MJ Berends talk - Women & Non-Binary Focused Intro to AWSAWS Chicago
"how to develop for aws on your local machine using localstack / moto" - MJ Berends, Data Apps Team Lead at Jellyvision // @apprxlinear (https://twitter.com/apprxlinear)
Introduction to scaling your WordPress site past a single node using AWSWP Engine
Multi-node sites give you high availability, but come with their own constraints and challenges. Hear the team from WP Engine as they talk about how to optimize your high-availability WordPress sites on AWS instances.
WordCamp IL 2016 - WordPress Scale on AWSBoaz Ziniman
One of the most popular CMS, WordPress, was not designed for the cloud era. Running a high demand and highly available WordPress in a cluster can be a complex task.
There are several solutions to this problem and this session will focus on one of them. Using several AWS services (EC2, RDS, S3, EFS, CloudFormation and others) and Zend Server, we will create a complex setup running in minutes and scale it up and down by demand.
Structuring node.js projects - Seven Peaks Software (Node.JS Meetup 18 nov 2021)Seven Peaks Speaks
Denis is a professional programmer who has 12+ years of experience working in various startups!
Denis was dive deep into Structuring your Node.JS app, DI Container, Async Local Storage, Request handlers, Services, Unit of Work and Testing.
For more info about Seven Peaks Software:
https://lnkd.in/g2jMsDy
MJ Berends talk - Women & Non-Binary Focused Intro to AWSAWS Chicago
"how to develop for aws on your local machine using localstack / moto" - MJ Berends, Data Apps Team Lead at Jellyvision // @apprxlinear (https://twitter.com/apprxlinear)
Introduction to scaling your WordPress site past a single node using AWSWP Engine
Multi-node sites give you high availability, but come with their own constraints and challenges. Hear the team from WP Engine as they talk about how to optimize your high-availability WordPress sites on AWS instances.
WordCamp IL 2016 - WordPress Scale on AWSBoaz Ziniman
One of the most popular CMS, WordPress, was not designed for the cloud era. Running a high demand and highly available WordPress in a cluster can be a complex task.
There are several solutions to this problem and this session will focus on one of them. Using several AWS services (EC2, RDS, S3, EFS, CloudFormation and others) and Zend Server, we will create a complex setup running in minutes and scale it up and down by demand.
Structuring node.js projects - Seven Peaks Software (Node.JS Meetup 18 nov 2021)Seven Peaks Speaks
Denis is a professional programmer who has 12+ years of experience working in various startups!
Denis was dive deep into Structuring your Node.JS app, DI Container, Async Local Storage, Request handlers, Services, Unit of Work and Testing.
For more info about Seven Peaks Software:
https://lnkd.in/g2jMsDy
Using Jupyter Notebooks to Run Deep Learning Algorithms - AWS Online Tech TalksAmazon Web Services
Jupyter Notebook is a popular choice for running machine learning algorithms. In this tech talk, we will cover how Jupyter Notebooks can be securely accessed by creating a ssh tunnel between the client device and the instance. Examples include creating a ssh tunnel, pointing out the configurations on EC2 to allow security allow communication, and create a deep-learning neural network on a notebook and running this algorithm on a GPU.
These are the slides of the second talk of the second Tech Talk@TransferWise Singapore, which happened on the 1st of March 2018.
We take a look at what Serverless Computing is, find out what we can do with Amazon Web Services Lambda and when it can be useful. We also explore how it has evolved for the past 3 years and learn about its remaining limitations.
DNN & The CloudOS: Windows Azure on your termsJess Coburn
As you look to deploy your DNN/Evoq website, there's more than one path to the cloud. In this presentation we'll review how you can deploy many of the Azure services yourself, with the same tools, the same technology and even the same user interface but in your datacenter, on your servers and customized to your unique business needs.
There are technical sessions, and then there are technical sessions. If you live in a world of VIM, code, and a distinct lack of GUIs, then this session is for you. Versent is excited to unleash some of its most senior technical engineers to share some of the gnarliest, high-value patterns we're implementing for our APAC customers.
You can expect examples of real-world, large-scale, secure cloud architecture. You can expect to see solutions to problems we've frequently seen over the last 3 years of cloud consulting. And, you can expect pragmatic, battle-hardened, robust, industrial experience for implementing AWS solutions for your enterprise.
Topics include:
You can't move faster than your developers/users, so you need to get out of the way.
Automation is a hard requirement. It's a non-negotiable. And 100% automation is not easy.
DevOps is more than a 'buzz word'. You need Dev skills with an Ops mindset.
Trust & Verify. Give Developers/Users the chance to do the right thing. Make sure you do the right thing (measure all things).
'Sunlight is the best disinfectant'- Transparency is the key to success.
Open source models for Enterprise Success. Share. Contribute. Internally improve, You need to be WAY more elastic than you think.
Speakers:
Rowan Udell, Senior Consultant, Versent
Lucas Chan, Consultant, Versent
Mark Wolfe, Digital and Cloud Consultant, Versent
Being able to rapidly iterate on, build, and test your code is key to being a productive developer. Without local automation, working with the numerous platforms and technologies in your stack can become very frustrating. In this webinar, Ben Bromhead CTO of Instaclustr will explore best practices to easily integrate Apache CassandraTM into your development workflow, so you spend more time writing good code and less time fighting your environment.
Moving at the Speed-of-Cloud Without Getting OwnedDeborah Schalm
There are two kinds of people in this community: those who embrace the cloud and all it has to offer, and those who have the cloud thrust upon them.
In this talk, we focused on Security, DevOps and You. How do you go about setting up security in an environment that wasn't set up with security in mind? How do you go about working in an infrastructure that you are completely unfamiliar with? Security is always evolving and as security professionals it's critical that we know the answers to these solutions before these scenarios crop up.
Join Etsy, DevOps.com, and Evident.io to explore the needs of Devops, Security and IT and how to move at the speed-of-cloud together without creating vulnerabilities. In this webinar we will discuss:
Automation vs AWS Management Console
Identity and Access Management (IAM)
S3 Bucket policies
Logging and alerting so you have proper visibility into your environment
Moving at the Speed-of-Cloud Without Getting OwnedDevOps.com
There are two kinds of people in this community: those who embrace the cloud and all it has to offer, and those who have the cloud thrust upon them.
In this talk, we focused on Security, DevOps and You. How do you go about setting up security in an environment that wasn't set up with security in mind? How do you go about working in an infrastructure that you are completely unfamiliar with? Security is always evolving and as security professionals it's critical that we know the answers to these solutions before these scenarios crop up.
Join Etsy, DevOps.com, and Evident.io to explore the needs of Devops, Security and IT and how to move at the speed-of-cloud together without creating vulnerabilities. In this webinar we will discuss:
Automation vs AWS Management Console
Identity and Access Management (IAM)
S3 Bucket policies
Logging and alerting so you have proper visibility into your environment
Using Jupyter Notebooks to Run Deep Learning Algorithms - AWS Online Tech TalksAmazon Web Services
Jupyter Notebook is a popular choice for running machine learning algorithms. In this tech talk, we will cover how Jupyter Notebooks can be securely accessed by creating a ssh tunnel between the client device and the instance. Examples include creating a ssh tunnel, pointing out the configurations on EC2 to allow security allow communication, and create a deep-learning neural network on a notebook and running this algorithm on a GPU.
These are the slides of the second talk of the second Tech Talk@TransferWise Singapore, which happened on the 1st of March 2018.
We take a look at what Serverless Computing is, find out what we can do with Amazon Web Services Lambda and when it can be useful. We also explore how it has evolved for the past 3 years and learn about its remaining limitations.
DNN & The CloudOS: Windows Azure on your termsJess Coburn
As you look to deploy your DNN/Evoq website, there's more than one path to the cloud. In this presentation we'll review how you can deploy many of the Azure services yourself, with the same tools, the same technology and even the same user interface but in your datacenter, on your servers and customized to your unique business needs.
There are technical sessions, and then there are technical sessions. If you live in a world of VIM, code, and a distinct lack of GUIs, then this session is for you. Versent is excited to unleash some of its most senior technical engineers to share some of the gnarliest, high-value patterns we're implementing for our APAC customers.
You can expect examples of real-world, large-scale, secure cloud architecture. You can expect to see solutions to problems we've frequently seen over the last 3 years of cloud consulting. And, you can expect pragmatic, battle-hardened, robust, industrial experience for implementing AWS solutions for your enterprise.
Topics include:
You can't move faster than your developers/users, so you need to get out of the way.
Automation is a hard requirement. It's a non-negotiable. And 100% automation is not easy.
DevOps is more than a 'buzz word'. You need Dev skills with an Ops mindset.
Trust & Verify. Give Developers/Users the chance to do the right thing. Make sure you do the right thing (measure all things).
'Sunlight is the best disinfectant'- Transparency is the key to success.
Open source models for Enterprise Success. Share. Contribute. Internally improve, You need to be WAY more elastic than you think.
Speakers:
Rowan Udell, Senior Consultant, Versent
Lucas Chan, Consultant, Versent
Mark Wolfe, Digital and Cloud Consultant, Versent
Being able to rapidly iterate on, build, and test your code is key to being a productive developer. Without local automation, working with the numerous platforms and technologies in your stack can become very frustrating. In this webinar, Ben Bromhead CTO of Instaclustr will explore best practices to easily integrate Apache CassandraTM into your development workflow, so you spend more time writing good code and less time fighting your environment.
Moving at the Speed-of-Cloud Without Getting OwnedDeborah Schalm
There are two kinds of people in this community: those who embrace the cloud and all it has to offer, and those who have the cloud thrust upon them.
In this talk, we focused on Security, DevOps and You. How do you go about setting up security in an environment that wasn't set up with security in mind? How do you go about working in an infrastructure that you are completely unfamiliar with? Security is always evolving and as security professionals it's critical that we know the answers to these solutions before these scenarios crop up.
Join Etsy, DevOps.com, and Evident.io to explore the needs of Devops, Security and IT and how to move at the speed-of-cloud together without creating vulnerabilities. In this webinar we will discuss:
Automation vs AWS Management Console
Identity and Access Management (IAM)
S3 Bucket policies
Logging and alerting so you have proper visibility into your environment
Moving at the Speed-of-Cloud Without Getting OwnedDevOps.com
There are two kinds of people in this community: those who embrace the cloud and all it has to offer, and those who have the cloud thrust upon them.
In this talk, we focused on Security, DevOps and You. How do you go about setting up security in an environment that wasn't set up with security in mind? How do you go about working in an infrastructure that you are completely unfamiliar with? Security is always evolving and as security professionals it's critical that we know the answers to these solutions before these scenarios crop up.
Join Etsy, DevOps.com, and Evident.io to explore the needs of Devops, Security and IT and how to move at the speed-of-cloud together without creating vulnerabilities. In this webinar we will discuss:
Automation vs AWS Management Console
Identity and Access Management (IAM)
S3 Bucket policies
Logging and alerting so you have proper visibility into your environment
It's 10pm, Do You Know Where Your Access Keys Are?Ken Johnson
Ken Johnson, CTO of nVisium, discusses harnessing existing AWS functionality to strengthen your organization’s AWS infrastructure against real-world attacks.
Eliminating Secret Sprawl in the Cloud with HashiCorp Vault - 07.11.2018HashiCorp
Managing secrets in a distributed cloud world requires a new approach to security. Applications and systems are now frequently created and destroyed. The network between distributed clouds, applications, and systems is low-trust, furthering the complexities of secrets sprawl. So, what is the solution?
HashiCorp Vault seeks to solve the problem of secret sprawl by centralizing secrets management in a scalable, repeatable workflow to be able to create, manage, and revoke secrets as needed.
Watch this webinar to learn:
- How Vault addresses today’s security threats
- How security teams can use Vault to store and manage all their secrets across their private and public infrastructure, globally.
- How Adobe reduced secret sprawl, increased operational performance of a key security process, and processes 100 trillion transactions with Vault
For full webinar recording: https://hashicorp.com/resources/eliminating-secret-sprawl-in-the-cloud
You Can’t Protect What You Can’t See: AWS Security Monitoring & Compliance Va...Amazon Web Services
Ensuring security and compliance across a globally distributed, large-scale AWS deployment requires a scalable process and a comprehensive set of technologies. In this session, Adobe will deep-dive into the AWS native monitoring and security services and some Splunk technologies leveraged globally to perform security monitoring across a large number of AWS accounts. You will learn about Adobe’s collection plumbing including components of S3, Kinesis, CloudWatch, SNS, Dynamo DB and Lambda, as well as the tooling and processes used at Adobe to deliver scalable monitoring without managing an unwieldy number of API keys and input stanzas. Session sponsored by Splunk.
AWS Competency Partner
Moving the needle on cloud security - AWS Summit AtlantaChris Farris
Slides from my Dev Chat at the Atlanta AWS Summit.
or How 4th Grade Math, Spreadsheets and a lot of Lambda improved my employer's cloud security posture.
Netflix Open Source Meetup Season 4 Episode 3aspyker
In this episode, we will focus on security in the cloud at scale. We’ll have Netflix speakers discussing existing and upcoming security-related OSS releases, and we’ll also have external speakers from organizations that are using and contributing to Netflix security OSS.
First, Patrick Kelley from Netflix’s Security Operations team will speak about RepoMan, an upcoming OSS release designed to right-size AWS permissions. Then, Wes Miaw from Netflix’s Security Engineering team will discuss MSL (Message Security Layer).
We have two external speakers for this event - Chris Dorros from OpenDNS/Cisco will talk about his use of and contributions to Lemur, and Ryan Lane from Lyft will talk about their use of BLESS.
After the talks, we’ll have OSS authors at demo stations to answer questions and provide demos of Netflix security OSS, including Lemur, MSL, and Security Monkey.
Cloud security best practices in AWS by: Ankit GiriOWASP Delhi
Cloud Security:
Some interesting instances of breach
Best practices to protect AWS account from unauthorized access and usage
What and How to look for security loopholes
Audit scripts
What one should learn to safeguard Cloud application?
Putting Cloud Controls to Work!
Threats are evolving, becoming increasingly sophisticated and more numerous as cloud adoption by enterprise is surging. Traditional approaches to securing IT systems have expanded to include new requirements of cloud computing. This webinar outlines how to successfully harden your AWS infrastructure with IAM best practices.
This deck covers:
1) Getting started with the basics
2) How organizations balance the 'need to grant access' with the requirement to secure and protect the business
3) Best practices for managing third-party identities and access control
User Credential handling in Web Applications done righttladesignz
In my work I often see very bad practices how the users' passwords are treated in web applications. This is a short summary of the current state of the art, how to do it the right way.
AWS Summit Brisbane - Breakout 1
This session will introduce the key features and different services offered by AWS and demonstrate how you can get started and provide guidance and best practices on choosing the right types of instance, purchasing options, etc that will set you up for long term success on the AWS Cloud.
Presenter: Craig Dickson, Solutions Architect, Amazon Web Services
Shared Security Responsibilities in AWS - LA AWS User Meetup - 2014-07-17John Martinez
Moving to AWS doesn’t mean you stop thinking about security. AWS does quite a bit more than you’re accustomed to in the data center, but there’s a lot of security responsibilities you’ll need to think about as an AWS user. John will talk about some of those things you’re responsible for and how you can get ahead of the security game and avoid the most common pitfalls.
Is Multi-Cloud good or bad? How about Serverless? The answer to all these questions is Yes, sometimes. Whether you're new to all this or a long-time industry veteran, you'll surely come away from this approachable talk with a new understanding of cutting edge technology and actionable insights on how to make smart trade offs.
Vancouver Cloud Summit 2024 (2024-04-22)
Similar to Devina Dhawan's talk - Women and non binary focused intro to AWS (20)
AWS reInvent 2023 recaps from Chicago AWS user groupAWS Chicago
Chicago AWS Solutions Architect Scott Hewitt recaps the non-GenAI updates from AWS re:Invent 2023. Updates range from storage, networking, compute and developer tools.
MARK GAMBLE_ASC For Really Remote Edge Computing - AWS Community Day Chicago ...AWS Chicago
Mark Gamble
AWS Communtity Day Midwest 2023
ASC For Really Remote Edge Computing: How AWS Snowball + SpaceX Starlink + Couchbase Capella = more uptime, lower latency and better bandwidth usage for apps at the edge
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
"Impact of front-end architecture on development cost", Viktor TurskyiFwdays
I have heard many times that architecture is not important for the front-end. Also, many times I have seen how developers implement features on the front-end just following the standard rules for a framework and think that this is enough to successfully launch the project, and then the project fails. How to prevent this and what approach to choose? I have launched dozens of complex projects and during the talk we will analyze which approaches have worked for me and which have not.
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
Search and Society: Reimagining Information Access for Radical FuturesBhaskar Mitra
The field of Information retrieval (IR) is currently undergoing a transformative shift, at least partly due to the emerging applications of generative AI to information access. In this talk, we will deliberate on the sociotechnical implications of generative AI for information access. We will argue that there is both a critical necessity and an exciting opportunity for the IR community to re-center our research agendas on societal needs while dismantling the artificial separation between the work on fairness, accountability, transparency, and ethics in IR and the rest of IR research. Instead of adopting a reactionary strategy of trying to mitigate potential social harms from emerging technologies, the community should aim to proactively set the research agenda for the kinds of systems we should build inspired by diverse explicitly stated sociotechnical imaginaries. The sociotechnical imaginaries that underpin the design and development of information access technologies needs to be explicitly articulated, and we need to develop theories of change in context of these diverse perspectives. Our guiding future imaginaries must be informed by other academic fields, such as democratic theory and critical theory, and should be co-developed with social science scholars, legal scholars, civil rights and social justice activists, and artists, among others.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
When stars align: studies in data quality, knowledge graphs, and machine lear...
Devina Dhawan's talk - Women and non binary focused intro to AWS
1. Transitioning to AWS in a
hurry without getting owned
(Hopefully...)
Devina Dhawan
02/06/2017 - Women & Non-Binary Focused intro to AWS
Email: 3@etsy.com
Twitter: @theulzo
1
2. Introduction
2
● Etsy (Jan 2015 - Present)
● Orbitz (May 2014 - Dec 2015)
● University of Illinois in Chicago
3. Etsy operates a global marketplace where people around the world connect,
both online and offline, to make, sell and buy unique goods.
3
4. Security at Etsy
4
● Evangelizing Security at Etsy
○ Candy is a great way to make
friends
○ Allow the conversation about
security to be comfortable
and inviting.
5. What is this talk about?
• I will help you improve your
existing AWS infrastructure
• You will walk away with action
items
• http://bit.ly/2EnZU1q
5
9. 9
● Evident.io
○ Scans of
configurations to
see if anything is
misconfigured
● Password policies?
● Multi-factor Authentication
● Jira Tickets
Evident.io
13. Changes I made… like a goon
• Password policy to the highest
scrutiny
• Removed all admin roles from
accounts that didn’t need them (aka
hadn’t used aws in 2 yrs and didn’t
have any api keys tied to their user)
13
15. My first Etsy communication
Hello X,
Looks like you still do not have MFA set up on your AWS account.
Go ahead and go to Identity & Access Management in your Amazon Web Services console ->
find your username -> Manage MFA Device.
Note: If you no longer need your AWS account, please let me know!
Devina
16. Version 2.0
Hello X,
Looks like you still do not have MFA set up on your AWS
account. It looks like you used your AWS account recently
as well, so please sign up for MFA by 03/31/16 or your
account will be suspended.
Go ahead and go to Identity & Access Management in
your Amazon Web Services console -> find your username
-> Manage MFA Device.
Note: If you no longer need your AWS account, please let
me know!
Your neighborhood candy provider,
Devina
37. ● Bug Bounties at Etsy:
https://www.etsy.com/bounty
● S3 Scanner
Github:
https://github.com/bear/s3scan
○ Report of all s3 buckets
and perms
○ Likely how bountiers are
finding out about your
misconfigured policies.
38. 38
So… it happened, what do I do now?
❏ Write down all the systems you need to take care of
❏ Find out what you need to fix on all systems, write that down
❏ Start with the low-hanging fruit
❏ Over communicate what you are doing.
❏ Work with networking on the AWS network
❏ Create default rulesets & roles
❏ Work with IT/helpdesk to handle account provisioning
❏ Work with systems engineering to handle provisioning of
services
❏ … profit?