Building Monitoring Framework
Thnks you Ralali, DevOps Indonesia, IDDevops Member dan para peserta event meetup malam ini
Presentasi bisa di akses di: https://www.slideshare.net/isnuryusuf/devops-indonesia-presentation-monitoring-framework
Video Record bisa di lihat di:
- https://www.youtube.com/watch?v=cyopfqHxMqU
- https://www.youtube.com/watch?v=V_HYxs6IUxM
Shift Left Security - The What, Why and HowDevOps.com
The shift left approach in DevOps moves software testing earlier in its lifecycle to prevent defects early in the software delivery process. How can developers use this approach to ensure security? Josh Thorngren, VP of Marketing at Twistlock, will explain what it means to shift left, and share five steps to ensure a successful transition to a shift left approach with DevOps.
Join this webinar to learn:
Best practices in adopting a successful shift to the left
How ‘shifting left’ promotes security
How developers are the new security guards in protecting company information
Get a firsthand look at our new product in a webinar on Tuesday, 17 September.
Many IT organizations tasked with securing infrastructure find that one of their biggest challenges is the vulnerability management process. This process is often manual and inefficient, leaving systems exposed to breaches and attacks.
Our new product, Puppet Remediate, addresses common pain points in the vulnerability management workflow to better protect your infrastructure and reduce manual work. With Remediate, you can:
Eliminate data handoffs between teams. Puppet Remediate integrates with the three major vulnerability scanners — Tenable, Qualys and Rapid7 — providing a single source of truth for IT Ops;
Easily assess the most critical threats. The dashboard shows all vulnerabilities prioritized by relative risk, so you know what to address first;
Agentless remediation. Run a task to remediate vulnerabilities directly from the dashboard. You can upload your own scripts, or make use of existing modules in the Puppet Forge.
9th Bit joined the first Atlassian Expert Day on 18 May 2016 in Johannesburg. XebiaLabs is built for continuous delivery of software with less risk. Barry de Waal and Hennie Kloppers demonstrated the ease of use and integration with Atlassian products such as Bamboo and JIRA.
Building Monitoring Framework
Thnks you Ralali, DevOps Indonesia, IDDevops Member dan para peserta event meetup malam ini
Presentasi bisa di akses di: https://www.slideshare.net/isnuryusuf/devops-indonesia-presentation-monitoring-framework
Video Record bisa di lihat di:
- https://www.youtube.com/watch?v=cyopfqHxMqU
- https://www.youtube.com/watch?v=V_HYxs6IUxM
Shift Left Security - The What, Why and HowDevOps.com
The shift left approach in DevOps moves software testing earlier in its lifecycle to prevent defects early in the software delivery process. How can developers use this approach to ensure security? Josh Thorngren, VP of Marketing at Twistlock, will explain what it means to shift left, and share five steps to ensure a successful transition to a shift left approach with DevOps.
Join this webinar to learn:
Best practices in adopting a successful shift to the left
How ‘shifting left’ promotes security
How developers are the new security guards in protecting company information
Get a firsthand look at our new product in a webinar on Tuesday, 17 September.
Many IT organizations tasked with securing infrastructure find that one of their biggest challenges is the vulnerability management process. This process is often manual and inefficient, leaving systems exposed to breaches and attacks.
Our new product, Puppet Remediate, addresses common pain points in the vulnerability management workflow to better protect your infrastructure and reduce manual work. With Remediate, you can:
Eliminate data handoffs between teams. Puppet Remediate integrates with the three major vulnerability scanners — Tenable, Qualys and Rapid7 — providing a single source of truth for IT Ops;
Easily assess the most critical threats. The dashboard shows all vulnerabilities prioritized by relative risk, so you know what to address first;
Agentless remediation. Run a task to remediate vulnerabilities directly from the dashboard. You can upload your own scripts, or make use of existing modules in the Puppet Forge.
9th Bit joined the first Atlassian Expert Day on 18 May 2016 in Johannesburg. XebiaLabs is built for continuous delivery of software with less risk. Barry de Waal and Hennie Kloppers demonstrated the ease of use and integration with Atlassian products such as Bamboo and JIRA.
Network monitoring gives you the visibility you need to stay one step ahead of potential issues. By showing live network performance data in an easy-to-read interface, network monitoring software helps you identify outages that could cause bottlenecks.
Enterprise mobility has grown by 72% in 2015. With every employee making use of mobile devices for official purposes, the need to regulate the apps and functionality of these devices is greater than ever. Join a webinar hosted by our security experts where we will provide a comprehensive look into Seqrite’s mobile app ecosystem. With features like App Control and Seqrite Launcher within our MDM (Mobile Device Management) solution, your enterprise can make use of integrated mobility strategies without disrupting compliance. The webinar will cover the following points:
- Key challenges faced by enterprises due to unregulated usage of mobile apps
- Benefits of implementing a mobile app strategy for business productivity
- How Seqrite MDM enables enterprises to regulate application control
- Upcoming features of Seqrite MDM
Container Security: What Enterprises Need to KnowDevOps.com
Enterprises and application teams turn to containers to improve agility and increase the scalability of their environments and portability of their applications. But with these benefits come a number of serious security challenges and considerations. While some of the changes containerization brings to security are beneficial, others are a bit thornier. To avoid serious mistakes and data breaches, enterprises must understand how containers affect security and build a strategy to secure them.
Patch your workplaces at home, in a meeting center or at the officeIvanti
It turns out working from home is possible without compromising productivity. We will likely see this trend continue, with more remote working in our future. This could be a nightmare for an administrator. How do you gain insights into your patch status and ensure your endpoints are up to date? How do you confirm that OS and third party applications are being patched? In this session, we look at how to easily obtain insights into your patch status how the patch process can be adjusted to optimally support an increasingly remote workforce.
DevSecCon Singapore 2019: Four years of reflection: How (not) to secure Web A...DevSecCon
Julian Berton
Preventing a company from becoming the newest data breach statistic can be a daunting prospect. Especially working within a company that employs hundreds of engineers pushing code to production daily, it often feels like everything is on fire and the holy grail of producing a security inspired product is but a dim light growing further and further away. The same feeling is true for security aware engineers being pushed to develop products quickly but also expected to consider quality assurance, operations, security and the reliability of their application or service.
To help reduce the bleeding and build more security aware applications at scale, a balance of firefighting, preventative initiatives, automation and "JIT" education is required. So strap yourself in while we take you on a journey through 4 years of security successes and epic failures:
* Automation - Implementing a secure-by-default build system (Buildkite) that makes detecting vulnerable dependencies (Snyk), storing secrets (AWS Secrets Manager) and scanning Docker containers, an effortless process.
* Prevention - Eradicate several classes of bugs by selecting secure architectural patterns and using automated scripts to detect operational misconfigurations like dangling DNS entries, open S3 buckets, secrets checked into source code and repositories that have been made accidentally public.
* "JIT” Education - Changing a companies security culture with RFC's for security standards, security integrated PIR via bug bounty program reports, visibility through security maturity frameworks (BSIMM).
Travis Cox from Inductive Automation will go over the important questions you should ask when planning an enterprise solution. His presentation will help you start and maintain a smoother development process that results in an open, interoperable, standards-based, and secure enterprise solution.
5 Ways to Tighten Security with Endpoint ManagementIvanti
In a world of BYOD and rapidly expanding mobility, securing and managing endpoints is more challenging than ever. This is confirmed, along with many surprising statistics, in a recent survey conducted by analyst Enterprise Management Associates (EMA). Join us for this 60-minute webinar where security experts Jason Forsgren and Eran Livne go over report highlights and share their insights on how to best address these challenges. All webinar registrants will get a free copy of the complete EMA research report.
Some of the most famous information breaches over the past few years have been a result of entry through embedded and IoT system environments. Often these breaches are a result of unexpected system architecture and service connectivity on the network that allows the hacker to enter through an embedded device and make their way to the financial or corporate servers. Experts in embedded security discuss key security issues for embedded systems and how to address them.
IBM Cloud Computing Course Project - Utilising Enterprise Design Thinking Propose cloud computing solution leveraging on IOT device and IBM Watson AI (artificial Intelligence) solution to assist in ensure the safety of elderly living alone in Singapore, while maintaining their independent daily lifestyle.
Service Assurance for Modern Apps - BigPanda NA SNO - April 2015 - Dan TurchinPeopleReign, Inc.
Service Assurance for modern apps. What's required to deliver strategic IT services in an age when apps and infrastructure are more complex than ever and the volume of data they generate is growing by orders of magnitude each year? Gone are the days when we could rely on people to solve machine data problems.
In this presentation, we consolidate top M365 tips to make your Microsoft environment more effective. Such as:
* How to harden your admin accounts
* How to better understand licensing around security features of Microsoft 365, and what is required
* How to segment your Microsoft 365 tenant to support a delegated administration model
* How to focus on the various layers of service, data, and information security for administrators
* How to get a better handle on Shadow IT and external data sharing
Hybrid cloud is becoming a necessity for many organizations. But building and managing an environment that effectively leverages the strengths of both public and private clouds can be a greater challenge than anticipated. One of the most critical elements of a hybrid cloud scenario is the management solutions that manage the cloud application lifecycle effectively. This presentation focuses on how organizations can manage their hybrid environments to ensure they achieve cloud computing success.
Visualizing Your Network Health - Know your NetworkDellNMS
An old adage states that you cannot manage what you don’t know. Do you know what devices are on your network, where they are located, how they are configured, what they are connected to, and how they are affected by changes and failures?
Today’s network infrastructure is becoming more and more complex, while demands on the Network Administrator to ensure network availability and performance are higher than ever. Business critical systems depend upon you managing your entire network infrastructure and delivering high-quality service 24/7, 365 days a year. So how do you keep the pace?
Learn how real-time visibility into your entire network infrastructure provides the power to manage your assets with greater control.
Network monitoring gives you the visibility you need to stay one step ahead of potential issues. By showing live network performance data in an easy-to-read interface, network monitoring software helps you identify outages that could cause bottlenecks.
Enterprise mobility has grown by 72% in 2015. With every employee making use of mobile devices for official purposes, the need to regulate the apps and functionality of these devices is greater than ever. Join a webinar hosted by our security experts where we will provide a comprehensive look into Seqrite’s mobile app ecosystem. With features like App Control and Seqrite Launcher within our MDM (Mobile Device Management) solution, your enterprise can make use of integrated mobility strategies without disrupting compliance. The webinar will cover the following points:
- Key challenges faced by enterprises due to unregulated usage of mobile apps
- Benefits of implementing a mobile app strategy for business productivity
- How Seqrite MDM enables enterprises to regulate application control
- Upcoming features of Seqrite MDM
Container Security: What Enterprises Need to KnowDevOps.com
Enterprises and application teams turn to containers to improve agility and increase the scalability of their environments and portability of their applications. But with these benefits come a number of serious security challenges and considerations. While some of the changes containerization brings to security are beneficial, others are a bit thornier. To avoid serious mistakes and data breaches, enterprises must understand how containers affect security and build a strategy to secure them.
Patch your workplaces at home, in a meeting center or at the officeIvanti
It turns out working from home is possible without compromising productivity. We will likely see this trend continue, with more remote working in our future. This could be a nightmare for an administrator. How do you gain insights into your patch status and ensure your endpoints are up to date? How do you confirm that OS and third party applications are being patched? In this session, we look at how to easily obtain insights into your patch status how the patch process can be adjusted to optimally support an increasingly remote workforce.
DevSecCon Singapore 2019: Four years of reflection: How (not) to secure Web A...DevSecCon
Julian Berton
Preventing a company from becoming the newest data breach statistic can be a daunting prospect. Especially working within a company that employs hundreds of engineers pushing code to production daily, it often feels like everything is on fire and the holy grail of producing a security inspired product is but a dim light growing further and further away. The same feeling is true for security aware engineers being pushed to develop products quickly but also expected to consider quality assurance, operations, security and the reliability of their application or service.
To help reduce the bleeding and build more security aware applications at scale, a balance of firefighting, preventative initiatives, automation and "JIT" education is required. So strap yourself in while we take you on a journey through 4 years of security successes and epic failures:
* Automation - Implementing a secure-by-default build system (Buildkite) that makes detecting vulnerable dependencies (Snyk), storing secrets (AWS Secrets Manager) and scanning Docker containers, an effortless process.
* Prevention - Eradicate several classes of bugs by selecting secure architectural patterns and using automated scripts to detect operational misconfigurations like dangling DNS entries, open S3 buckets, secrets checked into source code and repositories that have been made accidentally public.
* "JIT” Education - Changing a companies security culture with RFC's for security standards, security integrated PIR via bug bounty program reports, visibility through security maturity frameworks (BSIMM).
Travis Cox from Inductive Automation will go over the important questions you should ask when planning an enterprise solution. His presentation will help you start and maintain a smoother development process that results in an open, interoperable, standards-based, and secure enterprise solution.
5 Ways to Tighten Security with Endpoint ManagementIvanti
In a world of BYOD and rapidly expanding mobility, securing and managing endpoints is more challenging than ever. This is confirmed, along with many surprising statistics, in a recent survey conducted by analyst Enterprise Management Associates (EMA). Join us for this 60-minute webinar where security experts Jason Forsgren and Eran Livne go over report highlights and share their insights on how to best address these challenges. All webinar registrants will get a free copy of the complete EMA research report.
Some of the most famous information breaches over the past few years have been a result of entry through embedded and IoT system environments. Often these breaches are a result of unexpected system architecture and service connectivity on the network that allows the hacker to enter through an embedded device and make their way to the financial or corporate servers. Experts in embedded security discuss key security issues for embedded systems and how to address them.
IBM Cloud Computing Course Project - Utilising Enterprise Design Thinking Propose cloud computing solution leveraging on IOT device and IBM Watson AI (artificial Intelligence) solution to assist in ensure the safety of elderly living alone in Singapore, while maintaining their independent daily lifestyle.
Service Assurance for Modern Apps - BigPanda NA SNO - April 2015 - Dan TurchinPeopleReign, Inc.
Service Assurance for modern apps. What's required to deliver strategic IT services in an age when apps and infrastructure are more complex than ever and the volume of data they generate is growing by orders of magnitude each year? Gone are the days when we could rely on people to solve machine data problems.
In this presentation, we consolidate top M365 tips to make your Microsoft environment more effective. Such as:
* How to harden your admin accounts
* How to better understand licensing around security features of Microsoft 365, and what is required
* How to segment your Microsoft 365 tenant to support a delegated administration model
* How to focus on the various layers of service, data, and information security for administrators
* How to get a better handle on Shadow IT and external data sharing
Hybrid cloud is becoming a necessity for many organizations. But building and managing an environment that effectively leverages the strengths of both public and private clouds can be a greater challenge than anticipated. One of the most critical elements of a hybrid cloud scenario is the management solutions that manage the cloud application lifecycle effectively. This presentation focuses on how organizations can manage their hybrid environments to ensure they achieve cloud computing success.
Visualizing Your Network Health - Know your NetworkDellNMS
An old adage states that you cannot manage what you don’t know. Do you know what devices are on your network, where they are located, how they are configured, what they are connected to, and how they are affected by changes and failures?
Today’s network infrastructure is becoming more and more complex, while demands on the Network Administrator to ensure network availability and performance are higher than ever. Business critical systems depend upon you managing your entire network infrastructure and delivering high-quality service 24/7, 365 days a year. So how do you keep the pace?
Learn how real-time visibility into your entire network infrastructure provides the power to manage your assets with greater control.
Why Monitoring and Logging are Important in DevOps.pdfDatacademy.ai
As businesses increasingly rely on technology to deliver products and services, it's critical to ensure that their IT systems are performing optimally. This is where DevOps comes in, as it helps organizations streamline their software development and deployment processes. Monitoring and logging are two critical components of the DevOps approach, as they help teams to identify and troubleshoot issues in real-time. In this LinkedIn post, we'll explore the importance of monitoring and logging in DevOps and how they can help organizations achieve greater efficiency and reliability in their IT operations.
Get ahead of the cloud or get left behindMatt Mandich
An enterprise cloud computing strategy results in:
Broad consensus on goals and expected results of moving select processes to the cloud
Standardized, consistent approach to evaluating the benefits and challenges of cloud projects
Clear requirements for the negotiation and monitoring of partnerships with cloud service providers
Understanding and consensus on the enabling and managing role IT will play in future cloud initiatives
Goals and a roadmap for transforming internal IT from asset managers to service broker
How to add security in dataops and devopsUlf Mattsson
The emerging DataOps is not Just DevOps for Data. According to Gartner, DataOps is a collaborative data management practice focused on improving the communication, integration and automation of data flows between data managers and consumers across an organization.
The goal of DataOps is to create predictable delivery and change management of data, data models and related artifacts. DataOps uses technology to automate data delivery with the appropriate levels of security, quality and metadata to improve the use and value of data in a dynamic environment.
This session will discuss how to add Security in DataOps and DevOps.
Government and Education Webinar: Leveraging SolarWinds to Improve Remote Emp...SolarWinds
In this webinar, our SolarWinds sales engineer discussed how to leverage SolarWinds® to help improve remote employee support at your organization. COVID-19 concerns are changing how organizations run their business and IT operations, dramatically expanding demand for teleworking (work from home) and application access to collaborative systems (like Webex, SharePoint, Teams, etc.). This demand is creating significant challenges for IT operations and has increased the need for IT pros to keep applications, services, and infrastructures up and running—and safe.
During this interactive webinar, attendees learned how to:
Monitor VPN performance with Network Performance Monitor and analyze application traffic with NetFlow Traffic Analyzer
Monitor the performance and utilization of your WAN and VoIP solution with VoIP & Network Quality Manager
Monitor and troubleshoot the application performance of your collaboration systems such as Webex, SharePoint, and Teams with Server & Application Monitor and AppOptics™
Monitor remote end-user experience with Web Performance Monitor
Improve ticketing, asset management, and self-service with Web Help Desk®and SolarWinds Service Desk
Connect quickly and securely and communicate effectively with end users with Dameware® Remote Support
Visualize and analyze key remote support metrics in a dashboard with the Orion® Platform feature, PerfStack™
Application-aware Network Performance Management (AANPM) practices and products provide detailed insights into exactly who is using which resources, what quality of experience is taking place, and where to look when things go wrong. Such information can significantly improve planning, monitoring, and troubleshooting efforts.
But which are the best options when it comes to planning out an AANPM strategy? Which sources of data offer the most cost-efficient results? How can complex, widely distributed networks be accommodated, particularly when users are far removed from the application servers? And where is the best place to start?
These slides will reveal:
*Key goals and objectives of AANPM
*Choosing the right sources of AANPM data
*Achieving true end-to-end AANPM, from core to remote site including the access layer
*AANPM features and capabilities having the broadest impact and delivering the most value
10 Ways to Better Application-Centric Service ManagementLinh Nguyen
Many IT organizations suffer from the nagging problems of Availability and Performance Management. In this presentation we will detail 10 Ways to Better Application-Centric Service Management, particularly with SAP environments.
Are your cloud applications performing? How Application Performance Managemen...DevOps.com
This webcast will discuss the experiences of containerization and cloud exploitation of business applications; highlighting the importance of APM for those applications. We will explore themes such as how to best exploit CI/CD pipelines and orchestrated runtimes, manage current and future application environments, take advantage of improved user experience and use cognitive analytics to gain performance insights for DevOps and microservices-based applications.
Observability is the most important capability needed to manage the development, deployment, and operation of modern systems.
These slides—based on the webinar with EMA Research and LightStep--explore the importance of observability and how to address this capability for complex systems.
Key findings among the industry analysts: “Managing telecom & cloud expenses is a complex task that requires knowledge about multiple technical an business topics”.
Widecoup Billing has helped our clients to find savings primarily through the reduction on the different types of telco consumption and communications expenditures
Implementing a Disconnected Mobile Application with DSI for Field OperationsSmartbridge
SPEAKERS:
+ Victor Lang, Vice President of Enterprise Systems
+ Danny Tsang, Enterprise Mobility, Manager
Discover the best practices and critical tips & tricks to developing a truly disconnected mobile application for field operations. In this presentation, Victor Lang & Danny Tsang explain a use case for building a disconnected app with the DSI platform.
No More Dumb Pipes: An Enterprise Perspective for Evaluating Network Performa...CA Technologies
CA Performance Management is a big data collection, warehousing and analytics solution that helps enterprises maximize return on their network infrastructure investments and lower the cost of network operations.
Learn more about CA Performance Management: http://bit.ly/1vrQPJB
Government and Education Webinar: There's More Than One Way to Monitor SQL Da...SolarWinds
This webinar reviews the basics of database monitoring using SQL Server features, like extended events and agent monitoring to show you how to extend and amplify your database performance monitoring effectiveness with SolarWinds products.
Platform Observability “is when you infer the internal state of a system only by observing the data it generates, such as logs, metrics, and traces”. When observability is implemented well, a system will not require operations teams to spend much effort on understanding its internal state.
Effective performance engineering is a critical factor in delivering meaningful results. The implementation must be built into every aspect of the business, from IT and business management to internal and external customers and all other stakeholders. Convetit brought together ten experts in the field of performance engineering to delve into the trends and drivers that are defining the space. This Foresights discussion will directly influence Business and Technology Leaders that are looking to stay ahead of the challenges they face with delivering high performing systems to their end users, today and in the next 2-5 years.
Similar to DevOps Indonesia #14 - Building monitoring framework on container infrastructure (20)
API Security Webinar - Security Guidelines for Providing and Consuming APIs by Alexander Marcel
Simak penjelasan dari pakar industri tentang trend dan tantangan API dalam tahun 2021. Pelajari bagaimana organisasi dapat membebaskan potensi API, untuk secara efektif menangkis serangan dan melindungi aset API. Masalah-masalah yang muncul di event API Security Challenge juga akan dibahas di sini, dan akan ada hadiah-hadiah menarik bagi semua peserta.
Agenda :
- Penelusuran trend keamanan API, tantangan dan masalah-masalah keamanan yang sering dihadapi.
- Temuan dan Statistik yang dipelajari lewat API Security Challenge
- Penelusuran solusi untuk tantangan nyata yang ditemui dalam API Security Challenges
- Pengumuman pemenang API Security Challenge
API Security Webinar - Security Guidelines for Providing and Consuming APIsDevOps Indonesia
API Security Webinar - Security Guidelines for Providing and Consuming APIs by Faisal Yahya
Simak penjelasan dari pakar industri tentang trend dan tantangan API dalam tahun 2021. Pelajari bagaimana organisasi dapat membebaskan potensi API, untuk secara efektif menangkis serangan dan melindungi aset API. Masalah-masalah yang muncul di event API Security Challenge juga akan dibahas di sini, dan akan ada hadiah-hadiah menarik bagi semua peserta.
Agenda :
- Penelusuran trend keamanan API, tantangan dan masalah-masalah keamanan yang sering dihadapi.
- Temuan dan Statistik yang dipelajari lewat API Security Challenge
- Penelusuran solusi untuk tantangan nyata yang ditemui dalam API Security Challenges
- Pengumuman pemenang API Security Challenge
API Security Webinar by Hendra Tanto
Simak penjelasan dari pakar industri tentang trend dan tantangan API dalam tahun 2021. Pelajari bagaimana organisasi dapat membebaskan potensi API, untuk secara efektif menangkis serangan dan melindungi aset API. Masalah-masalah yang muncul di event API Security Challenge juga akan dibahas di sini, dan akan ada hadiah-hadiah menarik bagi semua peserta.
Agenda :
- Penelusuran trend keamanan API, tantangan dan masalah-masalah keamanan yang sering dihadapi.
- Temuan dan Statistik yang dipelajari lewat API Security Challenge
- Penelusuran solusi untuk tantangan nyata yang ditemui dalam API Security Challenges
- Pengumuman pemenang API Security Challenge
Threats to mobile devices are more prevalent and increasing in scope and complexity. Users of mobile devices desire to take full advantage of the features
available on those devices, but many of the features provide convenience and capability but sacrifice security. This best practices guide outlines steps the users can take to better protect personal devices and information.
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...SOFTTECHHUB
The choice of an operating system plays a pivotal role in shaping our computing experience. For decades, Microsoft's Windows has dominated the market, offering a familiar and widely adopted platform for personal and professional use. However, as technological advancements continue to push the boundaries of innovation, alternative operating systems have emerged, challenging the status quo and offering users a fresh perspective on computing.
One such alternative that has garnered significant attention and acclaim is Nitrux Linux 3.5.0, a sleek, powerful, and user-friendly Linux distribution that promises to redefine the way we interact with our devices. With its focus on performance, security, and customization, Nitrux Linux presents a compelling case for those seeking to break free from the constraints of proprietary software and embrace the freedom and flexibility of open-source computing.
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex ProofsAlex Pruden
This paper presents Reef, a system for generating publicly verifiable succinct non-interactive zero-knowledge proofs that a committed document matches or does not match a regular expression. We describe applications such as proving the strength of passwords, the provenance of email despite redactions, the validity of oblivious DNS queries, and the existence of mutations in DNA. Reef supports the Perl Compatible Regular Expression syntax, including wildcards, alternation, ranges, capture groups, Kleene star, negations, and lookarounds. Reef introduces a new type of automata, Skipping Alternating Finite Automata (SAFA), that skips irrelevant parts of a document when producing proofs without undermining soundness, and instantiates SAFA with a lookup argument. Our experimental evaluation confirms that Reef can generate proofs for documents with 32M characters; the proofs are small and cheap to verify (under a second).
Paper: https://eprint.iacr.org/2023/1886
Essentials of Automations: The Art of Triggers and Actions in FMESafe Software
In this second installment of our Essentials of Automations webinar series, we’ll explore the landscape of triggers and actions, guiding you through the nuances of authoring and adapting workspaces for seamless automations. Gain an understanding of the full spectrum of triggers and actions available in FME, empowering you to enhance your workspaces for efficient automation.
We’ll kick things off by showcasing the most commonly used event-based triggers, introducing you to various automation workflows like manual triggers, schedules, directory watchers, and more. Plus, see how these elements play out in real scenarios.
Whether you’re tweaking your current setup or building from the ground up, this session will arm you with the tools and insights needed to transform your FME usage into a powerhouse of productivity. Join us to discover effective strategies that simplify complex processes, enhancing your productivity and transforming your data management practices with FME. Let’s turn complexity into clarity and make your workspaces work wonders!
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfPaige Cruz
Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack.
While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack.
I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!SOFTTECHHUB
As the digital landscape continually evolves, operating systems play a critical role in shaping user experiences and productivity. The launch of Nitrux Linux 3.5.0 marks a significant milestone, offering a robust alternative to traditional systems such as Windows 11. This article delves into the essence of Nitrux Linux 3.5.0, exploring its unique features, advantages, and how it stands as a compelling choice for both casual users and tech enthusiasts.
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AIVladimir Iglovikov, Ph.D.
Presented by Vladimir Iglovikov:
- https://www.linkedin.com/in/iglovikov/
- https://x.com/viglovikov
- https://www.instagram.com/ternaus/
This presentation delves into the journey of Albumentations.ai, a highly successful open-source library for data augmentation.
Created out of a necessity for superior performance in Kaggle competitions, Albumentations has grown to become a widely used tool among data scientists and machine learning practitioners.
This case study covers various aspects, including:
People: The contributors and community that have supported Albumentations.
Metrics: The success indicators such as downloads, daily active users, GitHub stars, and financial contributions.
Challenges: The hurdles in monetizing open-source projects and measuring user engagement.
Development Practices: Best practices for creating, maintaining, and scaling open-source libraries, including code hygiene, CI/CD, and fast iteration.
Community Building: Strategies for making adoption easy, iterating quickly, and fostering a vibrant, engaged community.
Marketing: Both online and offline marketing tactics, focusing on real, impactful interactions and collaborations.
Mental Health: Maintaining balance and not feeling pressured by user demands.
Key insights include the importance of automation, making the adoption process seamless, and leveraging offline interactions for marketing. The presentation also emphasizes the need for continuous small improvements and building a friendly, inclusive community that contributes to the project's growth.
Vladimir Iglovikov brings his extensive experience as a Kaggle Grandmaster, ex-Staff ML Engineer at Lyft, sharing valuable lessons and practical advice for anyone looking to enhance the adoption of their open-source projects.
Explore more about Albumentations and join the community at:
GitHub: https://github.com/albumentations-team/albumentations
Website: https://albumentations.ai/
LinkedIn: https://www.linkedin.com/company/100504475
Twitter: https://x.com/albumentations
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...Neo4j
Leonard Jayamohan, Partner & Generative AI Lead, Deloitte
This keynote will reveal how Deloitte leverages Neo4j’s graph power for groundbreaking digital twin solutions, achieving a staggering 100x performance boost. Discover the essential role knowledge graphs play in successful generative AI implementations. Plus, get an exclusive look at an innovative Neo4j + Generative AI solution Deloitte is developing in-house.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
2. PAGE3
DEVOPS INDONESIA
DEVOPS INDONESIA HOUSE RULES
100% ATTENTION
TAKE NOTES, NOT CALLS
RECEIVE KNOWLEDGE, NOT MESSAGES
MUTE NOTIFICATIONS FOR SLACK QQ WHATSAPP IMESSAGE EMAIL
TELEGRAM SNAPCHAT FACEBOOK WEIBO HANGOUTS VOXER SIGNAL G+
TWITTER VIBER SKYPE WECHAT LINE SMS ...
7. PAGE9
DEVOPS INDONESIA
Background...
One of the biggest challenges facing IT ops teams is the lack of
visibility across the entire infrastructure - physical, virtual and in the
cloud. Making things even more complex, any infrastructure
monitoring solution needs to not only meet the IT team’s needs, but
also the needs of other stakeholders including line of business (LOB)
owners and application developers
8. PAGE10
DEVOPS INDONESIA
Monitoring is essential
• Protecting revenue, brand, and security
• Identification of issues before customers are impacted
• Creating feedback loops and stability
• Gathering information on usage and usability
• Collecting information for future analysis
9. PAGE11
DEVOPS INDONESIA
Comprehensive monitoring strategy
• Monitor the components and the whole system level, component level, and
overall applicationmetrics need to be includedto get the full picture.
• Analyze first and third party performance. Problems with a third party affect the
overall digital experiencejust as much as problems with first party content.
• Measure individual pages and multi-step transactions. Users are visiting more
than a single page, you should be monitoring more than the home page.
• Configure alerts to be notified when performance varies from a baseline. Early
identification of issues can help resolve problems before customers are impacted.
• Compare your performance to competitors or industry leaders. Performance is
relative, you are being compared to other sites on a daily basis, do you know how
you stack up?
10. PAGE12
DEVOPS INDONESIA
Comprehensive monitoring strategy
• Monitor from the viewpoint of your users. Capture metrics from real users to
get the broadest coverage and use those locations to influence where to capture
synthetic measurementsfrom.
• Measure performance across multiple connection types. Performance and
availability can vary widely across connection types include a representative
sample of your users.
• Align metrics with business objectives. Why should others in the organization
care about a metric? Describe how the monitoring data is relevant to objectives
such as increasing customer loyalty, increasing revenue, or reducing costs.
• Re-evaluate your strategy on a regular basis. As your company grows, and your
application changes, your monitoring strategy should be re-evaluated. Are you still
measuring from the geographies that matter? Have new components been
introducedthat need to be monitored?
• Look for the anomalies and outliers. We can learn more from the unexpected
than from the everyday occurrences.
11. PAGE13
DEVOPS INDONESIA
Breaking your strategy
• This first component is collection. Any performance monitoring strategy starts with data
collection. If you can’t monitor it, you can’t manage it. To prevent visibility gaps, your
performance-monitoring platform should be data agnostic, with high frequency polling
down to the second.
• Building the baseline. Once you’ve collected the broadest set of performance data at the
required granularity, it’s time to establish a baseline for every metric you monitor. It’s
imperative to understand what “normal” conditions look like at any given moment, especially
in dynamic virtualized environments. Baselines then become your basis for aneffective
alerting method.
• Setting alerts. In addition to setting static thresholds, it’s important to establish alerts based
on deviation from baseline performance. Beyond a daily alert about high bandwidth usage,
you need to know when an unexpected spike occurs during working hours due to a unique
user-initiated action
12. PAGE14
DEVOPS INDONESIA
Breaking your strategy cont..
• Creating reports. Canned reports reveal most utilized interfaces, highest packet loss and
other key metrics. Yet, they don’t allow for the level of manipulation often required to
troubleshoot performance issues
• Analyzing data. The goal is to find actionable insight needed to proactively detect and avoid
performance events, understand correlations that can help fine-tune infrastructure and
make more informed forecasting decisions about the impact infrastructure has on the
business.
• Sharing results. Once armed with the strategic ability to collect, baseline, alert, report and
analyze your performance data, its time to share insights with team members who can truly
benefit from monitoring results.
15. PAGE17
DEVOPS INDONESIA
Monitoring, Alerting, and Capacity Planning
No Category Allerting SIEM
Services Availability Perfomance Monitoring Capacity Forecasting
Sysops Network
Data
Center
Sysops Network
Data
Center
Sysops Network
Data
Center
Bussiness
/Sales
1
Visual Dashboard &
Monitoring
1
a
2
Public Service URL
Monitoring
1
a
3 Notification Tools
1 1st Layer Notification
2 2nd Layer Notification
3 Management Escalation
Prepare Your Checklist
16. PAGE18
DEVOPS INDONESIA
Data Center Monitoring - element
• Asset configuration and change management
• Know trends in data center for a better capacity planning
• Sensing and monitoring temperature
• Establish precision cooling control
• Fluid and humidity detection
• Integrate the environment with other sensors
• Managing alarms and notifications
• Establish Data center Environmental Monitoring Systems (EMS)
17. PAGE19
DEVOPS INDONESIA
Data Center monitoring best practice
• Testing and Maintenance
• Be ready for emergencies
• Have a backup plan ready
• Have an automated recovery plan
23. PAGE25
DEVOPS INDONESIA
Application and Platform
Application monitoring is a process that
ensures that a software application processes
and performs in an expected manner and
scope. This technique routinely identifies,
measures and evaluates the performance of
an application and provides the means to
isolate and rectify any abnormalities or
shortcomings.
24. PAGE26
DEVOPS INDONESIA
Application and Platform Monitoring Element
• Application response time
• API perfomance
• Service Bus perfomance
• Processing perfomance
25. PAGE27
DEVOPS INDONESIA
Database monitoring
Measuring database attributes to monitor application productivity.
• Get comprehensive insight into the health and performance of
your databases
• Track slow queries, expensive statements, response times, failures,
page faults, Dead lock details and a whole lot of KPIs.
• Monitor, easily identify and solve database issues that impact
application performance.
26. PAGE28
DEVOPS INDONESIA
Microservices monitoring
Modern microservices are displacing
monolithic application stacks, accelerating
development and deployment speed,
simplify scaling and more. With all of its
advantages, a microservices-approach
increases the complexity of monitoring and
troubleshooting applications
27. PAGE29
DEVOPS INDONESIA
Visualize Microservice
Interaction
Monitor’s transparent instrumentation
observes all activity at a system call level.
This helps you instantly see how your
microservices interact and provides key
metrics like response time, network traffic
and resource utilization. Dynamic topology
maps help you identify bottlenecks,
visualize your application flow and drill
down to the process level to understand
what is running and where.
34. PAGE36
DEVOPS INDONESIA
Public Service Monitoring
• Monitoring your public service
from multiple geo location
• Monitoring SSL expiration
and domain expiration
• Website Uptime &
Performance Monitoring
37. PAGE39
DEVOPS INDONESIA
Security Monitoring
• Intrusion Detection - Detect threats and suspicious activities early
with host, network, and cloud IDS.
• Vulnerability Assessment - Identify vulnerabilities and AWS
configuration issues that put your organization at risk.
• Event Correlation - Automate event correlation and security analysis
with AlienVault Threat Intelligence.
• Log Management - Automate log collection and analysis and securely
store raw logs in the AlienVault Cloud.
• Compliance Reporting - Be audit-ready sooner with pre-built
compliance reporting templates.
40. PAGE42
DEVOPS INDONESIA
Paging, Alert and Notification
When you are auditing or writing alerting rules, consider these things to keep your
oncall rotation happier:
• Pages should be urgent, important,actionable,and real.
• They should represent either ongoing or imminent problems with your service.
• Err on the side of removing noisy alerts – over monitoring is a harder problem to
solve than under monitoring.
• You should almost always be able to classify the problem into one of: availability &
basic functionality; latency; correctness (completeness, freshness and durability of
data); and feature specific problems.
• Symptoms are a better way to capture more problems more comprehensively and
robustly with less effort