned to make technology work for us instead of against us. If you can’t imagine a world where you are the center of your technological universe and your devices exist only to serve your every whim, then you really need to see this talk.
by Twistlock
With containers, teams worldwide are deploying faster than ever before. But traditional security practices are slow and manual - leaving many users a choice between strong security or DevOps speed. In this talk, we'll outline how adopting a new 'cloud native' approach to security lets you recognize all the benefits of containerized deployment - and enjoy stronger protection than ever before.
Leveraging AWS for your business provides a catalyst for security programs as customers inherit a faster pace of security innovation simply by using AWS. This session highlights design and architecture patterns customers can employ to measurably improve the security of their organization. In this session, customers explore design patterns for data security using encryption, strong access controls, and least privilege; for implementing detective security controls, such as logging and monitoring, at scale; and for implementing a defense-in-depth network security architecture.
Leveraging AWS for your business provides a catalyst for security programs as customers inherit a faster pace of security innovation simply by using AWS. This session highlights design and architecture patterns customers can employ to measurably improve the security of their organization. In this session, customers explore design patterns for data security using encryption, strong access controls, and least privilege; for implementing detective security controls, such as logging and monitoring, at scale; and for implementing a defense-in-depth network security architecture.
Veritis helps organizations in proactively adopting DevSecOps and redefining their operations, engineering and security to work in cohesion towards business success.
Ryan Holland (Cloud Platform Solution Director, Alert Logic) and Pat McDowell (Partner Solution Architect, Amazon Web Services)'s presentation on AWS security services like AWS Inspector, AWS WAF, and AWS Config Rules at the NYC Alert Logic Cloud Security Summit on June 14, 2016.
Modernizing Traditional Security - DEM13 - AWS re:Inforce 2019 Amazon Web Services
As containers become the commonplace method for delivering and deploying applications, we’ve seen more of our customers taking a “lift-and-shift” approach to migrating their existing applications. In this session, John Morello from Twistlock discusses a non-profit that provides environmental science and engineering oversight to some of the world’s largest civil waterworks projects. This organization relies on a critical 14-year-old app that models storm surge. The move to containers for this application delivered immediate benefits, making it easier to manage vulnerabilities, ensure regulatory compliance, and provide runtime defense. In this session, we break down the security advantages of containers relative to traditional architectures.
#ALSummit: Realities of Security in the CloudAlert Logic
James Brown (VP Technology Solutions Group, Alert Logic)'s presentation on the reality of securing your digital transformation to the cloud at the NYC Alert Logic Cloud Security Summit on June 14, 2016.
Skybox presentation from Security Interest Group Switzerland December 2014 meeting exploring current challenges of network security including vulnerability management and firewall change management.
DevSecOps, or SecDevOps has the ambitious goal of integrating development, security and operations teams together, encouraging faster decision making and reducing issue resolution times. This session will cover the current state of DevOps, how DevSecOps can help, integration pathways between teams and how to reduce fear, uncertainty and doubt. We will look at how to move to security as code, and integrating security into our infrastructure and software deployment processes.
#ALSummit: Architecting Security into your AWS EnvironmentAlert Logic
Ryan Holland (Cloud Platform Solutions Director, Alert Logic)'s presentation on securing your AWS environment at the NYC Alert Logic Cloud Security Summit on June 14, 2016.
#ALSummit: SCOR Velogica's Journey to SOC2/TYPE2 Via AWSAlert Logic
Clarke Rodgers (CISO, SCOR Velogica)'s presentation on SCOR's journey to SOC2/TYPE2 via AWS at the NYC Alert Logic Cloud Security Summit on June 14th, 2016.
Outpost24 webinar - Why security perfection is the enemy of DevSecOpsOutpost24
The chase for security perfection is not uncommon. The idea of ‘shift left’ - locating defects from the beginning of SDLC and rectifying them early is a well-founded approach. But in a competitive business landscape, companies must balance the tradeoff between speed and quality to keep their business moving. Join our application security webinar and learn how to implement an agile DevSecOps to carry out the necessary security checks without compromising on time-to-market.
The 7 Rules of IT Disaster Recovery by AcronisAcronis
http://bit.ly/1PhdEau
The ability of an organization to continue operations in the event of a natural or human-induced disaster is a critical concern for organizations of all shapes and sizes. Implementing IT Disaster Recovery may look simple, but without proper planning, it can quickly become expensive, complicated and unreliable. Experts from Acronis and Disaster Recovery Journal will share 7 best practices that IT organizations should consider when architecting and implementing Disaster Recovery Solutions. It includes
1) How to survive unplanned events
2) How to assure IT continuity through normal planned events
3) How to establish on-site and off-site protection
4) How to automate recovery procedures
5) How to proactively test your disaster recovery solution
6) How to ensure security and meet compliance requirements
7) How to select disaster recovery vendors partners
Security ideas to help you operate more securely in the cloud. Use the AWS platform and CICD as a mechanism to monitor security of what is being deployed. Limit risk with proper security controls, network implementation and logging mechanisms.
Your Resolution for 2018: Five Principles For Securing DevOpsDevOps.com
Organizations in today’s market must strike a balance between competitive differentiation and meeting evolving compliance standards-particularly related to software security. They need to obtain faster release and deployment cycles, improved collaboration between business stakeholders and application development and operations teams, and automation tools. DevOps, an innovative organizational and cultural way of organizing development and IT operations work, is addressing this challenge – driven by mounting evidence of its benefits to the business. However reaping these gains requires rethinking application security to deliver more secure code at DevOps speed.
Hard Lessons Learned from defending Adobe Creative Cloud on AWS! Insight into implementing a solid Security Architecture based on a mutual conversation between DevOps and SecOps!
James Whittaker, Microsoft
A Future Worth Wanting
Presented at Seattle Interactive Conference 2013
Always-on devices. The Internet of Things. The world’s information at our fingertips. It seems like the stars have finally aligned to make technology work for us instead of against us. If you can’t imagine a world where you are the center of your technological universe and your devices exist only to serve your every whim, then you really need to see this talk.
InSpec is an open source testing framework for infrastructure with a human-readable language for specifying compliance, security, and other policy requirements. Easily integrate automated tests that check for advherence to policy into any stage of your deployment pipeline.
Joshua Kerievsky's 2016 keynote speech at Agile2016. Speech abstract follows...
----
Over the past decade, innovative companies, software industry thought leaders and lean/agile pioneers have discovered simpler, sturdier, and more streamlined ways to be agile. While there is timeless wisdom in agile, today's practitioners would do well to bypass outmoded agile practices in favor of modern approaches.
Modern agile methods are defined by four guiding principles
• Make people awesome
• Make safety a prerequisite
• Experience & learn rapidly
• Deliver value continuously
World famous organizations like Google, Amazon, Air BnB, Etsy and others are living proof of the powers of these four principles. However, you don't need to be a name brand company to leverage modern agile wisdom.
In this talk, Josh will explain what he means by modern agility, share real-world modern agile stories, show how modern agile addresses key risks while targeting results over rituals, and reveal how the 2001 agile manifesto can be updated to reflect modern agile's four guiding principles.
Revamping Development and Testing Using Docker – Transforming Enterprise IT b...Docker, Inc.
Docker doesn't only revolutionize your application hosting, it also revolutionizes your development pipeline. ING has over 250DevOps teams, thousands of applications and a complex application landscape. ING is simplifying its application landscape in record time while introducing a webscale architecture based on anti-fragility patterns. Speed is vital in this transformation and one of ING’s key assets is it Continuous Delivery Pipeline. In this talk, we will show how ING uses test containers for confidence checks, integration testing on up and downstream services, creating dev/test environments for every feature branch, reverse proxy and CI servers. As a result, we are able to automate test processes and reduce our integration testing costs.
"Running enterprise workloads with sensitive data in AWS is hard and requires an in-depth understanding about software-defined security risks. At re:Invent 2014, Intuit and AWS presented ""Enterprise Cloud Security via DevSecOps"" to help the community understand how to embrace AWS features and a software-defined security model. Since then, we've learned quite a bit more about running sensitive workloads in AWS.
We've evaluated new security features, worked with vendors, and generally explored how to develop security-as-code skills. Come join Intuit and AWS to learn about second-year lessons and see how DevSecOps is evolving. We've built skills in security engineering, compliance operations, security science, and security operations to secure AWS-hosted applications. We will share stories and insights about DevSecOps experiments, and show you how to crawl, walk, and then run into the world of DevSecOps."
DevSecOps is a new way to deliver security as part of the Software Supply Chain. It supports a built-in process and faster security feedback loop for DevOps teams.
Why Security Engineer Need Shift-Left to DevSecOps?Najib Radzuan
In the fusion between DevOps and DevSecOps, the pace and agility of the DevSecOps approach made AppSec and InfoSec were a little left behind. The DevOps squad topology does not involve any of the organization's AppSec and InfoSec Engineer. Many DevOps team are also not included them since they lack the information on how to manage and configure DevOps CI / CD pipelines and DevSecOps approaches. There's no shortage of talent — you probably don't have a mission worth getting out of bed or a culture that fosters continuous learning such DevSecOps skill and tools and growth where people feel psychologically safe. Besides, there is no shortage of skills — most have a poor understanding of what they need to be successful or the skills that need to leverage to improve their security posture.
The Importance of DevOps Security and the Emergence of DevSecOpsDev Software
The DevOps methodology has been adopted by many organizations as a means of accelerating software delivery and improving collaboration between teams. However, with the increasing complexity of modern applications and the growing number of threats to cybersecurity, the need for DevOps security has become paramount. In this blog post, we will explore the importance of DevOps security and the emergence of DevSecOps, a new approach that integrates security into the DevOps pipeline.
This talk provides a brief history of how DevOps has enabled tech companies to become unicorns. Furthermore, is Security in DevOps important, who is responsible and what can teams do make security a competitive advantage.
Security teams are often seen as roadblocks to rapid development or operations implementations, slowing down production code pushes. As a result, security organizations will likely have to change so they can fully support and facilitate cloud operations.
This presentation will explain how DevOps and information security can co-exist through the application of a new approach referred to as DevSecOps.
In many organizations, agile development processes are driving the pursuit of faster software releases, which has spawned a set of new practices called DevOps. DevOps stresses communications and integration between development and operations, including continuous integration, continuous delivery, and rapid deployments. Because DevOps practices require confidence that changes made to the code base will function as expected. automated testing is an essential ingredient Join Jeff Payne as he discusses the unique challenges associated with integrating automated testing into continuous integration/continuous delivery (CI/CD) environments. Learn the internals of how CI/CD works, appropriate tooling, and test integration points. Find out howpto integrate your existing test automation frameworks into a DevOps environment and leave with roadmap for integrating test automation with continuous integration and delivery.
2022 DOI SKILup Days_Your Developers Decide Your Security Posture_Not Your Se...Turja Narayan Chaudhuri
In many traditional enterprises, security is regarded as the responsibility of the CISO/security office. Yet most such security initiatives fail at scale when adopted by hundreds of teams across an enterprise.
In today's world, the key to your enterprise is in the hands of your developers. No security initiative will succeed unless you involve the development team and ensure that the security processes and frameworks do not conflict with developer experience or productivity.
Only by pure collaboration between dev and security teams can we achieve a truly secure organization, that is resilient to vulnerabilities and threats of all shapes and sizes.
This session will help you to understand why security initiatives should be designed with developers in mind, not the other way around.
Key takeaways:
1. Understand why developer experience should be a priority for engineering teams to scale across an enterprise
2. Understand how DevSecOps initiatives play a part in shifting security left and putting it at the hands of developers, where it belongs
3. Appreciate that security is no longer a siloed function or independent unit within the enterprise.
Embrace DevSecOps and Enjoy a Significant Competitive Advantage!DevOps.com
As security and privacy permeate companies’ business practices, DevOps is leading a transformation in the way software is built and delivered. And despite its substantial organizational, cultural and technological requirements, DevOps continues to grow in popularity. Companies that are adopting continuous delivery disciplines demonstrate better IT and organizational performance.
To achieve this level of performance, IT organizations must embrace a new way of thinking about application security. It is critical to understand how DevOps and continuous integration/continuous deployment (CI/CD) differ from agile development and how this changes the requirements for your application security. In this webinar, one of CA Veracode’s product and development experts will provide the latest update to the "Five Principles of Secure DevOps." Much has evolved in this space, and CA Veracode continues to share examples and best practices on how organizations can make the transition to DevSecOps to gain a competitive advantage.
Link to Youtube video: https://youtu.be/-awH_CC4DLo
You can contact me at abhimanyu.bhogwan@gmail.com
My linkdin id : https://www.linkedin.com/in/abhimanyu-bhogwan-cissp-ctprp-98978437/
Basic Introduction to DevSecOps concept
Why What and How for DevSecOps
Basic intro for Threat Modeling
Basic Intro for Security Champions
3 pillars of DevSecOps
6 important components of a DevSecOps approach
DevSecOps Security Best Practices
How to integrate security in CI/CD pipeline
2016 - Safely Removing the Last Roadblock to Continuous Deliverydevopsdaysaustin
Presentation by Shannon Lietz
Software needs to be awesome, resilient, available and “secure”, but Security has long been a big roadblock to fast deployments and software improvement. What if it wasn’t?
Continuous delivery requires operational functions to shift left and for an iterative approach to be taken. Security has not been easy to shift left and taking an iterative approach requires everyone to take responsibility. With a continuos security approach and everyone in the Software Supply Chain taking on the tasks of including security, its possible to achieve Rugged Software. This talk aims to provide a journey towards this approach and provide the path.
Software needs to be awesome, resilient, available and “secure”, but Security has long been a big roadblock to fast deployments and software improvement. What if it wasn’t?
Continuous delivery requires operational functions to shift left and for an iterative approach to be taken. Security has not been easy to shift left and taking an iterative approach requires everyone to take responsibility. With a continuos security approach and everyone in the Software Supply Chain taking on the tasks of including security, its possible to achieve Rugged Software. This talk aims to provide a journey towards this approach and provide the path.
Similar to Developing a Rugged Dev Ops Approach to Cloud Security (Updated) (20)
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.