Equifax cyber attack contained by containersAqua Security
Equifax cyber attack - What if they had used containers?
Block Image with Struts Vulnerability
Virtual Patch Patching To Block Exploit
Prevent Host-based DOS Attack
Situational Awareness
TechWiseTV Workshop: OpenDNS and AnyConnectRobb Boyd
Join this in-depth look and detailed demonstration of the OpenDNS Umbrella integration with AnyConnect and how it really can stop most threats before they become serious problems, protecting users anywhere they go, even when the VPN is off.
Watch the workshop replay: http://bit.ly/2bPT1ax
Watch the Video: http://bit.ly/2c60obv
Tsvi Korren,
VP of Product Strategy at Aqua Security CISSP, has been an IT security professional for over 25 years. In previous positions at DEC and CA Inc., he consulted with various industry verticals on the process and organizational aspects of security. As the VP of Product Strategy at Aqua, he is tasked with delivering commercial and open source solutions that make Cloud Native workloads the most secure, compliant and resilient application delivery platform.
Cisco and Pxosys teamed up for this Webinar, we will walk you through the Threat Landscape and recent DNS Ransomware cases, and explain why DNS Security is important in your Security Stack within your Organization. We are going to look on a Cisco Umbrella Live Demo and see the potential of the platform from the easy deployment, reporting, and blocking & mitigate Threats from day Zero. A Q&A is going to end the event to clarify any questions that arise during the demo event. Attendees will receive a Cisco Umbrella Free Trial (30 days) at the end of the event.
Visit www.pxosys.com to know more about us.
VMworld 2013
Azeem Feroz, VMware
Sachin Vaidya, VMware
Learn more about VMworld and register at http://www.vmworld.com/index.jspa?src=socmed-vmworld-slideshare
Behind the scene of malware operators. Insights and countermeasures. CONFiden...Marco Balduzzi
Modern cybercrime operates highly-sophisticated campaigns that challenge, or even evade, the state-of-art in defense and protection. On a daily basis, users worldwide are fooled by new techniques and threats that went under the radar, like new 0-days or attack vectors. We passively monitored how these attacks are conducted on real installations, and unveiled the modus operandi of malware operators. In this presentation, we share with the audience our recent findings and trends that we observed in-the-wild from the analysis we conducted on 3 million software downloads, involving hundreds of thousands of Internet connected machines. During the talk, we provide insights on our investigation like the effect of code signing abuse, the compromise of cloud providers' operations, the use of domains generated automatically via social engineering, and the business model behind modern malware campaigns. We also discuss the problem of "unknown threats", showing how the Internet's threats landscape is still largely unexplored and how it badly impacts on million of users. We conclude with a proof-of-concept system that we designed and that uses machine-learning to generate human-readable rules for detection. Our system represents a potential mitigation to the problem of "unknown threats" and an assistance tool for analysts globally.
Using Your Network as a Sensor for Enhanced Visibility and Security Lancope, Inc.
Driven by the mobility, cloud computing, and Internet of Everything megatrends and fueled by increasingly sophisticated cybercriminals, today’s information landscape is more dynamic and more vulnerable than ever before.
Join Cisco and Lancope for a complimentary webinar to learn how you can implement a comprehensive, network-enabled approach to cybersecurity.
During the webinar we will discuss:
Using the Network as a Security Sensor with Lancope’s StealthWatch System and Flexible NetFlow and to obtain visibility at scale, monitor network activity efficiently, discover security incidents quickly, and help achieve compliance.
Using the Network as a Security Enforcer with Cisco TrustSec to ensure policy-based access control and network segmentation for containment of the network attacks, assist compliance and reduce risks of data-breaches.
Докладчики представят подробный анализ, проведенный на основе исследования более 200 уязвимостей в SCADA и HMI. Вы сможете ознакомиться с подробным описанием популярных типов уязвимостей в решениях крупнейших производителей, таких как Schneider Electric, Siemens, General Electric и Advantech. Вы узнаете о том, как обнаружить критически опасные уязвимости в базовом коде. В докладе будут сопоставляться активность разных производителей в выпуске исправлений, а также сегменты SCADA с другими сегментами рынка программного обеспечения. Вниманию разработчиков и операторов будут предоставлены рекомендации, которые позволят снизить вероятность осуществления атак, а также прогнозы касательно дальнейших тенденций развития атак.
VMworld 2013: Security Automation Workflows with NSX VMworld
VMworld 2013
Gargi Keeling, VMware
Don Wood, McKesson
Troy Casey, McKesson
Learn more about VMworld and register at http://www.vmworld.com/index.jspa?src=socmed-vmworld-slideshare
ASA Firepower NGFW Update and Deployment ScenariosCisco Canada
This session will focus on typical deployment scenarios for the Adaptive Security Appliance family running FirePower Services. Also, a feature overview and comparison of the ASA with Firepower services and the new Firepower Threat Defense (FTD) image will be included with updates on the new Firepower hardware platform. Deployment use cases will include Internet Edge, various segmentation scenarios, and VPN. A configuration walk-through and accepted best practices will be covered. This session is designed for existing ASA customers and targets the security and network engineer. They will learn the benefit of a FirePower NGFW in network edge and Internet use cases
"This workshop is for pentesters, security researchers or someone looking to get into IoT security but is reluctant due to the wide range of technologies involved and plethora of different tools. While it does require a considerable amount of knowledge in the domain, it is not as difficult as you may think. In this workshop we will introduce you to some of the important concepts and EXPLIoT framework in a very simple way that can be used for the various IoT attack vectors. The primary focus of this workshop is to introduce the attendees to the open source IoT Security Testing and Exploitation Framework - EXPLIoT (https://gitlab.com/expliot_framework/expliot) and enable them to use as well as extend it by writing plugins for new IoT based exploits and analysis test cases. It’s a flexible and extendable framework that would help the security community in writing quick IoT test cases and exploits. The objectives of the framework are:
1. Easy to use
2. Extendable
3. Support for hardware, radio and IoT protocol analysis
EXPLIoT currently supports the following protocols which can be utilized for writing new plugins/exploits:
1. Radio – BLE , Zigbee
2. Network – MQTT, CoAP, DICOM, MODBUS, MDNS, NMAP, TCP, UDP
3. Hardware – CAN, SPI, I2C, UART, JTAG
This talk would give attendees a first-hand view of the functionality, how to use it and how to write plugins to extend the framework."
Jason Palm presents a deep dive into SonicWall's new Capture ATP feature.
Links included in the presentation:
https://blog.cerdant.com/2017/06/28/ransomware-defense/
https://blog.cerdant.com/cerdant-security-conference/
https://blog.sonicwall.com/2016/09/defend-data-from-invaders/
https://www.sonicwall.com/en-de/lp/2017-sonicwall-annual-threat-report
How to Test High-Performance Next-Generation FirewallsIxia
Testing next-generation firewalls necessitates simulating realistic network conditions to help you validate your enterprise firewall performance, attack detection and blocking while increasing stability and reliability under extended attack.
Preview delle ultime novità di prodotto Sourcefire IPS Entriamo in dettaglio delle novità di prodotto annunciate da Sourcefire nell\’ultimo mese, incluso:
New 3D8000 Series Sensors with FirePOWER
New Defense Center Models
New IPSx Solution
See Your OpenStack Network Like Never Before with Real-time Visibility and Mo...PLUMgrid
After deployment and build-out of an OpenStack cloud, operators require a complete end to end single pane view of the SDN-based network overlay, all the associated workloads and hypervisors and physical infrastructure. Enterprises and cloud providers alike have aggressively adopted SDN visualization and monitoring platforms in addition to OpenStack horizon to keep their infrastructure running with 100% uptime. Additionally, new tools that aim at helping with proactive remediation of issues are being deployed and leveraged to quickly bring back the system to healthy conditions. In this session, attendees will discover:
How comprehensive visualization could help operations staff
How to correlate physical and virtual networks
How to immediately identify problems as they arise
Chris Wright, Red Hat Chief Technologist, discussed how the needs of communications service providers are being addressed with an upstream first, open source philosophy. Chris touched on the evolution of network functions from hardware to cloud based, and how the industry can achieve the service availability, security, automation, and scale necessary with a Network Functions Virtualization platform through community innovation.
Equifax cyber attack contained by containersAqua Security
Equifax cyber attack - What if they had used containers?
Block Image with Struts Vulnerability
Virtual Patch Patching To Block Exploit
Prevent Host-based DOS Attack
Situational Awareness
TechWiseTV Workshop: OpenDNS and AnyConnectRobb Boyd
Join this in-depth look and detailed demonstration of the OpenDNS Umbrella integration with AnyConnect and how it really can stop most threats before they become serious problems, protecting users anywhere they go, even when the VPN is off.
Watch the workshop replay: http://bit.ly/2bPT1ax
Watch the Video: http://bit.ly/2c60obv
Tsvi Korren,
VP of Product Strategy at Aqua Security CISSP, has been an IT security professional for over 25 years. In previous positions at DEC and CA Inc., he consulted with various industry verticals on the process and organizational aspects of security. As the VP of Product Strategy at Aqua, he is tasked with delivering commercial and open source solutions that make Cloud Native workloads the most secure, compliant and resilient application delivery platform.
Cisco and Pxosys teamed up for this Webinar, we will walk you through the Threat Landscape and recent DNS Ransomware cases, and explain why DNS Security is important in your Security Stack within your Organization. We are going to look on a Cisco Umbrella Live Demo and see the potential of the platform from the easy deployment, reporting, and blocking & mitigate Threats from day Zero. A Q&A is going to end the event to clarify any questions that arise during the demo event. Attendees will receive a Cisco Umbrella Free Trial (30 days) at the end of the event.
Visit www.pxosys.com to know more about us.
VMworld 2013
Azeem Feroz, VMware
Sachin Vaidya, VMware
Learn more about VMworld and register at http://www.vmworld.com/index.jspa?src=socmed-vmworld-slideshare
Behind the scene of malware operators. Insights and countermeasures. CONFiden...Marco Balduzzi
Modern cybercrime operates highly-sophisticated campaigns that challenge, or even evade, the state-of-art in defense and protection. On a daily basis, users worldwide are fooled by new techniques and threats that went under the radar, like new 0-days or attack vectors. We passively monitored how these attacks are conducted on real installations, and unveiled the modus operandi of malware operators. In this presentation, we share with the audience our recent findings and trends that we observed in-the-wild from the analysis we conducted on 3 million software downloads, involving hundreds of thousands of Internet connected machines. During the talk, we provide insights on our investigation like the effect of code signing abuse, the compromise of cloud providers' operations, the use of domains generated automatically via social engineering, and the business model behind modern malware campaigns. We also discuss the problem of "unknown threats", showing how the Internet's threats landscape is still largely unexplored and how it badly impacts on million of users. We conclude with a proof-of-concept system that we designed and that uses machine-learning to generate human-readable rules for detection. Our system represents a potential mitigation to the problem of "unknown threats" and an assistance tool for analysts globally.
Using Your Network as a Sensor for Enhanced Visibility and Security Lancope, Inc.
Driven by the mobility, cloud computing, and Internet of Everything megatrends and fueled by increasingly sophisticated cybercriminals, today’s information landscape is more dynamic and more vulnerable than ever before.
Join Cisco and Lancope for a complimentary webinar to learn how you can implement a comprehensive, network-enabled approach to cybersecurity.
During the webinar we will discuss:
Using the Network as a Security Sensor with Lancope’s StealthWatch System and Flexible NetFlow and to obtain visibility at scale, monitor network activity efficiently, discover security incidents quickly, and help achieve compliance.
Using the Network as a Security Enforcer with Cisco TrustSec to ensure policy-based access control and network segmentation for containment of the network attacks, assist compliance and reduce risks of data-breaches.
Докладчики представят подробный анализ, проведенный на основе исследования более 200 уязвимостей в SCADA и HMI. Вы сможете ознакомиться с подробным описанием популярных типов уязвимостей в решениях крупнейших производителей, таких как Schneider Electric, Siemens, General Electric и Advantech. Вы узнаете о том, как обнаружить критически опасные уязвимости в базовом коде. В докладе будут сопоставляться активность разных производителей в выпуске исправлений, а также сегменты SCADA с другими сегментами рынка программного обеспечения. Вниманию разработчиков и операторов будут предоставлены рекомендации, которые позволят снизить вероятность осуществления атак, а также прогнозы касательно дальнейших тенденций развития атак.
VMworld 2013: Security Automation Workflows with NSX VMworld
VMworld 2013
Gargi Keeling, VMware
Don Wood, McKesson
Troy Casey, McKesson
Learn more about VMworld and register at http://www.vmworld.com/index.jspa?src=socmed-vmworld-slideshare
ASA Firepower NGFW Update and Deployment ScenariosCisco Canada
This session will focus on typical deployment scenarios for the Adaptive Security Appliance family running FirePower Services. Also, a feature overview and comparison of the ASA with Firepower services and the new Firepower Threat Defense (FTD) image will be included with updates on the new Firepower hardware platform. Deployment use cases will include Internet Edge, various segmentation scenarios, and VPN. A configuration walk-through and accepted best practices will be covered. This session is designed for existing ASA customers and targets the security and network engineer. They will learn the benefit of a FirePower NGFW in network edge and Internet use cases
"This workshop is for pentesters, security researchers or someone looking to get into IoT security but is reluctant due to the wide range of technologies involved and plethora of different tools. While it does require a considerable amount of knowledge in the domain, it is not as difficult as you may think. In this workshop we will introduce you to some of the important concepts and EXPLIoT framework in a very simple way that can be used for the various IoT attack vectors. The primary focus of this workshop is to introduce the attendees to the open source IoT Security Testing and Exploitation Framework - EXPLIoT (https://gitlab.com/expliot_framework/expliot) and enable them to use as well as extend it by writing plugins for new IoT based exploits and analysis test cases. It’s a flexible and extendable framework that would help the security community in writing quick IoT test cases and exploits. The objectives of the framework are:
1. Easy to use
2. Extendable
3. Support for hardware, radio and IoT protocol analysis
EXPLIoT currently supports the following protocols which can be utilized for writing new plugins/exploits:
1. Radio – BLE , Zigbee
2. Network – MQTT, CoAP, DICOM, MODBUS, MDNS, NMAP, TCP, UDP
3. Hardware – CAN, SPI, I2C, UART, JTAG
This talk would give attendees a first-hand view of the functionality, how to use it and how to write plugins to extend the framework."
Jason Palm presents a deep dive into SonicWall's new Capture ATP feature.
Links included in the presentation:
https://blog.cerdant.com/2017/06/28/ransomware-defense/
https://blog.cerdant.com/cerdant-security-conference/
https://blog.sonicwall.com/2016/09/defend-data-from-invaders/
https://www.sonicwall.com/en-de/lp/2017-sonicwall-annual-threat-report
How to Test High-Performance Next-Generation FirewallsIxia
Testing next-generation firewalls necessitates simulating realistic network conditions to help you validate your enterprise firewall performance, attack detection and blocking while increasing stability and reliability under extended attack.
Preview delle ultime novità di prodotto Sourcefire IPS Entriamo in dettaglio delle novità di prodotto annunciate da Sourcefire nell\’ultimo mese, incluso:
New 3D8000 Series Sensors with FirePOWER
New Defense Center Models
New IPSx Solution
See Your OpenStack Network Like Never Before with Real-time Visibility and Mo...PLUMgrid
After deployment and build-out of an OpenStack cloud, operators require a complete end to end single pane view of the SDN-based network overlay, all the associated workloads and hypervisors and physical infrastructure. Enterprises and cloud providers alike have aggressively adopted SDN visualization and monitoring platforms in addition to OpenStack horizon to keep their infrastructure running with 100% uptime. Additionally, new tools that aim at helping with proactive remediation of issues are being deployed and leveraged to quickly bring back the system to healthy conditions. In this session, attendees will discover:
How comprehensive visualization could help operations staff
How to correlate physical and virtual networks
How to immediately identify problems as they arise
Chris Wright, Red Hat Chief Technologist, discussed how the needs of communications service providers are being addressed with an upstream first, open source philosophy. Chris touched on the evolution of network functions from hardware to cloud based, and how the industry can achieve the service availability, security, automation, and scale necessary with a Network Functions Virtualization platform through community innovation.
Nuts & Bolts of the Dynamic Attack ChainIBM Security
With significant breaches of personal and corporate data being announced regularly, there is even more value in understanding how the dynamic attack chain really works in addition to what tools your organization can use to disrupt it. From break-in to ex-filtration, you will be taken through a "real-world" scenario to understand how easy it is for attackers to infiltrate your network and steal sensitive data. We will review the technologies you can use to combat these threats and contain the impact of a breach as well as determine what protection strategy you should adopt to avoid being the next headline.
Join this live webinar, presented by Christopher Beier, IBM Security Senior Product Marketing Manager, to:
- Experience a "real world" step-by-step scenario from break-in to ex-filtration
- Learn in detail how the dynamic attack chain works
- Understand which network and endpoint protections your organization should have in place
View the on-demand recording: http://securityintelligence.com/events/nuts-bolts-dynamic-attack-chain/
IBM ridefinisce la strategia e l'approccio verso gli Avanced Persistent Threa...Luigi Delgrosso
Recorded Webinar at http://event.on24.com/wcc/r/1117340/BECF92C8BBDF5B51399A8FB934C97054
This Webinar has been hold in Italian language by Luigi Delgrosso and Fabrizio Patriarca.
Please contact them to get additional details and get a visit on site
In the world of cyber security, a single defeat can be extremely costly.Before you create a plan, it’s vital to learn about the anatomy of a data breach – and understand who your attackers are.
In a standard data breach, the type that occurs between 80 to 90 million times per year, there are roughly 6 essential steps, each of which will be outlined below. It’s time for a quick anatomy lesson to strengthen your cyber security program:
Web Application Security for Continuous Delivery PipelinesAvi Networks
Watch on-demand webinar: https://info.avinetworks.com/webinars/web-application-security-continuous-delivery-pipelines
Applications today have evolved into containers and microservices deployed in fully automated and distributed environments across data centers and clouds. Application services such as load balancing, security, and analytics become critical for continuous delivery.
To secure modern web applications, security policies including SSL/TLS, ACLs, IP Reputation, and WAF need to be applied quickly. We will share a reference implementation from Avi Networks.
Join this webinar to learn:
- CI/CD in the web application security context
- Challenges and solutions integrating a modern web application firewall (WAF) into the application development pipeline
- How to create processes that support both security and development requirements
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.Scalar Decisions
Simon Wong and Chris Cram, Scalar security experts, discuss how Palo Alto Networks technology disrupts the entire malware kill chain. Attendees will also gain insight on flexible deployment options to better serve their mobile users, and how to get the most out of their Palo Alto Networks deployment.
Azure 101: Shared responsibility in the Azure CloudPaulo Renato
Whether you’re working exclusively on Azure or with multiple cloud environments, there are certain things you should consider when moving assets to the public cloud. As with any cloud deployment, security is a top priority, and moving your workloads to the Azure cloud doesn’t mean you’re not responsible for the security of your operating system, applications, and data.
Building on the security of the Azure infrastructure, this shared security responsibility starts with making sure your environment is secure. In this session, we will discuss step-by-step what you need to do to secure access at the administrative, application and network layers.
Security professional in Information security for 4+ years looking for additional professional challenges across the globe. I'm open to blend roles within red/ blue teams as required.
The session will be focusing how cloud-native security platform can continuously discovers workloads, identifies risk, and enforces security policies in any multi-cloud environment. Additionally it will also cover the Automated policy generation through agent-less security controls makes protecting data and applications the easiest thing to do in the cloud.
The Speaker of the session will be Dr. Ratinder Paul Singh Ahuja, Founder and Chief Research and Development Officer, Shield X, USA
Dr. Ratinder leads ShieldX and its mission as its central pivot point. Drawing from a career as a successful serial entrepreneur and corporate leader, he brings his unique blend of business acumen, industry network and deep technical knowledge.
At his previous start-ups, Internet Junction, Webstacks and Reconnex he served as Chief Technology Officer and Vice President of the Mobile and Network Security Business Units. His knowledge of innovation and emerging trends in networking, network security, and data-loss prevention are derived from years of industry experience. Dr. Ahuja holds a BS in Electronics & Electrical Engineering from Thapar University, in India, and a Masters and Ph.D. in Computer Engineering from Iowa State University. Dr. Ahuja has been granted 61 patents for security-based technologies, and has presented in many public forums, including the Content Protection Summit, IC3, IEEE Computer Society, McAfee FOCUS, and the Cloud Expo.
For any organization managed security services play an important role in enhancing the security posture, alerting against top vulnerabilities along with rapid and anywhere deployment.
The presentation covers an analysis of microservices architecture and design patterns (such as API gateway, Log aggregation and more) in order to analyze how certain aspects of security is achievable at scale through these patterns.
VMworld 2013: Introducing NSX Service Composer: The New Consumption Model for...VMworld
VMworld 2013
Merritte Stidston, McKesson
James Wiese, VMware
Learn more about VMworld and register at http://www.vmworld.com/index.jspa?src=socmed-vmworld-slideshare
How to Reuse OPNFV Testing Components in Telco Validation ChainOPNFV
Morgan Richomme, Orange
OPNFV provides lots of tooling that can be adopted and adapted to Service providers solution. These solutions are OpenStack based but not necessarily OPNFV solutions.
This session will detail how some components developed in OPNFV have been introduced in Orange Integration Center, an OpenStack based vendor solution including Contrail SDN controller and third party elements.
The best practices learned in OPNFV were used to design and build a CI chain including jenkins, functest, yardstick, the test API and the Test DB.
Morgan Richomme, Orange
Power consumption is a key driver of NFV. However very few projects deal with this aspect.
This session will detail a prototype realized in OPNFV Orange labs aiming to track power consumption during CI operations.
We could imagine that, if we generalize the information colelction to the Pharos community, we may get significative figures to establish power consumption profiles and why not try to get even deeper and get applicative profile using statistical tools
Hands-On Testing: How to Integrate Tests in OPNFVOPNFV
Jose Lausuch, Ericsson
I have developed and integrated a new feature but… how do I write test cases and where do I put them? How do I start?
These are common questions asked by developers bringing new features that need to be tested and verified in our CI pipeline.
Storage Performance Indicators - Powered by StorPerf and QTIPOPNFV
Yujun Zhang, ZTE Corporation, Mark Beierl, Dell EMC
StorPerf uses heat to create VMs with attached cinder volumes. The volumes are used *without* a file system (ie target=/dev/vdb). The FIO workload is run and stats collected every minute. When we get 10 samples in a row that fit within a certain range and slope, we say it is a valid measurement. This avoids false numbers due to Ceph balancing or other warm up. The metrics can be read after job completes, and there is an indicator to state if the volume metrics stabilized or not.
Storage QPI will be calculated based on the test results from storperf by QTIP. It aims to be a comparable indicator for storage performance among different platforms.
Big Data for Testing - Heading for Post Process and AnalyticsOPNFV
Yujun Zhang, ZTE Corporation, Donald Hunter, Cisco, Trevor Cooper, Intel
The testing community created tens of testing projects, hundreds of testing cases, thousands of testing jobs. Huge amount of testing data has been produced. What comes next, then?
The testing community puts in place tools and procedures to declare testcases/projects, normalize and upload results. These tools and procedures have been adopted so we now have lots of data covering lots of scenarios, hardware, installers.
In this presentation, we shall discuss the stakes and challenges of result post processing.
* How analytics can provide valuable inputs to the community, end users or upstream projects.
* How can we produce accurate indicators, reports and graphs, focus on interpreting / consuming test results.
* How can we get the best of breeds of our result mine?
Testing, CI Gating & Community Fast Feedback: The Challenge of Integration Pr...OPNFV
Jose Lausuch, Ericsson, Nikolas Hermanns, Ericsson
How can we make sure that new code in OPNFV does not break or stop CI?
How can we ensure quick feedback for each patch-set?
With the new way to snapshot a virtual deployment it is now possible to get virtual clouds up and running in about 2 min. In addition, through low amount of disk/cpu consumption and isolation of the networking it is possible to have a very high number of virtual deployments co-existing in the same bare-metal server.
How Many Ohs? (An Integration Guide to Apex & Triple-o)OPNFV
Dan Radez, Red Hat, Tim Rozet, Red Hat
The OPNFV ecosystem is made up of projects that need to integrate with each other. Project Apex uses Triple-o under the covers which most people usually need some assistance to integrate with.
Come and spend a session with the Apex development team learning the ins and outs of Triple-o.
In this session participants will learn about the deployment process that is run when an Apex/Triple-o deployment is executed and how to assign services to nodes and generate networking configurations withing Triple-o to successfully integrate and deploy a new component in OpenStack.
Come learn how to untangle the learning curve presented when integrating and using Triple-o and simplify your future development and deployment endeavors with a new found intimate knowledge of the Apex & Triple-o platform.
Fatih Degirmenci, Ericsson, Yolanda Robla Mota, RedHat, Markos Chandras, SUSE
OPNFV has been working with the communities such as OpenStack, OpenDaylight, and fd.io as part of its Cross Community CI (XCI) effort in order to provide means for the developers to work with the latest versions of upstream components, cutting the time it takes to develop new features significantly and testing them on the OPNFV Infrastructure.
Apart from developing and testing new features, OPNFV XCI will enable developers to identify bugs earlier, issue fixes faster, and get feedback on a daily basis. This is a prerequisite for OPNFV in its CD & DevOps journey.
OPNFV aims to run XCI by reusing what other communities developed such as bifrost and openstack-ansible. While doing this, OPNFV intends to develop, maintain, and evolve OPNFV Infrastructure like how the other OPNFV projects do; upstream first. Whatever missing functionality and issues we identify in the components we use as part of our infrastructure and CI/CD toolchain, we strive to fix them directly upstream.
During this session, we will talk about the progress we have made so far, contributions we made to our upstream communities, and share our experiences. We will also highlight the key benefits of XCI for the community in order for developers to utilize the mechanisms, work with OpenStack master to implement new features and fix bugs using the toolchain XCI established.
Jose Lausuch, Ericsson
OPNFV provides different test frameworks which help developers to write new test cases. Those frameworks also borrow and integrate a variety of testing tools from other open source communities (OpenStack, OpenDaylight, Open-O, ...).
This session will go through all the tools that have been integrated so far in OPNFV and the cross community collaboration that has already started in Danube time frame.
Enabling Carrier-Grade Availability Within a Cloud InfrastructureOPNFV
Aaron Smith, Red hat, Pasi Vaananen, Red Hat
Carrier-Grade Cloud Infrastructure (Aaron Smith, Pasi Vaananen, Red Hat): The move from vertically integrated hardware and software to distributed execution in a cloud complicates the delivery of highly available services. Vertically integrated systems enabled all system layers required to communicate and participate in the support of availability of the service to be under control of single system vendor. With NFV, the cloud philosophy of infrastructure and application decoupling requires new open interfaces to support the necessary flow of information between layers and clear separation of the fault and availability management responsibilities between the infrastructure and application SW subsystems. Even in the cloud environment, traditional availability concepts such as fast detection, correlation, and fault notification still apply. A fast, low-latency fault management platform will be presented that allows cloud-based services to achieve 5NINES of availability and service continuity. Performance measurements from a prototype of the system will be presented along with a demo of the operation of a service requiring 50 ms fault remediation.
Learnings From the First Year of the OPNFV Internship ProgramOPNFV
Ray Paik, Linux Foundation, Serena Feng, ZTE
OPNFV launched its Internship program in Q1'2016, and there have been more than 10 interns around the world contributing to different OPNFV activities ranging from cross community CI, documentation, infrastructure, testing, etc. In this talk, there will be an overview of the OPNFV internship program that is different from more traditional internship programs and a discussion on areas for improvement that were identified. A community member who mentored two interns will also share her experience managing interns remotely and her advice for future interns & mentors. Finally, OPNFV interns will give a quick lightening round talk on their internship projects highlighting their contributions to the community. [NOTE: This is designed as a 60-minute session with interns' lightening round talks as 6-8 interns could be attending the OPNFV Summit. Presentations from Serena/Ray is expected to take about 20-25 minutes]
Juha Kosonen, Nokia, Mika Rautakumpu, Nokia
The Open Compute Project (OCP) is a collaborative community focused on redesigning hardware technology to efficiently support the growing demands on compute infrastructure. The designs have been optimized to lower cost of infrastructure and operations e.g. by removing non-essential components, disaggregating rack level solution with common resources, and simplifying server serviceability.
OpenStack provides the foundation for the NFVI and MANO components within OPNFV. OPNFV releases Colorado and recent Danube have been successfully integrated to OCP hardware and running smoothly. Also hardware acceleration is supported. The concept itself has gained a lot of interest from mobile operators, some of them are running OPNFV on top of OCP hardware in their test laboratories too.
This presentation will introduce how OpenStack, OCP and OPNFV open source projects fits perfectly together.
The Return of QTIP, from Brahmaputra to DanubeOPNFV
Yujun Zhang, ZTE Corporation, Julien Zhang, ZTE Corporation
QTIP project was suspended due to the changes in project team after Brahmaputra. Now it has returned to the community in Danube. Here is the story behind it.
- transfer from original team
- achievements in Danube
- intern projects
- vision for future
Fatih Degirmenci, Ericsson, Jack Morgan, Intel
The OPNFV community relies on our community labs, CI and testing projects to ensure we release quality code. The current strategies to use hardware resources in OPNFV community labs will not be able to sustain its current growth. New strategies need to be implemented to allow for new OPNFV projects. The presenters will look at the current lab usage model and discuss ways already being worked in OPNFV community labs through the POD descriptor file. In our CI process through Dynamic CI, Cross Community CI and other initiatives. In our testing projects use of hardware resources and its importance in the release process. The presenters will show current tools used to track usage such as the Bitergia dashboard.
Run OPNFV Danube on ODCC Scorpio Multi-node Server - Open Software on Open Ha...OPNFV
Zhiqiang Yu, China Mobile, Huabin Tang, China Mobile
Open Data Center Committee (ODCC) is co-founded by Baidu, Tencent, Alibaba, China Telecom, China Mobile, Intel, China Academy of Information and Communications Technology (CAICT). It is a non-profit industrial organization, focusing on researching open hardware such as server, data center and open network technologies to meet the growing demand on hardware in Chinese market.
Scorpio Multi-node Server is an ODCC project sponsored by China Mobile. It is a 4U size server chassis with 8 compute nodes or 4 storage nodes in maximum. It can also be mixture of different kind of servers, like 4 compute nodes and 2 storage nodes. Compared with traditional ATCA or Blade server, Multi-node Server's advantages include:
1.It is easier and cheaper to extend.
2.It has more choices for compute and storage nodes combination.
3.It is easier to maintain by engineers.
4. Even higher density.
5. 4U is more flexible than 10~14U Blade server.
OPNFV develops an integrated and tested open source platform that can be used to build NFV functionality. We are running OPNFV releases Colorado on Scorpio Multi-node smoothly and will try recent Danube on it in China Mobile’s Novonet (Next Generation Network) laboratory.
This presentation will introduce how OPNFV and Scorpio Multi-node server fit perfectly together. It's a fully open implementation of open software and open hardware.
Distributed vnf management architecture and use-casesOPNFV
Sridhar Pothuganti, NXP, Trinath Somanchi, NXP
Telco operators are on journey to discover what virtualization means for the network. Markets have believed that NFV architecture elements: NFVI and VIM, hold the complete responsibility in providing virtualized networks with carrier grade properties.
Telco operators have reached to a conclusion that VNFs must take their fair share of responsibility to realize NFV goals while meeting carrier-grade behavior in the entire NFV architecture. While the trend moves on, Cloud native VNFs are emerging best citizens of the cloud. Thus communication from EMS to VNFM is blurred and eventually may disappear in the future. This requires better understanding of, and agreement over the role of VNFMs and EMS for VNFs.
This presentation describes the evolution of Distributed VNF management, Architectural design considerations and Use-case scenarios. The following proposal is based on a comprehensive study on evolving cloud native VNF management.
Software-defined migration how to migrate bunch of v-ms and volumes within a...OPNFV
Kentaro Matsumoto, KDDI Corporation, Hyde Sugiyama, Red Hat, Inc
As telecom career, we KDDI have been managing thousands of physical servers and run various kinds of workloads. In our operation of such a huge environment, We are frequently required to shut down our servers for maintenance, but it is not easy to negotiate with our tenant users to allow downtime. To make it easier, we are developing the structure called "Zone Migration", using the framework of OpenStack project "Watcher". "Zone Migration" makes it possible to migrate tenants’ workloads from compute nodes and storage devices we want to maintain (source zone) to new blank ones (destination zone) efficiently, automatically, and with minimum downtime.
These requirements as follows are realized.
-A lot of VMs and volumes should be migrated within a limited time frame
-Operations should be automated, but also can be controlled manually
-Time and load of migration should be under control so that tenants’ systems will not be affected
We are proceeding with the project in cooperation with NEC and Red Hat, and developing this structure on Red Hat OpenStack Platform.
Securing your nfv and sdn integrated open stack cloud- challenges, use-cases ...OPNFV
Sridhar Pothuganti, NXP, Trinath Somanchi, NXP
Network security and reliability are the most challenging tasks in any cloud. With NFV and SDN in place, Network Functions are virtualzied and network traffic is managed in separated control and data planes. Thus reducing the operational and capital expenditure. Virtualized Network Functions are tied with Software Defined Networks to boost the power of virtualization. This itself is challenging when Network services and security is a concern. While OpenStack is the best opted solution for IaaS, many service provides are moving towards best solutions to deal with service delivery and security challenges in SDN and NFV integrated OpenStack Cloud.
The Presentation outlines the challenges and proposes probable solutions for NFV and SDN integrated OpenStack Cloud.
My network functions are virtualized, but are they cloud-readyOPNFV
Ulas Kozat, Huawei, Yaoguang Wang, Huawei
In the first phase of telco-cloud vision, the physical network functions are targeted for virtualization and became Virtual Network Functions (VNF) decoupled from the specific hardware platform. As we dive into the second phase of the cloud era, the core need is to provide VNF implementations that can take advantage of what cloud has to offer in terms of utility based computing (a.k.a. scaling), availability, data durability, etc. To this end, we have been developing a VNF Performance Modeling framework for automatic characterization of a particular VNF implementation in terms of its cloud-readiness and its bottlenecks towards cloud-readiness. We will present the details of our performance modeling framework and show its utility based on the existing open source VNF implementations. The next frontier of telco-cloud vision is to develop cloud-native network functions and services. Thus, in the last part of our talk, we will cover the future evolution of the framework and discuss the needs, requirements, potential metrics for evaluating the cloud-nativeness of network functions.
Challenge in asia region connecting each testbed and poc of distributed nfv ...OPNFV
Shuya Nakama, Okinawa Open Laboratory / NEC Solution Innovators, Eric Chang, Institute for Information Industry, Hideyasu Hayashi, Okinawa Open Laboratory and NEC Solution Innovators, Torii Takashi, NEC Corporation and Okinawa Open Laboratory
There are many countries in Asia region those have the motivation to innovate their telecom system and educate new technologies to young engineers. It is important how to encourage and involve these countries to OPNFV communities, and also educate to contribute to open source activities.
In these session, we will introduce our trial to the issue. Okinawa Open Laboratories (OOL) in Japan and Institute for Information Industry (III) in Taiwan, have been doing joint research activities in these years about SDN/NFV area, and this year, we have connected each testbed using OPNFV. Over the distributed testbed, we have started our POC of NFV use cases such as vEPC, vCPE etc. We also have communication with several research and academic organization in Asia region, so we would like to connect each country’s testbed and expand our testbed to Asia region.
There are many challenges, and we have learned from our experience, so in the session we will share the lessons learned from our trial. That will be good example for the whole community, and help progressing collaboration of global eco system.
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdfPeter Spielvogel
Building better applications for business users with SAP Fiori.
• What is SAP Fiori and why it matters to you
• How a better user experience drives measurable business benefits
• How to get started with SAP Fiori today
• How SAP Fiori elements accelerates application development
• How SAP Build Code includes SAP Fiori tools and other generative artificial intelligence capabilities
• How SAP Fiori paves the way for using AI in SAP apps
Removing Uninteresting Bytes in Software FuzzingAftab Hussain
Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process.
In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds.
- These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
Climate Impact of Software Testing at Nordic Testing DaysKari Kakkonen
My slides at Nordic Testing Days 6.6.2024
Climate impact / sustainability of software testing discussed on the talk. ICT and testing must carry their part of global responsibility to help with the climat warming. We can minimize the carbon footprint but we can also have a carbon handprint, a positive impact on the climate. Quality characteristics can be added with sustainability, and then measured continuously. Test environments can be used less, and in smaller scale and on demand. Test techniques can be used in optimizing or minimizing number of tests. Test automation can be used to speed up testing.
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
The Metaverse and AI: how can decision-makers harness the Metaverse for their...Jen Stirrup
The Metaverse is popularized in science fiction, and now it is becoming closer to being a part of our daily lives through the use of social media and shopping companies. How can businesses survive in a world where Artificial Intelligence is becoming the present as well as the future of technology, and how does the Metaverse fit into business strategy when futurist ideas are developing into reality at accelerated rates? How do we do this when our data isn't up to scratch? How can we move towards success with our data so we are set up for the Metaverse when it arrives?
How can you help your company evolve, adapt, and succeed using Artificial Intelligence and the Metaverse to stay ahead of the competition? What are the potential issues, complications, and benefits that these technologies could bring to us and our organizations? In this session, Jen Stirrup will explain how to start thinking about these technologies as an organisation.
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex ProofsAlex Pruden
This paper presents Reef, a system for generating publicly verifiable succinct non-interactive zero-knowledge proofs that a committed document matches or does not match a regular expression. We describe applications such as proving the strength of passwords, the provenance of email despite redactions, the validity of oblivious DNS queries, and the existence of mutations in DNA. Reef supports the Perl Compatible Regular Expression syntax, including wildcards, alternation, ranges, capture groups, Kleene star, negations, and lookarounds. Reef introduces a new type of automata, Skipping Alternating Finite Automata (SAFA), that skips irrelevant parts of a document when producing proofs without undermining soundness, and instantiates SAFA with a lookup argument. Our experimental evaluation confirms that Reef can generate proofs for documents with 32M characters; the proofs are small and cheap to verify (under a second).
Paper: https://eprint.iacr.org/2023/1886
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
In his public lecture, Christian Timmerer provides insights into the fascinating history of video streaming, starting from its humble beginnings before YouTube to the groundbreaking technologies that now dominate platforms like Netflix and ORF ON. Timmerer also presents provocative contributions of his own that have significantly influenced the industry. He concludes by looking at future challenges and invites the audience to join in a discussion.
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
2. Drivers for Consumers and Providers of Cloud/NFV
Automa'on
Minimize
OPEX
&
CAPEX
Dynamic
Resources
Self-‐Service
Portals
Scalability
Agility
Producers Consumers
Make security easy-to-deploy
by consumers
No Bottlenecks
Need well-defined security posture
New
Business
Models
3. “….if
innova+on
doesn’t
get
ahead
of
the
hackers,
we
will
likely
see
roadblocks
to
rolling
out
new
SDx
applica+ons
….
….
because
of
the
fear
that
SDx
Infrastructure
cannot
protect
against
and
contain
new
aAacks.
“
SDxCentral SDx Infrastructure Security Report 2015 Edition
4. Key Security Perspectives
The security perimeter no longer exists.
Understanding the Cyber Attack Pattern Lifecycle
How do we prevent attacks with SDN/NFV ?
5. Preventing Across the Cyber Attack* Life Cycle
Unauthorized Access Unauthorized Use
Gather
Intelligence
Leverage
Exploit
Execute
Malware
Command
& Control
Actions on
the
objective
Reconnaissance Weaponization
& Delivery
Malware
Communicates
with Attacker
Exploitation Data Theft,
Sabotage,
Destruction
* Intelligence-Driven Computer Network Defense Informed by Analysis of Adversary Campaigns and Intrusion Kill Chains
Eric M. Hutchins, Michael J. Cloppert, Rohan M. Amin, Ph.D. Lockheed Martin Corporation
Breach
the
Perimeter
1 Deliver
the
Malware
2 Exfiltrate
Data
4Lateral
Movement
3
6. Security Challenges with NFV
Manual
Deployments
Slow
and
error-‐
prone
processes
to
enable
security
Transient
Workloads
Workload
lifespan
is
in
hours,
days
or
weeks
Sta'c
Remedia'on
Lack
of
dynamic
remediaCon
measures
Malware
30,000
new
malware
/day
8. Applying Zero Trust* to NFV
FoundationalSecurity
DesignPattern
* No More Chewy Centers: The Zero Trust Model of Information Security John Kindervag, Forester Research, 2014
Verify
and
Never
Trust
Inspect
and
Log
all
Traffic
Design
Network
Inside-‐Out
Predefine:
• User-Access Controls
• Layer-7 Interactions
Build:
• Security Compliance
• Auditable Entities
Enable:
• Fine grained kill switch
• Real-time Security Updates
9. Foundation Security Blueprint
FoundationalSecurity
DesignPattern
• Define
allowable
interacCons
• Add
applicaCon
security
paOern
• Sign-‐off
by
security
team
• Deploy
zero-‐trust
applicaCon
security
paOern.
• Merge
parameterized
paOern
with
tenant
instance
• Deny-‐All
to
Only-‐
Allowed
• Real-‐Cme
InspecCon
• Update
threat
paOerns,
sigs
et
al
• Disrupt
and/or
block
cyber
aOacks
• Archive
logs
&
policies
• Perform
forensics
• Generate
report
Prepare
Deploy
Update
Remove
1 2 3 4
Virtual Function Security Model Virtual Function
10. Implementation of Foundation Security Pattern
SecureEncapsulation
DesignPattern
Enforce zero-trust
model – block all
traffic until policy is
applied.
Security
Enforcement
Point
VM-‐A
Security
Enforcement
Point
VM-‐A
Security
Enforcement
Point
VM-‐A
Security
Enforcement
Point
VM-‐A
1
Security
Controller
Get signed “security pattern”
from VM deployment
Descriptor and deploy with
application.
2
Get VNI/Tenant ID for
instance mapping
bridge
vxlan nic
Apply policy/tenant
based on tenant ID
and application
security pattern
retrieved from
deployment.
4
3
v-‐wire
v-wire NFV deployed
security enforcement
point.
1
Data
link
Control
link
v-‐wire
11. Summary
• Security was one on the biggest impediments to
deployment of NFV.
• Leveraging NFV to define a foundational pattern to
protect application workloads.
• Application Security patterns can now be applied to the
foundational pattern to implement security from the
inside out
• Security is now a resource that scales with your NFV
infra-structure.
11