Contents of Hands on with ASP.NET MVC book. This book gives complete insight of how to develop and End To End Application using MVC right from the scratch. In this book I have also covered MVC 6 upcoming version apart from MVC 5 and MVC 4. Best thing about this book, it is drafted in such a way, that even college passouts who have no knowledge of MVC, will grasp the concepts easily and see the implementation live.
Microsoft Reactor Toronto 5/5/2020 | Azure Kubernetes In Action - Running and...Roy Kim
Azure Kubernetes Service (AKS) is a managed container orchestration service. With Kubernetes continuing to grow in popularity, many developers and IT engineers are curious to get started. Roy will demonstrate hosted microservices applications and the Istio service mesh. Along with how to manage your cluster with the Kubernetes Dashboard, Prometheus, Grafana and Azure Monitor. You will see a practical overview how all these pieces fit together.
www.roykim.ca
Twitter: @RoyKimYYZ
Github: https://github.com/RoyKimYYZ
Running Regulated Workloads on Azure PaaS services (DogFoodCon 2018)Jeremy Gray
This is a presentation given at DogFoodCon 2018 on running regulated financial workloads in the cloud. There were over 100 people in attendance and all were amazed at the skill of the presenter and the power of Azure, also Albert Einstein showed up for a cameo.
Azure Key Vault with a PaaS Architecture and ARM Template DeploymentRoy Kim
This is a presentation I held at a local Azure user group. The session abstract: Azure Key Vault is a tool for securely storing and accessing secrets. We will go through a popular Azure PaaS Architecture pattern using Key Vault to store a password. I will demo and walk through the general configuration of a dedicated Azure Function app, Azure SQL and Key Vault that was deployed with automation. I will then go through fairly advanced techniques and best practices on how to deploy Azure Key Vault and a password secret with ARM templates. Finally, a very brief look at my Azure DevOps Pipeline to deploy the ARM template. You will come away with an understanding of an applied use case of leveraging Azure Key vault for a PaaS solution in better managing a password secret.
Contents of Hands on with ASP.NET MVC book. This book gives complete insight of how to develop and End To End Application using MVC right from the scratch. In this book I have also covered MVC 6 upcoming version apart from MVC 5 and MVC 4. Best thing about this book, it is drafted in such a way, that even college passouts who have no knowledge of MVC, will grasp the concepts easily and see the implementation live.
Microsoft Reactor Toronto 5/5/2020 | Azure Kubernetes In Action - Running and...Roy Kim
Azure Kubernetes Service (AKS) is a managed container orchestration service. With Kubernetes continuing to grow in popularity, many developers and IT engineers are curious to get started. Roy will demonstrate hosted microservices applications and the Istio service mesh. Along with how to manage your cluster with the Kubernetes Dashboard, Prometheus, Grafana and Azure Monitor. You will see a practical overview how all these pieces fit together.
www.roykim.ca
Twitter: @RoyKimYYZ
Github: https://github.com/RoyKimYYZ
Running Regulated Workloads on Azure PaaS services (DogFoodCon 2018)Jeremy Gray
This is a presentation given at DogFoodCon 2018 on running regulated financial workloads in the cloud. There were over 100 people in attendance and all were amazed at the skill of the presenter and the power of Azure, also Albert Einstein showed up for a cameo.
Azure Key Vault with a PaaS Architecture and ARM Template DeploymentRoy Kim
This is a presentation I held at a local Azure user group. The session abstract: Azure Key Vault is a tool for securely storing and accessing secrets. We will go through a popular Azure PaaS Architecture pattern using Key Vault to store a password. I will demo and walk through the general configuration of a dedicated Azure Function app, Azure SQL and Key Vault that was deployed with automation. I will then go through fairly advanced techniques and best practices on how to deploy Azure Key Vault and a password secret with ARM templates. Finally, a very brief look at my Azure DevOps Pipeline to deploy the ARM template. You will come away with an understanding of an applied use case of leveraging Azure Key vault for a PaaS solution in better managing a password secret.
70-534: ARCHITECTING MICROSOFT AZURE SOLUTIONSDotNetCampus
Visto il successo dello scorso anno, anche quest’anno il DotNetCampus ospita un Cert Path dedicato a chi vuole avvicinarsi al mondo delle certificazioni di prodotto e di tecnologia Microsoft. Microsoft, così come altre importanti aziende sul mercato, propone diversi percorsi di certificazione che ognuno può intraprendere, anche in autonomia, per guadagnare competenza e ottenere un riconoscimento. Una certificazione è generalmente un titolo che si ottiene dopo uno o più esami conseguiti con successo in un centro di formazione abilitato. Nel Cert Path vogliamo spiegarvi come affrontare alcuni esami di base per ottenere il titolo di MCP (Microsoft Certified Professional).
Azure Active Directory (AD) is a directory as a service on Microsoft Azure. More than the cloud identity Azure AD provides a platform to build cloud applications with multi tenancy support. A flexible authentication systems which enables developers to leverage the cloud identity model and develop applications at ease. The session will walk you through on the basics of Azure AD and how to develop .NET applications using Azure AD.
Zero credential development with managed identitiesJoonas Westlin
Introduction to Managed Identities in Azure, what they are and how they work. Also goes through what services they can be used with in Azure, how you can use services without any keys or secrets.
Identity and Access (AD), Azure and Office 365: Building a Single Page Application (SPA) with ASP.NET Web API and Angular.js using Azure Active Directory to Log in Users
Develop enterprise-ready applications for Microsoft TeamsMarkus Moeller
Develop enterprise-ready applications for Microsoft Teams with Azure resources such as Azure App Config and Azure Key Vault authenticated by Managed Identity and on modern web technologies
CIS 2015 SSO for Mobile and Web Apps Ashish JainCloudIDSummit
In the past Enterprise Mobility Management (EMM) has focused primarily on MDM, MAM and MCM. Recently there has been a lot of focus on the fourth pillar of EMM - Mobile Identity Management (MIM). This session will cover the primary use cases and discuss current solutions available for managed/un-managed, internal/public and mobile/web apps for iOS/Android devices.
Windows Azure Active Directory step-by-step, How to set-up Azure Active Directory, Identity Management in Azure, Access Management with Azure Active Directory
DEVNET-1120 Intercloud Fabric - AWS and Azure Account Setup and UtilizationCisco DevNet
Getting started with Intercloud Fabric requires an account on a cloud provider. The easiest place to get started is Amazon AWS or Microsoft Azure. Find out what account settings you'll need to started with Azure and AWS.
Azure Web Apps Security using a Virtual network, App Gateway, Internal ASE, External ASE, IP Whitelisting, Web Application Firewall, OWASP, Managed Service Identity.
The presentation covers overview of Azure App Service and Azure Web Apps. The presentation also covers the different features of Azure Web Apps - like Kudu, Continuous Deployment, Application Insights, Deployment Slots, Auto-Scaling and so on including demos. It will be useful for anyone looking forward to learn about Azure Web Apps or anyone preparing for Azure Certifications (70-532/533).
70-534: ARCHITECTING MICROSOFT AZURE SOLUTIONSDotNetCampus
Visto il successo dello scorso anno, anche quest’anno il DotNetCampus ospita un Cert Path dedicato a chi vuole avvicinarsi al mondo delle certificazioni di prodotto e di tecnologia Microsoft. Microsoft, così come altre importanti aziende sul mercato, propone diversi percorsi di certificazione che ognuno può intraprendere, anche in autonomia, per guadagnare competenza e ottenere un riconoscimento. Una certificazione è generalmente un titolo che si ottiene dopo uno o più esami conseguiti con successo in un centro di formazione abilitato. Nel Cert Path vogliamo spiegarvi come affrontare alcuni esami di base per ottenere il titolo di MCP (Microsoft Certified Professional).
Azure Active Directory (AD) is a directory as a service on Microsoft Azure. More than the cloud identity Azure AD provides a platform to build cloud applications with multi tenancy support. A flexible authentication systems which enables developers to leverage the cloud identity model and develop applications at ease. The session will walk you through on the basics of Azure AD and how to develop .NET applications using Azure AD.
Zero credential development with managed identitiesJoonas Westlin
Introduction to Managed Identities in Azure, what they are and how they work. Also goes through what services they can be used with in Azure, how you can use services without any keys or secrets.
Identity and Access (AD), Azure and Office 365: Building a Single Page Application (SPA) with ASP.NET Web API and Angular.js using Azure Active Directory to Log in Users
Develop enterprise-ready applications for Microsoft TeamsMarkus Moeller
Develop enterprise-ready applications for Microsoft Teams with Azure resources such as Azure App Config and Azure Key Vault authenticated by Managed Identity and on modern web technologies
CIS 2015 SSO for Mobile and Web Apps Ashish JainCloudIDSummit
In the past Enterprise Mobility Management (EMM) has focused primarily on MDM, MAM and MCM. Recently there has been a lot of focus on the fourth pillar of EMM - Mobile Identity Management (MIM). This session will cover the primary use cases and discuss current solutions available for managed/un-managed, internal/public and mobile/web apps for iOS/Android devices.
Windows Azure Active Directory step-by-step, How to set-up Azure Active Directory, Identity Management in Azure, Access Management with Azure Active Directory
DEVNET-1120 Intercloud Fabric - AWS and Azure Account Setup and UtilizationCisco DevNet
Getting started with Intercloud Fabric requires an account on a cloud provider. The easiest place to get started is Amazon AWS or Microsoft Azure. Find out what account settings you'll need to started with Azure and AWS.
Azure Web Apps Security using a Virtual network, App Gateway, Internal ASE, External ASE, IP Whitelisting, Web Application Firewall, OWASP, Managed Service Identity.
The presentation covers overview of Azure App Service and Azure Web Apps. The presentation also covers the different features of Azure Web Apps - like Kudu, Continuous Deployment, Application Insights, Deployment Slots, Auto-Scaling and so on including demos. It will be useful for anyone looking forward to learn about Azure Web Apps or anyone preparing for Azure Certifications (70-532/533).
Análisis de riesgos en Azure y protección de la informaciónPlain Concepts
Charla impartida en evento Protección y seguridad en entornos de Cloud Hibrida con Azure y O365 sobre Análisis de riesgos en Azure y protección de la información by Plain Concepts
Leverage the highly scalable Windows Azure platform and deploy your existing ASP.NET application to a new home in the clouds. This demo filled session will guide you in how to make successful use of Windows Azure’s hosting and storage platform as well as SQL Azure, the relational database in the cloud, by moving an existing ASP.NET application to a higher level.
Overview of Azure AD
Deployment lessons from the real world
Outline items that can accelerate your deployment
Avoid things that can slow you down
Deep Dive on common technical challenges and how to overcome them
The Windows Azure Platform (MSDN Events Series)Dave Bost
This presentation was delivered as part of the MSDN Events series of technical seminars and provides a deep dive into cloud computing and the Windows Azure Platform. It starts with a developer-focused overview of the Windows Azure Platform and the cloud computing services that can be used either together or independently to build highly scalable applications. From there, the discussion explores data storage, SQL Azure, and the basics of deployment with Windows Azure.
BriForum 2014 Boston
Dan Brinkmann presents on Identity Providers, SAML, and OAuth. An example of setting up Office 365 to use Active Directory Federation Services is also shown.
Managing Software from Development to Deployment in the CloudCloudBees
CloudBees' Harpreet Singh and Vivek Panday give an introduction to managing and deploying Java applications in the cloud. The presentation covers...
- What’s the cloud and what's a PaaS?
- Criteria choosing a PaaS
- Demonstration of taking applications to the PaaS
- PaaS services available today
Una presentacion muy rapida y por eso nunca finalizada acerca de Windows Server Federation Services en Windows Server 2008, aunque tiene muchas fallas en el uso de informacion como la mezcla de idiomas, o muchos datos plasmados en el slide, puede servir de base para otra presentacion mejor
Build Message-Based Web Services for SOAJeffrey Hasan
My presentation covers the principles of message-based Web services and how to build them using .NET. (Note, this presentation preceded the release of WCF, and covers ASMX technology. But the core principles are still applicable).
Transform into an Azure Managed Service Provider - WVD.pptxsdcs1
Transform into an Azure Managed Service Provider - WVD.pptx
csa;clllas;c;asc;agvdfvbfdbdfbdfbvdfvdfrgv
gvs fesfesffesfedfdes fesdfesfes ewed efegfe
e
e eefefefed feew e fewfefefefee fewe e efefesfef efwefwef ewgewg ewgfe ewfr we egewge gfefefef rewewfef e ew gege ge ee ee ewgewege eewgewg gewgew ege feg ewefefefefefew frewrf ewewewdefe
VMworld 2013: Developer Services on vCloud Hybrid Services VMworld
VMworld 2013
Raja Krishnasamy, VMware
Sunder Parameswaran, VMware
Learn more about VMworld and register at http://www.vmworld.com/index.jspa?src=socmed-vmworld-slideshare
Similar to Developing and deploying Identity-enabled applications for the cloud (20)
Bringing nullability into existing code - dammit is not the answer.pptxMaarten Balliauw
The C# nullability features help you minimize the likelihood of encountering that dreaded System.NullReferenceException. Nullability syntax and annotations give hints as to whether a type can be nullable or not, and better static analysis is available to catch unhandled nulls while developing your code. What's not to like?
Introducing explicit nullability into an existing code bases is a Herculean effort. There's much more to it than just sprinkling some `?` and `!` throughout your code. It's not a silver bullet either: you'll still need to check non-nullable variables for null.
In this talk, we'll see some techniques and approaches that worked for me, and explore how you can migrate an existing code base to use the full potential of C# nullability.
Nerd sniping myself into a rabbit hole... Streaming online audio to a Sonos s...Maarten Balliauw
After buying a set of Sonos-compatible speakers at IKEA, I was disappointed there's no support for playing audio from a popular video streaming service. They stream Internet radio, podcasts and what not. Well, not that service I want it to play!
Determined - and not knowing how deep the rabbit hole would be - I ventured on a trip that included network sniffing on my access point, learning about UPnP and running a web server on my phone (without knowing how to write anything Android), learning how MP4 audio is packaged (and has to be re-packaged). This ultimately resulted in an Android app for personal use, which does what I initially wanted: play audio from that popular video streaming service on Sonos.
Join me for this story about an adventure that has no practical use, probably violates Terms of Service, but was fun to build!
Building a friendly .NET SDK to connect to SpaceMaarten Balliauw
Space is a team tool that integrates chats, meetings, git hosting, automation, and more. It has an HTTP API to integrate third party apps and workflows, but it's massive! And slightly opinionated.
In this session, we will see how we built the .NET SDK for Space, and how we make that massive API more digestible. We will see how we used code generation, and incrementally made the API feel more like a real .NET SDK.
Microservices for building an IDE - The innards of JetBrains Rider - NDC Oslo...Maarten Balliauw
Ever wondered how IDE’s are built? In this talk, we’ll skip the marketing bit and dive into the architecture and implementation of JetBrains Rider. We’ll look at how and why we have built (and open sourced) a reactive protocol, and how the IDE uses a “microservices” architecture to communicate with the debugger, Roslyn, a WPF renderer and even other tools like Unity3D. We’ll explore how things are wired together, both in-process and across those microservices.
Indexing and searching NuGet.org with Azure Functions and Search - .NET fwday...Maarten Balliauw
Which NuGet package was that type in again? In this session, let's build a "reverse package search" that helps finding the correct NuGet package based on a public type.
Together, we will create a highly-scalable serverless search engine using Azure Functions and Azure Search that performs 3 tasks: listening for new packages on NuGet.org (using a custom binding), indexing packages in a distributed way, and exposing an API that accepts queries and gives our clients the best result.
NDC Sydney 2019 - Microservices for building an IDE – The innards of JetBrain...Maarten Balliauw
Ever wondered how IDE’s are built? In this talk, we’ll skip the marketing bit and dive into the architecture and implementation of JetBrains Rider.
We’ll look at how and why we have built (and open sourced) a reactive protocol, and how the IDE uses a “microservices” architecture to communicate with the debugger, Roslyn, a WPF renderer and even other tools like Unity3D. We’ll explore how things are wired together, both in-process and across those microservices. Let’s geek out!
JetBrains Australia 2019 - Exploring .NET’s memory management – a trip down m...Maarten Balliauw
The .NET Garbage Collector (GC) helps provide our applications with virtually unlimited memory, so we can focus on writing code instead of manually freeing up memory. But how does .NET manage that memory? What are hidden allocations? Can we do without allocations? Are strings evil? It still matters to understand when and where memory is allocated.
In this talk, we’ll go over the base concepts of .NET memory management and explore how .NET helps us and how we can help .NET – making our apps better. Expect profiling, Intermediate Language (IL), ClrMD and more!
.NET Conf 2019 - Indexing and searching NuGet.org with Azure Functions and Se...Maarten Balliauw
Which NuGet package was that type in again? In this session, let's build a "reverse package search" that helps finding the correct NuGet package based on a public type.
Together, we will create a highly-scalable serverless search engine using Azure Functions and Azure Search that performs 3 tasks: listening for new packages on NuGet.org (using a custom binding), indexing packages in a distributed way, and exposing an API that accepts queries and gives our clients the best result.
https://blog.maartenballiauw.be/post/2019/07/30/indexing-searching-nuget-with-azure-functions-and-search.html
CloudBurst 2019 - Indexing and searching NuGet.org with Azure Functions and S...Maarten Balliauw
Which NuGet package was that type in again? In this session, let's build a "reverse package search" that helps finding the correct NuGet package based on a public type.
Together, we will create a highly-scalable serverless search engine using Azure Functions and Azure Search that performs 3 tasks: listening for new packages on NuGet.org (using a custom binding), indexing packages in a distributed way, and exposing an API that accepts queries and gives our clients the best result.
NDC Oslo 2019 - Indexing and searching NuGet.org with Azure Functions and SearchMaarten Balliauw
Which NuGet package was that type in again? In this session, let's build a "reverse package search" that helps finding the correct NuGet package based on a public type.
Together, we will create a highly-scalable serverless search engine using Azure Functions and Azure Search that performs 3 tasks: listening for new packages on NuGet.org (using a custom binding), indexing packages in a distributed way, and exposing an API that accepts queries and gives our clients the best result.
Approaches for application request throttling - Cloud Developer Days PolandMaarten Balliauw
Speaking from experience building a SaaS: users are insane. If you are lucky, they use your service, but in reality, they probably abuse. Crazy usage patterns resulting in more requests than expected, request bursts when users come back to the office after the weekend, and more! These all pose a potential threat to the health of our web application and may impact other users or the service as a whole. Ideally, we can apply some filtering at the front door: limit the number of requests over a given timespan, limiting bandwidth, ...
In this talk, we’ll explore the simple yet complex realm of rate limiting. We’ll go over how to decide on which resources to limit, what the limits should be and where to enforce these limits – in our app, on the server, using a reverse proxy like Nginx or even an external service like CloudFlare or Azure API management. The takeaway? Know when and where to enforce rate limits so you can have both a happy application as well as happy customers.
Indexing and searching NuGet.org with Azure Functions and Search - Cloud Deve...Maarten Balliauw
Which NuGet package was that type in again? In this session, let's build a "reverse package search" that helps finding the correct NuGet package based on a public type.
Together, we will create a highly-scalable serverless search engine using Azure Functions and Azure Search that performs 3 tasks: listening for new packages on NuGet.org (using a custom binding), indexing packages in a distributed way, and exposing an API that accepts queries and gives our clients the best result.
Approaches for application request throttling - dotNetCologneMaarten Balliauw
Speaking from experience building a SaaS: users are insane. If you are lucky, they use your service, but in reality, they probably abuse. Crazy usage patterns resulting in more requests than expected, request bursts when users come back to the office after the weekend, and more! These all pose a potential threat to the health of our web application and may impact other users or the service as a whole. Ideally, we can apply some filtering at the front door: limit the number of requests over a given timespan, limiting bandwidth, ...
In this talk, we’ll explore the simple yet complex realm of rate limiting. We’ll go over how to decide on which resources to limit, what the limits should be and where to enforce these limits – in our app, on the server, using a reverse proxy like Nginx or even an external service like CloudFlare or Azure API management. The takeaway? Know when and where to enforce rate limits so you can have both a happy application as well as happy customers.
CodeStock - Exploring .NET memory management - a trip down memory laneMaarten Balliauw
The .NET Garbage Collector (GC) is really cool. It helps providing our applications with virtually unlimited memory, so we can focus on writing code instead of manually freeing up memory. But how does .NET manage that memory? What are hidden allocations? Are strings evil? It still matters to understand when and where memory is allocated. In this talk, we’ll go over the base concepts of .NET memory management and explore how .NET helps us and how we can help .NET – making our apps better. Expect profiling, Intermediate Language (IL), ClrMD and more!
ConFoo Montreal - Microservices for building an IDE - The innards of JetBrain...Maarten Balliauw
Ever wondered how IDE’s are built? In this talk, we’ll skip the marketing bit and dive into the architecture and implementation of JetBrains Rider. We’ll look at how and why we have built (and open sourced) a reactive protocol, and how the IDE uses a “microservices” architecture to communicate with the debugger, Roslyn, a WPF renderer and even other tools like Unity3D. We’ll explore how things are wired together, both in-process and across those microservices. Let’s geek out!
ConFoo Montreal - Approaches for application request throttlingMaarten Balliauw
Speaking from experience building a SaaS: users are insane. If you are lucky, they use your service, but in reality, they probably abuse. Crazy usage patterns resulting in more requests than expected, request bursts when users come back to the office after the weekend, and more! These all pose a potential threat to the health of our web application and may impact other users or the service as a whole. Ideally, we can apply some filtering at the front door: limit the number of requests over a given timespan, limiting bandwidth, ...
In this talk, we’ll explore the simple yet complex realm of rate limiting. We’ll go over how to decide on which resources to limit, what the limits should be and where to enforce these limits – in our app, on the server, using a reverse proxy like Nginx or even an external service like CloudFlare or Azure API management. The takeaway? Know when and where to enforce rate limits so you can have both a happy application as well as happy customers.
Microservices for building an IDE – The innards of JetBrains Rider - TechDays...Maarten Balliauw
Ever wondered how IDE’s are built? In this talk, we’ll skip the marketing bit and dive into the architecture and implementation of JetBrains Rider. We’ll look at how and why we have built (and open sourced) a reactive protocol, and how the IDE uses a “microservices” architecture to communicate with the debugger, Roslyn, a WPF renderer and even other tools like Unity3D. We’ll explore how things are wired together, both in-process and across those microservices. Let’s geek out!
JetBrains Day Seoul - Exploring .NET’s memory management – a trip down memory...Maarten Balliauw
The .NET Garbage Collector (GC) is really cool. It helps providing our applications with virtually unlimited memory, so we can focus on writing code instead of manually freeing up memory. But how does .NET manage that memory? What are hidden allocations? Are strings evil? It still matters to understand when and where memory is allocated. In this talk, we’ll go over the base concepts of .NET memory management and explore how .NET helps us and how we can help .NET – making our apps better. Expect profiling, Intermediate Language (IL), ClrMD and more!
The .NET Garbage Collector (GC) is really cool. It helps providing our applications with virtually unlimited memory, so we can focus on writing code instead of manually freeing up memory. But how does .NET manage that memory? What are hidden allocations? Are strings evil? It still matters to understand when and where memory is allocated. In this talk, we’ll go over the base concepts of .NET memory management and explore how .NET helps us and how we can help .NET – making our apps better. Expect profiling, Intermediate Language (IL), ClrMD and more!
VISUG - Approaches for application request throttlingMaarten Balliauw
Speaking from experience building a SaaS: users are insane. If you are lucky, they use your service, but in reality, they probably abuse. Crazy usage patterns resulting in more requests than expected, request bursts when users come back to the office after the weekend, and more! These all pose a potential threat to the health of our web application and may impact other users or the service as a whole. Ideally, we can apply some filtering at the front door: limit the number of requests over a given timespan, limiting bandwidth, ...
In this talk, we’ll explore the simple yet complex realm of rate limiting. We’ll go over how to decide on which resources to limit, what the limits should be and where to enforce these limits – in our app, on the server, using a reverse proxy like Nginx or even an external service like CloudFlare or Azure API management. The takeaway? Know when and where to enforce rate limits so you can have both a happy application as well as happy customers.
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
7. Your Presenters for Today Maarten @maartenballiauw / about.me/maarten.balliauw Co-founder of AZUG MVP: Windows Azure Blogs at http://blog.maartenballiauw.be Paul @ploonen / paul@winsec.be Co-founder of winsec.be MVP: Microsoft Forefront Identity Manager MCM Directory Current hobby: Architect@Avanade Blog @ http://be-id.blogspot.com
8. Agenda Presenting the problem (a.k.a. “The Scenario”) How federation saves the day How ADFS solves federation How to connect an app to ADFS How Windows Azure adds extra sauce to federation Q&A
12. Federation benefits Benefits of SSO reduce administrative overhead reduce security vulnerabilities as a result of lost or stolen passwords improve user productivity Intra-Enterprise: provide SSO for all your web sites and applications Inter-Enterprise: provide SSO experiences for your users to access apps in other organizations provide SSO experience for users from external organizations to access your apps Easily externalize authentication & authorization Rich claims rules processing engine Management & Configuration Tools
13. What is AD FS 2.0? Other Claims Providers AD FS 2.0 provides access and single sign-on for on-premises and cloud-based applications in the enterprise, across organizations, and on the Web CA IBM SUN AD FS 2.0 Major Components Federation Server Federation Server Proxy WIF Attribute Stores Claims Engine Website Management Snap-in Other STS Web Service Active Directory Windows Server 2008 SP2, 2008 R2 MS SQL Relying Parties Browser Apps WIF Windows Internal DB .NET 3.5 SP1 IIS 7 Smart Clients Web Services
14. Why consider AD FS 2.0? Building a production-ready STS is hard. The Visual Studio STS templates are just starters for trivial dev scenarios. Lots of configuration to manage, UI's to present in real world STS!
15. Typical Traffic Flow Identity Provider Relying Party Federation Trust Active Directory Account Resource Federation Server Federation Server Web Server Internal Client
16. Scenario 1 – Intra Organization Claims-aware app ADFS STS Active Directory User App trusts STS Browse app Not authenticated Redirected to STS Authenticate Return Security Token Query for user attributes Send Token ST ST Return pageand cookie
17. Scenario 2 – Inter Organization ActiveDirectory Your ADFS STS Partner ADFS STS & IP YourClaims-aware app Partner user Browse app Not authenticated Redirect to your STS Home realm discovery Redirected to partner STS requesting ST for partner user Authenticate Return ST for consumption by your STS Redirected to your STS ST ST ST ST Process token Return new ST Send Token Return pageand cookie
18. Installing AD FS v2 Requires Windows Server 2008 / 2008 R2 Requires IIS 7, .NET 3.5 SP1, WIF See deployment guide for required hot fixes and updates Issue and install server certificates for HTTPS Think about implications for partner organisation Cross certification when few partners, otherwise, buy required certs Download and install ADFS 2.0 Simple Wizard New / farm member / Proxy – SSL cert – Names
22. AD FS 2.0 deployment options Single server configuration AD FS 2.0 server farm and load-balancer AD FS 2.0 proxy server (offsite users) Active Directory AD FS 2.0 Server Proxy AD FS 2.0 Server AD FS 2.0 Server AD FS 2.0 Server Proxy External user Internal user DMZ Enterprise
23. Configuring your AD FS Server Or: %ProgramFiles%ctive Directory Federation Services 2.0sConfigWizard.exe Manually: FsConfig.exe { StandAlone | CreateSQLFarm | JoinFarm | JoinSQLFarm | GenerateSQLScripts} [deployment specific parameters]
28. Claim Rules Rule templates simplify the creation of rules Examples of rules are: Permit / deny user based on incoming claim value Transform the incoming claim value Pass through / filter an incoming claim Multiple claim rules can be specified and are processed in top to bottom order Results from previously processed claims can be used as the input for subsequent rules
30. Creating Rules Condition Issuance Statement A claim rule consists of two parts, condition and issuance statement
31. Custom Claims Capabilities of custom rules include Sending claims from a SQL attribute store Sending claims from an LDAP attribute store using a custom LDAP filter Sending claims from a custom attribute store Sending claims only when 2 or more incoming claims are met Sending claims only when an incoming claim matches a complex value Sending claims with complex changes to an incoming claim value Creating claims for use in later rules
35. Windows Identity Foundation Your one and only partner for .NET identity development Adds claims-based authentication to your application in no time My advise: forget custom user stores And if you need them: WIF-ify (?) them
37. Where things get cloudy... Windows Azure AppFabricAccess Control Service ACS
38. Windows Azure AppFabric ACS An STS in the cloud Pluggable with identity providers Windows Live ID Facebook Google Yahoo! Any ADFS or better: any WS-federation passive endpoint Any OAuth2 provider
40. Let’s step back... No, we’re not the US Federation across organizations does not happen often today So why would I use ACS anyway? Dev, test, accept, prod are different RP’s! 2 apps with all these environments is 8 RP’s! Imagine 10 apps... Or a hundred...
41. ACS advantages A scalable STS With one or more identity providers With one or more relying parties With one or more rule groups Integrates with WIF Integrates with ADFS Instant win!
42. ACS Identity Providers Your Application ACS SAML SWT Browser-based WS-Federation ADFS2 . WS-Federation Rich Client SAML WS-Trust ADFS2 . WS-Trust Server 2 Server SWT OAuth WRAP/2.0 Service Identities
47. Conclusion It is possible to do SSO over security boundaries It is possible to integrate multiple apps with multiple identity providers ADFS and ACS form a nice couple Standards based solution
48. Some Resources AD FS v2 on TechNet and MSDN AD FS v2 content on TechNet Wiki Claims-Based Identity Blog Windows Azure AppFabric Access Control Service WIF and ACS Content Map on Technet Wiki Vittorio’s Blog http://identityserver.codeplex.com
Real world STS's need to manage multiple relying parties, each with multiple claim issuance and authorization rules. Delegation authorization for users of the RP require even further configuration. Federated scenarios add requirement for trusting other STS's.Access to Identity Providers and Attribute Stores, rules for querying
Here there’s a list of cloud scenarios we consider of interest in term of how identity is handled.<click> our baseline is the classic on premises scenario.<click> you have a data center, <click> a population of internal users and <click> some authentication infrastructure, such as Active Directory, maintaining their accounts.<click> applications targeting such environment will follow the current intranet practices.<click> We will then introduce Windows Azure in the picture and observe how things change when the application moves to the cloud; we'll consider this both from the architecture and products usage perspectives.<click> Then we'll move to consider what happens when the application is exposed to multiple business partners, and the implications on authentication and relationships management.<click> However business partners represent an important but tiny fraction of all the possible population <click> you an cater to if you target the internet users.<click> live id, Google, Facebook and yahoo! have hundreds of millions of users; the authentication requirements in those conditions are completely different than the business case, although as we will see the solutions may end up being surprisingly similar.<click> Finally, the mobile scenario is of great importance and again apparently a completely different problem space. Using claims-based identity makes it very easy to progressively accommodate all those different scenarios.
The ACS would deserve multiple sessions on its own right to be properly covered, here I'm just giving you a quick sampler.What we have seen so far is just a small part of its surface. The schema here shows the ws-federation subsystem, what is normally used for browser-based, session-oriented application types. We've been playing only with ADFS IP types, but in fact <click> there are many out of the box popular IPs you can use right away with your application sticking to the same protocol <click> and a browser<click>.ACS can also do WS-Trust, a high-security protocol for SOAP web services, accepting identities from ADFS2 ws-trust endpoints or bare credentials registered in ACS for management purposes.<click> the same sources can be used within OAuth2.0 calls. OAuth is the current state of the art for securing REST calls: it is still in draft state, hence expect changes, but you can already experiment with it.<click> Both protocols can be used for rich client application types and in general <click> server 2 server interactions.Not shown here there are the management endpoints, the other portion of ACS' development surface, which can be used instead or alongside the portal for managing the namespace.