AWS serverless architecture components such as Amazon S3, Amazon SQS, Amazon SNS, CloudWatch Logs, DynamoDB, Amazon Kinesis, and Lambda can be tightly constrained in their operation. However, it may still be possible to use some of them to propagate payloads that could be used to exploit vulnerabilities in some consuming endpoints or user-generated code. This session explores techniques for enhancing the security of these services, from assessing and tightening permissions in IAM to integrating further tools and mechanisms for inline and out-of-band payload analysis that are more typically applied to traditional server-based architectures, and generalising these techniques to APIs for all AWS services.
Code is at: https://github.com/carlosonunez/code-for-demos/tree/master/terraform-enterprise
Have you ever wished you create users and groups for Terraform or Packer? Have you ever wanted to create a deployment pipeline without Jenkins or TeamCity? Do you wish that Terraform had audit logs? Have you ever said, "I wish I could get support for Terraform so that my company can actually use this thing?"
If so, then Terraform Enterprise is what you need, and this talk I did at HashiCorp DFW will show you what it is and how it works.
Demos are on YouTube!
Packer Cloud:
Terraform Enterprise:
As part of this presentation we covered basics of Terraform which is Infrastructure as code. It will helps to Devops teams to start with Terraform.
This document will be helpful for the development who wants to understand infrastructure as code concepts and if they want to understand the usability of terrform
Are you looking to automate your infrastructure but not sure where to start? View this presentation on ‘Getting started with Infrastructure as code’ to learn how to leverage IaC to deploy and manage resources on Azure. You will learn:
• Introduction to IaC
• Develop a simple IaC using Terraform
• Manage the deployed infrastructure using Terraform
View webinar recording at https://www.winwire.com/webinars
Bridging the Security Testing Gap in Your CI/CD PipelineDevOps.com
Are you struggling with application security testing? Do you wish it was easier, faster, and better? Join us to learn more about IAST, a next-generation application security tool that provides highly accurate, real-time vulnerability results without the need for application or source code scans. Learn how this nondisruptive tool can:
Run in the background and report vulnerabilities during functional testing, CI/CD, and QA activities.
Auto verify, prioritize and triage vulnerability findings in real time with 100% confidence.
Fully automate secure app delivery and deployment, without the need for extra security scans or processes.
Free up DevOps resources to focus on strategic or mission-critical tasks and contributions.
Code is at: https://github.com/carlosonunez/code-for-demos/tree/master/terraform-enterprise
Have you ever wished you create users and groups for Terraform or Packer? Have you ever wanted to create a deployment pipeline without Jenkins or TeamCity? Do you wish that Terraform had audit logs? Have you ever said, "I wish I could get support for Terraform so that my company can actually use this thing?"
If so, then Terraform Enterprise is what you need, and this talk I did at HashiCorp DFW will show you what it is and how it works.
Demos are on YouTube!
Packer Cloud:
Terraform Enterprise:
As part of this presentation we covered basics of Terraform which is Infrastructure as code. It will helps to Devops teams to start with Terraform.
This document will be helpful for the development who wants to understand infrastructure as code concepts and if they want to understand the usability of terrform
Are you looking to automate your infrastructure but not sure where to start? View this presentation on ‘Getting started with Infrastructure as code’ to learn how to leverage IaC to deploy and manage resources on Azure. You will learn:
• Introduction to IaC
• Develop a simple IaC using Terraform
• Manage the deployed infrastructure using Terraform
View webinar recording at https://www.winwire.com/webinars
Bridging the Security Testing Gap in Your CI/CD PipelineDevOps.com
Are you struggling with application security testing? Do you wish it was easier, faster, and better? Join us to learn more about IAST, a next-generation application security tool that provides highly accurate, real-time vulnerability results without the need for application or source code scans. Learn how this nondisruptive tool can:
Run in the background and report vulnerabilities during functional testing, CI/CD, and QA activities.
Auto verify, prioritize and triage vulnerability findings in real time with 100% confidence.
Fully automate secure app delivery and deployment, without the need for extra security scans or processes.
Free up DevOps resources to focus on strategic or mission-critical tasks and contributions.
DevSecOps is a word that combines development, security, and operations. DevSecOps deals with software development, operations, security, and services. It emphasizes communication, collaboration, and integration between software developers, security teams, and information technology operations personnel.
In this session, you will learn how to integrate security techniques into the DevOps process.
Jirayut Nimsaeng
Founder & CEO
Opsta (Thailand) Co., Ltd.
Youtube Record: https://youtu.be/mi8Zo9O6OUY
TechTalkThai Conference: Enterprise Cybersecurity 2021
October 5, 2021
All organizations want to go faster and decrease friction in their cloud software delivery pipeline. Infosec has an opportunity to change their classic approach from blocker to enabler. This talk will discuss hallmarks of CI/CD and some practical examples for adding security testing across different organizations. The talk will cover emergent patterns, practices and toolchains that bring security to the table.
Presented at OWASP NoVA, Sept 25th, 2018
DevSecOps (short for development, security, and operations) is a development practice that integrates security initiatives at every stage of the software development lifecycle to deliver robust and secure applications.
Today’s cutting edge companies have release cycles measured in days instead of months. This agility is enabled by the DevOps practice of continuous delivery, which automates building, testing, and deploying all code changes. This type of automation will help you catch bugs sooner and accelerate developer productivity. In this session we will share our AWS engineers embed security practices in DevOps, and discuss how you can use AWS services to securely enable DevOps agility in your organization.
Attendees will learn how to leverage the identity and authorisation, network security and secrets management features of the wider AWS platform for their containers, including Amazon Elastic Container Service (Amazon ECS) and Amazon Elastic Container Service for Kubernetes (Amazon EKS). We also discuss best practices for the security of your container images such as scanning them for known vulnerabilities.
Microsoft recently released Azure DevOps, a set of services that help developers and IT ship software faster, and with higher quality. These services cover planning, source code, builds, deployments, and artifacts. One of the great things about Azure DevOps is that it works great for any app and on any platform regardless of frameworks.
In this session, I will provide a hands on workshop guiding you through getting started with Azure Pipelines to build your application. Using continuous integration and deployment processes, you will leave with clear understanding and skills to get your applications up and running quickly in Azure DevOps and see the full benefits that CI/CD can bring to your organization.
The AWS platform offers a rich set of capabilities that can be leveraged by the customer to better control applications state, configuration, and supporting infrastructure throughout the service lifecycle – all while operating with security best practices such as audit and accountability, access control, change review and governance, and systems integrity. We will showcase and discuss design patterns for using these capabilities in synergy with fast-paced and agile application development methodologies – such as DevOps – to achieve an integrated security operations program.
The AWS platform offers a rich set of capabilities that can be leveraged by the customer to better control applications state, configuration, and supporting infrastructure throughout the service lifecycle – all while operating with security best practices such as audit and accountability, access control, change review and governance, and systems integrity. We will showcase and discuss design patterns for using these capabilities in synergy with fast-paced and agile application development methodologies – such as DevOps – to achieve an integrated security operations program.
DevSecOps is a word that combines development, security, and operations. DevSecOps deals with software development, operations, security, and services. It emphasizes communication, collaboration, and integration between software developers, security teams, and information technology operations personnel.
In this session, you will learn how to integrate security techniques into the DevOps process.
Jirayut Nimsaeng
Founder & CEO
Opsta (Thailand) Co., Ltd.
Youtube Record: https://youtu.be/mi8Zo9O6OUY
TechTalkThai Conference: Enterprise Cybersecurity 2021
October 5, 2021
All organizations want to go faster and decrease friction in their cloud software delivery pipeline. Infosec has an opportunity to change their classic approach from blocker to enabler. This talk will discuss hallmarks of CI/CD and some practical examples for adding security testing across different organizations. The talk will cover emergent patterns, practices and toolchains that bring security to the table.
Presented at OWASP NoVA, Sept 25th, 2018
DevSecOps (short for development, security, and operations) is a development practice that integrates security initiatives at every stage of the software development lifecycle to deliver robust and secure applications.
Today’s cutting edge companies have release cycles measured in days instead of months. This agility is enabled by the DevOps practice of continuous delivery, which automates building, testing, and deploying all code changes. This type of automation will help you catch bugs sooner and accelerate developer productivity. In this session we will share our AWS engineers embed security practices in DevOps, and discuss how you can use AWS services to securely enable DevOps agility in your organization.
Attendees will learn how to leverage the identity and authorisation, network security and secrets management features of the wider AWS platform for their containers, including Amazon Elastic Container Service (Amazon ECS) and Amazon Elastic Container Service for Kubernetes (Amazon EKS). We also discuss best practices for the security of your container images such as scanning them for known vulnerabilities.
Microsoft recently released Azure DevOps, a set of services that help developers and IT ship software faster, and with higher quality. These services cover planning, source code, builds, deployments, and artifacts. One of the great things about Azure DevOps is that it works great for any app and on any platform regardless of frameworks.
In this session, I will provide a hands on workshop guiding you through getting started with Azure Pipelines to build your application. Using continuous integration and deployment processes, you will leave with clear understanding and skills to get your applications up and running quickly in Azure DevOps and see the full benefits that CI/CD can bring to your organization.
The AWS platform offers a rich set of capabilities that can be leveraged by the customer to better control applications state, configuration, and supporting infrastructure throughout the service lifecycle – all while operating with security best practices such as audit and accountability, access control, change review and governance, and systems integrity. We will showcase and discuss design patterns for using these capabilities in synergy with fast-paced and agile application development methodologies – such as DevOps – to achieve an integrated security operations program.
The AWS platform offers a rich set of capabilities that can be leveraged by the customer to better control applications state, configuration, and supporting infrastructure throughout the service lifecycle – all while operating with security best practices such as audit and accountability, access control, change review and governance, and systems integrity. We will showcase and discuss design patterns for using these capabilities in synergy with fast-paced and agile application development methodologies – such as DevOps – to achieve an integrated security operations program.
This session is designed to teach security engineers, developers, solutions architects, and other technical security practitioners how to use a DevSecOps approach to design and build robust security controls at cloud-scale. This session walks through the design considerations of operating high-assurance workloads on top of the AWS platform and provides examples of how to automate configuration management and generate audit evidence for your own workloads. We’ll discuss practical examples using real code for automating security tasks, then dive deeper to map the configurations against various industry frameworks. This advanced session showcases how continuous integration and deployment pipelines can accelerate the speed of security teams and improve collaboration with software development teams.
Integrating-Cloud-Development-Security-And-Operations.pdfAmazon Web Services
Managing infrastructure as code has become an important process in scaling software organizations. This brings many software development processes and ideas to operations, including version control, automated testing, configuration management and reliable duplication. Programmable infrastructure becomes invaluable as application services grows, in quantity and granularity, in a growing company.
Automating the provisioning, configuration and deployment of complex applications requires some design choices on top of AWS services. This presentation discusses how to implement modularity, reliability and security into continuous delivery pipelines ("DevSecOps"). Learn how to automate application delivery using AWS CloudFormation and other tools from Amazon Web Services.
AWS is hosting the first FSI Cloud Symposium in Hong Kong, which will take place on Thursday, March 23, 2017 at Grand Hyatt Hotel. The event will bring together FSI customers, industry professional and AWS experts, to explore how to turn the dream of transformation, innovation and acceleration into reality by exploiting Cloud, Voice to Text and IoT technologies. The packed agenda includes expert sessions on a host of pressing issues, such as security and compliance, as well as customer experience sharing on how cloud computing is benefiting the industry.
Speaker: Iolaire Mckinnon, Senior Consultant - Security, Risk & Compliance, Professional Services, AWS
Security will always be our top priority. Agile deployment methods require a set of dynamic built-in security controls that keep pace with innovation and scale. In this session we will utilise the power of automation with the AWS platform to increase the agility of developers while maintaining a strong security posture.
Speaker: David Faulkner, Senior Technical Account Manager, Amazon Web Services
Integrating_Cloud_Development_Security_And_Operations.pdfAmazon Web Services
Managing infrastructure as code has become an important process in scaling software organizations. This brings many software development processes and ideas to operations, including version control, automated testing, configuration management and reliable duplication. Programmable infrastructure becomes invaluable as application services grows, in quantity and granularity, in a growing company.
Automating the provisioning, configuration and deployment of complex applications requires some design choices on top of AWS services. This presentation discusses how to implement modularity, reliability and security into continuous delivery pipelines ("DevSecOps"). Learn how to automate application delivery using AWS CloudFormation and other tools from Amazon Web Services.
Enterprises are increasingly looking for new ways to simplify and optimize their current development, orchestration, automation and deployment pipelines through the use of hybrid IT and the public cloud. In this session we will explore architecture patterns and integration approaches in the context of both new and existing AWS devops-focused services, with the goal of helping enterprises better iterate and reduce cost through the entire software development lifecycle.
Enterprises are increasingly looking for new ways to simplify and optimize their current development, orchestration, automation and deployment pipelines through the use of hybrid IT and the public cloud. In this session we will explore architecture patterns and integration approaches in the context of both new and existing AWS devops-focused services, with the goal of helping enterprises better iterate and reduce cost through the entire software development lifecycle.
Application Delivery Patterns for Developers - Technical 401Amazon Web Services
Every developer has gone through the frustration of creating new features, fixing bugs, or refactoring beautiful code, and then wait for it to reach the promise land of production. Come and learn how to get your changes in the hands of your customers with more speed, reliability, security and quality.
We will dive deep into architectures for continuous delivery pipelines, apply lean principles, and build intelligence into your pipeline.
Speaker: Shiva Narayanaswamy, Solutions Architect, Amazon Web Services
Featured Customer - REA Group
1. Overview of DevOps
2. Infrastructure as Code (IaC) and Configuration as code
3. Identity and Security protection in CI CD environment
4. Monitor Health of the Infrastructure/Application
5. Open Source Software (OSS) and third-party tools, such as Chef, Puppet, Ansible, and Terraform to achieve DevOps.
6. Future of DevOps Application
Today’s cutting edge companies have software release cycles measured in days instead of months. This agility is enabled by the DevOps practice of continuous delivery, which automates building, testing, and deploying all code changes. This automation helps you catch bugs sooner and accelerates developer productivity. In this session, we’ll share the processes followed by Amazon engineers and discuss how you can bring them to your company by using AWS CodePipeline and AWS CodeDeploy, services inspired by Amazon's internal developer tools and DevOps culture.
Enterprises are increasingly looking for new ways to simplify and optimize their current development, orchestration, automation and deployment pipelines through the use of hybrid IT and the public cloud. In this session we will explore architecture patterns and integration approaches in the context of both new and existing AWS devops-focused services, with the goal of helping enterprises better iterate and reduce cost through the entire software development lifecycle.
DevOps on Windows: How to Deploy Complex Windows Workloads | AWS Public Secto...Amazon Web Services
In this session, you will learn how to deploy complex Windows workloads and ways AWS CloudFormation, AWS OpsWorks, and AWS CodeDeploy enable you to automate your Windows application life-cycle management. We will also discuss the monitoring, logging, and automatically scaling of Windows applications. Learn More: https://aws.amazon.com/government-education/
AWS re:Invent 2016: Embracing DevSecOps while Improving Compliance and Securi...Amazon Web Services
This session will demonstrate how to embrace DevSecOps to improve your security and compliance agility and posture within the highly regulated HIPAA environment. We will cover compliance frameworks, data decoupling strategies to fully utilize AWS, and best practices learned from the industry most active cloud adopters.
Similar to Integrating Security into DevOps and CI / CD Environments - Pop-up Loft TLV 2017 (20)
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Amazon Web Services
Il Forecasting è un processo importante per tantissime aziende e viene utilizzato in vari ambiti per cercare di prevedere in modo accurato la crescita e distribuzione di un prodotto, l’utilizzo delle risorse necessarie nelle linee produttive, presentazioni finanziarie e tanto altro. Amazon utilizza delle tecniche avanzate di forecasting, in parte questi servizi sono stati messi a disposizione di tutti i clienti AWS.
In questa sessione illustreremo come pre-processare i dati che contengono una componente temporale e successivamente utilizzare un algoritmo che a partire dal tipo di dato analizzato produce un forecasting accurato.
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Amazon Web Services
La varietà e la quantità di dati che si crea ogni giorno accelera sempre più velocemente e rappresenta una opportunità irripetibile per innovare e creare nuove startup.
Tuttavia gestire grandi quantità di dati può apparire complesso: creare cluster Big Data su larga scala sembra essere un investimento accessibile solo ad aziende consolidate. Ma l’elasticità del Cloud e, in particolare, i servizi Serverless ci permettono di rompere questi limiti.
Vediamo quindi come è possibile sviluppare applicazioni Big Data rapidamente, senza preoccuparci dell’infrastruttura, ma dedicando tutte le risorse allo sviluppo delle nostre le nostre idee per creare prodotti innovativi.
Ora puoi utilizzare Amazon Elastic Kubernetes Service (EKS) per eseguire pod Kubernetes su AWS Fargate, il motore di elaborazione serverless creato per container su AWS. Questo rende più semplice che mai costruire ed eseguire le tue applicazioni Kubernetes nel cloud AWS.In questa sessione presenteremo le caratteristiche principali del servizio e come distribuire la tua applicazione in pochi passaggi
Vent'anni fa Amazon ha attraversato una trasformazione radicale con l'obiettivo di aumentare il ritmo dell'innovazione. In questo periodo abbiamo imparato come cambiare il nostro approccio allo sviluppo delle applicazioni ci ha permesso di aumentare notevolmente l'agilità, la velocità di rilascio e, in definitiva, ci ha consentito di creare applicazioni più affidabili e scalabili. In questa sessione illustreremo come definiamo le applicazioni moderne e come la creazione di app moderne influisce non solo sull'architettura dell'applicazione, ma sulla struttura organizzativa, sulle pipeline di rilascio dello sviluppo e persino sul modello operativo. Descriveremo anche approcci comuni alla modernizzazione, compreso l'approccio utilizzato dalla stessa Amazon.com.
Come spendere fino al 90% in meno con i container e le istanze spot Amazon Web Services
L’utilizzo dei container è in continua crescita.
Se correttamente disegnate, le applicazioni basate su Container sono molto spesso stateless e flessibili.
I servizi AWS ECS, EKS e Kubernetes su EC2 possono sfruttare le istanze Spot, portando ad un risparmio medio del 70% rispetto alle istanze On Demand. In questa sessione scopriremo insieme quali sono le caratteristiche delle istanze Spot e come possono essere utilizzate facilmente su AWS. Impareremo inoltre come Spreaker sfrutta le istanze spot per eseguire applicazioni di diverso tipo, in produzione, ad una frazione del costo on-demand!
In recent months, many customers have been asking us the question – how to monetise Open APIs, simplify Fintech integrations and accelerate adoption of various Open Banking business models. Therefore, AWS and FinConecta would like to invite you to Open Finance marketplace presentation on October 20th.
Event Agenda :
Open banking so far (short recap)
• PSD2, OB UK, OB Australia, OB LATAM, OB Israel
Intro to Open Finance marketplace
• Scope
• Features
• Tech overview and Demo
The role of the Cloud
The Future of APIs
• Complying with regulation
• Monetizing data / APIs
• Business models
• Time to market
One platform for all: a Strategic approach
Q&A
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Amazon Web Services
Per creare valore e costruire una propria offerta differenziante e riconoscibile, le startup di successo sanno come combinare tecnologie consolidate con componenti innovativi creati ad hoc.
AWS fornisce servizi pronti all'utilizzo e, allo stesso tempo, permette di personalizzare e creare gli elementi differenzianti della propria offerta.
Concentrandoci sulle tecnologie di Machine Learning, vedremo come selezionare i servizi di intelligenza artificiale offerti da AWS e, anche attraverso una demo, come costruire modelli di Machine Learning personalizzati utilizzando SageMaker Studio.
OpsWorks Configuration Management: automatizza la gestione e i deployment del...Amazon Web Services
Con l'approccio tradizionale al mondo IT per molti anni è stato difficile implementare tecniche di DevOps, che finora spesso hanno previsto attività manuali portando di tanto in tanto a dei downtime degli applicativi interrompendo l'operatività dell'utente. Con l'avvento del cloud, le tecniche di DevOps sono ormai a portata di tutti a basso costo per qualsiasi genere di workload, garantendo maggiore affidabilità del sistema e risultando in dei significativi miglioramenti della business continuity.
AWS mette a disposizione AWS OpsWork come strumento di Configuration Management che mira ad automatizzare e semplificare la gestione e i deployment delle istanze EC2 per mezzo di workload Chef e Puppet.
Scopri come sfruttare AWS OpsWork a garanzia e affidabilità del tuo applicativo installato su Instanze EC2.
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsAmazon Web Services
Vuoi conoscere le opzioni per eseguire Microsoft Active Directory su AWS? Quando si spostano carichi di lavoro Microsoft in AWS, è importante considerare come distribuire Microsoft Active Directory per supportare la gestione, l'autenticazione e l'autorizzazione dei criteri di gruppo. In questa sessione, discuteremo le opzioni per la distribuzione di Microsoft Active Directory su AWS, incluso AWS Directory Service per Microsoft Active Directory e la distribuzione di Active Directory su Windows su Amazon Elastic Compute Cloud (Amazon EC2). Trattiamo argomenti quali l'integrazione del tuo ambiente Microsoft Active Directory locale nel cloud e l'utilizzo di applicazioni SaaS, come Office 365, con AWS Single Sign-On.
Dal riconoscimento facciale al riconoscimento di frodi o difetti di fabbricazione, l'analisi di immagini e video che sfruttano tecniche di intelligenza artificiale, si stanno evolvendo e raffinando a ritmi elevati. In questo webinar esploreremo le possibilità messe a disposizione dai servizi AWS per applicare lo stato dell'arte delle tecniche di computer vision a scenari reali.
Amazon Web Services e VMware organizzano un evento virtuale gratuito il prossimo mercoledì 14 Ottobre dalle 12:00 alle 13:00 dedicato a VMware Cloud ™ on AWS, il servizio on demand che consente di eseguire applicazioni in ambienti cloud basati su VMware vSphere® e di accedere ad una vasta gamma di servizi AWS, sfruttando a pieno le potenzialità del cloud AWS e tutelando gli investimenti VMware esistenti.
Molte organizzazioni sfruttano i vantaggi del cloud migrando i propri carichi di lavoro Oracle e assicurandosi notevoli vantaggi in termini di agilità ed efficienza dei costi.
La migrazione di questi carichi di lavoro, può creare complessità durante la modernizzazione e il refactoring delle applicazioni e a questo si possono aggiungere rischi di prestazione che possono essere introdotti quando si spostano le applicazioni dai data center locali.
Crea la tua prima serverless ledger-based app con QLDB e NodeJSAmazon Web Services
Molte aziende oggi, costruiscono applicazioni con funzionalità di tipo ledger ad esempio per verificare lo storico di accrediti o addebiti nelle transazioni bancarie o ancora per tenere traccia del flusso supply chain dei propri prodotti.
Alla base di queste soluzioni ci sono i database ledger che permettono di avere un log delle transazioni trasparente, immutabile e crittograficamente verificabile, ma sono strumenti complessi e onerosi da gestire.
Amazon QLDB elimina la necessità di costruire sistemi personalizzati e complessi fornendo un database ledger serverless completamente gestito.
In questa sessione scopriremo come realizzare un'applicazione serverless completa che utilizzi le funzionalità di QLDB.
Con l’ascesa delle architetture di microservizi e delle ricche applicazioni mobili e Web, le API sono più importanti che mai per offrire agli utenti finali una user experience eccezionale. In questa sessione impareremo come affrontare le moderne sfide di progettazione delle API con GraphQL, un linguaggio di query API open source utilizzato da Facebook, Amazon e altro e come utilizzare AWS AppSync, un servizio GraphQL serverless gestito su AWS. Approfondiremo diversi scenari, comprendendo come AppSync può aiutare a risolvere questi casi d’uso creando API moderne con funzionalità di aggiornamento dati in tempo reale e offline.
Inoltre, impareremo come Sky Italia utilizza AWS AppSync per fornire aggiornamenti sportivi in tempo reale agli utenti del proprio portale web.
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareAmazon Web Services
Molte organizzazioni sfruttano i vantaggi del cloud migrando i propri carichi di lavoro Oracle e assicurandosi notevoli vantaggi in termini di agilità ed efficienza dei costi.
La migrazione di questi carichi di lavoro, può creare complessità durante la modernizzazione e il refactoring delle applicazioni e a questo si possono aggiungere rischi di prestazione che possono essere introdotti quando si spostano le applicazioni dai data center locali.
In queste slide, gli esperti AWS e VMware presentano semplici e pratici accorgimenti per facilitare e semplificare la migrazione dei carichi di lavoro Oracle accelerando la trasformazione verso il cloud, approfondiranno l’architettura e dimostreranno come sfruttare a pieno le potenzialità di VMware Cloud ™ on AWS.
Amazon Elastic Container Service (Amazon ECS) è un servizio di gestione dei container altamente scalabile, che semplifica la gestione dei contenitori Docker attraverso un layer di orchestrazione per il controllo del deployment e del relativo lifecycle. In questa sessione presenteremo le principali caratteristiche del servizio, le architetture di riferimento per i differenti carichi di lavoro e i semplici passi necessari per poter velocemente migrare uno o più dei tuo container.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
Welocme to ViralQR, your best QR code generator.ViralQR
Welcome to ViralQR, your best QR code generator available on the market!
At ViralQR, we design static and dynamic QR codes. Our mission is to make business operations easier and customer engagement more powerful through the use of QR technology. Be it a small-scale business or a huge enterprise, our easy-to-use platform provides multiple choices that can be tailored according to your company's branding and marketing strategies.
Our Vision
We are here to make the process of creating QR codes easy and smooth, thus enhancing customer interaction and making business more fluid. We very strongly believe in the ability of QR codes to change the world for businesses in their interaction with customers and are set on making that technology accessible and usable far and wide.
Our Achievements
Ever since its inception, we have successfully served many clients by offering QR codes in their marketing, service delivery, and collection of feedback across various industries. Our platform has been recognized for its ease of use and amazing features, which helped a business to make QR codes.
Our Services
At ViralQR, here is a comprehensive suite of services that caters to your very needs:
Static QR Codes: Create free static QR codes. These QR codes are able to store significant information such as URLs, vCards, plain text, emails and SMS, Wi-Fi credentials, and Bitcoin addresses.
Dynamic QR codes: These also have all the advanced features but are subscription-based. They can directly link to PDF files, images, micro-landing pages, social accounts, review forms, business pages, and applications. In addition, they can be branded with CTAs, frames, patterns, colors, and logos to enhance your branding.
Pricing and Packages
Additionally, there is a 14-day free offer to ViralQR, which is an exceptional opportunity for new users to take a feel of this platform. One can easily subscribe from there and experience the full dynamic of using QR codes. The subscription plans are not only meant for business; they are priced very flexibly so that literally every business could afford to benefit from our service.
Why choose us?
ViralQR will provide services for marketing, advertising, catering, retail, and the like. The QR codes can be posted on fliers, packaging, merchandise, and banners, as well as to substitute for cash and cards in a restaurant or coffee shop. With QR codes integrated into your business, improve customer engagement and streamline operations.
Comprehensive Analytics
Subscribers of ViralQR receive detailed analytics and tracking tools in light of having a view of the core values of QR code performance. Our analytics dashboard shows aggregate views and unique views, as well as detailed information about each impression, including time, device, browser, and estimated location by city and country.
So, thank you for choosing ViralQR; we have an offer of nothing but the best in terms of QR code services to meet business diversity!
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionAggregage
Join Maher Hanafi, VP of Engineering at Betterworks, in this new session where he'll share a practical framework to transform Gen AI prototypes into impactful products! He'll delve into the complexities of data collection and management, model selection and optimization, and ensuring security, scalability, and responsible use.
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
4. What is DevOps
Breakdown the barriers
Work as one team end to end
Support business and IT agility
Collaboration & Communication
Treat Infrastructure as code
Automate everything
Test, measure & monitor everything
Culture
Technology
7. What is DevSecOps
DevOps = Efficiencies that speed up this lifecycle
DevSecOps = Validate building blocks without slowing lifecycle
developers customers
releasetestbuild
plan monitor
delivery pipeline
feedback loop
Software development lifecycle
Security
8. Who is DevSecOps
• DevSecOps is
• Team/Community, not a person
• Automated and autonomous security
• Security at scale
• DevSecOps role
• Not there to audit code
• Implement the control segments to validate and audit code
and artifacts as part of the CI/CD process
Security
OperationsDevelopment
9. Continuous Integration
Techniques and tools to improve
the process of software
delivery, resulting in the ability to
rapidly, reliably, and repeatedly
push out enhancements and bug
fixes to customers at low risk and
with minimal manual overhead.
Techniques and tools to
implement the continuous
process of applying quality
control; in general, small pieces
of effort, applied frequently, to
improve the quality of software,
and to reduce the time taken to
deliver it.
Continuous Delivery
10. CI/CD for DevOps
Version
Control
CI Server
Package
Builder
Deploy
Server
Commit to
Git/masterDev
Get /
Pull
Code
AMIs
Send Build Report to Dev
Stop everything if build failed
Distributed Builds
Run Tests in parallel
Staging Env
Test Env
Code
Config
Tests
Prod Env
Push
Config
Install
Create
Repo
CloudFormation
Templates for Environment
Generate
13. What Does DevSecOps CI/CD Give Us?
• Confidence that our code is validated against corporate
security policies.
• Avoid infrastructure/application failure in a later
deployment due to different security configuration
• Match DevOps pace of innovation
• Audit and alert
• Security at scale!
14. Automation – What we heard
Automation pain point: AMI building
• Triggers: patching, hardening, application bake-in
• Never-ending
• Time consuming, especially when builds fail
• Overhead of maintaining build service
15. Automation
Introducing Automation
• Simplified automation solution
• Perfect for AMI updates, instance deployment & config
• Pro-active event notifications
• AWS optimized (EC2 Run Command, AWS Lambda, AWS
CloudTrail, IAM, and Amazon CloudWatch integrations)
16. Automation – Getting Started
1. Create an
automation
document
2. Run automation 3. Monitor your
automation
17. Automation - Documents
Input & output parameters
• Create default values, or assign at run-time
• Parameter Store integration
• System Variables (DATE, DATE_TIME, REGION,
EXECUTION_ID)
Demo examples
Document
Parameter Name
Default Value
sourceAMIid “{{ssm:sourceAMI}}”
targetAMIname “patchedAMI-{{global:DATE_TIME}}”
19. Automation – IAM Setup
1. Create a Service Role for Automation
• Permission for Automation service to operate in your account
2. Attach PassRole policy to user’s account
3. Launch instances with SSM role (AmazonEC2RoleforSSM)
22. AWS CloudFormation Primer
Allows you to define a “template” which is composed of
different “resources” and then provision that template into
repeatable, live, “stacks”.
CloudFormation (CFn) providing a single service interface
and abstracts the underlying API semantics and
implementation mechanics.
CFn templates can hook into external configuration
management frameworks such as Jenkins/Chef/Puppet/etc.
25. CFn for Security Practitioners
“Infrastructure is code”
• We already know how to manage “code” lifecycle
• Let CFn perform state changes and govern who calls CFn
Split ownership templates
• Merge code from Sec, Dev and Ops
• Baseline and build/state management
Provides inventory and documentation
• Resources are the same, just scaled
Integrate with Service Catalog
• Provides UI
• Use constraints (example: tags)
27. Split Ownership Configurations
Who knows your solution best?
• Dev, Infra, Sec…?
• Delegate ownership
Use Yaml and split file into chunks or functions
• Separate file sources with access control – Use IAM/VPC-E/etc.
• Push files -> Validate -> Merge files -> Validate -> Deploy -> Validate
Jenkins for deployment
• Promotion flows
• Move from manual to Automation based on validation quality
• Excellent for merging jobs of split configurations
28. Merging
From single file or multiple files
• Maintain access control using
policies
• Use different source stores if
needed
Based on function/state
Reusable patterns
Maintain order, especially of validation
• Security validation last to execute
• Security should always win
29. Validation
Keep track of what section you are
validating
• Stage vs Prod
• Merged vs separated
Validate often and log/alert
• Validate part and end result
• Run-time validation
Use external agents
• AWS Simple Work Flow
• AWS Lambda
• Etc.
30. Structured deployment using Split ownership
Create
Skeleton
-
Infra
team
Define
Resources
-
DevOps
Execute
-
Security
32. Applied Governance deconstructed
Deployment mechanisms for software artifacts
Configuration building blocks
Managing segmentation and security dependencies
…and a real scenario to wrap this all together.
33. Deployment Mechanisms for Software Artifacts
Amazon Machine
Images (AMIs)
Docker Image
OS Packages
Amazon EC2
Container Service
AWS
CloudFormation
AWS CodeDeploy
34. Amazon Machine
Images (AMIs)
Docker Images
OS Packages
Amazon EC2
Container Service
AWS
CloudFormation
AWS CodeDeploy
Software Artifacts Deployment Services
Deployment Mechanisms for Software Artifacts
36. Managing segmentation and security
dependencies
Why use these configuration building blocks to enforce
security?
• Remove accidental conflicts
• Make security processes continuous and automatic
• Encapsulate software artifacts and implement controls
one level up
• Control changes to these mechanisms via IAM
38. Does this flow feel familiar
1. Deploy Instance (Chef has it covered, so no worries…)
2. Follow checklist #1 for patches (Oops…New patches
arrived…need to update Chef)
3. Follow latest security list (Sec team don’t have access
to Chef yet…)
4. Put in production
5. SecOps called…they have a new list (Bother…)
6. Pull from production
7. Rinse and repeat
39. Design time vs run time decisions
Autonomous
Security
Configuration
Resources
EC2::LaunchConfiguration
EC2::Instance
SWF::FlowFramework
41. How can we translate that into our W’s?
• Who [is that instance]?
• What [is it’s configuration]?
• Where [is the instance provisioned]?
• When [was it launched]?
• Why [is this instance alive]?
Thought experiment: what is the root of trust
for your Amazon EC2 instances?
42. Scaling trust decisions - Allows
Allows Split Ownership
Allows intelligent decisions
• Inspect – Decide – Apply – Validate – Action - Log
Forced
• Comply or be destroyed
Security inventory for audits at scale
• Gather information from multiple sources
• Host based
• EC2 service
• Created artifacts
Unique per resource action and information
• Keys/Certificates
43. Scaling trust decisions - Do
Use combination of design time and run time decisions
Tie to authentication on-demand for secure access of
automated processes
Combine with Continuous scanning
• Code artifacts
• Resources (AWS Config)
Don’t mistake run time decisions with post deployment
• Run-time happen at creation but before being made available
44. Push pattern – web server certificate
DB tier Web tier
Secure tier
Presentation tier
AutoScaling Policy
Secure Flow
1. AutoScaling policy triggers
• Hook Pending:Wait
2. Flow
1. Create certificate *Unique*
2. Start web service
• Certificate in memory only
3. Delete certificate from disk
4. Install AWS CloudWatch Logs
5. Create SSH_RSA key *Unique*
6. Replace SSH_RSA key *Unique*
3. Validation
1. Check CW Logs API
2. Run WGET
4. Logging
1. Log information/state in DynamoDB (IAM!)
5. Continue/terminate instance/hook
1. Instance InService/terminated
RDS ELB
DynamoDB
CloudTrail
CloudWatch
Instance have no knowledge on
process or about the secure flow
No need for:
- Third party software
- Expensive licensing
- Magical fairy dust
All using AWS services
45. Run-time security flow – best practices
Avoid pull patterns
• Requires an available source/path from target system
• Own/compromise the target and you own the access process
Push ensures only outgoing traffic
• Instances have no path back to source
• Instances have no knowledge of the process/flow
Ephemeral/on-demand scripting on target
• Store in memory
• Create scripts on target on-demand at execution time
• Temporary credentials for first run
Keep source store on-instance (worker node) or S3 using dedicated VPC with
VPC-Endpoint for S3 policy
46. Tooling - Triggering
AutoScaling Group
• Use Lifecycle hooks
• Automatic repair of non approved instances
• SNS for integration with Workers/Lambda
• Use least privileges on AutoScaling Groupd instances
• Use IAM Instance Roles
• Unique credentials per instance
47. Tooling - Worker
Simple WorkFlow
• Flow engine for Ruby/Java
• Allow synchronous or asynchronous flows
• Deciders/Workers
• EC2 or Lambda
• Can be integrated into Elastic Beanstalk
• Use internal or external source for validation tasks/tests
• Checksum files before use
• Use Lambda/Elastic Beanstalk workers
48. Real-life trust applications
• Agent deployment/validation
• Integration with Configuration Management
(Chef/Puppet)
• Unique per-instance configuration
• Cross-instance network authentication
• Joining an Active Directory
Ask yourself what makes this instance trustworthy for any
of the above and how can I scale that trust?
49. A little bit extra…
“Continuous Deployment necessitates Continuous Pentesting”
If you work with a company which does pentesting on
demand, I’m interested in having a chat with them…
50. Customer
Environment
Provider
Environment
virtual private cloud
"Pentest as a
Service"
Elastic IP
instance
Elastic Load
Balancing
AWS
CodeCommit
virtual private cloud
Amazon API
Gateway
Amazon
SQS
Amazon
DynamoDB
AWS
Lambda
bucket
AWS
CodePipeline
AWS
CodeDeploy
AWS
Lambda
instance
Internet
gateway
Internet
gateway
AMI
AWS
Lambda
Amazon
Inspector
(1) (2)
(3)
(4)
instances
(5)
(6) (7) (8)
(9)
(10)
(11)
(12)
(13)
(14)(15)