Find the Hacker
•Download as PPTX, PDF•
1 like•303 views
Race to find the hacker! Take everything you’ve learned today and put it to work. We’ll construct a scenario and you will try to solve the problem with sysdig and build a falco rule to detect the issue in the future. Gear up, folks, there is a drone on the line as a prize for the winner!
Report
Share
Report
Share
Recommended
How to Secure Containers
While there have been many improvements around improving containers, there is still a large gap in securing the behavior of containers in production. Enter sysdig falco, the behavioral activity monitor for containerized environments. It can detect and alert on anomalous behavior at the application, file, system, and network level. In this session get a deep dive into falco and learn: - How does behavioral security differ from existing security solutions like image scanning? - How does falco work? What can it detect? - How do you build and customize rules for falco?
Behavioural activity monitoring on CoreOS with Sysdig Falco
This document contains instructions and configuration details for monitoring Linux systems and containers using Falco. It includes commands to install necessary packages like Falco and its dependencies. It also provides examples of Falco rules to generate alerts for suspicious activities like modifying files in critical directories or accessing devices like cameras without the proper applications. The rules leverage conditions, macros and lists to define what behaviors to flag for further review.
WTF my container just spawned a shell!
This document discusses various techniques for securing containers and monitoring container activity, including:
- Static and dynamic scanning of container images to detect vulnerabilities
- Using seccomp, seccomp-bpf, SELinux, and Auditd for sandboxing and monitoring system calls
- Sysdig Falco for behavioral monitoring and detecting anomalies based on rules
- Examples of rules to detect things like shells running in containers or overwriting system binaries
The document provides an overview of these various security tools and techniques for containers, with examples of how they can be used to monitor and restrict container behavior to detect security issues or policy violations.
Host Intrusion Detection like a Boss
Introduction to the stealth mode functionality an open source Host Intrusion Detection System called Samhain and analysis on how exactly it applies it in the operating system.
Sysdig Open Source Intro
Sysdig is an open source container monitoring and security platform that provides visibility into containerized applications. It includes sysdig for troubleshooting and inspection, sysdig monitor for runtime security and performance monitoring, and sysdig secure for compliance and threat detection. Sysdig uses system calls to provide filtering and inspection capabilities similar to tcpdump. It supports containers, Kubernetes, Docker, and other orchestration platforms. Sysdig also includes chisels for aggregating and reporting on event sequences and Falco for behavioral monitoring and detecting suspicious activity defined through rules.
Dock ir incident response in a containerized, immutable, continually deploy...
This document discusses incident response strategies in a containerized and immutable infrastructure environment like Docker. It addresses challenges like lack of system and software inventory visibility due to rapid container changes, and lack of agent-based security due to single-purpose containers. It proposes solutions like establishing managed base container OSs, whitelisting allowed containers and files, and leveraging logs and sidecar containers to monitor for detections. Response challenges around long investigation timeframes due to short container lifetimes and lack of access are addressed with strategies like comprehensive logging, filesystem artifact preservation, and automating remote response capabilities.
XFLTReat: a new dimension in tunnelling
This presentation will sum up how to do tunnelling with different protocols and will have different perspectives detailed. For example, companies are fighting hard to block exfiltration from their network: they use http(s) proxies, DLP, IPS technologies to protect their data, but are they protected against tunnelling? There are so many interesting questions to answer for users, abusers, companies and malware researchers. Mitigation and bypass techniques will be shown you during this presentation, which can be used to filter any tunnelling on your network or to bypass misconfigured filters.
Recommended
How to Secure Containers
While there have been many improvements around improving containers, there is still a large gap in securing the behavior of containers in production. Enter sysdig falco, the behavioral activity monitor for containerized environments. It can detect and alert on anomalous behavior at the application, file, system, and network level. In this session get a deep dive into falco and learn: - How does behavioral security differ from existing security solutions like image scanning? - How does falco work? What can it detect? - How do you build and customize rules for falco?
Behavioural activity monitoring on CoreOS with Sysdig Falco
This document contains instructions and configuration details for monitoring Linux systems and containers using Falco. It includes commands to install necessary packages like Falco and its dependencies. It also provides examples of Falco rules to generate alerts for suspicious activities like modifying files in critical directories or accessing devices like cameras without the proper applications. The rules leverage conditions, macros and lists to define what behaviors to flag for further review.
WTF my container just spawned a shell!
This document discusses various techniques for securing containers and monitoring container activity, including:
- Static and dynamic scanning of container images to detect vulnerabilities
- Using seccomp, seccomp-bpf, SELinux, and Auditd for sandboxing and monitoring system calls
- Sysdig Falco for behavioral monitoring and detecting anomalies based on rules
- Examples of rules to detect things like shells running in containers or overwriting system binaries
The document provides an overview of these various security tools and techniques for containers, with examples of how they can be used to monitor and restrict container behavior to detect security issues or policy violations.
Host Intrusion Detection like a Boss
Introduction to the stealth mode functionality an open source Host Intrusion Detection System called Samhain and analysis on how exactly it applies it in the operating system.
Sysdig Open Source Intro
Sysdig is an open source container monitoring and security platform that provides visibility into containerized applications. It includes sysdig for troubleshooting and inspection, sysdig monitor for runtime security and performance monitoring, and sysdig secure for compliance and threat detection. Sysdig uses system calls to provide filtering and inspection capabilities similar to tcpdump. It supports containers, Kubernetes, Docker, and other orchestration platforms. Sysdig also includes chisels for aggregating and reporting on event sequences and Falco for behavioral monitoring and detecting suspicious activity defined through rules.
Dock ir incident response in a containerized, immutable, continually deploy...
This document discusses incident response strategies in a containerized and immutable infrastructure environment like Docker. It addresses challenges like lack of system and software inventory visibility due to rapid container changes, and lack of agent-based security due to single-purpose containers. It proposes solutions like establishing managed base container OSs, whitelisting allowed containers and files, and leveraging logs and sidecar containers to monitor for detections. Response challenges around long investigation timeframes due to short container lifetimes and lack of access are addressed with strategies like comprehensive logging, filesystem artifact preservation, and automating remote response capabilities.
XFLTReat: a new dimension in tunnelling
This presentation will sum up how to do tunnelling with different protocols and will have different perspectives detailed. For example, companies are fighting hard to block exfiltration from their network: they use http(s) proxies, DLP, IPS technologies to protect their data, but are they protected against tunnelling? There are so many interesting questions to answer for users, abusers, companies and malware researchers. Mitigation and bypass techniques will be shown you during this presentation, which can be used to filter any tunnelling on your network or to bypass misconfigured filters.
OpenStack Swift production deployments
The document discusses OpenStack Swift, an open source object/blob store. It provides information on Swift's architecture and deployment in production environments. Several companies that use Swift in production are mentioned, including Netmagic and CDAC India in India, as well as Rackspace, HP Cloud, Wikipedia, Disney, Anynines, Spillgames, MercadoLibre, ConCur and others globally. The document also provides relevant links for learning more about Swift.
Extending Sysdig with Chisel
Sysdig is infinitely extensible through Chisels, and now you’re going to learn how to build one. Using a real-world example, we’re going to show you how to leverage sysdig’s luascript engine to build powerful new functionality customized to your needs.
About linux-english
Linux is a family of free and open-source software operating system distributions built around the Linux kernel. The kernel acts as an interface between the application and hardware, managing processes, memory, devices, and system calls. System calls allow applications to request services from the kernel like reading/writing files or forking processes. When applications communicate over pipes, the kernel uses ring buffers and file descriptors to transfer data between their file descriptors. Understanding how applications interact with the kernel through system calls can help troubleshoot performance issues.
Redis - for duplicate detection on real time stream
Roberto "frank" Franchini presenta a Codemotion Techmeetup Torino Redis, un data structure server che può utilizzare come chiavi stringhe, hashes, lists, sets, sorted sets, bitmaps e hyperloglogs
.
Using ansible vault to protect your secrets
This document discusses how Ansible Vault can be used to encrypt sensitive data like passwords and private keys to protect secrets when committing infrastructure as code to source control on GitHub. It recommends encrypting only sensitive information, not all files, and splitting encrypted variable files into directories. It also provides tips for using a password script and Jenkins to automate running plays with encrypted data without exposing passwords in plain text. The document aims to help balance the security of encrypting secrets with the usability of infrastructure as code workflows.
Kali Linux - Falconer
Tony Godfrey gave a presentation on Kali Linux at the Ohio HTCIA 2014 Spring Conference. Kali Linux is a Debian-derived Linux distribution designed for digital forensics and penetration testing. It contains many security tools for information gathering, vulnerability analysis, password attacks, wireless attacks, exploitation tools, and more. The presentation demonstrated how to use various command line tools in Kali Linux like nmap, nmap, rlogin, and showed how to use Metasploit within msfconsole.
5 Ways to Secure Your Containers for Docker and Beyond
Presented by Tim Mackey, Senior Technology Evangelist, Black Duck Software on August 17.
To use containers safely, you need to be aware of potential security issues and the tools you need for securing container-based systems. Secure production use of containers requires an understanding of how attackers might seek to compromise the container, and what you should be aware of to minimize that potential risk.
Tim Mackey, Senior Technical Evangelist at Black Duck Software, provides guidance for developing container security policies and procedures around threats such as:
1. Network security
2. Access control
3. Tamper management and trust
4. Denial of service and SLAs
5. Vulnerabilities
Register today to learn about the biggest security challenges you face when deploying containers, and how you can effectively deal with those threats.
Watch the webinar on BrightTalk: http://bit.ly/2bpdswg
Vault
Presentation done at the November meeting of the Sudoers Barcelona group (https://www.meetup.com/sudoersbcn/).
HashiCorp Vault (https://www.vaultproject.io/)
"Vault és una eina per emmagatzemar i gestionar secrets. Veurem què ofereix, com instal·lar-la, utilitzar-la i operar-la, i la nostra experiència."
The State of Logging on Docker
Systems have fundamentally changed with the introduction and adoption of micro services like Docker, resulting in a shift in how we think about log management and analysis. Logging into a server and grepping logs is no longer a reality when dealing with thousands of container instances. While support of logging has improved on Docker over the past year, there is yet to be a widely agreed upon “standard” for Docker.
Logentries Chief Scientist Trevor Parsons recently co-hosted a webinar with Peter Elger of nearForm and Bright Fulton of Swipely where we explored three different approaches to logging on Docker, including:
Logging from within the container using a Daemon/collector
Logging outside the container, writing logs out and running a collector on the host
Using a dedicated logging container responsible for collecting and forwarding logs
Over the course of the webinar, Trevor, Peter and Bright engaged in a lively discussion, exploring the pros and cons of each option and debating which one truly represents “best practice.”They also shared insights into common events that are valuable to log, monitor and analyze,, useful Docker APIs, and services for analyzing Docker log data for a deeper understanding of your application and environments.
Open source security tools for Kubernetes.
Cloud Native platforms such as Kubernetes help developers to easily get started deploying and running their applications at scale. But as this access to compute starts to become ubiquitous, how you secure and maintain compliance standards in these environments becomes extremely important.
In this talk, we'll cover the basics of securing Cloud Native platforms such as Kubernetes. We will also cover open source tools - such as Clair, Anchore, and Sysdig Falco - that can be used to maintain a secure computing environment. Attendees will walk away with a good understanding of the challenges of securing a Cloud Native platform and practical advice on using open source tools as part of their security strategy.
Backtrack os 5
The following slides cover an introduction to Backtrack OS 5. Backtrack is an operating system focused on penetration testing.
Backtrack
This document provides an overview of the Backtrack Linux distribution for penetration testing and information security auditing. It discusses why Backtrack is useful, how to install and configure it, and describes some of the major security tools included such as Nmap, Wireshark, Metasploit, and Aircrack-ng. It also covers topics like file permissions, setting the network configuration, and connecting to Backtrack remotely with Putty.
Tokyo OpenStack Summit 2015: Unraveling Docker Security
A Docker security talk that Salman Baset and Phil Estes presented at the Tokyo OpenStack Summit on October 29th, 2015. In this talk we provided an overview of the security constraints available to Docker cloud operators and users and then walked through a "lessons learned" from experiences operating IBM's public Bluemix container cloud based on Docker container technology.
Dockertaipei 20150528-dockerswarm
Docker Swarm is native clustering for Docker that serves the standard Docker API, allowing any Docker tool to transparently scale to multiple hosts. It ships with a simple scheduling backend but can integrate more powerful backends like Mesos and Kubernetes. The document demonstrates setting up a Docker Swarm cluster across 3 Azure VMs and connecting a Docker client to schedule and run containers on the cluster. It describes various filters for scheduling, including constraints, affinity, ports, dependencies, and health.
2600 av evasion_deuce
This document summarizes a presentation on evading antivirus detection. It discusses how antivirus has gotten better at detecting old techniques, and introduces newer tools and methods for generating payloads that can bypass antivirus software, including Veil, Hyperion, and writing your own custom stagers and payloads. It also recommends building your own antivirus lab to reliably test new payloads before deployment.
Nsa and vpn
The NSA has a program called OTP that targets VPN users. It has a team called OTTERCREAK that looks up VPN metadata of targets in repositories like TOYGRIPPE to define attacks. The team works with other NSA groups like TAO to decrypt traffic if they have exploits for the VPN protocols (e.g. recovering PSKs for IPsec) or can implant devices. They have decrypted traffic from services like PPTP, IPSec and SSH tunnels in the past by exploiting routers, protocols or gaining private keys. Running your own private VPN or using a service like PIA provides some protection but risks being targeted if the VPN is popular or if your ISP/network is exploited.
Next Generation Memory Forensics
This document provides an overview of the Volatility memory forensics framework. It discusses the Volatility Foundation, which supports development of the open-source Volatility tool. It highlights new features in Volatility 2.4, including improved support for Windows, Linux, MacOS, and analyzing application artifacts from programs like Chrome, Firefox, and Notepad. It outlines the Volatility roadmap and concludes by discussing the 2014 Volatility Plugin Contest winners, whose new plugins will enhance Volatility's capabilities.
Infrastructure Deployment with Docker & Ansible
This is an introduction to Docker & Ansible. It shows how Ansible can be used as orchestration too for Docker. There are 2 real world examples included with code examples in a Gist.
Securing your Container Environment with Open Source
Cloud Native platforms such as Kubernetes and Cloud Foundry help developers to easily get started deploying and running their applications at scale. But as this access to compute starts to become ubiquitous, how you secure and maintain compliance standards in these environments becomes extremely important. In this talk we'll cover the basics of securing Cloud Native platforms such as Kubernetes. We will also cover open source tools - such as Clair, Anchore, and Sysdig Falco - that can be used to maintain secure computing environment. Attendees will walk away with a good understanding of the challenges of securing a Cloud Native platform and practical advice on using open source tools as part of their security strategy.
Wordpress y Docker, de desarrollo a produccion
This document summarizes a presentation about using Docker for WordPress development and deployment. It discusses using Docker to create development environments for WordPress, building Docker images, and deploying WordPress containers to production using Docker Compose or Kubernetes. It also covers customizing configurations, using Traefik for proxy and SSL termination, backup strategies, and notes that Kubernetes is more complex than Docker for simple use cases.
Troubleshooting Kubernetes
Kubernetes is a tremendous system for orchestrating your containers onto physical infrastructure. But troubleshooting Kubernetes can be incredibly challenging due to the dynamic and isolated nature of the containers it orchestrates. Sysdig leverages the powerful concept of container-aware system events and correlates each one of them with super rich metadata Kubernetes. In this session you’ll go deep into a couple of Kubernetes issues and how you would track them down using sysdig.
Sysdig Meetup - San Francisco, December 2014
Sysdig is an open source system monitoring tool created by Loris Degioanni that captures system events and filters them to provide instant insight. It combines the functionality of tools like strace, tcpdump, and lsof with Lua scripting. By collecting system call data, sysdig provides visibility into processes, file I/O, network I/O, memory usage, and inter-process communication across a system.
More Related Content
What's hot
OpenStack Swift production deployments
The document discusses OpenStack Swift, an open source object/blob store. It provides information on Swift's architecture and deployment in production environments. Several companies that use Swift in production are mentioned, including Netmagic and CDAC India in India, as well as Rackspace, HP Cloud, Wikipedia, Disney, Anynines, Spillgames, MercadoLibre, ConCur and others globally. The document also provides relevant links for learning more about Swift.
Extending Sysdig with Chisel
Sysdig is infinitely extensible through Chisels, and now you’re going to learn how to build one. Using a real-world example, we’re going to show you how to leverage sysdig’s luascript engine to build powerful new functionality customized to your needs.
About linux-english
Linux is a family of free and open-source software operating system distributions built around the Linux kernel. The kernel acts as an interface between the application and hardware, managing processes, memory, devices, and system calls. System calls allow applications to request services from the kernel like reading/writing files or forking processes. When applications communicate over pipes, the kernel uses ring buffers and file descriptors to transfer data between their file descriptors. Understanding how applications interact with the kernel through system calls can help troubleshoot performance issues.
Redis - for duplicate detection on real time stream
Roberto "frank" Franchini presenta a Codemotion Techmeetup Torino Redis, un data structure server che può utilizzare come chiavi stringhe, hashes, lists, sets, sorted sets, bitmaps e hyperloglogs
.
Using ansible vault to protect your secrets
This document discusses how Ansible Vault can be used to encrypt sensitive data like passwords and private keys to protect secrets when committing infrastructure as code to source control on GitHub. It recommends encrypting only sensitive information, not all files, and splitting encrypted variable files into directories. It also provides tips for using a password script and Jenkins to automate running plays with encrypted data without exposing passwords in plain text. The document aims to help balance the security of encrypting secrets with the usability of infrastructure as code workflows.
Kali Linux - Falconer
Tony Godfrey gave a presentation on Kali Linux at the Ohio HTCIA 2014 Spring Conference. Kali Linux is a Debian-derived Linux distribution designed for digital forensics and penetration testing. It contains many security tools for information gathering, vulnerability analysis, password attacks, wireless attacks, exploitation tools, and more. The presentation demonstrated how to use various command line tools in Kali Linux like nmap, nmap, rlogin, and showed how to use Metasploit within msfconsole.
5 Ways to Secure Your Containers for Docker and Beyond
Presented by Tim Mackey, Senior Technology Evangelist, Black Duck Software on August 17.
To use containers safely, you need to be aware of potential security issues and the tools you need for securing container-based systems. Secure production use of containers requires an understanding of how attackers might seek to compromise the container, and what you should be aware of to minimize that potential risk.
Tim Mackey, Senior Technical Evangelist at Black Duck Software, provides guidance for developing container security policies and procedures around threats such as:
1. Network security
2. Access control
3. Tamper management and trust
4. Denial of service and SLAs
5. Vulnerabilities
Register today to learn about the biggest security challenges you face when deploying containers, and how you can effectively deal with those threats.
Watch the webinar on BrightTalk: http://bit.ly/2bpdswg
Vault
Presentation done at the November meeting of the Sudoers Barcelona group (https://www.meetup.com/sudoersbcn/).
HashiCorp Vault (https://www.vaultproject.io/)
"Vault és una eina per emmagatzemar i gestionar secrets. Veurem què ofereix, com instal·lar-la, utilitzar-la i operar-la, i la nostra experiència."
The State of Logging on Docker
Systems have fundamentally changed with the introduction and adoption of micro services like Docker, resulting in a shift in how we think about log management and analysis. Logging into a server and grepping logs is no longer a reality when dealing with thousands of container instances. While support of logging has improved on Docker over the past year, there is yet to be a widely agreed upon “standard” for Docker.
Logentries Chief Scientist Trevor Parsons recently co-hosted a webinar with Peter Elger of nearForm and Bright Fulton of Swipely where we explored three different approaches to logging on Docker, including:
Logging from within the container using a Daemon/collector
Logging outside the container, writing logs out and running a collector on the host
Using a dedicated logging container responsible for collecting and forwarding logs
Over the course of the webinar, Trevor, Peter and Bright engaged in a lively discussion, exploring the pros and cons of each option and debating which one truly represents “best practice.”They also shared insights into common events that are valuable to log, monitor and analyze,, useful Docker APIs, and services for analyzing Docker log data for a deeper understanding of your application and environments.
Open source security tools for Kubernetes.
Cloud Native platforms such as Kubernetes help developers to easily get started deploying and running their applications at scale. But as this access to compute starts to become ubiquitous, how you secure and maintain compliance standards in these environments becomes extremely important.
In this talk, we'll cover the basics of securing Cloud Native platforms such as Kubernetes. We will also cover open source tools - such as Clair, Anchore, and Sysdig Falco - that can be used to maintain a secure computing environment. Attendees will walk away with a good understanding of the challenges of securing a Cloud Native platform and practical advice on using open source tools as part of their security strategy.
Backtrack os 5
The following slides cover an introduction to Backtrack OS 5. Backtrack is an operating system focused on penetration testing.
Backtrack
This document provides an overview of the Backtrack Linux distribution for penetration testing and information security auditing. It discusses why Backtrack is useful, how to install and configure it, and describes some of the major security tools included such as Nmap, Wireshark, Metasploit, and Aircrack-ng. It also covers topics like file permissions, setting the network configuration, and connecting to Backtrack remotely with Putty.
Tokyo OpenStack Summit 2015: Unraveling Docker Security
A Docker security talk that Salman Baset and Phil Estes presented at the Tokyo OpenStack Summit on October 29th, 2015. In this talk we provided an overview of the security constraints available to Docker cloud operators and users and then walked through a "lessons learned" from experiences operating IBM's public Bluemix container cloud based on Docker container technology.
Dockertaipei 20150528-dockerswarm
Docker Swarm is native clustering for Docker that serves the standard Docker API, allowing any Docker tool to transparently scale to multiple hosts. It ships with a simple scheduling backend but can integrate more powerful backends like Mesos and Kubernetes. The document demonstrates setting up a Docker Swarm cluster across 3 Azure VMs and connecting a Docker client to schedule and run containers on the cluster. It describes various filters for scheduling, including constraints, affinity, ports, dependencies, and health.
2600 av evasion_deuce
This document summarizes a presentation on evading antivirus detection. It discusses how antivirus has gotten better at detecting old techniques, and introduces newer tools and methods for generating payloads that can bypass antivirus software, including Veil, Hyperion, and writing your own custom stagers and payloads. It also recommends building your own antivirus lab to reliably test new payloads before deployment.
Nsa and vpn
The NSA has a program called OTP that targets VPN users. It has a team called OTTERCREAK that looks up VPN metadata of targets in repositories like TOYGRIPPE to define attacks. The team works with other NSA groups like TAO to decrypt traffic if they have exploits for the VPN protocols (e.g. recovering PSKs for IPsec) or can implant devices. They have decrypted traffic from services like PPTP, IPSec and SSH tunnels in the past by exploiting routers, protocols or gaining private keys. Running your own private VPN or using a service like PIA provides some protection but risks being targeted if the VPN is popular or if your ISP/network is exploited.
Next Generation Memory Forensics
This document provides an overview of the Volatility memory forensics framework. It discusses the Volatility Foundation, which supports development of the open-source Volatility tool. It highlights new features in Volatility 2.4, including improved support for Windows, Linux, MacOS, and analyzing application artifacts from programs like Chrome, Firefox, and Notepad. It outlines the Volatility roadmap and concludes by discussing the 2014 Volatility Plugin Contest winners, whose new plugins will enhance Volatility's capabilities.
Infrastructure Deployment with Docker & Ansible
This is an introduction to Docker & Ansible. It shows how Ansible can be used as orchestration too for Docker. There are 2 real world examples included with code examples in a Gist.
Securing your Container Environment with Open Source
Cloud Native platforms such as Kubernetes and Cloud Foundry help developers to easily get started deploying and running their applications at scale. But as this access to compute starts to become ubiquitous, how you secure and maintain compliance standards in these environments becomes extremely important. In this talk we'll cover the basics of securing Cloud Native platforms such as Kubernetes. We will also cover open source tools - such as Clair, Anchore, and Sysdig Falco - that can be used to maintain secure computing environment. Attendees will walk away with a good understanding of the challenges of securing a Cloud Native platform and practical advice on using open source tools as part of their security strategy.
Wordpress y Docker, de desarrollo a produccion
This document summarizes a presentation about using Docker for WordPress development and deployment. It discusses using Docker to create development environments for WordPress, building Docker images, and deploying WordPress containers to production using Docker Compose or Kubernetes. It also covers customizing configurations, using Traefik for proxy and SSL termination, backup strategies, and notes that Kubernetes is more complex than Docker for simple use cases.
What's hot (20)
Redis - for duplicate detection on real time stream
Redis - for duplicate detection on real time stream
5 Ways to Secure Your Containers for Docker and Beyond
5 Ways to Secure Your Containers for Docker and Beyond
Tokyo OpenStack Summit 2015: Unraveling Docker Security
Tokyo OpenStack Summit 2015: Unraveling Docker Security
Securing your Container Environment with Open Source
Securing your Container Environment with Open Source
Viewers also liked
Troubleshooting Kubernetes
Kubernetes is a tremendous system for orchestrating your containers onto physical infrastructure. But troubleshooting Kubernetes can be incredibly challenging due to the dynamic and isolated nature of the containers it orchestrates. Sysdig leverages the powerful concept of container-aware system events and correlates each one of them with super rich metadata Kubernetes. In this session you’ll go deep into a couple of Kubernetes issues and how you would track them down using sysdig.
Sysdig Meetup - San Francisco, December 2014
Sysdig is an open source system monitoring tool created by Loris Degioanni that captures system events and filters them to provide instant insight. It combines the functionality of tools like strace, tcpdump, and lsof with Lua scripting. By collecting system call data, sysdig provides visibility into processes, file I/O, network I/O, memory usage, and inter-process communication across a system.
Designing Tracing Tools
You have a system with an advanced programmatic tracer: do you know what to do with it? Brendan has used numerous tracers in production environments, and has published hundreds of tracing-based tools. In this talk he will share tips and know-how for creating CLI tracing tools and GUI visualizations, to solve real problems effectively. Programmatic tracing is an amazing superpower, and this talk will show you how to wield it!
The Dark Art of Container Monitoring - Spanish
Este documento discute los desafíos de monitorear contenedores y propone buenas prácticas. Explica que la instrumentación tradicional no funciona bien para contenedores, debido a su naturaleza aislada. En cambio, sugiere monitorear a nivel de kernel para obtener métricas de forma transparente sin configuración. También enfatiza la necesidad de etiquetar automáticamente las métricas para darles sentido a los equipos, y proveer análisis y depuración de fallos a nivel de llamadas al sistema.
Intro to sysdig in 15 minutes
This document summarizes a presentation about containers and the Sysdig tool. It discusses how containers make it easy to bundle and replicate applications and environments, but introduce new challenges for monitoring, troubleshooting, and security. Sysdig is presented as a tool that can capture system events from containers to help with these tasks. The document then demonstrates Sysdig through examples of investigating login attempts, failing HTTP requests, and unusual syscall behavior in a container. It concludes by providing information on installing Sysdig and downloading example capture files to experiment with.
A brief history of system calls
System calls are the primary mechanism of user-to-kernel interaction. Today the Linux system call interface has achieved a primacy and ubiquity that make it an ideal layer at which to understand single-system and distributed-system pathologies. Sysdig advances the art of system call observability by drawing on the systems that came before it. Informed by his work with /proc, process tools and DTrace, Adam will walk through a history of system calls and system call observability from simple systems like truss and strace, moderns ones like DTrace and SystemTab, and ancient ones from the early days of Unix.
Trace everything, when APM meets SysAdmins
The document discusses Sysdig, an open source system troubleshooting tool with native container support. It allows capturing system events, filtering, and running scripts on them. Sysdig includes tracing capabilities through Sysdig Tracers, which can inject markers into the event stream to trace functions, network requests, and arbitrary code segments with low overhead. Traces can then be analyzed to troubleshoot performance and measure latencies in code and across systems.
Building Trustworthy Containers
Containers have the potential to improve the security of typical deployments, but for many the argument has not yet been made convincingly. This talk will describe the existing security technologies around containers, and show how their use can make container-based systems more secure than the alternatives. It will then go further, describing new technologies that allow admins to have even greater confidence in the security of their systems, beyond anything possible with traditional deployment techniques.
Lions, Tigers and Deers: What building zoos can teach us about securing micro...
How to secure microservices running in containers? Strategies for Docker, Kubernetes, Openshift, RancherOS, DC/OS Mesos.
Privileges, resources and visibility constrains with capabilities, cgroups and namespaces. Image vulnerability scanning and behaviour security monitoring with Sysdig Falco.
Viewers also liked (9)
Lions, Tigers and Deers: What building zoos can teach us about securing micro...
Lions, Tigers and Deers: What building zoos can teach us about securing micro...
Similar to Find the Hacker
Docker Runtime Security
While there have been many improvements around securing containers, there is still a large gap in monitoring the behaviour of containers in production. Sysdig Falco is an open source behavioural activity monitor for containerized environments.
Sysdig Falco can detect and alert on anomalous behaviour at the application, file, system, and network level. In this session get a deep dive into Falco: How does behavioural security differ from existing security solutions like image scanning, seccomp, SELinux or AppArmor? What can Sysdig Falco detect? Building and customizing rules for your Docker and Kubernetes apps. Forensics analysis with Sysdig Inspect even when the container doesn't exist anymore!
Read more on:
https://sysdig.com/blog/docker-runtime-security/
https://sysdig.com/blog/runtime-security-kubernetes-sysdig-falco/
Automating Security Response with Serverless
This document discusses using serverless technologies for automating security response. It provides an overview of serverless computing benefits and design patterns. Examples of open source serverless platforms like Knative and Kubeless are described. The document also discusses using MLGuard, Falco, and security playbooks with serverless functions to detect anomalies and automate security response actions like killing offending pods.
[HES2013] Virtually secure, analysis to remote root 0day on an industry leadi...
Today most networks present one “gateway” to the whole network – The SSL-VPN. A vector that is often overlooked and considered “secure”, we decided to take apart an industry leading SSL-VPN appliance and analyze it to bits to thoroughly understand how secure it really is. During this talk we will examine the internals of the F5 FirePass SSL-VPN Appliance. We discover that even though many security protections are in-place, the internals of the appliance hides interesting vulnerabilities we can exploit. Through processes ranging from reverse engineering to binary planting, we decrypt the file-system and begin examining the environment. As we go down the rabbit hole, our misconceptions about “security appliances” are revealed.
Using a combination of web vulnerabilities, format string vulnerabilities and a bunch of frustration, we manage to overcome the multiple limitations and protections presented by the appliance to gain a remote unauthenticated root shell. Due to the magnitude of this vulnerability and the potential for impact against dozens of fortune 500 companies, we contacted F5 and received one of the best vendor responses we’ve experienced – EVER!
https://www.hackitoergosum.org
Container Runtime Security with Falco
Effective security requires a layered approach. If one layer is comprised, the additional layers will (hopefully) stop an attacker from going further. Much of container security has focused on the image build process and providing providence for the artifacts in a container image, and restricting kernel level tunables in the container runtime (seccomp, SELinux, capabilities, etc). What if we can detect abnormal behavior in the application and the container runtime environment as well? In this talk, we’ll present Falco - an open source project for runtime security - and discuss how it provides application and container runtime security. We will show how Falco taps Linux system calls to provide low level insight into application behavior, and how to write Falco rules to detect abnormal behavior. Finally we will show how Falco can trigger notifications to stop abnormal behavior, notify humans, and isolate the compromised application for forensics. Attendees will leave with a better understanding of the container security landscape, what problems runtime security solves, & how Falco can provide runtime security and incident response.
DEFCON 22: Bypass firewalls, application white lists, secure remote desktops ...
In theory, post-exploitation after having remote access is easy. Also in theory, there is no difference between theory and practice. In practice, there is. Imagine a scenario, where you have deployed a malware on a user’s workstation, but the target information is on a secure server accessed via two-factor authentication, with screen access only (e.g. RDP, Citrix, etc.). On top of that, the server runs application white-listing, and only the inbound port to the screen server (e.g. 3389) is allowed through the hardware firewall. But you also need persistent interactive C&C communication (e.g. Netcat, Meterpreter, RAT) to this server through the user’s workstation.
I developed (and will publish) two tools that help you in these situations. The first tool can drop malware to the server through the screen while the user is logged in. The second tool can help you to circumvent the hardware firewall after we can execute code on the server with admin privileges (using a signed kernel driver). My tools are generic meaning that they work against Windows server 2012 and Windows 8, and they work with RDP or other remote desktops. The number of problems you can solve with them are endless, e.g., communicating with bind-shell on webserver behind restricted DMZ. Beware, live demo and fun included!
Practical IoT Exploitation (DEFCON23 IoTVillage) - Lyon Yang
This is a light training/presentation talk.
My name is Lyon Yang and I am an IoT hacker. I live in sunny Singapore where IoT is rapidly being deployed – in production. This walkthrough will aim to shed light on the subject of IoT, from finding vulnerabilities in IoT devices to getting shiny hash prompts.
Our journey starts with a holistic view of IoT security, the issues faced by IoT devices and the common mistakes made by IoT developers. Things will then get technical as we progress into a both ARM and MIPS exploitation, followed by a ‘hack-along-with-us’ workshop where you will be exploiting a commonly found IoT daemon. If you are new to IoT or a seasoned professional you will likely learn something new in this workshop.
https://www.iotvillage.org/#schedule
DEF CON 27 - WENXIANG QIAN and YUXIANG LI HUIYU - breaking google home exploi...
DEF CON 27 - WENXIANG QIAN and YUXIANG LI HUIYU - breaking google home exploit it with sq lite magellan
You Can't Correlate what you don't have - ArcSight Protect 2011
In this presentation we discuss gathering data with syslog-ng in order to properly feed your SIEM system such as ArcSight ESM. This presentation is from HP/ArcSight Protect 2011.
Blackhat USA 2016 - What's the DFIRence for ICS?
Digital Forensics and Incident Response (DFIR) for IT systems has been around quite a while, but what about Industrial Control Systems (ICS)? This talk will explore the basics of DFIR for embedded devices used in critical infrastructure such as Programmable Logic Controllers (PLCs), Remote Terminal Units (RTUs), and controllers. If these are compromised or even have a misoperation, we will show what files, firmware, memory dumps, physical conditions, and other data can be analyzed in embedded systems to determine the root cause.
This talk will show examples of what and how to collect forensics data from two popular RTUs that are used in Electric Substations: the General Electric D20MX and the Schweitzer Engineering Labs SEL-3530 RTAC.
This talk will not cover Windows or *nixbased devices such as Human Machine Interfaces (HMIs) or gateways.
Advanced SOHO Router Exploitation XCON
Lyon Yang gave a presentation about exploiting IoT and embedded devices. He discussed how he became interested in embedded systems exploitation and contributed to the field. Yang explained common vulnerabilities he finds, such as stack overflows, backdoors, and exposed credentials. He demonstrated attacks like privilege escalation, command injection, and exploiting cache coherency issues. Yang provided tips for writing exploits against various architectures and overcoming challenges like bad characters and auto-restarting services.
OT Security - h-c0n 2020
José Ramón Palanco is an OT security expert at ElevenPaths (Telefónica) who specializes in penetration testing, vulnerability research, and programming. The presentation covers OT protocols, an OT lab for hardware hacking and firmware analysis, industrial malware examples like Stuxnet, and projects including an industrial protocol IDS and Nmap scripts for discovering SCADA/ICS devices.
Security Tips to run Docker in Production
When you are designing a production environment security is essential. All the Docker ecosystem but in particular Docker Swarm allows us to ship our containers out of our laptop, how can we make this process safe? During my talk, I will share tips around production environment, immutability and how troubleshooting common attack as code injection with Docker. Static analysis of our images, content trust with Notary to make our journey secure.
How can we setup a cluster on the main cloud providers with VPN and node labeling to expose only a portion of our cluster? I will also show what Docker provides (Content Trust, Static Analysis) but also open source alternatives as Notary, centos/clair and Cilium.
In the end of this talk, we had a better idea around how manage Docker in production.
Breaking Smart Speakers: We are Listening to You.
"In the past two years, smart speakers have become the most popular IoT device, Amazon_ Google and Apple have introduced their own smart speaker products. Most of these smart speakers have natural language recognition, chat, music playback, IoT device control, shopping, and so on. Manufacturers use artificial intelligence technology to make smart speakers have similar human capabilities in the chat conversation. However, with the smart speakers coming into more and more homes, and the function is becoming more powerful, its security has been questioned by many people. People are worried that smart speakers will be hacked to leak their privacy, and our research proves that this concern is very necessary.
In this talk, we will present how to use multiple vulnerabilities to achieve remote attack some of the most popular smart speakers. Our final attack effects include silent listening, control speaker speaking content and other demonstrations. And we're also going to talk about how to extract firmware from BGA packages Flash chips such as EMMC, EMCP, NAND Flash, etc. In addition, it contains how to turn on debug interfaces and get root privileges by modifying firmware content and Re-soldering Flash chips, which can be of great help for subsequent vulnerability analysis and debugging. Finally, we will play several demo videos to demonstrate how we can remotely access some Smart Speaker Root permissions and use smart speakers for eavesdropping and playing voice."
Terraform - Taming Modern Clouds
Slides form Config Management Camp, looking at how you can take a collaborative GitFlow approach to Terraform using Remote State, Modules and Dynamically Generated Credentials using Vault
RIoT (Raiding Internet of Things) by Jacob Holcomb
The recorded version of 'Best Of The World Webcast Series' [Webinar] where Jacob Holcomb speaks on 'RIoT (Raiding Internet of Things)' is available on CISOPlatform.
Best Of The World Webcast Series are webinars where breakthrough/original security researchers showcase their study, to offer the CISO/security experts the best insights in information security.
For more signup(it's free): www.cisoplatform.com
DEF CON 23 - Yuwei Zheng and Haoqi Shan - build a free cellular traffic captu...
Yuwei Zheng and Haoqi Shan from 360 Unicorn Team discuss hacking femtocells to capture cellular traffic. They explain how to obtain a free femtocell through social engineering complaints to mobile carriers. After dismantling the hardware, they find the UART interface and use the boot shell to download firmware. By patching the login process, they gain access to the VxWorks kernel and use it to capture packets including SMS, voice, and GPRS data in real-time.
Sigfox + Arduino MKRFOX Workshop
Sigfox discovery workshop using an Arduino MKRFOX board.
* Getting started with the MKRFOX
* Getting started with the Sigfox Cloud
* First messages over the Sigfox network
* Downlink feature
* Callback settings
* Events configuration
* IFTTT demo
* API configuration
Session held in Cape Town on November 8th, 2017
Next Generation DevOps in Drupal: DrupalCamp London 2014
In this talk, Barney will be discussing and demonstrating how to:
- Use nginx, Varnish and Apache together in a "SPDY sandwich" to support HTTP 2.0
- Setting up SSL properly to mitigate against attack vectors
- Performance improvements with mod_pagespeed and nginx
- Deploying Drupal sites with Docker containers
Barney is a Technical Team Leader at Inviqa, a Drupal Association member and writes for Techportal on using technologies to improve website performance. He first started using PHP professionally in 2003, and has over seventeen years experience in software development. He is an advocate of Scrum methodology and has an interest in performance optimization, researching and speaking on various techniques to improve user experience through faster load times.
amrapali builders @@ hacking challenges.pdf
amrapali builders,amrapali reviews,amrapali builders,amrapali reviews,amrapali builders,amrapali reviews,amrapali builders,amrapali reviews,amrapali builders,amrapali reviews,amrapali builders,amrapali reviews,amrapali builders,amrapali reviews,amrapali builders,amrapali reviews,amrapali builders,amrapali reviews,amrapali builders,amrapali reviews,amrapali builders,amrapali reviews,amrapali builders,amrapali reviews,amrapali builders,amrapali reviews,amrapali builders,amrapali reviews,amrapali builders,amrapali reviews,amrapali builders,amrapali reviews,amrapali builders,amrapali reviews,amrapali builders,amrapali reviews,amrapali builders,amrapali reviews,amrapali builders,amrapali reviews,amrapali builders,amrapali reviews,amrapali builders,amrapali reviews,amrapali builders,amrapali reviews,amrapali builders,amrapali reviews,amrapali builders,amrapali reviews,amrapali builders,amrapali reviews,amrapali builders,amrapali reviews,amrapali builders,amrapali reviews,amrapali builders,amrapali reviews,amrapali builders,amrapali reviews,amrapali builders,amrapali reviews,amrapali builders,amrapali reviews,amrapali builders,amrapali reviews,amrapali builders,amrapali reviews,amrapali builders,amrapali reviews,amrapali builders,amrapali reviews,amrapali builders,amrapali reviews,amrapali builders,amrapali reviews,amrapali builders,amrapali reviews,amrapali builders,amrapali reviews,amrapali builders,amrapali reviews,amrapali builders,amrapali reviews,amrapali builders,amrapali reviews,amrapali builders,amrapali reviews,amrapali builders,amrapali reviews,amrapali builders,amrapali reviews,amrapali builders,amrapali reviews,amrapali builders,amrapali reviews,amrapali builders,amrapali reviews,amrapali builders,amrapali reviews,amrapali builders,amrapali reviews,amrapali builders,amrapali reviews,amrapali builders,amrapali reviews,amrapali builders,amrapali reviews,amrapali builders,amrapali reviews,amrapali builders,amrapali reviews,amrapali builders,amrapali reviews,amrapali builders,amrapali reviews,amrapali builders,amrapali reviews,amrapali builders,amrapali reviews,amrapali builders,amrapali reviews,amrapali builders,amrapali reviews,amrapali builders,amrapali reviews,amrapali builders,amrapali reviews,amrapali builders,amrapali reviews,amrapali builders,amrapali reviews,amrapali builders,amrapali reviews,amrapali builders,amrapali reviews,amrapali builders,amrapali reviews,amrapali builders,amrapali reviews,amrapali builders,amrapali reviews,amrapali builders,amrapali reviews,amrapali builders,amrapali reviews,amrapali builders,amrapali reviews,amrapali builders,amrapali reviews,amrapali builders,amrapali reviews,amrapali builders,amrapali reviews,amrapali builders,amrapali reviews,amrapali builders,amrapali reviews,amrapali builders,amrapali reviews,amrapali builders,amrapali reviews,amrapali builders,amrapali reviews,amrapali builders,amrapali reviews,amrapali builders,amrapali reviews,amrapali builders,amrapali reviews,amrapali builders
Labs_BT_20221017.pptx
The document provides instructions for setting up a TI-RTOS project for the CC1352R wireless microcontroller. It describes creating a CCS project targeting the CC1352R, configuring compiler and linker settings, generating a system configuration file, and adding TI-RTOS and driver library files. The goal is to build a basic "hello world" project to demonstrate real-time operating system functionality on the CC1352R wireless microcontroller.
Similar to Find the Hacker (20)
[HES2013] Virtually secure, analysis to remote root 0day on an industry leadi...
[HES2013] Virtually secure, analysis to remote root 0day on an industry leadi...
DEFCON 22: Bypass firewalls, application white lists, secure remote desktops ...
DEFCON 22: Bypass firewalls, application white lists, secure remote desktops ...
Practical IoT Exploitation (DEFCON23 IoTVillage) - Lyon Yang
Practical IoT Exploitation (DEFCON23 IoTVillage) - Lyon Yang
DEF CON 27 - WENXIANG QIAN and YUXIANG LI HUIYU - breaking google home exploi...
DEF CON 27 - WENXIANG QIAN and YUXIANG LI HUIYU - breaking google home exploi...
You Can't Correlate what you don't have - ArcSight Protect 2011
You Can't Correlate what you don't have - ArcSight Protect 2011
RIoT (Raiding Internet of Things) by Jacob Holcomb
RIoT (Raiding Internet of Things) by Jacob Holcomb
DEF CON 23 - Yuwei Zheng and Haoqi Shan - build a free cellular traffic captu...
DEF CON 23 - Yuwei Zheng and Haoqi Shan - build a free cellular traffic captu...
Next Generation DevOps in Drupal: DrupalCamp London 2014
Next Generation DevOps in Drupal: DrupalCamp London 2014
More from Sysdig
What Prometheus means for monitoring vendors
Prometheus has become a de facto standard for exposing metrics from cloud-native applications and services. While originally intended as a time series database (TSDB) and monitoring stack, Prometheus metrics can now be used across different monitoring vendors through open standards like Open Metrics. This has implications for how monitoring vendors operate and provide value. Rather than seeing Prometheus as a threat, vendors should embrace the ecosystem and offer services that support Prometheus, like providing a scalable Prometheus backend, visualization tools, and metric collection agents. Doing so allows vendors to continue helping customers while respecting the open standards and tools they choose to use.
15 kubernetes failure points you should watch
Jorge Salamero discusses 15 failure points to monitor in Kubernetes:
1) Application metrics like connections, response time, and errors
2) Node availability and resource usage of CPU, memory, and disk
3) Ensuring deployments are running the desired number of instances and not experiencing glitches
4) Monitoring pod status, restarts, and the health of the Kubernetes API server and services like KubeDNS
5) Validating Kubernetes configuration changes with tools that monitor deployment commands
CI / CD / CS - Continuous Security in Kubernetes
Continuous Delivery helps to keep your software and Docker images updated and deploy new versions in production easily. Microservices are great at reducing the attack vector and limiting the privileges or credentials access of each piece of your application. Containers provide an opportunity to implement better security, small, immutable, single process and purpose.
In this session, we will discover real use case examples on how to make your CI/CD pipeline interact with Docker security tools. But security doesn’t stop where your deployment pipeline ends. How can we prepare for 0-days and policy violations that happen at run-time? Can we make it part of the CI/CD process?
Continuous Security
Continuous Delivery helps to keep your software and Docker images updated and deploy new versions in production easily. Microservices are great reducing the attack vector and limiting the privileges or credentials access of each piece of your application. Containers provide an opportunity to implement better security, small, immutable, single process and purpose. In this session, we will discover real use case examples on how to make your CI/CD pipeline interact with Docker security tools. But security doesn’t stop where your deployment pipeline ends. How we can prepare for 0-days and policy violations that happen at run-time? Can we make it part of the CI/CD process?
The top 5 Kubernetes metrics to monitor
This document discusses metrics to monitor in a Kubernetes environment across 5 layers:
1. Application metrics like request rates, errors, and durations
2. Service metrics like database connections and service-specific metrics
3. Kubernetes deployment metrics like available replicas and rolling update status
4. Kubernetes internal metrics like node status and resource availability
5. Host/node metrics like CPU, memory, and disk usage
Monitoring all 5 layers provides visibility into the health of applications, services, Kubernetes clusters and underlying infrastructure.
The top 5 Kubernetes metrics to monitor
This document discusses the top 5 metrics to monitor in Kubernetes applications. It identifies 5 layers to monitor: 1) the application layer, 2) the services layer, 3) the Kubernetes deployment layer, 4) the Kubernetes internals layer, and 5) the host/node layer. For each layer, it provides example metrics and thresholds to monitor to check that layer is performing as expected. The overall document provides guidance on monitoring all aspects of a Kubernetes application from the application and services down through the underlying Kubernetes infrastructure and hosts.
How to Monitor Microservices
How to Monitor Microservices running in Docker, Kubernetes, Openshift, DC/OS Mesos or any other container orchestration platform.
You're monitoring Kubernetes Wrong
This document discusses monitoring Kubernetes clusters and provides best practices. It notes that monitoring has become more complex with distributed architectures like microservices and containers. Key challenges discussed are getting monitoring data from containers, making sense of large and varied data, troubleshooting distributed systems, and ensuring monitoring works for people as systems become more distributed. The document demonstrates how Sysdig provides container-level monitoring data and tools for segmenting and troubleshooting that data. It also introduces Sysdig Teams for access control and customization based on organizational teams.
More from Sysdig (8)
Recently uploaded
Revolutionizing Visual Effects Mastering AI Face Swaps.pdf
The quest for the best AI face swap solution is marked by an amalgamation of technological prowess and artistic finesse, where cutting-edge algorithms seamlessly replace faces in images or videos with striking realism. Leveraging advanced deep learning techniques, the best AI face swap tools meticulously analyze facial features, lighting conditions, and expressions to execute flawless transformations, ensuring natural-looking results that blur the line between reality and illusion, captivating users with their ingenuity and sophistication.
Web:- https://undressbaby.com/
Why Choose Odoo 17 Community & How it differs from Odoo 17 Enterprise Edition
Why Choose Odoo 17 Community & How it differs from Odoo 17 Enterprise EditionEnvertis Software Solutions
Odoo ERP software
Odoo ERP software, a leading open-source software for Enterprise Resource Planning (ERP) and business management, has recently launched its latest version, Odoo 17 Community Edition. This update introduces a range of new features and enhancements designed to streamline business operations and support growth.
The Odoo Community serves as a cost-free edition within the Odoo suite of ERP systems. Tailored to accommodate the standard needs of business operations, it provides a robust platform suitable for organisations of different sizes and business sectors. Within the Odoo Community Edition, users can access a variety of essential features and services essential for managing day-to-day tasks efficiently.
This blog presents a detailed overview of the features available within the Odoo 17 Community edition, and the differences between Odoo 17 community and enterprise editions, aiming to equip you with the necessary information to make an informed decision about its suitability for your business.UI5con 2024 - Boost Your Development Experience with UI5 Tooling Extensions
The UI5 tooling is the development and build tooling of UI5. It is built in a modular and extensible way so that it can be easily extended by your needs. This session will showcase various tooling extensions which can boost your development experience by far so that you can really work offline, transpile your code in your project to use even newer versions of EcmaScript (than 2022 which is supported right now by the UI5 tooling), consume any npm package of your choice in your project, using different kind of proxies, and even stitching UI5 projects during development together to mimic your target environment.
What is Augmented Reality Image Tracking
Augmented Reality (AR) Image Tracking is a technology that enables AR applications to recognize and track images in the real world, overlaying digital content onto them. This enhances the user's interaction with their environment by providing additional information and interactive elements directly tied to physical images.
Oracle Database 19c New Features for DBAs and Developers.pptx
Oracle Database 19c New Features for DBAs and Developers. This video you can watch from my youtube channel at https://youtu.be/m-F-mZA3MkU
APIs for Browser Automation (MoT Meetup 2024)
APIs for Browser Automation:
Selenium, Cypress, Puppeteer, and Playwright. Ministry of Testing Athens. Meetup on the Beach. 30 May 2024.
E-commerce Application Development Company.pdf
Your business can reach new heights with our assistance as we design solutions that are specifically appropriate for your goals and vision. Our eCommerce application solutions can digitally coordinate all retail operations processes to meet the demands of the marketplace while maintaining business continuity.
Hand Rolled Applicative
User Validation
Code Kata
Could you use a simple piece of Scala validation code (granted, a very simplistic one too!) that you can rewrite, now and again, to refresh your basic understanding of Applicative operators <*>, <*, *>?
The goal is not to write perfect code showcasing validation, but rather, to provide a small, rough-and ready exercise to reinforce your muscle-memory.
Despite its grandiose-sounding title, this deck consists of just three slides showing the Scala 3 code to be rewritten whenever the details of the operators begin to fade away.
The code is my rough and ready translation of a Haskell user-validation program found in a book called Finding Success (and Failure) in Haskell - Fall in love with applicative functors.
原版定制美国纽约州立大学奥尔巴尼分校毕业证学位证书原版一模一样
原版一模一样【微信:741003700 】【美国纽约州立大学奥尔巴尼分校毕业证学位证书】【微信:741003700 】学位证,留信认证(真实可查,永久存档)offer、雅思、外壳等材料/诚信可靠,可直接看成品样本,帮您解决无法毕业带来的各种难题!外壳,原版制作,诚信可靠,可直接看成品样本。行业标杆!精益求精,诚心合作,真诚制作!多年品质 ,按需精细制作,24小时接单,全套进口原装设备。十五年致力于帮助留学生解决难题,包您满意。
本公司拥有海外各大学样板无数,能完美还原海外各大学 Bachelor Diploma degree, Master Degree Diploma
1:1完美还原海外各大学毕业材料上的工艺:水印,阴影底纹,钢印LOGO烫金烫银,LOGO烫金烫银复合重叠。文字图案浮雕、激光镭射、紫外荧光、温感、复印防伪等防伪工艺。材料咨询办理、认证咨询办理请加学历顾问Q/微741003700
留信网认证的作用:
1:该专业认证可证明留学生真实身份
2:同时对留学生所学专业登记给予评定
3:国家专业人才认证中心颁发入库证书
4:这个认证书并且可以归档倒地方
5:凡事获得留信网入网的信息将会逐步更新到个人身份内,将在公安局网内查询个人身份证信息后,同步读取人才网入库信息
6:个人职称评审加20分
7:个人信誉贷款加10分
8:在国家人才网主办的国家网络招聘大会中纳入资料,供国家高端企业选择人才
OpenMetadata Community Meeting - 5th June 2024
The OpenMetadata Community Meeting was held on June 5th, 2024. In this meeting, we discussed about the data quality capabilities that are integrated with the Incident Manager, providing a complete solution to handle your data observability needs. Watch the end-to-end demo of the data quality features.
* How to run your own data quality framework
* What is the performance impact of running data quality frameworks
* How to run the test cases in your own ETL pipelines
* How the Incident Manager is integrated
* Get notified with alerts when test cases fail
Watch the meeting recording here - https://www.youtube.com/watch?v=UbNOje0kf6E
DDS-Security 1.2 - What's New? Stronger security for long-running systems
DDS Security Version 1.2 was adopted in 2024. This revision strengthens support for long runnings systems adding new cryptographic algorithms, certificate revocation, and hardness against DoS attacks.
Essentials of Automations: The Art of Triggers and Actions in FME
In this second installment of our Essentials of Automations webinar series, we’ll explore the landscape of triggers and actions, guiding you through the nuances of authoring and adapting workspaces for seamless automations. Gain an understanding of the full spectrum of triggers and actions available in FME, empowering you to enhance your workspaces for efficient automation.
We’ll kick things off by showcasing the most commonly used event-based triggers, introducing you to various automation workflows like manual triggers, schedules, directory watchers, and more. Plus, see how these elements play out in real scenarios.
Whether you’re tweaking your current setup or building from the ground up, this session will arm you with the tools and insights needed to transform your FME usage into a powerhouse of productivity. Join us to discover effective strategies that simplify complex processes, enhancing your productivity and transforming your data management practices with FME. Let’s turn complexity into clarity and make your workspaces work wonders!
How to write a program in any programming language
How to write a program in any programming language
A Study of Variable-Role-based Feature Enrichment in Neural Models of Code
Understanding variable roles in code has been found to be helpful by students
in learning programming -- could variable roles help deep neural models in
performing coding tasks? We do an exploratory study.
- These are slides of the talk given at InteNSE'23: The 1st International Workshop on Interpretability and Robustness in Neural Software Engineering, co-located with the 45th International Conference on Software Engineering, ICSE 2023, Melbourne Australia
Energy consumption of Database Management - Florina Jonuzi
Presentation from Florina Jonuzi at the GSD Community Stage Meetup on June 06, 2024
Empowering Growth with Best Software Development Company in Noida - Deuglo
Do you want Software for your Business? Visit Deuglo
Deuglo has top Software Developers in India. They are experts in software development and help design and create custom Software solutions.
Deuglo follows seven steps methods for delivering their services to their customers. They called it the Software development life cycle process (SDLC).
Requirement — Collecting the Requirements is the first Phase in the SSLC process.
Feasibility Study — after completing the requirement process they move to the design phase.
Design — in this phase, they start designing the software.
Coding — when designing is completed, the developers start coding for the software.
Testing — in this phase when the coding of the software is done the testing team will start testing.
Installation — after completion of testing, the application opens to the live server and launches!
Maintenance — after completing the software development, customers start using the software.
SWEBOK and Education at FUSE Okinawa 2024
Takashi Kobayashi and Hironori Washizaki, "SWEBOK Guide and Future of SE Education," First International Symposium on the Future of Software Engineering (FUSE), June 3-6, 2024, Okinawa, Japan
May Marketo Masterclass, London MUG May 22 2024.pdf
Can't make Adobe Summit in Vegas? No sweat because the EMEA Marketo Engage Champions are coming to London to share their Summit sessions, insights and more!
This is a MUG with a twist you don't want to miss.
LORRAINE ANDREI_LEQUIGAN_HOW TO USE ZOOM
Zoom is a comprehensive platform designed to connect individuals and teams efficiently. With its user-friendly interface and powerful features, Zoom has become a go-to solution for virtual communication and collaboration. It offers a range of tools, including virtual meetings, team chat, VoIP phone systems, online whiteboards, and AI companions, to streamline workflows and enhance productivity.
Recently uploaded (20)
Revolutionizing Visual Effects Mastering AI Face Swaps.pdf
Revolutionizing Visual Effects Mastering AI Face Swaps.pdf
Why Choose Odoo 17 Community & How it differs from Odoo 17 Enterprise Edition
Why Choose Odoo 17 Community & How it differs from Odoo 17 Enterprise Edition
UI5con 2024 - Boost Your Development Experience with UI5 Tooling Extensions
UI5con 2024 - Boost Your Development Experience with UI5 Tooling Extensions
Oracle Database 19c New Features for DBAs and Developers.pptx
Oracle Database 19c New Features for DBAs and Developers.pptx
DDS-Security 1.2 - What's New? Stronger security for long-running systems
DDS-Security 1.2 - What's New? Stronger security for long-running systems
Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
How to write a program in any programming language
How to write a program in any programming language
A Study of Variable-Role-based Feature Enrichment in Neural Models of Code
A Study of Variable-Role-based Feature Enrichment in Neural Models of Code
Energy consumption of Database Management - Florina Jonuzi
Energy consumption of Database Management - Florina Jonuzi
Empowering Growth with Best Software Development Company in Noida - Deuglo
Empowering Growth with Best Software Development Company in Noida - Deuglo
May Marketo Masterclass, London MUG May 22 2024.pdf
May Marketo Masterclass, London MUG May 22 2024.pdf
Find the Hacker
- 1. Find the Hacker with Sysdig and Falco Mark Stemm, Falco Engineer
- 2. Information presented is confidential Overview • A contest! • Use Sysdig and Falco to identify suspicious behavior • Write a Falco rule that captures this behavior • Send a Falco notification to our public slack channel: • sysdig.slack.com, #ccwfs-falco-alerts • Winner gets a prize!
- 3. Information presented is confidential The Prize! Holy Stone F181 RC Quadcopter Drone • HD Camera RTF 4 Channel 2.4GHz 6-Gyro Headless System Black (Upgraded with Altitude Hold Function) • Value: $ 85.99
- 4. Information presented is confidential Scenario Details • EC2 Instance running at: • IP Address=52.52.146.24 • username=ccwfs, passwd=SysD1gR0cks • has sysdig, falco installed • This machine is compromised • An attacker has installed program(s) that is/are doing something suspicious • There is a specific IP related to this suspicious activity • Not the IPs 52.52.146.24 or 172.XXX—those are the instance IPs
- 5. Information presented is confidential Your job • Identify the suspicious behavior • you can use sysdig, falco, anything else • Write a falco rule that identifies this behavior and the IP address related to it • rule’s output should include the IP address, your name/email/etc. • Send the notification to our public slack channel via a web hook • https://hooks.slack.com/services/T0VHHLHTP/B2SRY7U75/ztP8AAhjWmb4KA0mx cYtTVks • Hint: to transform JSON with field “output” to slack-compatible JSON: • jq '{text: .output}' | curl -d @- -X POST https://hooks.slack.com/services/T0VHHLHTP/B2SRY7U75/ztP8AAhjWmb4KA0 mxcYtTVks • Hint: to run falco with a custom config file: falco -c <conf.yaml>
- 6. Hints
- 7. Information presented is confidential Hint #1 • The suspicious behavior is related to something below /etc • How can you find things reading/writing below /etc? • sudo sysdig fd.directory=/etc
- 8. Information presented is confidential Hint #2 • What is cpp doing? • sudo sysdig proc.name=cpp • What network activity is cpp performing • sudo sysdig "proc.name=cpp and evt.type in (connect, bind, listen, send, sendto, recv, recvfrom, read, write)"
- 9. Information presented is confidential Hint #3 • What identifies the specific IP address in question? • sudo sysdig -p "commmand=%proc.cmdline dest IP=%fd.rip Port=%fd.rport" proc.name=cpp and evt.type=sendto
- 10. Information presented is confidential Hint #4 • What’s a falco rule that identifies this activity? - rule: Exfiltration attempt desc: Attempt to exfiltrate /etc/shadow condition: proc.name=cpp and evt.type=connect and evt.dir=< output: commmand=%proc.cmdline dest IP=%fd.rip Port=%fd.rport (I'm mstemm) priority: WARNING
- 11. Information presented is confidential Hint #5 • How do you configure falco to send this notification to the slack webhook? # Whether to output events in json or text json_output: true … program_output: enabled: true program: "jq '{text: .output}' | curl -d @- -X POST https://hooks.slack.com/services/T0VHHLHTP/B2SRY7U75/ztP8AAhjWmb4KA0mxcYt TVks”
- 12. Thank You!
Editor's Notes
- <hi thanks for joining…> I’ll start with a really quick introduction and then I’d love to learn a little bit more about you and your environment, and why you’re interested in Sysdig Cloud. But to first set the stage… Sysdig Cloud. There are a million other monitoring tools out there – why does the world need another? Well with Sysdig Cloud, we set out to create the first and only comprehensive, container-native monitoring solution
- Ground up Clean sheet of paper Container native
- Ground up Clean sheet of paper Container native
- Ground up Clean sheet of paper Container native
- Ground up Clean sheet of paper Container native
- Ground up Clean sheet of paper Container native
- Ground up Clean sheet of paper Container native
- Ground up Clean sheet of paper Container native
- Ground up Clean sheet of paper Container native
- Ground up Clean sheet of paper Container native
- <hi thanks for joining…> I’ll start with a really quick introduction and then I’d love to learn a little bit more about you and your environment, and why you’re interested in Sysdig Cloud. But to first set the stage… Sysdig Cloud. There are a million other monitoring tools out there – why does the world need another? Well with Sysdig Cloud, we set out to create the first and only comprehensive, container-native monitoring solution