This talk discusses the problems of secure API development and how nation states break into Fortune 500 computers and what application developers can/need to do so that their applications don’t get broken in to and how products like Cisco's CCS Nimbus is protected from these problems. it also discusses the secure administration of systems like CCS as sysAdmins and their credentials are the #1 target for these types of attacks.
Targeted Threat (APT) Defense for Applications Featuring pxGrid: a deep diveCisco DevNet
A session in the DevNet Zone at Cisco Live, Berlin. Targeted Attacks, which the media refers to as APTs, are threats that must be addressed by any organization requiring networked computers to do business. In this session we will go over the run book techniques used by these threat actors and then go over strategies for mitigating those attacks. In this session we will focus on the concepts that developers of network applications need to be aware of to mitigate these styles of attacks and techniques to use. To finish off, we will delve into pxGrid and what it can offer to break these APT style attack playbooks. Backgrounder: We obtained knowledge of these run book techniques from trusted advisors, peers in the industry and from our own observations. Our own observations included information from our CSIRT, our security products in the field as well as our internal phishing awareness campaign. After studying these techniques we devised strategies to mitigate them. Those strategies were then tested and deployed throughout our ecosystem. The Cisco CSDL initiative and ACT2 chips will also be techniques and tools highlighted in this session.
Application layer Security in IoT: A SurveyAdeel Ahmed
Internet of Things (IoT) is the future as we are
advancing towards an era of intelligent ambiance where daily
life objects will be communicating to each other for the sake of
convenience in our lives. But the comfort as a result of technology
demands certain measures for the safety of these devices from
wrong hands. The issue of security remains hot as we step further
in this vast area of technological advancement since it can directly
influence one’s personal security. Different techniques have been
adopted to incorporate security in IoT communication stack
for the purpose of confidentiality, identification, data integrity,
authentication, authorization and non-repudiation which are
the fundamental security traits worth considering. This paper
discusses the different application layer protocols by comparing
them on the basis of these traits.
This presentations highlights the Cisco Security Architecture. For more information Cisco's security products and solutions please visit our website here: http://www.cisco.com/web/CA/products/vpn.html
Your network holds the key to defending your organization. The Cisco switches, routers, and wireless solutions you deploy can complement and empower your security systems. Cisco provides a broad portfolio of capabilities to improve your defenses across the entire attack continuum. This presentation outlines how you can use your network as a sensor to protect your data, your customers, and your reputation.
Register to Watch Webcast: http://cs.co/9003CRsH
Join the Conversation: http://cs.co/9008CRt6
Using Your Network as a Sensor for Enhanced Visibility and Security Lancope, Inc.
Driven by the mobility, cloud computing, and Internet of Everything megatrends and fueled by increasingly sophisticated cybercriminals, today’s information landscape is more dynamic and more vulnerable than ever before.
Join Cisco and Lancope for a complimentary webinar to learn how you can implement a comprehensive, network-enabled approach to cybersecurity.
During the webinar we will discuss:
Using the Network as a Security Sensor with Lancope’s StealthWatch System and Flexible NetFlow and to obtain visibility at scale, monitor network activity efficiently, discover security incidents quickly, and help achieve compliance.
Using the Network as a Security Enforcer with Cisco TrustSec to ensure policy-based access control and network segmentation for containment of the network attacks, assist compliance and reduce risks of data-breaches.
Targeted Threat (APT) Defense for Applications Featuring pxGrid: a deep diveCisco DevNet
A session in the DevNet Zone at Cisco Live, Berlin. Targeted Attacks, which the media refers to as APTs, are threats that must be addressed by any organization requiring networked computers to do business. In this session we will go over the run book techniques used by these threat actors and then go over strategies for mitigating those attacks. In this session we will focus on the concepts that developers of network applications need to be aware of to mitigate these styles of attacks and techniques to use. To finish off, we will delve into pxGrid and what it can offer to break these APT style attack playbooks. Backgrounder: We obtained knowledge of these run book techniques from trusted advisors, peers in the industry and from our own observations. Our own observations included information from our CSIRT, our security products in the field as well as our internal phishing awareness campaign. After studying these techniques we devised strategies to mitigate them. Those strategies were then tested and deployed throughout our ecosystem. The Cisco CSDL initiative and ACT2 chips will also be techniques and tools highlighted in this session.
Application layer Security in IoT: A SurveyAdeel Ahmed
Internet of Things (IoT) is the future as we are
advancing towards an era of intelligent ambiance where daily
life objects will be communicating to each other for the sake of
convenience in our lives. But the comfort as a result of technology
demands certain measures for the safety of these devices from
wrong hands. The issue of security remains hot as we step further
in this vast area of technological advancement since it can directly
influence one’s personal security. Different techniques have been
adopted to incorporate security in IoT communication stack
for the purpose of confidentiality, identification, data integrity,
authentication, authorization and non-repudiation which are
the fundamental security traits worth considering. This paper
discusses the different application layer protocols by comparing
them on the basis of these traits.
This presentations highlights the Cisco Security Architecture. For more information Cisco's security products and solutions please visit our website here: http://www.cisco.com/web/CA/products/vpn.html
Your network holds the key to defending your organization. The Cisco switches, routers, and wireless solutions you deploy can complement and empower your security systems. Cisco provides a broad portfolio of capabilities to improve your defenses across the entire attack continuum. This presentation outlines how you can use your network as a sensor to protect your data, your customers, and your reputation.
Register to Watch Webcast: http://cs.co/9003CRsH
Join the Conversation: http://cs.co/9008CRt6
Using Your Network as a Sensor for Enhanced Visibility and Security Lancope, Inc.
Driven by the mobility, cloud computing, and Internet of Everything megatrends and fueled by increasingly sophisticated cybercriminals, today’s information landscape is more dynamic and more vulnerable than ever before.
Join Cisco and Lancope for a complimentary webinar to learn how you can implement a comprehensive, network-enabled approach to cybersecurity.
During the webinar we will discuss:
Using the Network as a Security Sensor with Lancope’s StealthWatch System and Flexible NetFlow and to obtain visibility at scale, monitor network activity efficiently, discover security incidents quickly, and help achieve compliance.
Using the Network as a Security Enforcer with Cisco TrustSec to ensure policy-based access control and network segmentation for containment of the network attacks, assist compliance and reduce risks of data-breaches.
Jason Palm presents a deep dive into SonicWall's new Capture ATP feature.
Links included in the presentation:
https://blog.cerdant.com/2017/06/28/ransomware-defense/
https://blog.cerdant.com/cerdant-security-conference/
https://blog.sonicwall.com/2016/09/defend-data-from-invaders/
https://www.sonicwall.com/en-de/lp/2017-sonicwall-annual-threat-report
Arshan Dabirsiaghi, Contrast Security
Matt Austin, Contrast Security
Nothing in the security industry has moved the needle like Data Execution Prevention and it's sister protections like ASLR.
The availability of secure APIs, the training of developers around the world, and the efforts of security practitioners all produced practically nothing compared to the practical gains produced by DEP, ASLR and other "automatic" protections provided by the tool chain and OS itself.
Where is the equivalent in the Application Layer? Can we use these same techniques and approaches to stop SQL Injection and Deserialization attacks? Can we give developers a "secure stack by default" for any application?
In this talk we'll show you the promising results of our research into this space using binary instrumentation, including the release of free tools that developers can use to protect their applications today from several bug classes, instantly, and without any code changes.
Presentación - Cisco ASA with FirePOWER ServicesOscar Romano
En la medida que más empresas mueven sus modelos de negocio hacia la movilidad, la nube e Internet de las cosas, sus soluciones de seguridad deben ser más dinámicas y escalables. Sin embargo, hasta la fecha, la mayoría de las soluciones de seguridad no han seguido el ritmo de cambio y no han podido adaptarse a las nuevas amenazas y ataques. Hoy, las soluciones de seguridad están basadas en un modelo binario de “bien vs mal”, el cual carece de la visibilidad necesaria para entender el contexto. El 16 de septiembre, Cisco dio a conocer su más reciente paso en esta dirección.
In this breakout session Cerdant's top engineers, Jeremiah Johnson and Jason Palm displayed how to get the most out of your SonicWALL device by utilizing advanced features like Capture ATP and DPI-SSL.
Today connected devices are everywhere, where we expect a massive growth over the upcoming years. What are connected devices (IOT)? It connects people to machines, machines to machines and shares data both people and machines create. However, why should you care about security?
This presentation walks you through why connected devices (IOT) are being targeted, what typically goes wrong during development making these devices vulnerable to attacks and whats next...
Overview on the state of WIFI security for WEP, WPA/WPA2, WPA3. Looking at their protocols, weaknesses and attacks.
The presentation finishes with a live demo on 2 attacks: Karma Attack and Evil Portal Attack
From IT to IoT: Bridging the Growing Cybersecurity DividePriyanka Aash
With the widespread growth of IOT devices and services, security is a priority. This session will discuss the challenges of implementing security solutions for IoT services for security professionals who are looking at things from an IT viewpoint. Traditional IT security solutions may not be directly applicable to the IoT ecosystem. New IoT specific threats and challenges need to be addressed.
Learning Objectives:
1: Learn about the top IoT threats.
2: Discover how to address threats using new design process not old IT process.
3: Understand the security lifecycle differences between IT and IoT.
(Source: RSA Conference USA 2018)
So You Want a Threat Intelligence Function (But Were Afraid to Ask)Lancope, Inc.
Today’s advanced threats and targeted attacks necessitate the collection, analysis and use of threat intelligence for effective cyber security. What was once the realm of government organizations is now something that all organizations should be focusing on, but few know where to start.
Join Gavin Reid, Lancope’s Vice President of Threat Intelligence, for a complimentary webinar to learn the ins and outs of threat intelligence and best practices for incorporating it into your security strategy. Topics covered will include:
What threat intelligence is
Best practices for developing a threat intelligence function
Common pitfalls to avoid when setting up a threat intelligence practice
How threat intelligence fits into the other components of an enterprise security strategy
Network security specialist Catherine Paquetl fills you in on advanced threat protection that integrates real-time contextual awareness, intelligent security automation and superior performance with industry-leading network intrusion prevention, Sourcefire.
ABOUT THE PRESENTER
Catherine Paquet, CCSI, CCNP Security, CCNP Routing and Switching, is a network security specialist. She began her internetworking career as a LAN manager, then MAN manager, and eventually became a nationwide WAN manager with the Department of National Defence. Paquet lectures around the world on security topics, including firewalls, VPNs, intrusion prevention, identity systems, email and Web security, and router and switch security. During her spare time, she authors Cisco Press books, and she volunteers as a network security analyst to nonprofit organizations. Paquet attended the Royal Military College Saint-Jean (Canada) and holds an MBA in Management Information Systems (MIS) from York University.
A look at current cyberattacks in UkraineKaspersky
Kaspersky researchers have been monitoring the activity of APT actors, cybercriminals and hacktivists currently involved in the conflict in Ukraine. During this webinar, the Global Research and Analysis Team (GReAT) will share their findings on the most recent cyberattacks targeting Ukraine and present their observations, analysis and top findings.
- The types of attacks that have been targeting Ukraine for the past few months
- The results of analysis on destructive attacks and malware (HermeticWiper, etc...)
- How organizations can defend themselves against cyberattacks
GReAT, Kaspersky’s Global Research and Analysis Team, consists of 40 researchers based around the world that work on uncovering APTs, cyberespionage campaigns, major malware, ransomware and underground cybercriminal trends across the world.
Solving the Visibility Gap for Effective SecurityLancope, Inc.
Network visibility is a vital component of an effective security strategy, but many organizations lack the ability to identify threat activity in their environment. At Cisco, we have assessed the networks of thousands of organizations, and in nearly every instance, we discovered undocumented hosts, risky user behavior, or malicious activity.
Whether it is rogue servers, unauthorized connections, or ongoing data breaches, we’ve harnessed the power of network visibility to identify a variety of suspicious and malicious activity. Now let us share our knowledge with you.
Join Jeff Moncrief, Systems Engineering Manager at Cisco, to learn:
- The reality of how vulnerable enterprise networks are from endpoint to edge
- The security benefits of end-to-end network visibility
- Common problems solved with network visibility
- Stories of real-life threats hidden on networks we’ve assessed
- How to turn your network into a security sensor to gain critical visibility and threat detection capabilities
ASA Firepower NGFW Update and Deployment ScenariosCisco Canada
This session will focus on typical deployment scenarios for the Adaptive Security Appliance family running FirePower Services. Also, a feature overview and comparison of the ASA with Firepower services and the new Firepower Threat Defense (FTD) image will be included with updates on the new Firepower hardware platform. Deployment use cases will include Internet Edge, various segmentation scenarios, and VPN. A configuration walk-through and accepted best practices will be covered. This session is designed for existing ASA customers and targets the security and network engineer. They will learn the benefit of a FirePower NGFW in network edge and Internet use cases
Jason Palm presents a deep dive into SonicWall's new Capture ATP feature.
Links included in the presentation:
https://blog.cerdant.com/2017/06/28/ransomware-defense/
https://blog.cerdant.com/cerdant-security-conference/
https://blog.sonicwall.com/2016/09/defend-data-from-invaders/
https://www.sonicwall.com/en-de/lp/2017-sonicwall-annual-threat-report
Arshan Dabirsiaghi, Contrast Security
Matt Austin, Contrast Security
Nothing in the security industry has moved the needle like Data Execution Prevention and it's sister protections like ASLR.
The availability of secure APIs, the training of developers around the world, and the efforts of security practitioners all produced practically nothing compared to the practical gains produced by DEP, ASLR and other "automatic" protections provided by the tool chain and OS itself.
Where is the equivalent in the Application Layer? Can we use these same techniques and approaches to stop SQL Injection and Deserialization attacks? Can we give developers a "secure stack by default" for any application?
In this talk we'll show you the promising results of our research into this space using binary instrumentation, including the release of free tools that developers can use to protect their applications today from several bug classes, instantly, and without any code changes.
Presentación - Cisco ASA with FirePOWER ServicesOscar Romano
En la medida que más empresas mueven sus modelos de negocio hacia la movilidad, la nube e Internet de las cosas, sus soluciones de seguridad deben ser más dinámicas y escalables. Sin embargo, hasta la fecha, la mayoría de las soluciones de seguridad no han seguido el ritmo de cambio y no han podido adaptarse a las nuevas amenazas y ataques. Hoy, las soluciones de seguridad están basadas en un modelo binario de “bien vs mal”, el cual carece de la visibilidad necesaria para entender el contexto. El 16 de septiembre, Cisco dio a conocer su más reciente paso en esta dirección.
In this breakout session Cerdant's top engineers, Jeremiah Johnson and Jason Palm displayed how to get the most out of your SonicWALL device by utilizing advanced features like Capture ATP and DPI-SSL.
Today connected devices are everywhere, where we expect a massive growth over the upcoming years. What are connected devices (IOT)? It connects people to machines, machines to machines and shares data both people and machines create. However, why should you care about security?
This presentation walks you through why connected devices (IOT) are being targeted, what typically goes wrong during development making these devices vulnerable to attacks and whats next...
Overview on the state of WIFI security for WEP, WPA/WPA2, WPA3. Looking at their protocols, weaknesses and attacks.
The presentation finishes with a live demo on 2 attacks: Karma Attack and Evil Portal Attack
From IT to IoT: Bridging the Growing Cybersecurity DividePriyanka Aash
With the widespread growth of IOT devices and services, security is a priority. This session will discuss the challenges of implementing security solutions for IoT services for security professionals who are looking at things from an IT viewpoint. Traditional IT security solutions may not be directly applicable to the IoT ecosystem. New IoT specific threats and challenges need to be addressed.
Learning Objectives:
1: Learn about the top IoT threats.
2: Discover how to address threats using new design process not old IT process.
3: Understand the security lifecycle differences between IT and IoT.
(Source: RSA Conference USA 2018)
So You Want a Threat Intelligence Function (But Were Afraid to Ask)Lancope, Inc.
Today’s advanced threats and targeted attacks necessitate the collection, analysis and use of threat intelligence for effective cyber security. What was once the realm of government organizations is now something that all organizations should be focusing on, but few know where to start.
Join Gavin Reid, Lancope’s Vice President of Threat Intelligence, for a complimentary webinar to learn the ins and outs of threat intelligence and best practices for incorporating it into your security strategy. Topics covered will include:
What threat intelligence is
Best practices for developing a threat intelligence function
Common pitfalls to avoid when setting up a threat intelligence practice
How threat intelligence fits into the other components of an enterprise security strategy
Network security specialist Catherine Paquetl fills you in on advanced threat protection that integrates real-time contextual awareness, intelligent security automation and superior performance with industry-leading network intrusion prevention, Sourcefire.
ABOUT THE PRESENTER
Catherine Paquet, CCSI, CCNP Security, CCNP Routing and Switching, is a network security specialist. She began her internetworking career as a LAN manager, then MAN manager, and eventually became a nationwide WAN manager with the Department of National Defence. Paquet lectures around the world on security topics, including firewalls, VPNs, intrusion prevention, identity systems, email and Web security, and router and switch security. During her spare time, she authors Cisco Press books, and she volunteers as a network security analyst to nonprofit organizations. Paquet attended the Royal Military College Saint-Jean (Canada) and holds an MBA in Management Information Systems (MIS) from York University.
A look at current cyberattacks in UkraineKaspersky
Kaspersky researchers have been monitoring the activity of APT actors, cybercriminals and hacktivists currently involved in the conflict in Ukraine. During this webinar, the Global Research and Analysis Team (GReAT) will share their findings on the most recent cyberattacks targeting Ukraine and present their observations, analysis and top findings.
- The types of attacks that have been targeting Ukraine for the past few months
- The results of analysis on destructive attacks and malware (HermeticWiper, etc...)
- How organizations can defend themselves against cyberattacks
GReAT, Kaspersky’s Global Research and Analysis Team, consists of 40 researchers based around the world that work on uncovering APTs, cyberespionage campaigns, major malware, ransomware and underground cybercriminal trends across the world.
Solving the Visibility Gap for Effective SecurityLancope, Inc.
Network visibility is a vital component of an effective security strategy, but many organizations lack the ability to identify threat activity in their environment. At Cisco, we have assessed the networks of thousands of organizations, and in nearly every instance, we discovered undocumented hosts, risky user behavior, or malicious activity.
Whether it is rogue servers, unauthorized connections, or ongoing data breaches, we’ve harnessed the power of network visibility to identify a variety of suspicious and malicious activity. Now let us share our knowledge with you.
Join Jeff Moncrief, Systems Engineering Manager at Cisco, to learn:
- The reality of how vulnerable enterprise networks are from endpoint to edge
- The security benefits of end-to-end network visibility
- Common problems solved with network visibility
- Stories of real-life threats hidden on networks we’ve assessed
- How to turn your network into a security sensor to gain critical visibility and threat detection capabilities
ASA Firepower NGFW Update and Deployment ScenariosCisco Canada
This session will focus on typical deployment scenarios for the Adaptive Security Appliance family running FirePower Services. Also, a feature overview and comparison of the ASA with Firepower services and the new Firepower Threat Defense (FTD) image will be included with updates on the new Firepower hardware platform. Deployment use cases will include Internet Edge, various segmentation scenarios, and VPN. A configuration walk-through and accepted best practices will be covered. This session is designed for existing ASA customers and targets the security and network engineer. They will learn the benefit of a FirePower NGFW in network edge and Internet use cases
Create B2B Exchanges with Cisco Connected Processes: an overviewCisco DevNet
A session in the DevNet Zone at Cisco Live, Berlin. The opportunity cost of business disruptions in the hyper-connected world can be very high. To ensure business continuity and optimization, organizations are automating many critical workflows and infrastructure operations throughout their enterprise and extended ecosystems. Cisco Connected Processes software enable architects, application developers and integration professionals to deliver business processes and automation as a service, while managing workflows and data more efficiently and effectively. Join this session to learn how scalable operational efficiencies can save you time and money while simplifying collaboration between all the members of your technical community.
Humic acid is made from Leonardite with both powder and granular type .It has high molecule weight soluble in alkaline solution but not soluble in water and acid .
DEVNET-1164 Using OpenDaylight for Notification Driven WorkflowsCisco DevNet
Implementing Data-Driven Networking has significant challenges if we are going to successfully acquire the wealth of data available, and subsequently distribute this data to intelligent systems. During this presentation Andrew will discuss some of the challenges the network operating model has faced in the past and how he believes OpenDaylight can bring about changes in the way we think about managing networks. In the talk Andrew will present some additions to MD-SAL, through which OpenDaylight can be used to acquire data from devices and distribute it to multiple systems
DEVNET-1147 Energizing Your Career with Cloud TechnologiesCisco DevNet
In this session, we will discuss how to transform your career to align with one of the most dynamic parts of the industry. Speakers will cover topics including industry trends, emerging cloud technologies, and practical advice.
Advanced threat security - Cyber Security For The Real WorldCisco Canada
Cisco delivers intelligent cybersecurity for the real world, providing one of the industry's most comprehensive advanced threat protection portfolio of solutions and services that are integrated, pervasive, continuous and open.
Cisco's threat-centric approach to security reduces complexity, while providing unmatched visibility, continuous control and advanced threat protection across the entire attack continuum, allowing customers to act smarter and more quickly -- before, during, and after an attack.
More information on security here: http://bit.ly/1paUnZV
Security and Virtualization in the Data CenterCisco Canada
The evolving complexity of the data center is placing increased demand on the network and security teams to come up with inventive methods for enforcing security policies in these ever-changing environments. The goal of this session is to provide participants with an understanding of features and design recommendations for integrating security into the data center environment. This session will focus on recommendations for securing next-generation data center architectures. Areas of focus include security services integration, leveraging device virtualization, and considerations and recommendations for server virtualization. The target audience are security and data center administrators.
CONFidence2015: Real World Threat Hunting - Martin NystromPROIDEA
Real World Threat Hunting
Security threats have grown from network annoyances to attacks on sensitive infrastructure; penetrating network perimeters, moving laterally within networks, breaching new device types, and cloaking movements. This presentation will share techniques utilized by Cisco to detect and investigate sophisticated, embedded threats.
The speaker, who has conducted monitoring and investigations on customer networks, will review recent real attacks observed on customer networks, from discovery to remediation, and provide lessons learned. These interactive case examples will highlight how to identify these threats using security intelligence, expert staff, and the Cisco OpenSOC platform.
Examples of attacks and illustrations:
* Sophisticated phishing attacks targeted at customer environments.
* Breaches and data exfiltration resulting from the high-profile HeartBleed and Shellshock vulnerabilities.
* Sophisticated malware targeting financial institutions with the goal of data theft.
* Use of full packet capture to identify data exfiltration.
Scalar Security Roadshow - Vancouver PresentationScalar Decisions
Gartner recently released a report on IT security priorities for the remainder of 2014. Amongst respondents, network security, application security, endpoint security, and security services all ranked highly. In this quick-fire, half-day roadshow, Scalar brings you solutions to these problems from three of our most strategic security vendors, as well as a full presentation on our managed security services portfolio.
PKI in DevOps: How to Deploy Certificate Automation within CI/CDDevOps.com
DevOps and CI/CD make for faster code releases, but they also create new challenges for security practices. Think about TLS and code-signing certificates. Almost every component in CI/CD – binaries, builds, web servers and containers – needs certificates to authenticate and verify trust, but traditional PKI processes just can't scale in DevOps environments.
Join Keyfactor and Infinite Ranges to learn how PKI and certificate management fits within the CI/CD pipeline and why an integrated and automated approach is key to success. In this webinar, we'll discuss:
How applications in the DevOps toolchain use PKI (i.e. Jenkins, Kubernetes, Istio, etc.)
The risks of unmanaged or untracked certificates in DevOps environments
Best practices to support visibility, compliance and automation of certificates in CI/CD
During the Next Generation Network and Data Centre – Now and into the Future ...Cisco Canada
Rapid changes in the world around us, driven by cloud, mobility and the Internet of Everything, are creating significant opportunities for global organizations. With these environmental changes, the sophistication with which cyber threats and attacks are carried out continues to grow rapidly, and attackers are increasingly able to circumvent traditional security systems. To learn more, please visit our website here: http://www.cisco.com/web/CA/index.html
Similar to DEVNET-1190 Targeted Threat (APT) Defense for Hosted Applications (20)
Learn how and why John McDonough contributes to Ansible and how you can too. We’ll arm you with what you need to know, things like Python, Git, and YAML.
Rome 2017: Building advanced voice assistants and chat botsCisco DevNet
If it takes minutes to code a simple bot, building professional bots represents quite a challenge. Soon you realize you need serious programming and API architecture experience but also “Bot” specific skills. In this session, we'll first show the code of advanced Chat and Voice interactions, and then explore the challenges faced when building advanced Bots (Context storage, NLP approaches, Bot Metadata, OAuth scopes), and discuss interesting opportunities from latest industry trends (Bot platforms, Serverless, Microservices). This talk is about showing the code and sharing lessons learned.
How to Build Advanced Voice Assistants and ChatbotsCisco DevNet
Learn more about the CodeMotion Voice Machine and Cisco DevNet Chatbot. Understand what a typical bot journey is and where to go to get more information about Cisco Spark and Tropo.
Cisco Spark and Tropo and the Programmable WebCisco DevNet
Learn how Cisco Spark and Tropo collaboration features can be easily combined with hundreds of cloud APIs to build sophisticated, flexible workflows via a new breed of programmable web solutions from 'Integration Platform as a Service (iPaaS)' partners like Built.io, Zapier and IFTTT. This session covers multiple real-world Cisco+iPaaS use-cases, and includes a hands-on walk-through demonstrating how to build a Spark+Tropo sample application using Built.io.
Watch the BRK-DEV2004 replay from the Cisco Live On-Demand Library at: https://www.ciscolive.com/online/connect/sessionDetail.ww?SESSION_ID=92557&backBtn=true
Check out more and register for Cisco DevNet: http://ow.ly/jCNV3030OfS
Device Programmability with Cisco Plug-n-Play SolutionCisco DevNet
Cisco Open Plug-n-Play solution allows customers to reduce the costs associated with deployment/installation of network devices, increase the speed and reduce the complexity of deployments without compromising the security. Using Cisco Plug-n-Play solution, customers can do Zero Touch Installs of Cisco gear in various deployment scenarios and deployment locations.
Watch the DevNet 2052 replay from the Cisco Live On-Demand Library at: https://www.ciscolive.com/online/connect/sessionDetail.ww?SESSION_ID=91108&backBtn=true
Check out more and register for Cisco DevNet: http://ow.ly/jCNV3030OfS
Building a WiFi Hotspot with NodeJS: Cisco Meraki - ExCap APICisco DevNet
Captive Portals, also known as Splash Pages, are a common requirement for guest WiFi. Captive portals typically deliver branding, a terms of service and a simple login process before authenticating the client onto the network. By leveraging the Meraki ExCap API, developers can customize this experience based on their requirements. This deep dive will walk through the various API options: Click-through vs Sign-on Splash page Programming a Click-through and Sign-on (w/ RADIUS) using NodeJS Programming a Click-through with Node-RED Leveraging OAuth for social login support.
Watch the DevNet 2049 replay from the Cisco Live On-Demand Library at: https://www.ciscolive.com/online/connect/sessionDetail.ww?SESSION_ID=92727&backBtn=true
Check out more and register for Cisco DevNet: http://ow.ly/jCNV3030OfS
Application Visibility and Experience through Flexible NetflowCisco DevNet
The world of applications is changing rapidly in the enterprise; from the way applications are increasingly hosted in the cloud, the diverse nature of apps and to the way they are consumed by many devices. The need for organizations and network administrators is to focus on "Fast IT" - "Innovation in the Enterprise" is growing, which means having to spend less time on daily operations, maintenance and troubleshooting and more time on delivering business value with newer services. Cisco AVC with its NBAR2 technology is designed to detect applications and measure application performance through measuring round trip time, retransmission rates, jitter, delay, packet loss, MoS, URL statistics etc. Those details are transmitted using Flexible Netflow/IPFIX, so partners could leverage the data for application usage reporting, performance reporting and troubleshooting application issues to deliver best possible application experience.
Watch the DevNet 2047 replay from the Cisco Live On-Demand Library at: https://www.ciscolive.com/online/connect/sessionDetail.ww?SESSION_ID=92664&backBtn=true
Check out more and register for Cisco DevNet: http://ow.ly/jCNV3030OfS
The WAN Automation Engine (WAE) is a software platform that provides multivendor and multilayer visibility and analysis for service provider and large enterprise networks. It plays a critical role in answering key questions of network resource availability, and when appropriate can automate and simplify Traffic Engineering mechanisms such as RSVP-TE and Segment Routing. This session will focus on use-cases and APIs for developers.
Watch the DevNet 2035 replay from the Cisco Live On-Demand Library at: https://www.ciscolive.com/online/connect/sessionDetail.ww?SESSION_ID=92720&backBtn=true
Check out more and register for Cisco DevNet: http://ow.ly/jCNV3030OfS
Cisco's Open Device Programmability Strategy: Open DiscussionCisco DevNet
Cisco DNA is an open and extensible, software-driven architecture built on a set of design principles with the objective of providing:
- Insights & Actions to drive faster business innovation
- Automaton & Assurance to lower IT costs and complexity while meeting business and user expectations
- Security & Compliance to reduce risk as the organization continues to expand and grow. The architecture extends to Cisco network elements.
This session will focus on the open, model-driven, programmable interfaces available across Cisco's network elements which enable you to leverage and extend your network through applications that directly access the routers and switches in your network.
Watch the DevNet 1028 replay from the Cisco Live On-Demand Library at: https://www.ciscolive.com/online/connect/sessionDetail.ww?SESSION_ID=91041&backBtn=true
Check out more and register for Cisco DevNet: http://ow.ly/jCNV3030OfS
Open Device Programmability: Hands-on Intro to RESTCONF (and a bit of NETCONF)Cisco DevNet
In this small group, hands-on workshop session you'll learn how to write your first Python application that uses YANG, NETCONF and , RESTCONF to access operational and configuration data on a device.
Watch the DevNet 2044 replay from the Cisco Live On-Demand Library at: https://www.ciscolive.com/online/connect/sessionDetail.ww?SESSION_ID=92725&backBtn=true
Check out more and register for Cisco DevNet: http://ow.ly/jCNV3030OfS
NETCONF & YANG Enablement of Network DevicesCisco DevNet
A technical discussion and a demo showing how Tail-f's ConfD management agent can be used to implement NETCONF and YANG, the industry-leading solution for providing a programmable management interface in a network element. ConfD is recognized as the best-in-breed embedded software for implementing management functions in network elements, including physical devices and virtualized network functions (VNF) for NFV.
This Workshop is a best fit for engineers who are involved in the design and development of embedded software for network devices. Attendees will gain a basic understanding of what NETCONF and YANG are and how ConfD provides a solution for embedding this technology in the network devices. More information about ConfD can be found at: https://developer.cisco.com/site/confD/
Watch the DevNet 1216 replay from the Cisco Live On-Demand Library at: https://www.ciscolive.com/online/connect/sessionDetail.ww?SESSION_ID=92703&backBtn=true
Check out more and register for Cisco DevNet: http://ow.ly/jCNV3030OfS
UCS Management APIs A Technical Deep DiveCisco DevNet
Underneath the UCS API Python SDK, Powershell Libraries and VMware and OpenStack plugins there is the UCS XML API itself. This session will go deep into the API and explain how the SDK, Libraries and plugins actually communicate with UCS components. We will cover API session management, queries, query filters, configuration methods, functions and event subscription. Understanding the low-level UCS APIs and Object Model will enable you to build your own programmatic interface into your UCS environments in the language you like on the platform of your choosing.
Watch the DevNet 3003 replay from the Cisco Live On-Demand Library at: https://www.ciscolive.com/online/connect/sessionDetail.ww?SESSION_ID=91099&backBtn=true
Check out more and register for Cisco DevNet: http://ow.ly/jCNV3030OfS
The DevOps model is rapidly transforming IT operations and development practices. But what are the precursors necessary to implement DevOps? To achieve an agile, virtualized, and highly automated IT environment, what technological requirements need to be in place? OpenStack has the potential to facilitate DevOps implementation and practices at several different layers in the data center. In this session we'll quickly discuss what DevOps is, then discuss many components that are logically required to move towards DevOps in your environment. Finally we'll explore in depth several ways OpenStack can provide these baseline components.
Watch the DevNet 1104 replay from the Cisco Live On-Demand Library at: https://www.ciscolive.com/online/connect/sessionDetail.ww?SESSION_ID=92695&backBtn=true
Check out more and register for Cisco DevNet: http://ow.ly/jCNV3030OfS
What is Tropo, how do you use it, and what can you use it for? In this session, you'll learn how Tropo works, see some real-life examples, and learn how to create your own voice and SMS applications in minutes.
Watch the DevNet 1023 replay from the Cisco Live On-Demand Library at:https://www.ciscolive.com/online/connect/sessionDetail.ww?SESSION_ID=91050&backBtn=true
Check out more and register for Cisco DevNet: http://ow.ly/jCNV3030OfS
DevNet Express - Spark & Tropo API - Lisbon May 2016Cisco DevNet
Direct from the Cisco DevNet Lisbon Portugal Express event in May 2016. Learn about Cisco DevNet, Spark and Tropo APIs any why there's never been a better time to innovate with Cisco.
Direct from DevNet@TAG in Milan and Rome in May 2016! Learn about Cisco DevNet, Spark and Tropo APIs any why there's never been a better time to innovate with Cisco.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Generating a custom Ruby SDK for your web service or Rails API using Smithyg2nightmarescribd
Have you ever wanted a Ruby client API to communicate with your web service? Smithy is a protocol-agnostic language for defining services and SDKs. Smithy Ruby is an implementation of Smithy that generates a Ruby SDK using a Smithy model. In this talk, we will explore Smithy and Smithy Ruby to learn how to generate custom feature-rich SDKs that can communicate with any web service, such as a Rails JSON API.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.