Learn from HashiCorp Vault engineer Nick Cabatoff how you can ensure that you actually use Vault effectively to allow no potential leaks of secret credentials, apis, or certs.
Hashicorp's understanding of Digital Transformation, and the different areas that require specific solutions. Provides an overview of each of the tools - Terraform, Consul, Vault and Nomad
Hashicorp Vault: Open Source Secrets Management at #OPEN18Kangaroot
HashiCorp Vault secures, stores, and tightly controls access to tokens, passwords, certificates, API keys, and other secrets in modern computing. We'll show how this works.
Learn from HashiCorp Vault engineer Nick Cabatoff how you can ensure that you actually use Vault effectively to allow no potential leaks of secret credentials, apis, or certs.
Hashicorp's understanding of Digital Transformation, and the different areas that require specific solutions. Provides an overview of each of the tools - Terraform, Consul, Vault and Nomad
Hashicorp Vault: Open Source Secrets Management at #OPEN18Kangaroot
HashiCorp Vault secures, stores, and tightly controls access to tokens, passwords, certificates, API keys, and other secrets in modern computing. We'll show how this works.
Secret Management with Hashicorp’s VaultAWS Germany
When running a Kubernetes Cluster in AWS there are secrets like AWS and Kubernetes credentials, access information for databases or integration with the company LDAP that need to be stored and managed.
HashiCorp’s Vault secures, stores, and controls access to tokens, passwords, certificates, API keys, and other secrets . It handles leasing, key revocation, key rolling, and auditing.
This talk will give an overview of secret management in general and Vault’s concepts. The talk will explain how to make use of Vault’s extensive feature set and show patterns that implement integration between Kubernetes applications and Vault.
by Dave Dave McDermitt, Advisor – Global Security / Risk / Compliance, AWS Professional Services
Join us for four days of security and compliance sessions and hands-on labs led by our AWS security pros during AWS Security Week at the San Francisco Loft. Join us for all four days, or pick just the days that are most relevant to you. We'll open on Monday with Security 101 day, followed by sessions Tuesday on Identity and Access Management, our popular Threat Detection and Remediation day Wednesday will feature an updated GuardDuty lab, and we'll end Thursday with Incident Response sessions, labs, and a talk by Netflix on their new open source IR tool. This week will also feature Dome9 as a sponsor, and you can hear them speak and present a hands-on workshop Monday during Security 101 day.
Get an overview of HashiCorp's Vault concepts.
Learn how to start a Vault server.
Learn how to use the Vault's postgresql backend.
See an overview of the Vault's SSH backend integration.
This presentation was held on the DigitalOcean Meetup in Berlin. Find more details here: https://www.meetup.com/DigitalOceanBerlin/events/237123195/
AWS Landing Zone Deep Dive (ENT350-R2) - AWS re:Invent 2018Amazon Web Services
In this session, we discuss how to deploy a scalable environment that considers the AWS account structure, security services, network architecture, and user access. We present an overview of the AWS Landing Zone solution, an automated solution for setting up a robust and flexible AWS environment designed from the collective experience of AWS and our customers. The AWS Landing Zone helps automate the setup of a flexible account structure, security baseline, network structure, and user access based on best practices. Future growth is facilitated by an account vending machine component that simplifies the creation of additional accounts. Learn how the AWS Landing Zone can ensure that you start your AWS journey with the right foundation. We encourage you to attend the full AWS Landing Zone track, including SEC303. Search for #awslandingzone in the session catalog.
AWS Control Tower is a new AWS service for cloud administrators to set up and govern their secure, compliant, multi-account environments on AWS.
In this session, University of York will discuss their implementation of AWS Landing Zone. We’ll also explain how AWS Control Tower automates AWS Landing Zone creation with best-practice blueprints.
This slide deck served as presentation material for the talk with the same name at the 2021 COSAC security architecture conference.
It provides an architecture for applying zero trust networking on Amazon Web Services (AWS). We take a pragmatic approach to ensure that we link the theoretical components to implementation candidates. This relies on application of graph theory to establish traceability, which we can subsequently use to verify the logical integrity of the architecture. Our literature review indicates that the first imperative is to establish a reference model that describes zero-trust networking. The zero-trust reference model is subsequently mapped to relevant AWS services that realizes the components. This establishes traceability in terms of implementation requirements for each service. We see as part of this review that AWS is mature in its ability to support zero trust capabilities and that we can realize many aspects of zero trust using off-the-shelf AWS services. The correct configuration of these services however is crucial. The research is useful in providing solution architects with the logical components that can drive further stages in architecture development to support zero trust initiatives on AWS tenants.
To unlock the fastest path to value from the cloud, enterprises must consider how to industrialize the application delivery process across each layer of the cloud environment, namely
- Provisioning
- Security
- Networking
- Deployment
Slides from "Managing Secrets at scale" at Velocity EU 2015
Secrets come in many shapes and sizes: database API keys, database passwords, private keys. Distributing and managing these secrets is usually an afterthought. It's hard to get right, and can be very expensive if you get it wrong. In this session, we'll look at the core operations and properties that make up a good secret management system, and how these principals can be implemented
Cloud Migration 과 Modernization 을 위한 30가지 아이디어-박기흥, AWS Migrations Specialist...Amazon Web Services Korea
규모의 경제에서 속도의 경제로 이동하고 있는 요즘, 기업의 경쟁우위를 위하여 클라우드 마이그레이션과 애플리케이션 및 프로세스 현대화는 생존을 위한 필수조건이 되었습니다. 본 세션에서는 마이그레이션과 현대화를 위한 30여 가지 아이디어를 살펴보고자 합니다. 제약 이론, 도요타 생산방식과 같이 개선을 위한 기반 사상에서 DevOps, FinOps, SRE 등의 프랙티스와 그를 구성하는 SLA, Loosely Couple Architecture, CI/CD 등의 메카니즘, 그리고 마이그레이션을 위한 Transitional Architecture, Data Migration Architecture 등 30여 가지 아이디어를 공유합니다.
A presentation I did on what, why, how, and benefits of centralized logging in the Enterprise. This presentation was focused on implementing centralized logging in a environment that is mostly .NET/Windows.
영상 다시보기: https://youtu.be/aoQOqhVtdGo
기존 온-프레미스 환경에서 운영 중인 서버들을 AWS 클라우드로 옮겨오기 위한 방법은 무엇일까요? 본 세션에서는 리눅스 서버, 윈도우 서버 그리고 VMWare 등에서 운영되는 기존 서버의 클라우드 이전 방법을 소개합니다. 이를 통해 AWS의 기업 고객이 대량 마이그레이션을 진행했는지 고객 사례도 함께 공유합니다. 뿐만 아니라 VMware on AWS 및 AWS Outpost 같은 하이브리드 옵션을 통해 클라우드 도입을 가속화 하는 신규 서비스 동향도 살펴봅니다.
For customers with hundreds or thousands of secrets, like database credentials and API keys, manually rotating and managing access to those secrets can be complex and cause application disruptions. AWS Secrets Manager protects access to your IT resources by enabling you to easily and centrally rotate and manage access to secrets. In this session, we explore the benefits and key features of Secrets Manager. We demonstrate how to safely rotate secrets, manage access to secrets with fine-grained access policies, and centrally secure and audit your secrets.
This session is focused on the Hashicorp vault which is a secret management tool. We can manage secrets for 2-3 environments but what if we have more than 10 environments, then it will become a very painful task to manage them when secrets are dynamic and need to be rotated after some time. Hashicorp vault can easily manage secrets for both static and dynamic also it can help in secret rotations.
See what deploying across polycloud environments using cross-workloads looks like in HashiCorp Nomad. And See Consul tie these workloads together with secure routing.
Securing Your CI Pipeline with HashiCorp Vault - P2Ashnikbiz
Today, CI/CD is becoming a practice for optimum software delivery in almost every organization. What is key is how you manage the secrets in your pipeline, especially in a large organization with multiple projects, across several teams.
Hashicorp Vault helps organizations to centrally manage secrets even in your CI/CD pipelines.
WEBINAR COVERS:
Why is it critical to secure your pipeline which needs to access a lot of important secrets in order to provision and deploy
How Vault provides a unified interface to any secret while providing tight access control and recording a detailed audit log
Customer use cases and scenarios
Demo: How to secure your CI pipeline with Vault
Watch on demand: https://bit.ly/35QCq0u
Secret Management with Hashicorp’s VaultAWS Germany
When running a Kubernetes Cluster in AWS there are secrets like AWS and Kubernetes credentials, access information for databases or integration with the company LDAP that need to be stored and managed.
HashiCorp’s Vault secures, stores, and controls access to tokens, passwords, certificates, API keys, and other secrets . It handles leasing, key revocation, key rolling, and auditing.
This talk will give an overview of secret management in general and Vault’s concepts. The talk will explain how to make use of Vault’s extensive feature set and show patterns that implement integration between Kubernetes applications and Vault.
by Dave Dave McDermitt, Advisor – Global Security / Risk / Compliance, AWS Professional Services
Join us for four days of security and compliance sessions and hands-on labs led by our AWS security pros during AWS Security Week at the San Francisco Loft. Join us for all four days, or pick just the days that are most relevant to you. We'll open on Monday with Security 101 day, followed by sessions Tuesday on Identity and Access Management, our popular Threat Detection and Remediation day Wednesday will feature an updated GuardDuty lab, and we'll end Thursday with Incident Response sessions, labs, and a talk by Netflix on their new open source IR tool. This week will also feature Dome9 as a sponsor, and you can hear them speak and present a hands-on workshop Monday during Security 101 day.
Get an overview of HashiCorp's Vault concepts.
Learn how to start a Vault server.
Learn how to use the Vault's postgresql backend.
See an overview of the Vault's SSH backend integration.
This presentation was held on the DigitalOcean Meetup in Berlin. Find more details here: https://www.meetup.com/DigitalOceanBerlin/events/237123195/
AWS Landing Zone Deep Dive (ENT350-R2) - AWS re:Invent 2018Amazon Web Services
In this session, we discuss how to deploy a scalable environment that considers the AWS account structure, security services, network architecture, and user access. We present an overview of the AWS Landing Zone solution, an automated solution for setting up a robust and flexible AWS environment designed from the collective experience of AWS and our customers. The AWS Landing Zone helps automate the setup of a flexible account structure, security baseline, network structure, and user access based on best practices. Future growth is facilitated by an account vending machine component that simplifies the creation of additional accounts. Learn how the AWS Landing Zone can ensure that you start your AWS journey with the right foundation. We encourage you to attend the full AWS Landing Zone track, including SEC303. Search for #awslandingzone in the session catalog.
AWS Control Tower is a new AWS service for cloud administrators to set up and govern their secure, compliant, multi-account environments on AWS.
In this session, University of York will discuss their implementation of AWS Landing Zone. We’ll also explain how AWS Control Tower automates AWS Landing Zone creation with best-practice blueprints.
This slide deck served as presentation material for the talk with the same name at the 2021 COSAC security architecture conference.
It provides an architecture for applying zero trust networking on Amazon Web Services (AWS). We take a pragmatic approach to ensure that we link the theoretical components to implementation candidates. This relies on application of graph theory to establish traceability, which we can subsequently use to verify the logical integrity of the architecture. Our literature review indicates that the first imperative is to establish a reference model that describes zero-trust networking. The zero-trust reference model is subsequently mapped to relevant AWS services that realizes the components. This establishes traceability in terms of implementation requirements for each service. We see as part of this review that AWS is mature in its ability to support zero trust capabilities and that we can realize many aspects of zero trust using off-the-shelf AWS services. The correct configuration of these services however is crucial. The research is useful in providing solution architects with the logical components that can drive further stages in architecture development to support zero trust initiatives on AWS tenants.
To unlock the fastest path to value from the cloud, enterprises must consider how to industrialize the application delivery process across each layer of the cloud environment, namely
- Provisioning
- Security
- Networking
- Deployment
Slides from "Managing Secrets at scale" at Velocity EU 2015
Secrets come in many shapes and sizes: database API keys, database passwords, private keys. Distributing and managing these secrets is usually an afterthought. It's hard to get right, and can be very expensive if you get it wrong. In this session, we'll look at the core operations and properties that make up a good secret management system, and how these principals can be implemented
Cloud Migration 과 Modernization 을 위한 30가지 아이디어-박기흥, AWS Migrations Specialist...Amazon Web Services Korea
규모의 경제에서 속도의 경제로 이동하고 있는 요즘, 기업의 경쟁우위를 위하여 클라우드 마이그레이션과 애플리케이션 및 프로세스 현대화는 생존을 위한 필수조건이 되었습니다. 본 세션에서는 마이그레이션과 현대화를 위한 30여 가지 아이디어를 살펴보고자 합니다. 제약 이론, 도요타 생산방식과 같이 개선을 위한 기반 사상에서 DevOps, FinOps, SRE 등의 프랙티스와 그를 구성하는 SLA, Loosely Couple Architecture, CI/CD 등의 메카니즘, 그리고 마이그레이션을 위한 Transitional Architecture, Data Migration Architecture 등 30여 가지 아이디어를 공유합니다.
A presentation I did on what, why, how, and benefits of centralized logging in the Enterprise. This presentation was focused on implementing centralized logging in a environment that is mostly .NET/Windows.
영상 다시보기: https://youtu.be/aoQOqhVtdGo
기존 온-프레미스 환경에서 운영 중인 서버들을 AWS 클라우드로 옮겨오기 위한 방법은 무엇일까요? 본 세션에서는 리눅스 서버, 윈도우 서버 그리고 VMWare 등에서 운영되는 기존 서버의 클라우드 이전 방법을 소개합니다. 이를 통해 AWS의 기업 고객이 대량 마이그레이션을 진행했는지 고객 사례도 함께 공유합니다. 뿐만 아니라 VMware on AWS 및 AWS Outpost 같은 하이브리드 옵션을 통해 클라우드 도입을 가속화 하는 신규 서비스 동향도 살펴봅니다.
For customers with hundreds or thousands of secrets, like database credentials and API keys, manually rotating and managing access to those secrets can be complex and cause application disruptions. AWS Secrets Manager protects access to your IT resources by enabling you to easily and centrally rotate and manage access to secrets. In this session, we explore the benefits and key features of Secrets Manager. We demonstrate how to safely rotate secrets, manage access to secrets with fine-grained access policies, and centrally secure and audit your secrets.
This session is focused on the Hashicorp vault which is a secret management tool. We can manage secrets for 2-3 environments but what if we have more than 10 environments, then it will become a very painful task to manage them when secrets are dynamic and need to be rotated after some time. Hashicorp vault can easily manage secrets for both static and dynamic also it can help in secret rotations.
See what deploying across polycloud environments using cross-workloads looks like in HashiCorp Nomad. And See Consul tie these workloads together with secure routing.
Securing Your CI Pipeline with HashiCorp Vault - P2Ashnikbiz
Today, CI/CD is becoming a practice for optimum software delivery in almost every organization. What is key is how you manage the secrets in your pipeline, especially in a large organization with multiple projects, across several teams.
Hashicorp Vault helps organizations to centrally manage secrets even in your CI/CD pipelines.
WEBINAR COVERS:
Why is it critical to secure your pipeline which needs to access a lot of important secrets in order to provision and deploy
How Vault provides a unified interface to any secret while providing tight access control and recording a detailed audit log
Customer use cases and scenarios
Demo: How to secure your CI pipeline with Vault
Watch on demand: https://bit.ly/35QCq0u
Cloud computing
Definition of Cloud Computing
History and origins of Cloud Computing
Cloud Computing services and model
cloud service engineering life cycle
TEST AND DEVELOPMENT PLATFORM
Cloud migration
This session is recommended for anyone considering using the AWS cloud to augment their current capabilities. Adoption of cloud computing provides access to the benefits of new deployment models with significant cost and agility benefits. But how can the cloud benefit existing government organizations that have invested large amounts of resources in existing on-premises technologies? This session outlines several key factors to consider from the point of view of the large-scale IT shop stakeholder. Because each organization has its unique set of challenges in cloud adoption, this session compares some of the opportunities and risks of several hybrid cloud use-case models and then helps customers understand the cloud-native and third-party vendor options available that bridge the gap to the cloud for large-scale government environments.
Speaker: Craig Roach, Solutions Architect, Amazon Web Services
Operating and Managing Hybrid Cloud on AWSTom Laszewski
Operating in a hybrid architecture is a necessary component of an enterprise cloud adoption journey. Security, provisioning, change management, and monitoring are all key aspects of managing any hybrid cloud environment. This session will cover the AWS Services, open source tools, and AWS partners that can provide enterprises with a secure, well-governed, performant, reliable, and well-operated hybrid cloud environment. Infrastructure and application continuous delivery and improvement solutions, along with best practices to automate hybrid cloud provisioning and operations activities will be covered.
One And Done Multi-Cloud Load Balancing Done Right.pptxAvi Networks
Did you know that on average, it takes organizations more than three months using legacy load balancers to scale their load balancing capacity? That includes tedious policy management, expensive over-provisioning (or even more expensive under-provisioning), and the risk of supply-chain delays.
Join us for an eye-opening discussion of application delivery done right. By following the guiding principles of a cloud operating model, your team can get operational simplicity, multi-cloud consistency, pervasive analytics, holistic security and full life-cycle automation. This means less time spent on manual, repetitive tasks and troubleshooting, freeing up more time to proactively manage and automate your load balancers.
Terraform allows you to define your infrastructure as code. Variables and modules empower you to extend and reuse your Infrastructure as Code. With the Consul provider for Terraform, you can also let your Consul KV data drive your Terraform runs.
Azure Arc offers simplified management, faster app development, and consistent Azure services. Easily organize, govern, and secure Windows, Linux, SQL Server, and Kubernetes clusters across data centers, the edge, and multicloud environments right from Azure. Architect, design, and build cloud-native apps anywhere without sacrificing central visibility and control. Get Azure innovation and cloud benefits by deploying consistent Azure data, application, and machine learning services on any infrastructure.
Gain central visibility, operations, and compliance
Centrally manage a wide range of resources including Windows and Linux servers, SQL server, Kubernetes clusters, and Azure services.
Establish central visibility in the Azure portal and enable multi-environment search with Azure Resource Graph.
Meet governance and compliance standards for apps, infrastructure, and data with Azure Policy.
Delegate access and manage security policies for resources using role-based access control (RBAC) and Azure Lighthouse.
Organize and inventory assets through a variety of Azure scopes, such as management groups, subscriptions, resource groups, and tags.
Learn more about hybrid and multicloud management in the Microsoft Cloud Adoption Framework for Azure.
🌥️ “Cloud 101” is an event organized by our club's ☁️ Cloud lead to introduce students to the world of cloud computing. The event aims to equip students with the 🔧 skills and 💡 knowledge needed to get started with cloud computing.
👨💼 Host: The event will be hosted by the ☁️ Cloud lead of our club, who has an amazing experience in cloud computing.
🎯 Aim: The event aims to provide an introduction to cloud computing for students who are new to the field.
📚 Topics: The event will cover a range of topics related to cloud computing, such as ☁️ cloud architecture, 🔒 cloud security, ☁️ cloud services, ☁️ cloud deployment, and more.
👥 Activities: In addition to talks and workshops, the event will also feature hands-on activities and interactive sessions, designed to help students get a first-hand experience of working with cloud computing tools and technologies.
🤝 Networking: The event will provide ample opportunities for networking and connecting with like-minded individuals who share a passion for cloud computing.
📖 Prerequisites: No prior knowledge or experience in cloud computing is required to attend the event. The event is open to all students who are curious about the field and willing to learn.
📝 Registration: The event is free of cost and open to all students. However, pre-registration is mandatory to attend the event, as seats are limited.
So, if you want to get started with cloud computing and learn from an experienced ☁️ Cloud lead, join us at Cloud 101 – Your Introduction to Cloud Computing! 🚀
Azure Arc is a solution that simplifies management across different hybrid clouds or multi-clouds. Azure Arc extends Azure management and security beyond the walls of Azure to other cloud platforms or on-premises environments enabling you to make use of Azure services to manage infrastructure at these environments. In this session, you will be introduced to Azure Arc, why should you use it and how to make use of it in different scenarios.
(SEC321) Implementing Policy, Governance & Security for EnterprisesAmazon Web Services
"CSC engineers will demonstrate enterprise policy, governance, and security products to deploy and manage enterprise and industry applications AWS. We will demonstrate automated provisioning and management of big data platforms and industry specific enterprise applications with automatically provisioned secure network connectivity from the datacenter to AWS over layer 2 routed AT&T NetBond (provides AWS DirectConnect access) connection. We will demonstrate how applications blueprinted on CSC's Agility Platform can be re-hosted on AWS in minutes or re-instantiated across multiple AWS regions. CSC Cybersecurity will also demonstrate how CSC can provide agile & consumption based endpoint security for workloads in any cloud or virtual infrastructure, providing enterprise management and 24x7 monitoring of workload compliance, vulnerabilities, and potential threats.
Session sponsored by CSC."
Learn How Salesforce used ADCs for App Load Balancing for an International Ro...Amazon Web Services
Organizations use application delivery controllers (ADCs) to ensure that their most important applications receive the best performance across their network. In this session, you learn how and why Salesforce used the F5 BIG-IP platform, an ADC solution from AWS Marketplace, during a migration to AWS. To preserve an existing skillset within their business, Salesforce chose AWS Marketplace to first evaluate the solution on the AWS platform before ultimately selecting it as part of their international rollout. You see how BIG-IP performs application routing and security, and how it works with existing AWS networking solutions to provide a consistent experience for domestic and international rollouts. You also learn how Salesforce successfully used the AWS Marketplace Private Offers program to procure an enterprise license and consolidate the expenditure onto their AWS bill.
MSC202_Learn How Salesforce Used ADCs for App Load Balancing for an Internati...Amazon Web Services
Organizations use application delivery controllers (ADCs) to ensure that their most important applications receive the best performance across their network. In this session, you learn how and why Salesforce used the F5 BIG-IP platform, an ADC solution from AWS Marketplace, during a migration to AWS. To preserve an existing skillset within their business, Salesforce chose AWS Marketplace to first evaluate the solution on the AWS platform before ultimately selecting it as part of their international rollout. You see how BIG-IP performs application routing and security, and how it works with existing AWS networking solutions to provide a consistent experience for domestic and international rollouts. You also learn how Salesforce successfully used the AWS Marketplace Private Offers program to procure an enterprise license and consolidate the expenditure onto their AWS bill.
AWS Summit 2013 | Singapore - NetApp Private Storage for AWS with Equinix, Pr...Amazon Web Services
Cloud computing is going prime time. Organizations can no longer ignore the benefits of cloud, but rather, architect their network models to combine new cloud offerings with existing on-premise infrastructure.
Join Clement and Scott to learn how NetApp® Private Storage for AWS with Equinix allows enterprise and mid-market customers to build an agile cloud infrastructure that balances private and cloud resources to best meet their business needs.
Similar to Hashicorp Vault - OPEN Public Sector (20)
We all love the chameleon, and SUSE is long known for its Linux OS - but there is so much more in the world of SUSE.
In this session Jurriën will dive into how SUSE is helping organizations accelerate their digital transformation through container management, hybrid cloud IT infrastructure, and IT operations at the Edge.
Because from core, to cloud, to Edge, SUSE is helping firms to innovate everywhere.
- General Demo
- SEP super flexible with respect to API's
- HANA backup (also on RHV)
- Ansible scripts provided on Github for automated SEP installation.
- Cloud 2 Cloud backup of your MS 365 / GSuite, Dynamics and Salesforce Cloud solution
Deploying NGINX in Cloud Native KubernetesKangaroot
Using cloud-native application services is easy, it “just works”. Many customers choose them without giving it a second thought. However, these app services vary from cloud to cloud, with differing levels of quality and numbers of features making visibility and control inconsistent across clouds.
And then there is cost…it’s hard to know what your deployment is going to cost until after it’s been built. Often the services must be compiled in a piecemeal fashion and many products carry bloated code that increases costs.
Finally, security is often an afterthought. Moreover, SecOps teams struggle to keep up with the breakneck app release cadence that has become typical. Often they are seen as DevOps viewing them as a major constraint on the ability to deliver software quickly.
In this workshop, we showcase the NGINX solutions for cloud native Kubernetes that will allow you to:
- Reduce tool sprawl and provide a standard set of services
- Control costs with lightweight and easy solutions
- Bring teams together with automation and self‑service capabilities
Cloud demystified, what remains after the fog has lifted. Kangaroot
o, you’ve been ordered to land the airplane in thick fog, zero visibility and you’re praying the ILS has got it right. That’s how most IT managers feel after their CIO/CEO told them to ‘put everything in the cloud, it’s cheaper’.
IaaS, DBaas, PaaS, SaaS, Literally everything as a service… But what is it, how does it compare to, say, Hosting, or to out-sourcing? Or does it actually compare at all, and is it really new?
There is also this thing with “Cloud-native”, what is that all about and how does this fit in a modern deployment architecture. Containers don’t really fly, right, what are they doing in the clouds then??
What are the things that do make a difference, what does it all look like after the fog has lifted?
Of course, the focal point in the presentation will be the relational database as it is and will remain the beating heart of the IT landscape. Join me in this investigation and see if we can actually land the plane and really get ahead using “The Cloud”.
From NetOps to DevOps, modern app teams need a self‑service, API‑driven platform that integrates easily into CI/CD workflows to accelerate app deployment and makes app lifecycle management easier – whether your app has a hybrid or microservices architecture.
Built to manage NGINX Plus instances, NGINX Controller is cloud‑native, secure, and high‑performance. During this webinar, we demonstrate how NGINX Controller can streamline the management of your NGINX Application Services.
Kangaroot EDB Webinar Best Practices in Security with PostgreSQLKangaroot
The webinar will review a multi-layered framework for PostgreSQL security, with a deeper focus on limiting access to the database and data, as well as securing the data.
Using the popular AAA (Authentication, Authorisation, Auditing) framework EnterpriseDB will cover:
- Best practices for authentication (trust, certificate, MD5, Scram, etc).
- Advanced approaches, such as password profiles.
- Deep dive of authorisation and data access control for roles, database objects (tables, etc), view usage, row-level security, and data redaction.
- Auditing, encryption, and SQL injection attack prevention
Do you want to start with OpenShift but don’t have the manpower, knowledge, e...Kangaroot
Do you want to start with containers or a Kubernetes platform? You don’t have the in-house knowledge, experience, manpower to setup OpenShift? Get OpenShift in a box, managed by Kangaroot.
Digital Transformation requires a change in culture ànd in tools. OpenShift-in-a-box contains a managed platform to give you the tools at a fixed monthly fee ànd workshops & services to help you drive your change in development culture.
Red Hat multi-cluster management & what's new in OpenShiftKangaroot
More and more organisations are not only using container platforms but starting to run multiple clusters of containers. And with that comes new headaches of maintaining, securing, and updating those multiple clusters. In this session we'll look into how Red Hat has solved multi-cluster management, covering cluster lifecycle, app lifecycle, and governance/risk/compliance.
There is no such thing as “Vanilla Kubernetes”Kangaroot
홏홝홚홧홚 홞홨 홣홤 홨홪환홝 황홝홞홣활 홖홨 홑홖홣홞홡홡홖 홆홪홗홚홧홣홚황홚홨. Do you want to start your Digital Transformation, but struggling to find your way in OpenShift or Kubernetes? Together with Red Hat where we'll compare Vanilla Kubernetes with OpenShift. #DigitalTransformation #DevOps #RedHat #Kubernetes #OpenShift #VanillaKubernetes #automation #containers #orchestration
Kangaroot open shift best practices - straight from the battlefieldKangaroot
Running & managing an OpenShift environment in a better way starts before even building your first test cluster and doesn’t stop when the design is up and running. Kangaroot has been running & maintaining OpenShift/Kubernetes clusters in production for several of our customers and this session brings you an overview of best practices, extra tools and methodologies to make your life easier.
OpenShift 4, the smarter Kubernetes platformKangaroot
OpenShift 4 introduces automated installation, patching, and upgrades for every layer of the container stack from the operating system through application services.
How to Get CNIC Information System with Paksim Ga.pptxdanishmna97
Pakdata Cf is a groundbreaking system designed to streamline and facilitate access to CNIC information. This innovative platform leverages advanced technology to provide users with efficient and secure access to their CNIC details.
In his public lecture, Christian Timmerer provides insights into the fascinating history of video streaming, starting from its humble beginnings before YouTube to the groundbreaking technologies that now dominate platforms like Netflix and ORF ON. Timmerer also presents provocative contributions of his own that have significantly influenced the industry. He concludes by looking at future challenges and invites the audience to join in a discussion.
UiPath Test Automation using UiPath Test Suite series, part 6DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 6. In this session, we will cover Test Automation with generative AI and Open AI.
UiPath Test Automation with generative AI and Open AI webinar offers an in-depth exploration of leveraging cutting-edge technologies for test automation within the UiPath platform. Attendees will delve into the integration of generative AI, a test automation solution, with Open AI advanced natural language processing capabilities.
Throughout the session, participants will discover how this synergy empowers testers to automate repetitive tasks, enhance testing accuracy, and expedite the software testing life cycle. Topics covered include the seamless integration process, practical use cases, and the benefits of harnessing AI-driven automation for UiPath testing initiatives. By attending this webinar, testers, and automation professionals can gain valuable insights into harnessing the power of AI to optimize their test automation workflows within the UiPath ecosystem, ultimately driving efficiency and quality in software development processes.
What will you get from this session?
1. Insights into integrating generative AI.
2. Understanding how this integration enhances test automation within the UiPath platform
3. Practical demonstrations
4. Exploration of real-world use cases illustrating the benefits of AI-driven test automation for UiPath
Topics covered:
What is generative AI
Test Automation with generative AI and Open AI.
UiPath integration with generative AI
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
In the rapidly evolving landscape of technologies, XML continues to play a vital role in structuring, storing, and transporting data across diverse systems. The recent advancements in artificial intelligence (AI) present new methodologies for enhancing XML development workflows, introducing efficiency, automation, and intelligent capabilities. This presentation will outline the scope and perspective of utilizing AI in XML development. The potential benefits and the possible pitfalls will be highlighted, providing a balanced view of the subject.
We will explore the capabilities of AI in understanding XML markup languages and autonomously creating structured XML content. Additionally, we will examine the capacity of AI to enrich plain text with appropriate XML markup. Practical examples and methodological guidelines will be provided to elucidate how AI can be effectively prompted to interpret and generate accurate XML markup.
Further emphasis will be placed on the role of AI in developing XSLT, or schemas such as XSD and Schematron. We will address the techniques and strategies adopted to create prompts for generating code, explaining code, or refactoring the code, and the results achieved.
The discussion will extend to how AI can be used to transform XML content. In particular, the focus will be on the use of AI XPath extension functions in XSLT, Schematron, Schematron Quick Fixes, or for XML content refactoring.
The presentation aims to deliver a comprehensive overview of AI usage in XML development, providing attendees with the necessary knowledge to make informed decisions. Whether you’re at the early stages of adopting AI or considering integrating it in advanced XML development, this presentation will cover all levels of expertise.
By highlighting the potential advantages and challenges of integrating AI with XML development tools and languages, the presentation seeks to inspire thoughtful conversation around the future of XML development. We’ll not only delve into the technical aspects of AI-powered XML development but also discuss practical implications and possible future directions.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionAggregage
Join Maher Hanafi, VP of Engineering at Betterworks, in this new session where he'll share a practical framework to transform Gen AI prototypes into impactful products! He'll delve into the complexities of data collection and management, model selection and optimization, and ensuring security, scalability, and responsible use.
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024Neo4j
Neha Bajwa, Vice President of Product Marketing, Neo4j
Join us as we explore breakthrough innovations enabled by interconnected data and AI. Discover firsthand how organizations use relationships in data to uncover contextual insights and solve our most pressing challenges – from optimizing supply chains, detecting fraud, and improving customer experiences to accelerating drug discoveries.
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
Threats to mobile devices are more prevalent and increasing in scope and complexity. Users of mobile devices desire to take full advantage of the features
available on those devices, but many of the features provide convenience and capability but sacrifice security. This best practices guide outlines steps the users can take to better protect personal devices and information.
Communications Mining Series - Zero to Hero - Session 1DianaGray10
This session provides introduction to UiPath Communication Mining, importance and platform overview. You will acquire a good understand of the phases in Communication Mining as we go over the platform with you. Topics covered:
• Communication Mining Overview
• Why is it important?
• How can it help today’s business and the benefits
• Phases in Communication Mining
• Demo on Platform overview
• Q/A
GridMate - End to end testing is a critical piece to ensure quality and avoid...ThomasParaiso2
End to end testing is a critical piece to ensure quality and avoid regressions. In this session, we share our journey building an E2E testing pipeline for GridMate components (LWC and Aura) using Cypress, JSForce, FakerJS…
Sudheer Mechineni, Head of Application Frameworks, Standard Chartered Bank
Discover how Standard Chartered Bank harnessed the power of Neo4j to transform complex data access challenges into a dynamic, scalable graph database solution. This keynote will cover their journey from initial adoption to deploying a fully automated, enterprise-grade causal cluster, highlighting key strategies for modelling organisational changes and ensuring robust disaster recovery. Learn how these innovations have not only enhanced Standard Chartered Bank’s data infrastructure but also positioned them as pioneers in the banking sector’s adoption of graph technology.
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...SOFTTECHHUB
The choice of an operating system plays a pivotal role in shaping our computing experience. For decades, Microsoft's Windows has dominated the market, offering a familiar and widely adopted platform for personal and professional use. However, as technological advancements continue to push the boundaries of innovation, alternative operating systems have emerged, challenging the status quo and offering users a fresh perspective on computing.
One such alternative that has garnered significant attention and acclaim is Nitrux Linux 3.5.0, a sleek, powerful, and user-friendly Linux distribution that promises to redefine the way we interact with our devices. With its focus on performance, security, and customization, Nitrux Linux presents a compelling case for those seeking to break free from the constraints of proprietary software and embrace the freedom and flexibility of open-source computing.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
2. About HashiCorp
Leading Cloud Infrastructure Automation
Founded
2012
Employees
700
Funding
174M
Our software stack enables the provisioning, securing, connecting
and running of apps and the infrastructure to support them.
We unlock the cloud operating model for every business and
enable their digital transformation strategies to succeed.
4. The Transition to Cloud and Multi-Cloud
Traditional Datacenter
“Static”
Modern Datacenter
“Dynamic”
Dedicated
Infrastructure
Private
Cloud
AWS Azure GCP ...+ + +
5. The Transition to Cloud and Multi-Cloud
Traditional Datacenter
“Static”
Modern Datacenter
“Dynamic”
Dedicated
Infrastructure
Private
Cloud
AWS Azure GCP ...+ + +
“Tickets-based” “Self service”
6. The Transition to Cloud and Multi-Cloud
Traditional Datacenter
“Static”
Modern Datacenter
“Dynamic”
Dedicated
Infrastructure
Private
Cloud
AWS Azure GCP ...+ + +
SYSTEMS OF RECORD SYSTEMS OF ENGAGEMENT
“Tickets-based” “Self service”
7. Digital experiences are now the primary
interface between a customer and a
business, or business and business.
Experiences are typically device- and
cloud-first: rich, personal interface, with large
scale data processing and intelligence.
Cloud adoption is a secular trend
This patterns demands a change in the
model for software delivery to meet delivery
goals, and transformation objectives.
Digital transformation means pressure on application delivery
8. Accelerating Application Delivery
Facets of delivering applications
in a multi cloud world
Volume and distribution of services
Ephemerality and immutability
Multiple target environments
?
App
App
10. Reimagining the stack
The implications of the Cloud Operating Model
Provision
Operations
Dedicated servers
Homogeneous
Capacity on-demand
Heterogeneous
STATIC DYNAMIC
11. Reimagining the stack
The implications of the Cloud Operating Model
Secure
Security
High trust
IP-based
Low trust
Identity-based
Provision
Operations
Dedicated servers
Homogeneous
Capacity on-demand
Heterogeneous
STATIC DYNAMIC
12. Reimagining the stack
The implications of the Cloud Operating Model
Connect
Networking
Host-based
Static IP
Service-based
Dynamic IP
Secure
Security
High trust
IP-based
Low trust
Identity-based
Provision
Operations
Dedicated servers
Homogeneous
Capacity on-demand
Heterogeneous
STATIC DYNAMIC
13. Reimagining the stack
The implications of the Cloud Operating Model
Run
Development
Dedicated
Infrastructure
Scheduled across the fleet
Connect
Networking
Host-based
Static IP
Service-based
Dynamic IP
Secure
Security
High trust
IP-based
Low trust
Identity-based
Provision
Operations
Dedicated servers
Homogeneous
Capacity on-demand
Heterogeneous
STATIC DYNAMIC
14. The Cloud Landscape
In search of a common model across multi-cloud environments
Run
Development
Connect
Networking
Secure
Security
Provision
Operations
DEDICATED
PRIVATE
CLOUD
vSphere
Hardware
IP:
Hardware
vCenter
vSphere
Various
Hardware
Identity:
AD/LDAP
Terraform
EKS / ECS
Lambda
CloudApp/
AppMesh
Identity:
AWS IAM
Cloud
Formation
AKS / ACS
Azure Functions
Proprietary
Identity:
Azure AD
Resource
Manager
GKE Cloud
Functions
Proprietary
Identity:
GCP IAM
Cloud
Deployment
Manager
AWS AZURE GCP
15. The HashiCorp Stack
A control plane for every layer of the cloud operating model
Run
Development
Connect
Networking
Secure
Security
Provision
Operations
PRIVATE
CLOUD
AWS AZURE GCP
16. Private Cloud
Cloud Provisioning with Terraform
A common Cloud Operating Model
AWS Azure GCP
Provision
Operations
Secure
Security
Connect
Networking
Run
Development
17. Cloud Provisioning with Terraform
A common Cloud Operating Model
Core + Provider Model
● Expose the unique services of each infrastructure
platform, but provide a consistent workflow
18. Cloud Provisioning with Terraform
A common Cloud Operating Model
Core + Provider Model
● Expose the unique services of each infrastructure
platform, but provide a consistent workflow
● 200+ Providers exist for any infrastructure or
application element
i. Enabled by the open source model of 1200+
contributors
19. Cloud Provisioning with Terraform
A common Cloud Operating Model
A single Terraform template contains the
entire infrastructure topology
● Platform services AND the configuration of
any dependencies
i. eg. 4 AWS services plus k8s
20. Cloud Provisioning with Terraform
A common Cloud Operating Model
Self Service Provisioning
Templates can be made available to
any development team for
self-provisioning
Multi-Cloud Provisioning &
Compliance
Operations teams can enforce security
& policy at provisioning time with
Terraform Enterprise
21. Cloud Provisioning with Terraform
A common Cloud Operating Model
Before
Developer or
CI / CD System
TF CLI
TF Template
22. Cloud Provisioning with Terraform
A common Cloud Operating Model
Codified policies enforce security, compliance, and
operational best practices across all cloud provisioning
Before
Developer or
CI / CD System
TF CLI
TF Template
After
Developer or
CI / CD System
TF CLI
TF Template
TFE
■ Policy
■ Governance
23. Terraform
Provides the foundation for cloud infrastructure automation using infrastructure
as code for provisioning and compliance in the cloud operating model
Multi-Cloud Compliance & Management to
provision and manage any infrastructure with one
workflow
Self-Service infrastructure for users to easily
provision infrastructure on-demand with a library of
approved infrastructure modules
300+
Customers
100K+
Weekly D/Ls
200
Providers
Trusted by:
24. Private Cloud
Cloud Security with Vault
A common Cloud Operating Model
AWS Azure GCP
Provision
Operations
Secure
Security
Connect
Networking
Run
Development
25. Vault
Provides the foundation for cloud security that leverages trusted sources of identity to keep
secrets and application data secure in the cloud operating model
Secrets management to centrally store and
protect secrets across clouds and applications
Data encryption to keep application data secure
across environments and workloads
Advanced Data Protection to secure workloads
and data across traditional systems, clouds, and
infrastructure.
300+
Enterprise
Customers
1M+
Monthly D/Ls
2T+
Transactions
Trusted by:
26. Private Cloud
Cloud Networking with Consul
A common Cloud Operating Model
AWS Azure GCP
Provision
Operations
Secure
Security
Connect
Networking
Run
Development
27. Traditional Networking
A common Cloud Operating Model
A. Provision load-balancers to create static IP
B. Artifact deployed
C. Firewall rule updated to allow traffic
Average time to traffic ~ 6 weeks
Load balancer sprawl ($$!) but also as single
point of failure for each service
28. Networking with Consul
A common Cloud Operating Model
● Service Registry enables Routing
○ From IP-Address to Name
○ Services register and discover each
other. Consul server maintains the map
of service location
29. Networking with Consul
A common Cloud Operating Model
● Service Registry enables Routing
○ From IP-Address to Name
○ Services register and discover each
other. Consul server maintains the map
of service location
○ Consul enables routing directly to
services
30. Networking with Consul
A common Cloud Operating Model
● Service Registry enables Routing
● Service Segmentation for Security
○ Consul Connect enables
service-to-service communication
○ Foundation of zero-trust model
■ “Service Mesh”
31. Networking with Consul
A common Cloud Operating Model
● Service Registry enables Routing
● Service Segmentation for Security
○ Consul Connect enables
service-to-service communication
○ Foundation of zero-trust model
■ “Service Mesh”
A common service registry across heterogeneous environments is the basis
for multi-cloud service networking
32. Consul
Provides the foundation for cloud network automation as a central service
registry for service-based networking in the cloud operating model
50k+
Used at scale with
50k+ agents
1M+
Monthly D/Ls
Service registry & health monitoring to provide a
real-time directory of all services with their health status
Network middleware automation with service
discovery for dynamic reconfiguration as services scale
up, down or move
Zero trust network with service mesh to enable
identity-based security enforced at the endpoints via
sidecar proxies
Trusted by:
33. Private Cloud
Cloud Scheduling with Nomad
A common Cloud Operating Model
AWS Azure GCP
Provision
Operations
Secure
Security
Connect
Networking
Run
Development
34. Principle: Application Orchestration
Vault enables applications and operators to leverage trusted identities and use Vault to broker
access to different clouds, systems, and endpoints.Nomad helps deploy containerized, virtualized or standalone applications on cloud, on-premise
or hybrid infrastructure, with built-in reliability and security
35. Nomad Use Cases
A common Cloud Operating Model
Flexible Container & Workload
Organization
Deploy and manage any
containerized, legacy, or batch
application.
Multi-Cloud Workload Management
Safely manage workloads across
regions and cloud providers
Efficient Resource Utilization
Increase resource utilization, reduce
fleet sizes, and cut costs.
36. Nomad
Provides the foundation for cloud application automation by enabling
workload orchestration in the cloud operating model
Container Orchestration for deploying, managing and
scaling containerized applications
Legacy Application Orchestration to containerize,
deploy and manage legacy apps on existing infrastructure
Batch Workload Orchestration to enable ML, AI, data
science and other intensive workloads in high
performance computing (HPC) scenarios
Trusted by:
4.7k+
GitHub Stars
20k+
Monthly D/Ls
37. A Common Cloud Operating Model to
Accelerate Application Delivery
App
?
38. A Common Cloud Operating Model to
Accelerate Application Delivery
App Operations
39. A Common Cloud Operating Model to
Accelerate Application Delivery
App
Operations
Security
40. A Common Cloud Operating Model to
Accelerate Application Delivery
App
Operations
Security
Networking
41. A Common Cloud Operating Model to
Accelerate Application Delivery
App
Operations
Security
Networking
Development
App
42. A Common Cloud Operating Model to
Accelerate Application Delivery
App
Operations
Security
Networking
Development
App
GOVERNANCE
POLICY
44. Securing a datacenter was easy...
● All unauthorized traffic or access could be
restricted/blocked
● Networks were trusted and apps and databases
can interconnect with ease
● Four walls and trusted network protected secrets
and sensitive information
But what happens when your apps and infrastructure
extend to the multiple datacenters, cloud, or all the
above?
45. Reimagining the stack
The implications of the Cloud Operating Model
Run
Development
Dedicated
Infrastructure
Scheduled across the fleet
Connect
Networking
Host-based
Dynamic IP
Service-based
Dynamic IP
Secure
Security
High trust
IP-based
Low trust
Identity-based
Provision
Operations
Dedicated servers
Homogeneous
Capacity on-demand
Heterogeneous
STATIC DYNAMIC
46. The Cloud Landscape
In search of a common model across multi-cloud environments
Run
Development
Connect
Networking
Secure
Security
Provision
Operations
DEDICATED
PRIVATE
CLOUD
vSphere
Hardware
IP:
Hardware
vCenter
vSphere
Various
Hardware
Identity:
AD/LDAP
Terraform
EKS / ECS
Lambda
CloudApp/
AppMesh
Identity:
AWS IAM
Cloud
Formation
AKS / ACS
Azure Functions
Proprietary
Identity:
Azure AD
Resource
Manager
GKE Cloud
Functions
Proprietary
Identity:
GCP IAM
Cloud
Deployment
Manager
AWS AZURE GCP
51. Vault
Provides the foundation for cloud security that leverages trusted sources of identity to keep
secrets and application data secure in the cloud operating model
Identity of requester
authenticated against any
identity model prior to
granting access
Policies defined by the
Security team and
enforced at runtime.