Recently, our network was hit with one of the largest DDoS attacks the Internet has seen. We’ll describe the technology and peering architecture used to mitigate the attack. Find out how we enjoyed lunch while automatically mitigating an enormous attack with zero downtime.
Chris Wright, Red Hat Chief Technologist, discussed how the needs of communications service providers are being addressed with an upstream first, open source philosophy. Chris touched on the evolution of network functions from hardware to cloud based, and how the industry can achieve the service availability, security, automation, and scale necessary with a Network Functions Virtualization platform through community innovation.
Serverless DevSecOps: Why We Must Make it Everyone's Problem | Hillel SolowAWSCOMSUM
The legacy approach of security controlling deployment is incompatible with serverless. Learn why serverless needs close partnership between Dev+AppSec. How to redesign security controls, so devs have their control, while being prevented from creating risk Tools & processes to support collaboration
See the full talk on Youtube: https://youtu.be/lq4qWw6c-Kg
Pavan Gupta, Research and Cloud Computing Architect, UC San Francisco Center for Digital Health Innovation (Panel 1: Securing your research data: Perspectives from domain scientists ) -- "Hybridizing Kubernetes and HPC Securely"
Secure from the start : The changing landscapeKieran O'Shea
In the wake of the Heartbleed bug and a
number of other high profile security related
failures, we revisit the idea of making sure
we’re ahead of the game, secure from the start
Chris Wright, Red Hat Chief Technologist, discussed how the needs of communications service providers are being addressed with an upstream first, open source philosophy. Chris touched on the evolution of network functions from hardware to cloud based, and how the industry can achieve the service availability, security, automation, and scale necessary with a Network Functions Virtualization platform through community innovation.
Serverless DevSecOps: Why We Must Make it Everyone's Problem | Hillel SolowAWSCOMSUM
The legacy approach of security controlling deployment is incompatible with serverless. Learn why serverless needs close partnership between Dev+AppSec. How to redesign security controls, so devs have their control, while being prevented from creating risk Tools & processes to support collaboration
See the full talk on Youtube: https://youtu.be/lq4qWw6c-Kg
Pavan Gupta, Research and Cloud Computing Architect, UC San Francisco Center for Digital Health Innovation (Panel 1: Securing your research data: Perspectives from domain scientists ) -- "Hybridizing Kubernetes and HPC Securely"
Secure from the start : The changing landscapeKieran O'Shea
In the wake of the Heartbleed bug and a
number of other high profile security related
failures, we revisit the idea of making sure
we’re ahead of the game, secure from the start
Kubernetes: it’s new; it’s cool; and you want it! But you have questions… Is deployment easy? Does it scale? Can it be upgraded in place? Will it work with your existing services? Can it handle big data workloads?
You wish you could learn just one platform and never have to learn another one, but that's not how software works. Today’s epic swell is tomorrow's choppy ripples. Today's cloud nine is tomorrow's smog. What you really need to learn is how to surf… on clouds.
So catch the wave and we’ll ride the white fluffies together. We’ll start with Kubernetes, the cloud container orchestration engine Google seeded, and Mesos, the scheduling framework from which Twitter and Apple are hanging ten. Then we’ll throw on the afterburner with the Mesosphere Datacenter Operating System (DCOS) and deploy orchestrators, like Kubernetes and Marathon, alongside distributed services, like Spark and Cassandra, to open up a universe of possibilities.
KubeCon schedule link: http://sched.co/4V0d
Secure your Hadoop clusters with BlueTalon SecureAccess for WebHDFSIsabelle Dumont
Ransomware attacks have started to plug big data deployments in 2017, including Hadoop. Why? The Web interface to HDFS is left insecure by default. With BlueTalon you get a turnkey package that you can install easily to secure your Hadoop instances.
CloudFlare DDoS attacks 101: what are they and how to protect your site?Cloudflare
Distributed denial of service (DDoS) attacks have scaled up in size and frequency over the past year. Attackers constantly adopt new methods to flood your website and network with malicious traffic. What exactly are DDoS attacks and how do they work? More importantly, how can you ensure that your website stays protected. CloudFlare solutions engineer Trey Guinn discusses the nature of DDoS attacks, with a focus on amplification attacks. He explains how CloudFlare is able to stop such attacks and also what can you do to ensure you are not part of the problem by running open NTP servers or DNS resolvers.
PLNOG19 - Sławomir Janukowicz - Zestaw uzbrojenia na wyposażeniu wykonujących...PROIDEA
Przedstawiony zostanie zestaw ataków stosowanych obecnie w kampaniach DDoS. Jakie narzędzia są stosowane najczęściej, jakie sporadycznie. Pokazane zostanie, które elementy architektury sieciowej mogą zostać zaatakowane i z jakim skutkiem.
A survey of 170 cyber security professionals taken at Infosecurity 2017 on attitudes related to the General Data Protection Regulation - GDPR - and the need for a data privacy officer.
Extend Enterprise Application-level Security to Your AWS EnvironmentImperva
When organizations shift to a public cloud environment, security and compliance must remain top of mind. While Amazon Web Services (AWS) provides robust infrastructure-level protections, today’s attackers target the applications themselves.
This presentation will:
- Discuss inherent AWS security capabilities
- Review attack types that target the applications and why traditional security approaches can’t stop them
- Illustrate how Imperva SecureSphere for AWS stops these attacks and enables you to use the security infrastructure in the cloud and on-premise
The complexity of implementing and maintaining IBM Guardium or a native audit solution within an enterprise environment can quickly run into trouble. Escalating costs, manularity, and gaps in coverage put your company at risk of a failed audit or data breach. This presentation will share the experiences of Imperva customers who have moved from native audit or Guardium to Imperva SecureSphere for database audit and protection (DAP).
Viewers will leave with an understanding of:
- Security and compliance factors that organizations should consider
- The methods of deployment within an enterprise environment
- The monetary and human costs associated with each DAP architecture
5 Steps to a Secure Hybrid Architecture - Session Sponsored by Palo Alto Netw...Amazon Web Services
A hybrid Architecture is one of the easiest ways to securely address new application requirements and cloud-first development initiatives. This approach allows you to start small and expand as your requirements change while maintaining a strong security posture. In this session, you will learn the 5 key steps to building a hybrid architecture using the VM-Series next-generation firewall.
Speaker: Bisham Kishnani, Consulting Engineer (APJC) – DataCenter & Virtualization, Palo Alto Networks
Licensing Windows Workloads on AWS - AWS Online Tech TalksAmazon Web Services
Learning Objectives:
- Get an overview of options for licensing Windows Server, SQL Server and other Microsoft products on AWS
- Learn how to bring existing Microsoft licenses to AWS and maintain license compliance
- Learn the scenarios where EC2 Dedicated Hosts make sense for your workloads
In this Dev Lounge Express Edition breakfast session, we take a look at how AWS Step Functions makes it easier for you to build distributed applications with complex business workflows implemented using multiple microservices. We walk through creating a state machine using AWS Step Functions via the AWS console, and more complex examples building state machines with tasks implemented as AWS Lambda functions using AWS CloudFormation. We take a look at the various features of AWS Step Functions such as exception handling, making choices and manual steps, and gain valuable insights into the performance of our distributed application using AWS X-ray.
In this presentation, we cover advanced mitigation techniques used by Behemoth 2 – our latest mitigation platform – as well as real-life examples of different DDoS attack vectors and traffic samples. Plus, learn how we utilize a network of 4.7 Tbps to handle complex high throughput attacks and get a heads up on the latest trends we’re seeing in DDoS attacks.
Get an inside look at Incapsula Security, straight from the Security Research Team. Plus, get your vulnerability management strategy on track by assessing the automated threats you face and learn about the new security features we’re working on to keep you protected.
Cloud Migration with Confidence: 7 Keys to SuccessNew Relic
In the span of a decade, cloud services have matured into a multi-billion dollar market. The benefits of migrating to the cloud are also well documented: agility to change faster, get to market faster, rapid scalability, and better customer experiences. But how do you know if and when you’ve achieved a successful migration? Whether you are starting your cloud journey, are in the process of migrating, or looking to scale your applications on AWS, instrumentation, measurement, and insights are key to migrating with confidence.
This presentation walks through the important steps you can take to make sure your teams, partners, and management feel confident in a successful cloud migration.
This was presented on TechRepublic Nov. 8, 2017 by Cloud Migration CBS Interactive Distinguished Lecturer David Gewirtz, author of The Flexible Enterprise, Abner Germanow, Sr. Director, Strategic and Partner Marketing, New Relic, and AWS expert, Kalpan Raval, Global Segment Leader - Migration tooling at Amazon Web Services.
How to Use the TICK Stack, CoreOS, & Docker to Make Your SaaS Offering BetterDeborah Schalm
Other than InfluxDB and the open source Tick Stack, InfluxData provides a SaaS version of the TICK Stack, called InfluxCloud, that supports clustering, authentication and other enterprise features not found in the open source TICK Stack. InfluxCloud is designed to be easy to use and reliable for our customers, as they rely on this service to store time series data gathered from sensors, servers, and other devices that is the foundation for their own SLAs for their products and services. This means InfluxCloud requires an even higher standard of service in order to help them maintain their service level commitments.
Kubernetes: it’s new; it’s cool; and you want it! But you have questions… Is deployment easy? Does it scale? Can it be upgraded in place? Will it work with your existing services? Can it handle big data workloads?
You wish you could learn just one platform and never have to learn another one, but that's not how software works. Today’s epic swell is tomorrow's choppy ripples. Today's cloud nine is tomorrow's smog. What you really need to learn is how to surf… on clouds.
So catch the wave and we’ll ride the white fluffies together. We’ll start with Kubernetes, the cloud container orchestration engine Google seeded, and Mesos, the scheduling framework from which Twitter and Apple are hanging ten. Then we’ll throw on the afterburner with the Mesosphere Datacenter Operating System (DCOS) and deploy orchestrators, like Kubernetes and Marathon, alongside distributed services, like Spark and Cassandra, to open up a universe of possibilities.
KubeCon schedule link: http://sched.co/4V0d
Secure your Hadoop clusters with BlueTalon SecureAccess for WebHDFSIsabelle Dumont
Ransomware attacks have started to plug big data deployments in 2017, including Hadoop. Why? The Web interface to HDFS is left insecure by default. With BlueTalon you get a turnkey package that you can install easily to secure your Hadoop instances.
CloudFlare DDoS attacks 101: what are they and how to protect your site?Cloudflare
Distributed denial of service (DDoS) attacks have scaled up in size and frequency over the past year. Attackers constantly adopt new methods to flood your website and network with malicious traffic. What exactly are DDoS attacks and how do they work? More importantly, how can you ensure that your website stays protected. CloudFlare solutions engineer Trey Guinn discusses the nature of DDoS attacks, with a focus on amplification attacks. He explains how CloudFlare is able to stop such attacks and also what can you do to ensure you are not part of the problem by running open NTP servers or DNS resolvers.
PLNOG19 - Sławomir Janukowicz - Zestaw uzbrojenia na wyposażeniu wykonujących...PROIDEA
Przedstawiony zostanie zestaw ataków stosowanych obecnie w kampaniach DDoS. Jakie narzędzia są stosowane najczęściej, jakie sporadycznie. Pokazane zostanie, które elementy architektury sieciowej mogą zostać zaatakowane i z jakim skutkiem.
A survey of 170 cyber security professionals taken at Infosecurity 2017 on attitudes related to the General Data Protection Regulation - GDPR - and the need for a data privacy officer.
Extend Enterprise Application-level Security to Your AWS EnvironmentImperva
When organizations shift to a public cloud environment, security and compliance must remain top of mind. While Amazon Web Services (AWS) provides robust infrastructure-level protections, today’s attackers target the applications themselves.
This presentation will:
- Discuss inherent AWS security capabilities
- Review attack types that target the applications and why traditional security approaches can’t stop them
- Illustrate how Imperva SecureSphere for AWS stops these attacks and enables you to use the security infrastructure in the cloud and on-premise
The complexity of implementing and maintaining IBM Guardium or a native audit solution within an enterprise environment can quickly run into trouble. Escalating costs, manularity, and gaps in coverage put your company at risk of a failed audit or data breach. This presentation will share the experiences of Imperva customers who have moved from native audit or Guardium to Imperva SecureSphere for database audit and protection (DAP).
Viewers will leave with an understanding of:
- Security and compliance factors that organizations should consider
- The methods of deployment within an enterprise environment
- The monetary and human costs associated with each DAP architecture
5 Steps to a Secure Hybrid Architecture - Session Sponsored by Palo Alto Netw...Amazon Web Services
A hybrid Architecture is one of the easiest ways to securely address new application requirements and cloud-first development initiatives. This approach allows you to start small and expand as your requirements change while maintaining a strong security posture. In this session, you will learn the 5 key steps to building a hybrid architecture using the VM-Series next-generation firewall.
Speaker: Bisham Kishnani, Consulting Engineer (APJC) – DataCenter & Virtualization, Palo Alto Networks
Licensing Windows Workloads on AWS - AWS Online Tech TalksAmazon Web Services
Learning Objectives:
- Get an overview of options for licensing Windows Server, SQL Server and other Microsoft products on AWS
- Learn how to bring existing Microsoft licenses to AWS and maintain license compliance
- Learn the scenarios where EC2 Dedicated Hosts make sense for your workloads
In this Dev Lounge Express Edition breakfast session, we take a look at how AWS Step Functions makes it easier for you to build distributed applications with complex business workflows implemented using multiple microservices. We walk through creating a state machine using AWS Step Functions via the AWS console, and more complex examples building state machines with tasks implemented as AWS Lambda functions using AWS CloudFormation. We take a look at the various features of AWS Step Functions such as exception handling, making choices and manual steps, and gain valuable insights into the performance of our distributed application using AWS X-ray.
In this presentation, we cover advanced mitigation techniques used by Behemoth 2 – our latest mitigation platform – as well as real-life examples of different DDoS attack vectors and traffic samples. Plus, learn how we utilize a network of 4.7 Tbps to handle complex high throughput attacks and get a heads up on the latest trends we’re seeing in DDoS attacks.
Get an inside look at Incapsula Security, straight from the Security Research Team. Plus, get your vulnerability management strategy on track by assessing the automated threats you face and learn about the new security features we’re working on to keep you protected.
Cloud Migration with Confidence: 7 Keys to SuccessNew Relic
In the span of a decade, cloud services have matured into a multi-billion dollar market. The benefits of migrating to the cloud are also well documented: agility to change faster, get to market faster, rapid scalability, and better customer experiences. But how do you know if and when you’ve achieved a successful migration? Whether you are starting your cloud journey, are in the process of migrating, or looking to scale your applications on AWS, instrumentation, measurement, and insights are key to migrating with confidence.
This presentation walks through the important steps you can take to make sure your teams, partners, and management feel confident in a successful cloud migration.
This was presented on TechRepublic Nov. 8, 2017 by Cloud Migration CBS Interactive Distinguished Lecturer David Gewirtz, author of The Flexible Enterprise, Abner Germanow, Sr. Director, Strategic and Partner Marketing, New Relic, and AWS expert, Kalpan Raval, Global Segment Leader - Migration tooling at Amazon Web Services.
How to Use the TICK Stack, CoreOS, & Docker to Make Your SaaS Offering BetterDeborah Schalm
Other than InfluxDB and the open source Tick Stack, InfluxData provides a SaaS version of the TICK Stack, called InfluxCloud, that supports clustering, authentication and other enterprise features not found in the open source TICK Stack. InfluxCloud is designed to be easy to use and reliable for our customers, as they rely on this service to store time series data gathered from sensors, servers, and other devices that is the foundation for their own SLAs for their products and services. This means InfluxCloud requires an even higher standard of service in order to help them maintain their service level commitments.
How to Use the TICK Stack, CoreOS, & Docker to Make Your SaaS Offering BetterDevOps.com
Other than InfluxDB and the open source Tick Stack, InfluxData provides a SaaS version of the TICK Stack, called InfluxCloud, that supports clustering, authentication and other enterprise features not found in the open source TICK Stack. InfluxCloud is designed to be easy to use and reliable for our customers, as they rely on this service to store time series data gathered from sensors, servers, and other devices that is the foundation for their own SLAs for their products and services. This means InfluxCloud requires an even higher standard of service in order to help them maintain their service level commitments.
PuppetConf 2017 | Adobe Advertising Cloud: A Lean Puppet Workflow to Support ...Nicolas Brousse
Building and scaling a multi-cloud solution that's enabled for cloud bursting is not a trivial task, and requires a lot of automation. While experiencing hyper-growth on the Adobe Advertising Cloud, our operations engineering team had to frequently update and improve its workflow in order to stay nimble and allow fast delivery of new infrastructure. At TubeMogul/Adobe Advertising Cloud, we implemented a lean Puppet workflow that enables the operations engineering team to deploy and support a broad range of services in a complex environment that supports hundreds of billions of requests a day. With over 150 changes released per day on its production infrastructure, the team had to adjust and tune its processes to enforce quality, standards, to review, and to prevent systems from breaking. In this talk, you will learn how we implemented our infrastructure as code by leveraging tools like Puppet, Gerrit, Terraform, and Jenkins, which together enable our private and public cloud infrastructures across 12 locations and four continents.
PuppetConf 2017: Adobe Advertising Cloud: Lean Puppet Workflow to Support Mul...Puppet
Building and scaling a multi-cloud solution that's enabled for cloud bursting is not a trivial task, and requires a lot of automation. While experiencing hyper-growth on the Adobe Advertising Cloud, our operations engineering team had to frequently update and improve its workflow in order to stay nimble and allow fast delivery of new infrastructure. At TubeMogul/Adobe Advertising Cloud, we implemented a lean Puppet workflow that enables the operations engineering team to deploy and support a broad range of services in a complex environment that supports hundreds of billions of requests a day. With over 150 changes released per day on its production infrastructure, the team had to adjust and tune its processes to enforce quality, standards, to review, and to prevent systems from breaking. In this talk, you will learn how we implemented our infrastructure as code by leveraging tools like Puppet, Gerrit, Terraform, and Jenkins, which together enable our private and public cloud infrastructures across 12 locations and four continents.
A Journey to Modern Apps with Containers, Microservices and Big DataEdward Hsu
2016-10-04 Reactive Summit - Mesosphere Keynote
Enterprises hear about the promise of application containers, but realizing meaningful business results from containers requires more than abandoning virtual machines. In order to implement containers correctly, businesses must consider the operational implications, as well as the new types of applications they want to build using microservices. In this session, Ed Hsu, Vice President of Enterprise DC/OS at Mesosphere, discusses how to capitalize on new opportunities that can accelerate your IT modernization initiatives.
Presented at All Things Open, Raleigh NC, October 2014. Why do people love Ansible for automation? Good question! We walked through several Ansible use cases.
How and why to deploy machine learning in the real world.
IoT + ML = connected intelligence.
This means the benefits of ML can be brought from the digital world to the physical world. Arm is building a platform to make it easy for IoT developers, cloud developers and data scientists to build apps that deliver on this vision.
Powering Predictive Mapping at Scale with Spark, Kafka, and Elastic Search wi...Databricks
Gleaning real-time insights from streaming data often requires a complex data pipeline composed of message queues, stream processing frameworks, and storage solutions. This is incredibly complicated and can take weeks to deploy. DC/OS makes deploying these pipelines insanely easy. In only 15 minutes, we will set up a complete IOT pipeline, using Apache Spark Streaming, Apache Kafka, and ElasticSearch to power a javascript based front-end application analyzing streamed, real time data (using taxi locations across New York City).
MAE304-Turners Cloud Archive for CNN's Video Library and Global Multiplatform...Amazon Web Services
Turner Broadcasting is using the AWS Cloud to provide storage and content processing required to enable mission-critical video libraries. Turner is creating a copy of CNN's 37-year news video library in AWS to take advantage of the cost and architectural benefits of cloud storage. This project has unique requirements around retrieval times, and Turner partnered with AWS to drive specific capabilities such as those Amazon Glacier expedited and bulk retrieval options. These cloud-based archives can enable Turner to use other cloud-based value-add services, such as AI/ML/search, and media supply chains efficiently. Turner's global content exploitation strategies call for extensive versioning of content assets required for distribution to different platforms, products, and regions. Today, this involves complex workflows to derive multiple downstream versions. Adopting the SMPTE Interoperable Mastering Format (IMF) and cloud-based object storage, Turner will dramatically simplify these workflows by enabling cloud-based automation and elastic scalability. Hear Turner’s strategy, implementation around these media workloads, and lessons learned.
Partner Webinar: Mesosphere and DSE: Production-Proven Infrastructure for Fas...DataStax
In this webinar, experts from DataStax and Mesosphere provide an overview of requirements for fast data applications, and explore the use cases for running DataStax Enterprise on the Mesosphere DC/OS platform.
View recording: https://youtu.be/5HwNxZvr8fI
Explore all DataStax webinars: http://www.datastax.com/resources/webinars
Airbnb has served over 200,000,000 customers across 191 countries and is one of the largest database consumers on AWS. They have heavily adopted MySQL and have recently completed a migration to Amazon Aurora. In this session, Airbnb shares their story, including design considerations for operating at Airbnb scale, tips, tricks, and advice for others startups, and thoughts on why they decided to run on Aurora.
Similar to How We Blocked a 650Gb DDoS Attack Over Lunch (20)
One Poll survey of 250 IT professionals on the state of application programming interface (API) security, which highlights growing concern for cybersecurity risk related to API use.
Beyond takeover: stories from a hacked accountImperva
In this presentation, Imperva researchers explore the dynamics of credential theft. The team reversed a phishing hook to hack and track phishers using the same methods that phishers use on their victims. The presentation explores questions such as how long it takes from takeover to exploitation, what the attacker looks for in the hacked account, which decoys attract their attention, and what security practices they use to cover their tracks. Check out the slides and read the report to learn about real-world takeover stories and best practices for breach detection and remediation to protect your data. Read the full report: https://www.imperva.com/DefenseCenter/HackerIntelligenceReports
Research: From zero to phishing in 60 seconds Imperva
Here are the highlights of our research on do-it-yourself kits for phishing attacks, allowing attackers to quickly and elegantly mount a phishing campaign. These slides present examples of phishing kits, reviews their main capabilities, and shows a statistical and clustering analysis of our collection of phishing kits. The main goal of our research is to shed light on the dynamics of phishing and the distribution of phishing kits in the underground community
Making Sense of Web Attacks: From Alerts to NarrativesImperva
Co-Founder & CTO of Imperva, Amichai Shulman, discusses how recognizing the security narrative in your web-application is a big challenge. On the one hand security products are getting more sensitive and are detecting even minor anomalies in incoming web traffic, while on the other hand attacks are becoming more automated and traffic intensive. As a result, security operators find themselves sifting through hundreds of thousands of individual alert messages per day, striving to know what the “#@$%” is going on. These slides present our innovative system that groups individual alerts from a web application firewall into attack narratives. They also present real-world cases and show results.
A survey of 310 IT security professionals taken at the Infosecurity Europe trade show by Imperva. The survey found that when it comes to insider threats, over half (58 percent) of the IT security professionals were deeply concerned about careless users who unwittingly put their organization’s data at risk.
The slideshow lists the results of a survey on the current state of company preparedness for the European General Data Protection Regulation (GDPR). The survey of 170 security professionals was taken at RSA 2017, the world’s largest security conference.
This presentation, Ransomware Rising, details the results of a survey of security professionals taken at RSA 2017, the world’s largest security conference, exploring their experiences with ransomware.
Conducted Feb. 13-17, at RSA 2017, the in-person survey is based on responses from 170 attendees including IT professionals, managers and executives from the U.S. (77 percent), EMEA (13 percent) and other regions (11 percent).
To learn more about preventing ransomware visit, http://bit.ly/2nwKICL
7 Tips to Protect Your Data from Contractors and Privileged VendorsImperva
Contractors, privileged vendors and staff additions can pose cyber security risks to your enterprise. Learn how you can protect your data from third parties: http://bit.ly/2o5jUgr
Time to rethink your phishing strategy? Read about how the low cost of launching a phishing campaign and the high projected return on investment for cybercriminals could affect you: http://bit.ly/2nmdSVm
Learn about the growing cyberattack trends, the biggest obstacles in the security industry and threat intelligence buying motivations: http://bit.ly/1WVmlu3
Combat Payment Card Attacks with WAF and Threat IntelligenceImperva
Learn where you are most vulnerable to credit card fraud, how illegal "carding" and "cashing out" kill chains work and why Web Application Firewalls and threat intelligence are necessary to prevent attacks. Find out how you can be prepared: http://bit.ly/2nZO6rE
HTTP/2: Faster Doesn't Mean Safer, Attack Surface Growing ExponentiallyImperva
Although HTTP/2 promises faster speeds and better performance than its predecessor, its combination of new mechanisms and implementations reintroduces some flaws present in earlier versions. Read more here: http://bit.ly/2nGcpcq
Users and apps pose the biggest risk to your enterprise data with hackers being financially motivated to gain unauthorized access to data. Find out how to prevent major data breaches from internal and external threats: http://bit.ly/2oFImpQ
Combat Today's Threats With A Single Platform For App and Data SecurityImperva
The number one source of data breaches are web app attacks. It doesn't matter where your data resides because cyber criminals and compromised users will find a way to access it. Learn the steps you can take and why you have to protect data where it lives: http://bit.ly/2p3jkgK
The new 2016 Gartner Magic Quadrant for Web Application Firewalls (WAF) is based on detailed responses to questionnaires from experienced Web App Firewall customers. Watch this webinar and hear the experiences of major customers who participated in the Gartner MQ for WAF research and how they implemented web app firewall to protect their applications and critical data.
Exploding data growth doesn’t mean you have to sacrifice data security or compliance readiness. The more clarity you have into where your sensitive data is and who is accessing it, the easier it is to secure and meet compliance regulations.
Walk through this presentation to learn how to:
- Detect and block cyber security events in real-time
- Protect large and diverse data environments
- Simplify compliance enforcements and reporting
- Take control of escalating costs.
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.