Winning presentation given at the 2010 Red Herring 100 North America Competition in Coronado, CA, on June 23, 2010 by Rob Marano, CEO & President of InDorse Technologies.
Avoiding Counterfeit Risk: How to mitigate part and supplier risk IHS
Just one counterfeit incident poses risk ranging from catastrophic brand damage to costly halts in production or unnecessary design and development. Your supply chain is under assault and may already be infiltrated.
It's time to act. Join Supply & Demand Chain Executive magazine as they host experts from ERAI and IHS and L-3 Communications who will share best practices, tools, and technique for mitigating electronics value chain risks.
Original event date: 2-23-11
Avoiding Counterfeit Risk: How to mitigate part and supplier risk IHS
Just one counterfeit incident poses risk ranging from catastrophic brand damage to costly halts in production or unnecessary design and development. Your supply chain is under assault and may already be infiltrated.
It's time to act. Join Supply & Demand Chain Executive magazine as they host experts from ERAI and IHS and L-3 Communications who will share best practices, tools, and technique for mitigating electronics value chain risks.
Original event date: 2-23-11
In the first fortnight of the Otago Polytechnic Bachelor of Information Technology project we invite local industry leaders "The Dragons". They provide critique of projects as early as possible. This is a chance to get feedback, and hopefully unearth opportunities and risks.
2013 14 Interactive Guide to Integrated Anti-Counterfeiting SolutionsACED Security
An interactive guide to integrated anti-counterfeiting solutions and technologies available for companies and organizations to: secure profits; protect brands; engage social media & authenticate datametrics. For details: www.acedsecurity.com. For enquiries & details contact: sales@acedsecurity.com
CIS13: Don't Let Mobile be the Achilles Heel for Your Enterprise SecurityCloudIDSummit
Michael Sutton, Vice President of Security Research, Zscaler
Nothing will more dramatically alter the enterprise security landscape than mobile devices, especially those that are employee owned (BYOD). While mobile devices can greatly improve employee productivity, they don't play nice with legacy enterprise security controls. Are you stuck choosing between the lesser of two evils—lowering security by permitting mobile access or maintaining the status quo by banishing mobile access altogether? Despite the many hurdles that today's mobile OS's pose for enterprise security, with the right policies and technologies, it’s possible to ensure that mobile employees are just as secure as those sitting at their desks.
Due to the phenomenal development of Networking technology, applications and other services, IP networks are preferred for communication, but are more vulnerable to attacks. To cope with the growing menace of security threats, security systems have to be made more intelligent and robust by introducing Intrusion Detection Systems (IDS) in the security layers of a network.
This white paper explores the role of IDS to detect attacks accurately at an early stage to minimize the impact.
Dummy's guide to Virtual Reality - Top 5 basic things you should know about VRVictoria Robertson
The Top 5 things every beginner should know about virtual reality.
VR is going mainstream and you should know the very basics if you don't want to seem like a dummy.
The lOT (Internet of Things) is a network of Internet-enabled objects, together with web services that interact with these objects. IoT enables the connected devices to communicate and interact with each other, transferring zillions of data each moment. This presentation speaks about the various protocols that keep IoT a trending topic. It gives a short glimpse about the heights that will be scaled by IoT in the near future and the ways in which it can transform the human lives. The presentation also enlists the various security threats faced by IoT and comes up with a reliable secure model for IoT.
An introductory lecture to Virtual Reality. This version of the lecture was presented at an open lecture at Aksaray University in Turkey for computer science and engineering students.
In the first fortnight of the Otago Polytechnic Bachelor of Information Technology project we invite local industry leaders "The Dragons". They provide critique of projects as early as possible. This is a chance to get feedback, and hopefully unearth opportunities and risks.
2013 14 Interactive Guide to Integrated Anti-Counterfeiting SolutionsACED Security
An interactive guide to integrated anti-counterfeiting solutions and technologies available for companies and organizations to: secure profits; protect brands; engage social media & authenticate datametrics. For details: www.acedsecurity.com. For enquiries & details contact: sales@acedsecurity.com
CIS13: Don't Let Mobile be the Achilles Heel for Your Enterprise SecurityCloudIDSummit
Michael Sutton, Vice President of Security Research, Zscaler
Nothing will more dramatically alter the enterprise security landscape than mobile devices, especially those that are employee owned (BYOD). While mobile devices can greatly improve employee productivity, they don't play nice with legacy enterprise security controls. Are you stuck choosing between the lesser of two evils—lowering security by permitting mobile access or maintaining the status quo by banishing mobile access altogether? Despite the many hurdles that today's mobile OS's pose for enterprise security, with the right policies and technologies, it’s possible to ensure that mobile employees are just as secure as those sitting at their desks.
Due to the phenomenal development of Networking technology, applications and other services, IP networks are preferred for communication, but are more vulnerable to attacks. To cope with the growing menace of security threats, security systems have to be made more intelligent and robust by introducing Intrusion Detection Systems (IDS) in the security layers of a network.
This white paper explores the role of IDS to detect attacks accurately at an early stage to minimize the impact.
Dummy's guide to Virtual Reality - Top 5 basic things you should know about VRVictoria Robertson
The Top 5 things every beginner should know about virtual reality.
VR is going mainstream and you should know the very basics if you don't want to seem like a dummy.
The lOT (Internet of Things) is a network of Internet-enabled objects, together with web services that interact with these objects. IoT enables the connected devices to communicate and interact with each other, transferring zillions of data each moment. This presentation speaks about the various protocols that keep IoT a trending topic. It gives a short glimpse about the heights that will be scaled by IoT in the near future and the ways in which it can transform the human lives. The presentation also enlists the various security threats faced by IoT and comes up with a reliable secure model for IoT.
An introductory lecture to Virtual Reality. This version of the lecture was presented at an open lecture at Aksaray University in Turkey for computer science and engineering students.
It is a seminar presentation on a technology called Virtual reality. It key features are what is virtual reality, its history and evolution, its types, devices that are used for Virtual reality and where virtual reality is applicable.
ATM\'s and Kiosks are extremely beneficial for business automation for Banks, Insurance companies and other businesses. Our kiosk solutions are customizable and can be outfitted with the most sophisticated technologies to support business efficiency.
Gigamon U - You Will See, Content Monitoring, Alerting, and Forensic AnalysisGrant Swanson
Reconnex is the leader in information monitoring and protection appliances designed for any organization, including enterprises, government agencies or education institutions that want to protect their brands, maintain compliance, or protect sensitive information. A privately-held company based in Silicon Valley, Calif., Reconnex protects information for companies such as Cadence, WebEx Communications, The George Washington University, SIRVA and Maimonides Medical Center.
This presentation was delivered at the BI SIG in Palo Alto. It provides an overview of the market shift away from on-premise solutions to on-demand in the business intelligence industry.
Throw out everything that you know about security tools today. No more six-figure appliances that only do one thing marginally well. No more proprietary protocols. We deserve better and we demand better. Envision a world where your security tools talk with eachother. They communicate and share data in order to leverage eachothers strengths and and help compensate for their weaknesses. They work together to solve problems. Envision "Symbiotic Security".
Symbiotic Security is a new term that was coined to describe the ability of a tool to consume data from other tools or provide data to other tools. As part of our research, we have examined various classes of tools on the market and identified these abilities in each of them resulting in a label of "Consumer", "Provider", or "Symbiotic". As a consumer of security tools, this completely revolutionizes the way that we make purchases.
As an example, let's pretend that you are purchasing a new Intrusion Prevention System for your enterprise. As you begin to evaluate the various tools from the Gartner Magic Quadrant, you quickly realize that they almost all have the same primary feature set. The key differentiator at this point aren't the rules or the hardware, but rather, the ability for the system to send and receive data with other systems. The IPS itself has some signatures and blocking abilities, but has zero relevancy data. Now, we give the IPS the ability to pull in vulnerability data and system configuration information from network and host scans and we gain relevancy. Add in some additional data on where the potential threat is coming from and now you have the data necessary to take a decisive action on threats. This new system is a "Consumer". Now, if you give the IPS the ability to send information to other devices on things like the source of relevant threats, those devices, like a firewall or HIPS, can now make intelligent blocking decisions as well. Our IPS now has "Provider" abilities. Since our IPS is labeled as both a "Provider" and "Consumer" it is deemed "Symbiotic". This convention can now be used both by the manufacturer to market the value-add of the device as well as a way for the purchasers to differentiate between otherwise similar devices.
In order to demonstrate the true powers of being symbiotic, we are releasing a free tool that epitomizes this concept. The tool, named ThreadFix, has been labeled as a "Consumer" because of it's abilities to pull vulnerability data from static and dynamic scanning tools, threat modeling, and manual penetration tests as well as alert logs and vulnerability details from IDS, IPS, and WAF products. ThreadFix has also been labeled as a "Provider" because of it's abilities to normalize the data consumed and pass it along to IDS, IPS, and WAF for action as well as to your bug tracking system for remediation tracking. Because it can serve both a consumer and provider role, we designate it as a "Symbiotic" tool.
GATES INFOTECH Infotech Private Limited, founded in 2016, is the one of the fastest growing Software Service IT company in Technopark, Trivandrum. EJGates recommends to adopt best industry practices and incorporates proven strategies to enhance your business. Headquartered in Trivandrum, the capital city of "gods own country", kerala, India, EJGates has its Development Centre in Technopark, Trivandrum and Dubai, UAE.
Oracle has recently launced a new MDM hub for tackling the Site domain. Many organizations in industries such as Retail, Utilities, Financials, etc., have a huge problem to manage site information in their business context and all of the information (lots of attributes) that they need to manage at these site levels. Oracle addresses this need through the launching of their Site Hub product
This presentation talks about few of the use cases for SIte Hub and discusses the features of the Site Hub product.
Sudheer Mechineni, Head of Application Frameworks, Standard Chartered Bank
Discover how Standard Chartered Bank harnessed the power of Neo4j to transform complex data access challenges into a dynamic, scalable graph database solution. This keynote will cover their journey from initial adoption to deploying a fully automated, enterprise-grade causal cluster, highlighting key strategies for modelling organisational changes and ensuring robust disaster recovery. Learn how these innovations have not only enhanced Standard Chartered Bank’s data infrastructure but also positioned them as pioneers in the banking sector’s adoption of graph technology.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionAggregage
Join Maher Hanafi, VP of Engineering at Betterworks, in this new session where he'll share a practical framework to transform Gen AI prototypes into impactful products! He'll delve into the complexities of data collection and management, model selection and optimization, and ensuring security, scalability, and responsible use.
UiPath Test Automation using UiPath Test Suite series, part 5DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 5. In this session, we will cover CI/CD with devops.
Topics covered:
CI/CD with in UiPath
End-to-end overview of CI/CD pipeline with Azure devops
Speaker:
Lyndsey Byblow, Test Suite Sales Engineer @ UiPath, Inc.
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...SOFTTECHHUB
The choice of an operating system plays a pivotal role in shaping our computing experience. For decades, Microsoft's Windows has dominated the market, offering a familiar and widely adopted platform for personal and professional use. However, as technological advancements continue to push the boundaries of innovation, alternative operating systems have emerged, challenging the status quo and offering users a fresh perspective on computing.
One such alternative that has garnered significant attention and acclaim is Nitrux Linux 3.5.0, a sleek, powerful, and user-friendly Linux distribution that promises to redefine the way we interact with our devices. With its focus on performance, security, and customization, Nitrux Linux presents a compelling case for those seeking to break free from the constraints of proprietary software and embrace the freedom and flexibility of open-source computing.
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Dr. Sean Tan, Head of Data Science, Changi Airport Group
Discover how Changi Airport Group (CAG) leverages graph technologies and generative AI to revolutionize their search capabilities. This session delves into the unique search needs of CAG’s diverse passengers and customers, showcasing how graph data structures enhance the accuracy and relevance of AI-generated search results, mitigating the risk of “hallucinations” and improving the overall customer journey.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Removing Uninteresting Bytes in Software FuzzingAftab Hussain
Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process.
In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds.
- These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.