Migrating from the data center to the cloud requires users to rethink much of what they do to secure their applications. CloudCheckr COO Aaron Klein will highlight effective strategies and tools that AWS users can employ to improve their security posture. The idea of physical security morphs as infrastructure becomes virtualized by AWS APIs. In a new world of ephemeral, auto-scaling infrastructure, users need to adapt their security architecture to face both compliance and security threats. Specific emphasis will be placed upon leveraging native AWS services and the talk will include concrete steps that users can begin employing immediately. Session sponsored by CloudCheckr.
AWS offers you the ability to add additional layers of security to your data at rest in the cloud, providing access control as well scalable and efficient encryption features. Flexible key management options allow you to choose whether to have AWS manage the encryption keys or to keep complete control over the keys yourself. In this session, you will learn how to secure data when using AWS services. We will discuss data encryption using Key Management Service, S3 access controls, edge and host access security, and database platform security features.
With AWS Lambda, you can easily build scalable microservices for mobile, web, and IoT applications or respond to events from other AWS services without managing infrastructure. In this session, you’ll see demonstrations and hear more about newly launched features. We’ll show you how to use Lambda to build web, mobile, or IoT backends and voice-enabled apps, and we'll show you how to extend both AWS and third party services by triggering Lambda functions. We’ll also provide productivity and performance tips for getting the most out of your Lambda functions and show how cloud native architectures use Lambda to eliminate “cold servers” and excess capacity without sacrificing scalability or responsiveness.
This session introduces Lambda@Edge, a new AWS Lambda feature that allows developers to perform simple computations at AWS edge locations in response to CloudFront events. This will be of interest to developers who want to build low-latency, customized web experiences. We cover product functionality and details of the programming model, and we walk through potential use cases.
AWS re:Invent 2016: Operations Automation and Infrastructure Management with ...Amazon Web Services
At Capital One, we are using Docker and container technologies to advance microservices adoption, increase efficiencies of cloud resources, and decouple the application layer from the underlying infrastructure. Capital One is a federated organization with a “you build it, you own it” culture that provides autonomy and speed for delivery teams. Each federated team runs and operates their container management stack. In order for the federated teams to accelerate their cloud and container-based apps adoption, we created self-service automation tools for creation and operations management of container management stack.
In this session, we explore our push-button automation tool that includes capabilities such as the creation and management of Amazon ECS clusters, an Application Load Balancer for dynamic and context-based routing and provides a user interface via a Jenkins Job or a AWS Lambda function. Our tooling also includes a home-grown dynamic service discovery and routing for applications requiring two-way mutual SSL authentication. We talk through how Capital One regularly updates AMIs with the latest patches and software versions using an automated solution that leverages AWS Lambda to rehydrate the Amazon ECS compute cluster with the latest AMI without causing any downtime. We also discuss how we created a sophisticated canary deployment automation using AWS Lambda and application services, where users can specify how to migrate to a new version of containerized apps and manage the deployment.
AWS empowers enterprise Docker deployment with Amazon ECS and an ecosystem of cloud services and serverless architectures, making containerization in mission-critical environments easier than ever.
Thinking through how you want to run Microsoft Windows Server and application workloads on AWS is straightforward, when you have a game plan. Understanding which service to leverage– like Amazon EC2, Amazon RDS, and Directory Services to name a few – will accelerate the process further. There are also a number of new enhancements to help make things even easier. In this session we will walk through how to think about mapping to the various AWS services available so you can get your deployment or migration project off to the right start. Think of this session as the decoder ring between your on-premises deployment and what you can expect from the AWS cloud for your Microsoft Windows Server and applications.
Your security is our number one priority. In this session, we'll review best practices that will make your AWS platform even more secure. Using a number of services such as IAM, KMS, CloudTrail, Inspector, etc, we'll show you easy, concrete steps that you can take in minutes to significantly raise your security level.
Migrating from the data center to the cloud requires users to rethink much of what they do to secure their applications. CloudCheckr CTO Aaron Newman will highlight effective strategies and tools that AWS users can employ to improve their security posture. The idea of physical security morphs as infrastructure becomes virtualized by AWS APIs. In a new world of ephemeral, auto-scaling infrastructure, users need to adapt their security architecture to face both compliance and security threats. Specific emphasis will be placed upon leveraging native AWS services and the talk will include concrete steps that users can begin employing immediately. Session sponsored by CloudCheckr.
AWS offers you the ability to add additional layers of security to your data at rest in the cloud, providing access control as well scalable and efficient encryption features. Flexible key management options allow you to choose whether to have AWS manage the encryption keys or to keep complete control over the keys yourself. In this session, you will learn how to secure data when using AWS services. We will discuss data encryption using Key Management Service, S3 access controls, edge and host access security, and database platform security features.
With AWS Lambda, you can easily build scalable microservices for mobile, web, and IoT applications or respond to events from other AWS services without managing infrastructure. In this session, you’ll see demonstrations and hear more about newly launched features. We’ll show you how to use Lambda to build web, mobile, or IoT backends and voice-enabled apps, and we'll show you how to extend both AWS and third party services by triggering Lambda functions. We’ll also provide productivity and performance tips for getting the most out of your Lambda functions and show how cloud native architectures use Lambda to eliminate “cold servers” and excess capacity without sacrificing scalability or responsiveness.
This session introduces Lambda@Edge, a new AWS Lambda feature that allows developers to perform simple computations at AWS edge locations in response to CloudFront events. This will be of interest to developers who want to build low-latency, customized web experiences. We cover product functionality and details of the programming model, and we walk through potential use cases.
AWS re:Invent 2016: Operations Automation and Infrastructure Management with ...Amazon Web Services
At Capital One, we are using Docker and container technologies to advance microservices adoption, increase efficiencies of cloud resources, and decouple the application layer from the underlying infrastructure. Capital One is a federated organization with a “you build it, you own it” culture that provides autonomy and speed for delivery teams. Each federated team runs and operates their container management stack. In order for the federated teams to accelerate their cloud and container-based apps adoption, we created self-service automation tools for creation and operations management of container management stack.
In this session, we explore our push-button automation tool that includes capabilities such as the creation and management of Amazon ECS clusters, an Application Load Balancer for dynamic and context-based routing and provides a user interface via a Jenkins Job or a AWS Lambda function. Our tooling also includes a home-grown dynamic service discovery and routing for applications requiring two-way mutual SSL authentication. We talk through how Capital One regularly updates AMIs with the latest patches and software versions using an automated solution that leverages AWS Lambda to rehydrate the Amazon ECS compute cluster with the latest AMI without causing any downtime. We also discuss how we created a sophisticated canary deployment automation using AWS Lambda and application services, where users can specify how to migrate to a new version of containerized apps and manage the deployment.
AWS empowers enterprise Docker deployment with Amazon ECS and an ecosystem of cloud services and serverless architectures, making containerization in mission-critical environments easier than ever.
Thinking through how you want to run Microsoft Windows Server and application workloads on AWS is straightforward, when you have a game plan. Understanding which service to leverage– like Amazon EC2, Amazon RDS, and Directory Services to name a few – will accelerate the process further. There are also a number of new enhancements to help make things even easier. In this session we will walk through how to think about mapping to the various AWS services available so you can get your deployment or migration project off to the right start. Think of this session as the decoder ring between your on-premises deployment and what you can expect from the AWS cloud for your Microsoft Windows Server and applications.
Your security is our number one priority. In this session, we'll review best practices that will make your AWS platform even more secure. Using a number of services such as IAM, KMS, CloudTrail, Inspector, etc, we'll show you easy, concrete steps that you can take in minutes to significantly raise your security level.
Migrating from the data center to the cloud requires users to rethink much of what they do to secure their applications. CloudCheckr CTO Aaron Newman will highlight effective strategies and tools that AWS users can employ to improve their security posture. The idea of physical security morphs as infrastructure becomes virtualized by AWS APIs. In a new world of ephemeral, auto-scaling infrastructure, users need to adapt their security architecture to face both compliance and security threats. Specific emphasis will be placed upon leveraging native AWS services and the talk will include concrete steps that users can begin employing immediately. Session sponsored by CloudCheckr.
Monitoring in Motion: Monitoring Containers and Amazon ECSAmazon Web Services
Containers and other forms of dynamic infrastructure can prove challenging to monitor. How do you define normal, when your infrastructure is intentionally in motion and change from minute to minute? Join us as we discuss proven strategies for monitoring your containerized infrastructure on AWS and ECS.
Learn best practices for architecting fully available and scalable Microsoft solutions and environments on AWS. Find out how Microsoft solutions can leverage various AWS services to achieve more resiliency, replace unnecessary complexity, simplify architecture, provide scalability, introduce DevOps concepts, automation, and repeatability. Plan authentication and authorization, various hybrid scenarios with other cloud environment and on premise solutions/infrastructure. Learn about common architecture patterns for Active Directory and business productivity solutions like SharePoint, Exchange and Skype for Business, also common scenarios for SQL deployments and System Center.
Secure Content Delivery Using Amazon CloudFront and AWS WAFAmazon Web Services
Whether you are building an e-commerce site or a business application, security is a key consideration when architecting your website or application. In this session, you will learn more about some of the things Amazon CloudFront does behind the scenes to protect the delivery of your content such as OCSP Stapling and Perfect Forward Secrecy. You will also learn how you can use AWS Web Application Firewall (AWS WAF) with CloudFront to protect your site. Finally, we will share best practices on how you can use CloudFront to securely deliver content end-to-end, control who accesses your content, how to shield your origins from the Internet, and getting an A+ on SSL labs.
AWS re:Invent 2016: How Harvard University Improves Scalable Cloud Network Se...Amazon Web Services
With constantly evolving threats across the Internet, Harvard University deployed a security network platform to mitigate cyber threats, current and future, to protect institutional and research data. By using multiple geographic locations, best of breed equipment, and network automation, Harvard provides visibility, availability, and multilayer protections for their cloud network. This talk discusses the benefits, considerations, and lessons learned from using their security network platform at the edge of the cloud. Learn how Harvard designed and deployed the platform, utilizing serverless architecture to orchestrate the solution from within to protect their most sensitive data and afford students, faculty, and staff the flexibility of cloud computing.
Deploying a Disaster Recovery Site on AWS: Minimal Cost with Maximum EfficiencyAmazon Web Services
In the event of a disaster, you need to be able to recover lost data quickly to ensure business continuity. For critical applications, keeping your time to recover and data loss to a minimum as well as optimizing your overall capital expense can be challenging. This session presents AWS features and services along with Disaster Recovery architectures that you can leverage when building highly available and disaster resilient applications. We will provide recommendations on how to improve your Disaster Recovery plan and discuss example scenarios showing how to recover from a disaster.
AWS re:Invent 2016: [JK REPEAT] Serverless Architectural Patterns and Best Pr...Amazon Web Services
As serverless architectures become more popular, AWS customers need a framework of patterns to help them deploy their workloads without managing servers or operating systems. This session introduces and describes four re-usable serverless patterns for web apps, stream processing, batch processing, and automation. For each, we provide a TCO analysis and comparison with its server-based counterpart. We also discuss the considerations and nuances associated with each pattern and have customers share similar experiences. The target audience is architects, system operators, and anyone looking for a better understanding of how serverless architectures can help them save money and improve their agility.
With AWS Lambda, you can easily build scalable microservices for mobile, web, and IoT applications or respond to events from other AWS services without managing infrastructure. In this session, you’ll see demonstrations and hear more about newly launched features. We’ll show you how to use Lambda to build web, mobile, or IoT backends and voice-enabled apps, and we'll show you how to extend both AWS and third party services by triggering Lambda functions. We’ll also provide productivity and performance tips for getting the most out of your Lambda functions and show how cloud native architectures use Lambda to eliminate “cold servers” and excess capacity without sacrificing scalability or responsiveness.
AWS re:Invent 2016: Develop, Build, Deploy, and Manage Containerized Services...Amazon Web Services
In this session, we walk through the simple process of deploying and managing your own Linux-based application in the cloud and also discuss key use-cases and benefits to automated configuration, deployment, and administration of application stacks. Session sponsored by Red Hat.
Learn how to use AWS services to automate manual tasks, help teams manage complex environments at scale, and keep engineers in control of the high velocity that is enabled by DevOps. In this session, we will provide an overview of the various AWS development and deployment services and when best to use them. We will show how to build a fully automated infrastructure and software delivery pipeline with AWS CodePipeline, AWS CodeBuild, AWS CloudFormation and AWS CodeDeploy. At the end of the session, a GitHub repository of AWS CloudFormation templates will be provided so you can quickly deploy the same pipeline to your AWS account(s).
AWS provides security capabilities and services to provide control over your AWS resources, how they are accessed, who can access them, and what privileges they are allowed. Access Management, Identity management, change control, and auditing can all be achieved both at a macro and granular level. In this session we’ll explore services such as AWS Identity Access Management (IAM), AWS CloudTrail, Amazon Directory Service and Amazon Inspector, so that you understand how use them effectively to manage user privilege and access. We’ll also look at Amazon Virtual Private Cloud (VPC) and how to use it’s features to build security at the network access layer. After this session you should understand and be able to: Configure Users, Groups, and Roles to manage actions, Configure monitoring and logging to audit changes in your system, and Design your AWS network using VPC for security.
AWS Lambda and Amazon API Gateway have changed how developers build and run their applications or services. But what are the best practices for tasks such as deployment, monitoring, and debugging in a serverless world? In this session, we’ll dive into best practices that serverless developers can use for application lifecycle management, CI/CD, monitoring, and diagnostics. We’ll talk about how you can build CI/CD pipelines that automatically build, test, and deploy your serverless applications using AWS CodePipeline, AWS CodeBuild, and AWS CloudFormation. We’ll also cover the built-in capabilities of Lambda and API Gateway for creating multiple versions, stages, and environments of your functions and APIs. Finally, we’ll cover monitoring and diagnostics of your Lambda functions with Amazon CloudWatch and AWS X-Ray.
Microservices is a software architectural method where you decompose complex applications into smaller, independent services. Containers are great for running small decoupled services, but how do you coordinate running microservices in production at scale and what AWS services do you use?
In this session, we will explore the reasoning and concepts behind microservices and how containers simplify building microservices based applications. We will also demonstrate how you can easily launch microservices on Amazon EC2 Container Service and how you can use ELB and Route 53 to easily do service discovery between microservices.
This session will cover AWS Identity and Access Management (IAM) best practices that help improve your security posture. We will cover how to manage users and their security credentials. We’ll also explain why you should delete your root access keys—or at the very least, rotate them regularly. Using common use cases, we will demonstrate when to choose between using IAM users and IAM roles. Finally, we will explore how to set permissions to grant least privilege access control in one or more of your AWS accounts.
AWS re:Invent 2016: Life Without SSH: Immutable Infrastructure in Production ...Amazon Web Services
This session covers what a real-world production deployment of a fully automated deployment pipeline looks like with instances that are deployed without SSH keys. By leveraging AWS CloudFormation along with Docker and AWS CodeDeploy, we show how we achieved semi-immutable and fully immutable infrastructures, and what the challenges and remediations were.
February 2016 Webinar Series - EC2 Container Service Deep Dive Amazon Web Services
Running and managing large scale applications with microservices architectures is difficult and often requires operating complex container management infrastructure. Amazon EC2 Container Service (ECS) is a highly scalable, high performance service for running and managing Docker applications.
In this webinar, we will walk through a number of patterns and tools used by our customers to run their applications on Amazon ECS. We will show you how to setup, manage and scale your Amazon ECS resources, keep them secure and deploy your applications to an Amazon ECS cluster. We will also provide best practices for monitoring, logging and service discovery.
Learning Objectives:
Learn how to setup and manage Amazon ECS for production applications
Learn how to schedule containers on production clusters using Amazon ECS
Who Should Attend:
Developers, DevOps Engineers
Just as serverless application development is rapidly becoming the most popular way to bring highly scalable applications to the cloud, .NET has undergone radical changes with .NET Core to become a premier development platform for the cloud. In this session, you will learn how to use the newly launched C# support for .NET Core with AWS Lambda to create highly scalable serverless applications that target platforms from the traditional desktop to mobile devices. We will demonstrate how to write, test, and deploy C# code to AWS Lambda and see how we can leverage our serverless back end from mobile applications.
Learn best practices for architecting fully available and scalable Microsoft solutions and environments on AWS. Find out how Microsoft solutions can leverage various AWS services to achieve more resiliency, replace unnecessary complexity, simplify architecture, provide scalability, introduce DevOps concepts, automation, and repeatability. Plan authentication and authorization, various hybrid scenarios with other cloud environment and on premise solutions/infrastructure. Learn about common architecture patterns for Active Directory and business productivity solutions like SharePoint, Exchange and Skype for Business, also common scenarios for SQL deployments and System Center.
Getting Started with the Hybrid Cloud: Enterprise Backup and RecoveryAmazon Web Services
This sessions is for architects and storage admins seeking simple and non-disruptive ways to adopt cloud platforms in their organizations. You will learn how to deliver lower costs and greater scale with nearly seamless integration into your existing B&R processes. Services mentioned: S3, Glacier, Snowball, 3rd party partners, storage gateway, and ingestion services.
In this session, we walk through the Amazon VPC network presentation and describe the problems we were trying to solve when we created it. Next, we walk through how these problems are traditionally solved, and why those solutions are not scalable, inexpensive, or secure enough for AWS. Finally, we provide an overview of the solution that we've implemented and discuss some of the unique mechanisms that we use to ensure customer isolation, get packets into and out of the network, and support new features like VPC endpoints.
Monitoring in Motion: Monitoring Containers and Amazon ECSAmazon Web Services
Containers and other forms of dynamic infrastructure can prove challenging to monitor. How do you define normal, when your infrastructure is intentionally in motion and change from minute to minute? Join us as we discuss proven strategies for monitoring your containerized infrastructure on AWS and ECS.
Learn best practices for architecting fully available and scalable Microsoft solutions and environments on AWS. Find out how Microsoft solutions can leverage various AWS services to achieve more resiliency, replace unnecessary complexity, simplify architecture, provide scalability, introduce DevOps concepts, automation, and repeatability. Plan authentication and authorization, various hybrid scenarios with other cloud environment and on premise solutions/infrastructure. Learn about common architecture patterns for Active Directory and business productivity solutions like SharePoint, Exchange and Skype for Business, also common scenarios for SQL deployments and System Center.
Secure Content Delivery Using Amazon CloudFront and AWS WAFAmazon Web Services
Whether you are building an e-commerce site or a business application, security is a key consideration when architecting your website or application. In this session, you will learn more about some of the things Amazon CloudFront does behind the scenes to protect the delivery of your content such as OCSP Stapling and Perfect Forward Secrecy. You will also learn how you can use AWS Web Application Firewall (AWS WAF) with CloudFront to protect your site. Finally, we will share best practices on how you can use CloudFront to securely deliver content end-to-end, control who accesses your content, how to shield your origins from the Internet, and getting an A+ on SSL labs.
AWS re:Invent 2016: How Harvard University Improves Scalable Cloud Network Se...Amazon Web Services
With constantly evolving threats across the Internet, Harvard University deployed a security network platform to mitigate cyber threats, current and future, to protect institutional and research data. By using multiple geographic locations, best of breed equipment, and network automation, Harvard provides visibility, availability, and multilayer protections for their cloud network. This talk discusses the benefits, considerations, and lessons learned from using their security network platform at the edge of the cloud. Learn how Harvard designed and deployed the platform, utilizing serverless architecture to orchestrate the solution from within to protect their most sensitive data and afford students, faculty, and staff the flexibility of cloud computing.
Deploying a Disaster Recovery Site on AWS: Minimal Cost with Maximum EfficiencyAmazon Web Services
In the event of a disaster, you need to be able to recover lost data quickly to ensure business continuity. For critical applications, keeping your time to recover and data loss to a minimum as well as optimizing your overall capital expense can be challenging. This session presents AWS features and services along with Disaster Recovery architectures that you can leverage when building highly available and disaster resilient applications. We will provide recommendations on how to improve your Disaster Recovery plan and discuss example scenarios showing how to recover from a disaster.
AWS re:Invent 2016: [JK REPEAT] Serverless Architectural Patterns and Best Pr...Amazon Web Services
As serverless architectures become more popular, AWS customers need a framework of patterns to help them deploy their workloads without managing servers or operating systems. This session introduces and describes four re-usable serverless patterns for web apps, stream processing, batch processing, and automation. For each, we provide a TCO analysis and comparison with its server-based counterpart. We also discuss the considerations and nuances associated with each pattern and have customers share similar experiences. The target audience is architects, system operators, and anyone looking for a better understanding of how serverless architectures can help them save money and improve their agility.
With AWS Lambda, you can easily build scalable microservices for mobile, web, and IoT applications or respond to events from other AWS services without managing infrastructure. In this session, you’ll see demonstrations and hear more about newly launched features. We’ll show you how to use Lambda to build web, mobile, or IoT backends and voice-enabled apps, and we'll show you how to extend both AWS and third party services by triggering Lambda functions. We’ll also provide productivity and performance tips for getting the most out of your Lambda functions and show how cloud native architectures use Lambda to eliminate “cold servers” and excess capacity without sacrificing scalability or responsiveness.
AWS re:Invent 2016: Develop, Build, Deploy, and Manage Containerized Services...Amazon Web Services
In this session, we walk through the simple process of deploying and managing your own Linux-based application in the cloud and also discuss key use-cases and benefits to automated configuration, deployment, and administration of application stacks. Session sponsored by Red Hat.
Learn how to use AWS services to automate manual tasks, help teams manage complex environments at scale, and keep engineers in control of the high velocity that is enabled by DevOps. In this session, we will provide an overview of the various AWS development and deployment services and when best to use them. We will show how to build a fully automated infrastructure and software delivery pipeline with AWS CodePipeline, AWS CodeBuild, AWS CloudFormation and AWS CodeDeploy. At the end of the session, a GitHub repository of AWS CloudFormation templates will be provided so you can quickly deploy the same pipeline to your AWS account(s).
AWS provides security capabilities and services to provide control over your AWS resources, how they are accessed, who can access them, and what privileges they are allowed. Access Management, Identity management, change control, and auditing can all be achieved both at a macro and granular level. In this session we’ll explore services such as AWS Identity Access Management (IAM), AWS CloudTrail, Amazon Directory Service and Amazon Inspector, so that you understand how use them effectively to manage user privilege and access. We’ll also look at Amazon Virtual Private Cloud (VPC) and how to use it’s features to build security at the network access layer. After this session you should understand and be able to: Configure Users, Groups, and Roles to manage actions, Configure monitoring and logging to audit changes in your system, and Design your AWS network using VPC for security.
AWS Lambda and Amazon API Gateway have changed how developers build and run their applications or services. But what are the best practices for tasks such as deployment, monitoring, and debugging in a serverless world? In this session, we’ll dive into best practices that serverless developers can use for application lifecycle management, CI/CD, monitoring, and diagnostics. We’ll talk about how you can build CI/CD pipelines that automatically build, test, and deploy your serverless applications using AWS CodePipeline, AWS CodeBuild, and AWS CloudFormation. We’ll also cover the built-in capabilities of Lambda and API Gateway for creating multiple versions, stages, and environments of your functions and APIs. Finally, we’ll cover monitoring and diagnostics of your Lambda functions with Amazon CloudWatch and AWS X-Ray.
Microservices is a software architectural method where you decompose complex applications into smaller, independent services. Containers are great for running small decoupled services, but how do you coordinate running microservices in production at scale and what AWS services do you use?
In this session, we will explore the reasoning and concepts behind microservices and how containers simplify building microservices based applications. We will also demonstrate how you can easily launch microservices on Amazon EC2 Container Service and how you can use ELB and Route 53 to easily do service discovery between microservices.
This session will cover AWS Identity and Access Management (IAM) best practices that help improve your security posture. We will cover how to manage users and their security credentials. We’ll also explain why you should delete your root access keys—or at the very least, rotate them regularly. Using common use cases, we will demonstrate when to choose between using IAM users and IAM roles. Finally, we will explore how to set permissions to grant least privilege access control in one or more of your AWS accounts.
AWS re:Invent 2016: Life Without SSH: Immutable Infrastructure in Production ...Amazon Web Services
This session covers what a real-world production deployment of a fully automated deployment pipeline looks like with instances that are deployed without SSH keys. By leveraging AWS CloudFormation along with Docker and AWS CodeDeploy, we show how we achieved semi-immutable and fully immutable infrastructures, and what the challenges and remediations were.
February 2016 Webinar Series - EC2 Container Service Deep Dive Amazon Web Services
Running and managing large scale applications with microservices architectures is difficult and often requires operating complex container management infrastructure. Amazon EC2 Container Service (ECS) is a highly scalable, high performance service for running and managing Docker applications.
In this webinar, we will walk through a number of patterns and tools used by our customers to run their applications on Amazon ECS. We will show you how to setup, manage and scale your Amazon ECS resources, keep them secure and deploy your applications to an Amazon ECS cluster. We will also provide best practices for monitoring, logging and service discovery.
Learning Objectives:
Learn how to setup and manage Amazon ECS for production applications
Learn how to schedule containers on production clusters using Amazon ECS
Who Should Attend:
Developers, DevOps Engineers
Just as serverless application development is rapidly becoming the most popular way to bring highly scalable applications to the cloud, .NET has undergone radical changes with .NET Core to become a premier development platform for the cloud. In this session, you will learn how to use the newly launched C# support for .NET Core with AWS Lambda to create highly scalable serverless applications that target platforms from the traditional desktop to mobile devices. We will demonstrate how to write, test, and deploy C# code to AWS Lambda and see how we can leverage our serverless back end from mobile applications.
Learn best practices for architecting fully available and scalable Microsoft solutions and environments on AWS. Find out how Microsoft solutions can leverage various AWS services to achieve more resiliency, replace unnecessary complexity, simplify architecture, provide scalability, introduce DevOps concepts, automation, and repeatability. Plan authentication and authorization, various hybrid scenarios with other cloud environment and on premise solutions/infrastructure. Learn about common architecture patterns for Active Directory and business productivity solutions like SharePoint, Exchange and Skype for Business, also common scenarios for SQL deployments and System Center.
Getting Started with the Hybrid Cloud: Enterprise Backup and RecoveryAmazon Web Services
This sessions is for architects and storage admins seeking simple and non-disruptive ways to adopt cloud platforms in their organizations. You will learn how to deliver lower costs and greater scale with nearly seamless integration into your existing B&R processes. Services mentioned: S3, Glacier, Snowball, 3rd party partners, storage gateway, and ingestion services.
In this session, we walk through the Amazon VPC network presentation and describe the problems we were trying to solve when we created it. Next, we walk through how these problems are traditionally solved, and why those solutions are not scalable, inexpensive, or secure enough for AWS. Finally, we provide an overview of the solution that we've implemented and discuss some of the unique mechanisms that we use to ensure customer isolation, get packets into and out of the network, and support new features like VPC endpoints.
Protecting a small number of VPCs with a next-generation firewall is relatively easy, but what happens when you have hundreds of VPCs and regularly add more as business groups or new apps come on-line? How can you maintain a prevention architecture without slowing the business? One concept is to build a services VPC that protects your existing and new VPCs. This deep dive session will discuss how to integrate next-generation firewalls in a services VPC with the Palo Alto Networks VM-Series in AWS. Topics will include architectural design considerations, routing recommendations, and dynamic fail-over. Session sponsored by Palo Alto Networks.
Expanding Your Data Center with Hybrid Cloud InfrastructureAmazon Web Services
Cloud is a new common for the Hybrid IT strategies. In this session, we will explain what’s different between cloud and your datacenter as well as how to make your Hybrid Cloud strategies.
Andy Shenkler, Sony's EVP & Chief Solutions & Technology Officer's presentation to the Storage & Archive track at the Media & Entertainment Cloud Symposium on Nov 4, 2016
Creating Your Virtual Data Center: VPC Fundamentals and Connectivity OptionsAmazon Web Services
In this session, we will walk through the fundamentals of Amazon Virtual Private Cloud (VPC). First, we will cover build-out and design fundamentals for VPC, including picking your IP space, subnetting, routing, security, NAT, and much more. We will then transition into different approaches and use cases for optionally connecting your VPC to your physical data center with VPN or AWS Direct Connect. This mid-level architecture discussion is aimed at architects, network administrators, and technology decision-makers interested in understanding the building blocks AWS makes available with VPC and how you can connect this with your offices and current data center footprint.
Come learn about new and existing Amazon S3 features that can help you better protect your data, save on cost, and improve usability, security, and performance. We will cover a wide variety of Amazon S3 features and go into depth on several newer features with configuration and code snippets, so you can apply the learnings on your object storage workloads.
Amazon Aurora is a MySQL-compatible database engine that combines the speed and availability of high-end commercial databases with the simplicity and cost-effectiveness of open source databases. This session introduces you to Amazon Aurora, explains common use cases for the service, and helps you get started with building your first Amazon Aurora–powered application.
Session Sponsored by Trend Micro: 3 Secrets to Becoming a Cloud Security Supe...Amazon Web Services
While security is a top concern in every organization these days, it often gets a bad rap. In many minds, security has the reputation of the bothersome villain who attempts to hinder performance or restrain agility. In this session we will outline three strategies to protect your valuable workloads, without falling into traditional security traps. We will walk through three stories of EC2 security superheroes who saved the day by overcoming compliance and design challenges, using a (not so) secret arsenal of AWS and Trend Micro security tools.
Key takeaways from this session include how to:
- Design a workload-centric security architecture
- Improve visibility of AWS-only or hybrid environments
- Stop patching live instances but still prevent exploits
Speaker: Sasha Pavlovic, Director, Cloud & Datacentre Security, Asia Pacific, Trend Micro
Deep Dive: Developing, Deploying & Operating Mobile Apps with AWS Amazon Web Services
In this session we’ll dive deeper into how you can test mobile applications on real devices, using AWS Device Farm, how to get business insights wirh AWS Mobile Analytics and Amazon Redshift, and keep your customers engaged using Amazon SNS Mobile Push and the new Worldwide Delivery of Amazon SNS Messages via SMS.
Getting Started with the Hybrid Cloud: Enterprise Backup and RecoveryAmazon Web Services
This sessions is for architects and storage admins seeking simple and non-disruptive ways to adopt cloud platforms in their organizations. You will learn how to deliver lower costs and greater scale with nearly seamless integration into your existing B&R processes. Services mentioned: S3, Glacier, Snowball, 3rd party partners, storage gateway, and ingestion services.
From the Amazon Web Services Singapore Summit 2015 Track 1 Breakout, 'Grow Your SMB Infrastructure on the AWS Cloud' Presented by Mark Statham
Senior Solutions Architect, ASEAN, Amazon Web Services and Head of Solutions Architect, ASEAN, Amazon Web Services
Let’s get started. Join this session to continue your journey through the core AWS services with live demonstrations of how to set up and use the services.
Time to Science/Time to Results: Transforming Research in the CloudAmazon Web Services
This session demonstrates how cloud can accelerate breakthroughs in scientific research by providing on-demand access to powerful computing. You will gain insight into how scientific researchers are using the cloud to solve complex science, engineering, and business problems that require high bandwidth, low latency networking and very high compute capabilities. You will hear how leveraging the cloud reduces the costs and time to conduct large scale, worldwide collaborative research. Researchers can then access computational power, data storage, and supercomputing resources, and data sharing capabilities in a cost-efficient manner without implementation delays. Disease research can be accomplished in a fraction of the time, and innovative researchers in small schools or distant corners of the world have access to the same computing power as those at major research institutions by leveraging Amazon EC2, Amazon S3, optimizing C3 instances and more to increase collaboration. This session will provide best practices and insight from UC Berkeley AMP Lab on the services used to connect disparate sets of data to drive meaningful new insight and impact.
Want to get ramped up on how to use Amazon's big data web services and launch your first big data application on AWS? Join us on our journey as we build a big data application in real-time using Amazon EMR, Amazon Redshift, Amazon Kinesis, Amazon DynamoDB, and Amazon S3. We review architecture design patterns for big data solutions on AWS, and give you access to a take-home lab so that you can rebuild and customize the application yourself.
In addition to running databases in Amazon EC2, AWS customers can choose among a variety of managed database services. These services save effort, save time, and unlock new capabilities and economies. In this session, we make it easy to understand how they differ, what they have in common, and how to choose one or more. We explain the fundamentals of Amazon DynamoDB, a fully managed NoSQL database service; Amazon RDS, a relational database service in the cloud; Amazon ElastiCache, a fast, in-memory caching service in the cloud; and Amazon Redshift, a fully managed, petabyte-scale data-warehouse solution that can be surprisingly economical. We will cover how each service might help support your application, how much each service costs, and how to get started.
Hack proof your aws cloud cloudcheckr_040416Jarrett Plante
Migrating from the data center to the cloud requires us to rethink much of what we do to secure our applications. The idea of physical security morphs as infrastructure becomes virtualized by AWS APIs. In a new world of ephemeral, auto-scaling infrastructure, you need to adapt your security architecture to meet both compliance and security threats.
In the presentation we will cover topics including:
- Minimizing attack vectors and surface area
- Perimeter assessments of your VPCs
- Internal vs. External threats
- Monitoring threats
- Re-evaluating Intrusion Detection, Activity Monitoring, and Vulnerability Assessment in AWS
AWS re:Invent 2016: Hackproof Your Cloud: Responding to 2016 Threats (SAC308)Amazon Web Services
CloudCheckr Co-Founders Aaron Newman and Aaron Klein will highlight effective strategies and tools that AWS users can employ to improve their security posture. Specific emphasis will be placed upon leveraging native AWS services and the talk will include concrete steps that users can begin employing immediately. Session sponsored by CloudCheckr.
AWS Competency Partner
Hackproof Your Gov Cloud: Mitigating Risks for 2017 and Beyond | AWS Public S...Amazon Web Services
We constantly hear about huge hacks in the media, with companies losing millions of dollars in an instant. While this problem is large for the enterprise side of the world, it is even more detrimental when it comes to the fedspace. CloudCheckr Co-Founder & CEO Aaron Newman will highlight effective strategies and tools that AWS users can employ to improve their security posture. Often times the biggest threat to security is the human, Aaron will go through ways to work around this and how you can shore up security to avoid these errors. Specific emphasis will be placed upon leveraging native AWS services and the talk will include concrete steps that users can begin employing immediately. Learn More: https://aws.amazon.com/government-education/
Migrating from the data center to the cloud requires us to rethink much of what we do to secure our applications. The idea of physical security morphs as infrastructure becomes virtualized by AWS APIs. In a new world of ephemeral, auto-scaling infrastructure, you need to adapt your security architecture to meet both compliance and security threats. In the presentation we will cover topics including: - Minimize attack vectors and surface area - Perimeter assessments of your VPCs - Internal vs. External threats - Monitoring threats - Re-evaluating Intrusion Detection, Activity Monitoring, and Vulnerability Assessment in AWS
Migrating from the data center to the cloud requires us to rethink much of what we do to secure our applications. The idea of physical security morphs as infrastructure becomes virtualized by AWS APIs. In a new world of ephemeral, auto-scaling infrastructure, you need to adapt your security architecture to meet both compliance and security threats.
In the presentation we will cover topics including:
- Minimize attack vectors and surface area
- Perimeter assessments of your VPCs
- Internal vs. External threats
- Monitoring threats
- Re-evaluating Intrusion Detection, Activity Monitoring, and Vulnerability Assessment in AWS
Your First Hour on AWS: Building the Foundation for Large Scale AWS Adoption ...Amazon Web Services
To arm you with best practices from day one, this session presents field-tested and reusable designs that’ll set you up for long-term success in the AWS cloud. From account creation and access configuration, through security considerations and VPC design, to the use of VPC peering, ELBs and Internet Gateways, we’ll walk you through the common infrastructure elements and recommended design patterns that lead to AWS cloud adoption success.
AWS Summit 2014 Brisbane - Breakout 1
The AWS cloud infrastructure has been architected to be one of the most flexible and secure cloud computing environments available today. In this session, we’ll provide a practical understanding of the assurance programs that AWS provides; such as HIPAA, FedRAMP(SM), PCI DSS Level 1, MPAA, and many others. We’ll also address the types of business solutions that these certifications enable you to deploy on the AWS Cloud, as well as the tools and services AWS makes available to customers to secure and manage their resources.
Presenter: Stephen Quigg, Solutions Architect, APAC, Amazon Web Services
AWS Security Enabiling Fintech Pace Security AWS Summit SG 2017 Amazon Web Services
This session will review how AWS allows FinTech’s across APAC to innovate at pace while maintaining the high level of security expected by the financial services community. We will review security domains including Infrastructure Security, Data Protection, Logging & Monitoring, Identity & Access Management and Intrusion Detection.
AWS re:Invent 2016: Enabling Enterprise Migrations: Creating an AWS Landing Z...Amazon Web Services
With customers migrating workloads to AWS, we are starting to see a need for the creation of a prescribed landing zone, which uses native AWS capabilities and meets or exceeds customers' security and compliance objectives. In this session, we will describe an AWS landing zone and will cover solutions for account structure, user configuration, provisioning, networking and operation automation. This solution is based on AWS native capabilities such as AWS Service Catalog, AWS Identity and Access Management, AWS Config Rules, AWS CloudTrail and Amazon Lambda. We will provide an overview of AWS Service Catalog and how it be used to provide self-service infrastructure to applications users, including various options for automation. After this session you will be able to configure an AWS landing zone for successful large scale application migrations. Additionally, Philips will explain their cloud journey and how they have applied their guiding principles when building their landing zone.
The AWS cloud infrastructure has been architected to be one of the most flexible and secure cloud computing environments available today. In this session, we’ll provide a practical understanding of the assurance programs that AWS provides; such as HIPAA, FedRAMP(SM), PCI DSS Level 1, MPAA, and many others. We’ll also address the types of business solutions that these certifications enable you to deploy on the AWS Cloud, as well as the tools and services AWS makes available to customers to secure and manage their resources.
This session will start with an overview of the AWS security & compliance programs that enable financial services institutions to create secure workloads as they move to the cloud. We will dive into Financial Services Institutions (FSI) specific security considerations and regional regulations that may need to be considered.
AWS Summit 2014 Melbourne - Breakout 3
The AWS Cloud infrastructure has been architected to be one of the most flexible and secure cloud computing environments available today. In this session, we’ll provide a practical understanding of the assurance programs that AWS provides; such as HIPAA, FedRAMP(SM), PCI DSS Level 1, MPAA, and many others. We’ll also address the types of business solutions that these certifications enable you to deploy on the AWS Cloud, as well as the tools and services AWS makes available to customers to secure and manage their resources.
Presenter: Stephen Quigg, Solutions Architect, APAC, Amazon Web Services
Similar to Hack-Proof Your Cloud: Responding to 2016 Threats (20)
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Amazon Web Services
Il Forecasting è un processo importante per tantissime aziende e viene utilizzato in vari ambiti per cercare di prevedere in modo accurato la crescita e distribuzione di un prodotto, l’utilizzo delle risorse necessarie nelle linee produttive, presentazioni finanziarie e tanto altro. Amazon utilizza delle tecniche avanzate di forecasting, in parte questi servizi sono stati messi a disposizione di tutti i clienti AWS.
In questa sessione illustreremo come pre-processare i dati che contengono una componente temporale e successivamente utilizzare un algoritmo che a partire dal tipo di dato analizzato produce un forecasting accurato.
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Amazon Web Services
La varietà e la quantità di dati che si crea ogni giorno accelera sempre più velocemente e rappresenta una opportunità irripetibile per innovare e creare nuove startup.
Tuttavia gestire grandi quantità di dati può apparire complesso: creare cluster Big Data su larga scala sembra essere un investimento accessibile solo ad aziende consolidate. Ma l’elasticità del Cloud e, in particolare, i servizi Serverless ci permettono di rompere questi limiti.
Vediamo quindi come è possibile sviluppare applicazioni Big Data rapidamente, senza preoccuparci dell’infrastruttura, ma dedicando tutte le risorse allo sviluppo delle nostre le nostre idee per creare prodotti innovativi.
Ora puoi utilizzare Amazon Elastic Kubernetes Service (EKS) per eseguire pod Kubernetes su AWS Fargate, il motore di elaborazione serverless creato per container su AWS. Questo rende più semplice che mai costruire ed eseguire le tue applicazioni Kubernetes nel cloud AWS.In questa sessione presenteremo le caratteristiche principali del servizio e come distribuire la tua applicazione in pochi passaggi
Vent'anni fa Amazon ha attraversato una trasformazione radicale con l'obiettivo di aumentare il ritmo dell'innovazione. In questo periodo abbiamo imparato come cambiare il nostro approccio allo sviluppo delle applicazioni ci ha permesso di aumentare notevolmente l'agilità, la velocità di rilascio e, in definitiva, ci ha consentito di creare applicazioni più affidabili e scalabili. In questa sessione illustreremo come definiamo le applicazioni moderne e come la creazione di app moderne influisce non solo sull'architettura dell'applicazione, ma sulla struttura organizzativa, sulle pipeline di rilascio dello sviluppo e persino sul modello operativo. Descriveremo anche approcci comuni alla modernizzazione, compreso l'approccio utilizzato dalla stessa Amazon.com.
Come spendere fino al 90% in meno con i container e le istanze spot Amazon Web Services
L’utilizzo dei container è in continua crescita.
Se correttamente disegnate, le applicazioni basate su Container sono molto spesso stateless e flessibili.
I servizi AWS ECS, EKS e Kubernetes su EC2 possono sfruttare le istanze Spot, portando ad un risparmio medio del 70% rispetto alle istanze On Demand. In questa sessione scopriremo insieme quali sono le caratteristiche delle istanze Spot e come possono essere utilizzate facilmente su AWS. Impareremo inoltre come Spreaker sfrutta le istanze spot per eseguire applicazioni di diverso tipo, in produzione, ad una frazione del costo on-demand!
In recent months, many customers have been asking us the question – how to monetise Open APIs, simplify Fintech integrations and accelerate adoption of various Open Banking business models. Therefore, AWS and FinConecta would like to invite you to Open Finance marketplace presentation on October 20th.
Event Agenda :
Open banking so far (short recap)
• PSD2, OB UK, OB Australia, OB LATAM, OB Israel
Intro to Open Finance marketplace
• Scope
• Features
• Tech overview and Demo
The role of the Cloud
The Future of APIs
• Complying with regulation
• Monetizing data / APIs
• Business models
• Time to market
One platform for all: a Strategic approach
Q&A
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Amazon Web Services
Per creare valore e costruire una propria offerta differenziante e riconoscibile, le startup di successo sanno come combinare tecnologie consolidate con componenti innovativi creati ad hoc.
AWS fornisce servizi pronti all'utilizzo e, allo stesso tempo, permette di personalizzare e creare gli elementi differenzianti della propria offerta.
Concentrandoci sulle tecnologie di Machine Learning, vedremo come selezionare i servizi di intelligenza artificiale offerti da AWS e, anche attraverso una demo, come costruire modelli di Machine Learning personalizzati utilizzando SageMaker Studio.
OpsWorks Configuration Management: automatizza la gestione e i deployment del...Amazon Web Services
Con l'approccio tradizionale al mondo IT per molti anni è stato difficile implementare tecniche di DevOps, che finora spesso hanno previsto attività manuali portando di tanto in tanto a dei downtime degli applicativi interrompendo l'operatività dell'utente. Con l'avvento del cloud, le tecniche di DevOps sono ormai a portata di tutti a basso costo per qualsiasi genere di workload, garantendo maggiore affidabilità del sistema e risultando in dei significativi miglioramenti della business continuity.
AWS mette a disposizione AWS OpsWork come strumento di Configuration Management che mira ad automatizzare e semplificare la gestione e i deployment delle istanze EC2 per mezzo di workload Chef e Puppet.
Scopri come sfruttare AWS OpsWork a garanzia e affidabilità del tuo applicativo installato su Instanze EC2.
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsAmazon Web Services
Vuoi conoscere le opzioni per eseguire Microsoft Active Directory su AWS? Quando si spostano carichi di lavoro Microsoft in AWS, è importante considerare come distribuire Microsoft Active Directory per supportare la gestione, l'autenticazione e l'autorizzazione dei criteri di gruppo. In questa sessione, discuteremo le opzioni per la distribuzione di Microsoft Active Directory su AWS, incluso AWS Directory Service per Microsoft Active Directory e la distribuzione di Active Directory su Windows su Amazon Elastic Compute Cloud (Amazon EC2). Trattiamo argomenti quali l'integrazione del tuo ambiente Microsoft Active Directory locale nel cloud e l'utilizzo di applicazioni SaaS, come Office 365, con AWS Single Sign-On.
Dal riconoscimento facciale al riconoscimento di frodi o difetti di fabbricazione, l'analisi di immagini e video che sfruttano tecniche di intelligenza artificiale, si stanno evolvendo e raffinando a ritmi elevati. In questo webinar esploreremo le possibilità messe a disposizione dai servizi AWS per applicare lo stato dell'arte delle tecniche di computer vision a scenari reali.
Amazon Web Services e VMware organizzano un evento virtuale gratuito il prossimo mercoledì 14 Ottobre dalle 12:00 alle 13:00 dedicato a VMware Cloud ™ on AWS, il servizio on demand che consente di eseguire applicazioni in ambienti cloud basati su VMware vSphere® e di accedere ad una vasta gamma di servizi AWS, sfruttando a pieno le potenzialità del cloud AWS e tutelando gli investimenti VMware esistenti.
Molte organizzazioni sfruttano i vantaggi del cloud migrando i propri carichi di lavoro Oracle e assicurandosi notevoli vantaggi in termini di agilità ed efficienza dei costi.
La migrazione di questi carichi di lavoro, può creare complessità durante la modernizzazione e il refactoring delle applicazioni e a questo si possono aggiungere rischi di prestazione che possono essere introdotti quando si spostano le applicazioni dai data center locali.
Crea la tua prima serverless ledger-based app con QLDB e NodeJSAmazon Web Services
Molte aziende oggi, costruiscono applicazioni con funzionalità di tipo ledger ad esempio per verificare lo storico di accrediti o addebiti nelle transazioni bancarie o ancora per tenere traccia del flusso supply chain dei propri prodotti.
Alla base di queste soluzioni ci sono i database ledger che permettono di avere un log delle transazioni trasparente, immutabile e crittograficamente verificabile, ma sono strumenti complessi e onerosi da gestire.
Amazon QLDB elimina la necessità di costruire sistemi personalizzati e complessi fornendo un database ledger serverless completamente gestito.
In questa sessione scopriremo come realizzare un'applicazione serverless completa che utilizzi le funzionalità di QLDB.
Con l’ascesa delle architetture di microservizi e delle ricche applicazioni mobili e Web, le API sono più importanti che mai per offrire agli utenti finali una user experience eccezionale. In questa sessione impareremo come affrontare le moderne sfide di progettazione delle API con GraphQL, un linguaggio di query API open source utilizzato da Facebook, Amazon e altro e come utilizzare AWS AppSync, un servizio GraphQL serverless gestito su AWS. Approfondiremo diversi scenari, comprendendo come AppSync può aiutare a risolvere questi casi d’uso creando API moderne con funzionalità di aggiornamento dati in tempo reale e offline.
Inoltre, impareremo come Sky Italia utilizza AWS AppSync per fornire aggiornamenti sportivi in tempo reale agli utenti del proprio portale web.
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareAmazon Web Services
Molte organizzazioni sfruttano i vantaggi del cloud migrando i propri carichi di lavoro Oracle e assicurandosi notevoli vantaggi in termini di agilità ed efficienza dei costi.
La migrazione di questi carichi di lavoro, può creare complessità durante la modernizzazione e il refactoring delle applicazioni e a questo si possono aggiungere rischi di prestazione che possono essere introdotti quando si spostano le applicazioni dai data center locali.
In queste slide, gli esperti AWS e VMware presentano semplici e pratici accorgimenti per facilitare e semplificare la migrazione dei carichi di lavoro Oracle accelerando la trasformazione verso il cloud, approfondiranno l’architettura e dimostreranno come sfruttare a pieno le potenzialità di VMware Cloud ™ on AWS.
Amazon Elastic Container Service (Amazon ECS) è un servizio di gestione dei container altamente scalabile, che semplifica la gestione dei contenitori Docker attraverso un layer di orchestrazione per il controllo del deployment e del relativo lifecycle. In questa sessione presenteremo le principali caratteristiche del servizio, le architetture di riferimento per i differenti carichi di lavoro e i semplici passi necessari per poter velocemente migrare uno o più dei tuo container.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
2. Changing Your Perspective
Moving to the Cloud = rethinking your perimeter security
How do I secure my business applications on AWS?
Rethink how you perform most security tasks:
• Network-based IPS/IDS
• Network scanning
• Penetration tests
• Vulnerability assessments
Focus on securing Cloud workloads, not on
securing the Cloud.
3. In the Data Center
Setting up perimeter security:
• Setting up your infrastructure
• Setting up access points to the internet
• Configuring firewall, IDS, IPS, etc., at the access points
Auditing your perimeter security:
• Gather set of IP address blocks to poke at
• Do a port scan (using tools such as Nmap)
• Determine which ports are open on the target
• Try various exploits on the open ports
• Sniff lots of packets
• Dig around to make sure there are no back doors into the network
• Wireless access points, secondary T1 lines, DSL connections
• VPN access from some other network
4. AWS: What’s Different?
The idea of physical security morphs as
infrastructure becomes virtualized by AWS APIs.
In a new world of ephemeral, autoscaling infrastructure,
you need to adapt your security architecture to meet
both compliance and security threats.
~ Physical assets secured at the AWS Availability Zone ~
~ Must guard the AWS API ~
~ AWS Identity and Access Management (IAM) access is your new physical
security ~
5. AWS Foundation Services
Compute Storage Database Networking
AWS Global Infrastructure
Regions
Availability Zones
Edge Locations
Network
Security
Inventory
& Config
Customer Applications & Content
You get to define
your controls IN
the Cloud
AWS takes care
of the security
OF the Cloud
You
AWS and You Share Responsibility for Security
Data
Security
Access
Control
AWS
6. Minimizing Attack Vectors
Principles don’t change:
• Reduce your surface area!
• Defense in depth
Some attack vectors don’t change:
• Application level
• User-privilege escalation, web app vulns, XSS
• Operating system vulnerabilities
• Database vulnerabilities
Some attack vectors change:
• Homogeneous environment
• Polymorphic targets/mapping
• Reduced network sniffing
Security
Hardening
Configure and
manage user
privileges
Remove
unused user
accounts
Close unused
open network
ports
Enforce
password
complexity &
policies
Remove
unwanted
services
Patch all
known
vulnerabilities
7. Give me your network block:
• Nmap
• Port scans
• Ping sweeps
• Etc., …
Perimeter Assessments in the Cloud
How do I assess the perimeter of my Cloud?
Let me see your configuration:
• List of publicly accessible
resources
• Security groups (EC2-Classic,
EC2-VPC, Amazon Redshift,
Amazon RDS, etc., …)
• Routing tables, network ACL
• VPC, subnets
• Amazon S3 buckets and
permissions
• IAM policies
OLD
WORLD NEW
WORLD
8. Virtual Private Clouds (VPCs)
Default VPC is created in every region:
• VPCs are wide open by default
VPC is composed of:
• Internet and VPN gateways–connect to the rest of the world
• 1+ subnet(s)
• Routing table–how to move traffic around the VPC
• Network ACLs–a firewall, but stateless
• Security groups–host-based firewall, stateful
• Resources – Amazon EC2, RDS, Amazon Redshift, Amazon
ElastiCache
9.
10. Network Security in a VPC
Network ACLs:
• Virtual firewalls assigned to VPC/subnets
• Network ACLs are stateless; responses to allowed inbound
traffic are subject to the rules for outbound traffic (and vice versa)
• Rules evaluated numerical ascending–DENY can be overridden by ALLOW
• Watch for INEFFECTIVE rules
Security groups:
• Host-based firewalls assigned to instances
• Stateful–responses to allowed inbound traffic are not subjected
to the rules for outbound traffic
• Rules are cumulative–DENY always overrides ALLOW
• Assigning wrong security group to an instance exposes the entire VPC
http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_ACLs.html
http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-network-security.html
11. Complex Connections to Amazon EC2
EC2 instance can be run
inside VPCs
•Legacy capability to run
outside VPCs
•Instance ID: i-001bac39
•Friendly name (implemented
as a tag): ISS-V2-API1
EC2 instance can be given
one or more private IP
addresses
•For example: 172.12.6.186
•This generates a DNS name
ip-172-12-6-186.us-west-
2.compute.internal
EC2 instance can be given
one or more public IP
addresses
•For example: 52.24.201.167
•This generates a DNS name
ec2-52-24-201-167.us-west-
2.compute.amazonaws.com
EC2 instance can be attached
to an Elastic IP address (EIP)
•For example: 107.20.135.132
12. Running VA in Cloud Environments
How do I run vulnerability assessments?
Gather the list of public
IPs and EIPs of all
resources.
Do I need to scan the
private IP addresses and
instances?
Scanning an AMI
Spin up a new instance,
run a scan on the new
instance.
Mark everything based
on this AMI as
“scanned.”
What about when an
instance “drifts” from the
original AMI?
Someone can
reconfigure settings,
install new software.
In an elastic, ephemeral, autoscaling environment, clouds
can have tens of thousands of instances.
13. Patching Strategies for AWS
“No patch” strategy:
• Stay away from patching live systems
• Focus on patching templates/AMIs
• Deliver patches by redeploying workloads
• Dependent on adopting pure cloud architectures
Look at AWS OS templates:
• Patched by Amazon
Systematic workload reprovisioning
• Based on high-assurance repositories
• Effective battling advanced persistent threats
14. What Are We Missing?
Don’t assume attacks only happen against Amazon EC2
AWS has many moving parts and dimensions
Over 30 different AWS services
• Many have unique access control systems
You will have 100s of AWS accounts
We need a complete inventory
• All publicly accessible endpoints and resources
Security breaches can happen with a single weak link.
15. RDS (Amazon Relational Database Service)
Location:
• Within a VPC or not, Multi-AZ or not
Security options:
• DB security groups (if not in a VPC) or Amazon EC2-VPC security groups
• Select a non-default database port
RDS listens on only the database port:
• Shut down on all other ports (publicly, I’m sure AWS team can access the OS)
Publicly accessible option:
• Not a good idea, but if you do this:
• Make sure you use security groups to restrict source IP address
• Make sure you have latest patches applied
Secure your database snapshots:
• Keys to the kingdom if someone can get a copy
• Brute-force passwords, restore to their own account
16. S3 (Amazon Simple Storage Service)
Up to 1,000 buckets in an account:
• Unlimited number of objects (billions is not uncommon)
Location:
• Within a region, across Multi-AZs, not housed in a VPC
• Can’t sit between client and storage
Security:
• Access control through IAM policies, bucket policies, ACLs, and query string authentication
• Server-side encryption, HTTPS support
• Server access logs (does not integrate with AWS CloudTrail)
Don’t grant FULL_CONTROL, WRITE_ACP, WRITE bucket permissions to Everyone EVER!!!
Create an inventory of your sensitive data.
17. Amazon SQS (Amazon Simple Queuing Service)
Where does SQS live?
• Within a region, not within a VPC
• Uses a URL such as:
https://sqs.us-east-1.amazonaws.com/123456789012/MySQS
Security based on policy documents:
{
"Version": "2008-10-17",
"Id": "arn:aws:sqs:us-east-1:123456789012:MySQS/SQSDefaultPolicy",
"Statement": [
{
"Sid": "Sid1415217272568",
"Effect": "Allow", "Principal": { "AWS": "*" },
"Action": [
"SQS:ReceiveMessage", "SQS:SendMessage"
],
"Resource": "arn:aws:sqs:us-east-1:123456789012:MySQS"
},
18. Amazon SNS (Amazon Simple Notification Service)
SNS does not live inside your VPC.
Permissions based on topic policies:
19. Using AWS CloudTrail
An AWS service that records each time the AWS API is called:
• Currently supports most AWS services
• http://docs.aws.amazon.com/awscloudtrail/latest/userguide/dochistory.html
Conveniently, everything in AWS goes through the API:
• Even actions in the Management Console go through the API
CloudTrail writes files into an S3 bucket:
• Near real time (every five minutes)
• Files are in JSON format
Get started at: https://aws.amazon.com/cloudtrail/ .
20. Using Amazon CloudWatch Logs
Simple method of monitoring operating system logs:
• Ship Windows event logs and syslogs to Amazon CloudWatch
Types of use cases:
• Account Login Failure, Account Login Success, New local account creation,
Excessive Login Failure (Configurable)
• Unauthorized Windows Admin Logon, Windows Account Lockout Attempt,
Windows Computer Account Changes
• Windows Audit Policy Changes, Windows Event Log Cleared
• Non-Windows - Account Locked Out, Non-Windows - Account Unlocked,
Changes to System or Audit log
Get started at:
http://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/WhatIsCloudWatchLogs.html
21. Using Amazon VPC Flow Logs
An AWS service that records every time packets enter or leave a VPC:
• http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/flow-logs.html
Security team comes to you and says:
• We need logs going to instance 1-0123456 from
IP address ranges 52.205.16.0 - 52.205.31.255
Monitor for DENY connections:
• Gives you both security group and network ACL
denies
Announcement:
https://aws.amazon.com/about-aws/whats-new/2015/06/aws-launches-amazon-vpc-flow-logs/
22. Tools for Configuring AWS Securely & Cost
Effectively
Generic tools fall short.
Purpose-built, not Cloud washed:
• Make sure tools don’t fall over in the Cloud.
• Tools have to understand dynamic, ephemeral IPs.
Need a deep understanding of AWS:
• What does this mean?
• Context is important.
• Actionable intelligence.
23. Leveraging AWS data – CloudTrail, AWS Config, Amazon
VPC Flow Logs, CloudWatch Logs, DBR, and more
metrics
Providing complete transparency–into 1 or across 1,000s
of AWS accounts
Automating security, configuration, and activity monitoring
and alerting
Continuous monitoring of configurations, resources, and
permissions
Active optimization, sophisticated allocation, and simplified
invoicing for enterprise Cloud cost management
Monitoring, Reporting & Optimization
Enterprise Security & Cost Management from CloudCheckr