For businesses running entirely on AWS, your AWS account is one of your most critical assets. Just as you might run an intrusion detection system in your on-premises network, you should monitor activity in your account to detect abnormal behavior. This session walks you through leveraging unique capabilities provided within AWS that enable you to detect and respond to changes in your environment.
(SEC307) A Progressive Journey Through AWS IAM Federation OptionsAmazon Web Services
AWS Identity and Access Management (IAM) offers a continuum of interfaces and configuration options that enables customers to integrate their unique organizational identity structure and operational processes to the AWS platform. In this session we will evaluate the progressive journey of federation options that most customers go through as they widen their integration with IAM. This will include best practices, lessons learned from the field, and examples of actual customer implementations, covering technologies such as SAML, LDAP, and custom identity brokers.
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer ToolsAmazon Web Services
Today’s cutting-edge companies have software release cycles measured in days instead of months. This agility is enabled by the DevOps practice of continuous delivery, which automates building, testing, and deploying all code changes. This automation helps you catch bugs sooner and accelerates developer productivity. In this session, we’ll share the processes that Amazon’s engineers use to practice DevOps and discuss how you can bring these processes to your company by using a new set of AWS tools (AWS CodePipeline and AWS CodeDeploy). These services were inspired by Amazon's own internal developer tools and DevOps culture.
AWS Solutions Architect Matt Tavis reviews high availability features for Microsoft Windows Server and SQL Server running on the AWS cloud. Windows Server Failover Clustering (WSFC) and SQL AlwaysOn Availability Groups are part of the underpinnings for many enterprise-class solutions, including Microsoft SharePoint and .NET applications. We will walk through an example implementation and share templates and sample code to help you deploy high availability architectures. Please review this virtual event geared for a technical audience.
Enterprise summit – architecting microservices on aws final v2Amazon Web Services
To tackle complexity and change, AWS customers are increasingly evolving their architectures from monoliths towards microservices, and benefiting from increased agility, simplified scalability, resiliency, and faster deployments. However, microservices also introduce new technical challenges. In this session, we'll provide an introduction and overview of the benefits and challenges of micrososervices, and share best practices for architecting and deploying microservices on AWS.
AWS Business Essentials helps IT business leaders and professionals understand the benefits of cloud computing and how a cloud strategy can help you meet your business objectives. In this course we discuss the advantages of cloud computing for your business and the fundamentals of AWS, including financial benefits. This course also introduces you to successful cloud adoption frameworks so to help you consider the AWS platform within your cloud computing strategy. We have broken this training into 3 parts during the event, in order to complete the training please plan to attend all 3 sessions.
(SEC307) A Progressive Journey Through AWS IAM Federation OptionsAmazon Web Services
AWS Identity and Access Management (IAM) offers a continuum of interfaces and configuration options that enables customers to integrate their unique organizational identity structure and operational processes to the AWS platform. In this session we will evaluate the progressive journey of federation options that most customers go through as they widen their integration with IAM. This will include best practices, lessons learned from the field, and examples of actual customer implementations, covering technologies such as SAML, LDAP, and custom identity brokers.
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer ToolsAmazon Web Services
Today’s cutting-edge companies have software release cycles measured in days instead of months. This agility is enabled by the DevOps practice of continuous delivery, which automates building, testing, and deploying all code changes. This automation helps you catch bugs sooner and accelerates developer productivity. In this session, we’ll share the processes that Amazon’s engineers use to practice DevOps and discuss how you can bring these processes to your company by using a new set of AWS tools (AWS CodePipeline and AWS CodeDeploy). These services were inspired by Amazon's own internal developer tools and DevOps culture.
AWS Solutions Architect Matt Tavis reviews high availability features for Microsoft Windows Server and SQL Server running on the AWS cloud. Windows Server Failover Clustering (WSFC) and SQL AlwaysOn Availability Groups are part of the underpinnings for many enterprise-class solutions, including Microsoft SharePoint and .NET applications. We will walk through an example implementation and share templates and sample code to help you deploy high availability architectures. Please review this virtual event geared for a technical audience.
Enterprise summit – architecting microservices on aws final v2Amazon Web Services
To tackle complexity and change, AWS customers are increasingly evolving their architectures from monoliths towards microservices, and benefiting from increased agility, simplified scalability, resiliency, and faster deployments. However, microservices also introduce new technical challenges. In this session, we'll provide an introduction and overview of the benefits and challenges of micrososervices, and share best practices for architecting and deploying microservices on AWS.
AWS Business Essentials helps IT business leaders and professionals understand the benefits of cloud computing and how a cloud strategy can help you meet your business objectives. In this course we discuss the advantages of cloud computing for your business and the fundamentals of AWS, including financial benefits. This course also introduces you to successful cloud adoption frameworks so to help you consider the AWS platform within your cloud computing strategy. We have broken this training into 3 parts during the event, in order to complete the training please plan to attend all 3 sessions.
AWS APAC Webinar Week - Real Time Data Processing with KinesisAmazon Web Services
Extracting real-time information from streaming data generated by mobile devices, sensors, and servers used to require distributed systems skills and writing custom code. This presentation will introduce Kinesis Streams and Kinesis Firehose, the AWS services for real-time streaming big data ingestion and processing.
We’ll provide an overview of the key scenarios and business use cases suitable for real-time processing, and how Kinesis can help customers shift from a traditional batch-oriented processing of data to a continual real-time processing model. We’ll explore the key concepts, attributes, APIs and features of the service, and discuss building a Kinesis-enabled application for real-time processing. This talk will also include key lessons learnt, architectural tips and design considerations in working with Kinesis and building real-time processing applications.
In this webinar, we will also provide an overview of Amazon Kinesis Firehose. We will then walk through a demo showing how to create an Amazon Kinesis Firehose delivery stream, send data to the stream, and configure it to load the data automatically into Amazon S3 and Amazon Redshift.
Amazon EC2 forms the backbone compute platform for hundreds of thousands of AWS customers, but how do you go beyond starting an instance and manually configuring it? This webinar takes you on a journey starting with the basics of key creation and security groups and ending with an Auto Scaling application driven by dynamic policies. It will explain the tools you need to create an Auto Scaling configuration and show you how to bootstrap an instance.
Building Scalable Windows and .NET Apps on AWS (TLS302) | AWS re:Invent 2013Amazon Web Services
The AWS SDK for .NET and the AWS Toolkit for Visual Studio help developers build scalable apps on AWS services. Learn how to use these tools to define app data in Amazon DynamoDB and access it through a simple object persistence framework. We demonstrate deploying a web app to a customized, auto-scaled AWS Elastic Beanstalk environment. Finally, using the new version of the AWS SDK for .NET, you learn how to access your AWS data from apps targeting the Windows Store and Windows Phone platforms.
How to use Lambda to build web, mobile, or IoT backends and voice-enabled apps, and we'll show you how to extend both AWS and third party services by triggering Lambda functions.
Microservices on AWS: Divide & Conquer for Agility and ScalabilityAmazon Web Services
To tackle complexity and change, AWS customers are increasingly evolving their architectures from monoliths towards microservices, and benefiting from increased agility, simplified scalability, resiliency, and faster deployments. However, microservices also introduce new technical challenges. In this session, we'll provide an introduction and overview of the benefits and challenges of micrososervices, and share best practices for architecting and deploying microservices on AWS.
Join ClearScale and AWS to learn how the San Jose Water Company worked with ClearScale to leverage Docker and the latest AWS DevOps tools including Amazon ECS, Amazon EC2 Container Registry (ECR) and AWS CodePipeline, to deliver new app features faster, with lower overhead. Gaining a competitive edge in the modern business landscape often depends on delivering apps with small, quick changes that create faster time-to-market, with focused value for the end customer. Successful companies adopt a DevOps model that automates continuous app delivery and may use a software containerization platform, both to accelerate releases and reduce risk. ClearScale is an AWS DevOps Premier Consulting Partner that helps decrease your time to market, governance and compliance risks, and lower your operational costs.
Join us to learn:
• The advantages of DevOps on AWS, using the latest AWS tools and Docker
• Best practices to design and deploy containers on AWS, based on experiences of the San Jose Water Company
• Learn from ClearScale experts about proven automation techniques for DevOps on AWS
Who should attend: CTOs, CIOs, CISOs, VPs of Engineering, VPs of Development, Business Development Directors, Senior Development Managers, Senior Architects, Business Development Managers
Mobile App development is very popular today and cloud provides a highly scalable and available backend for mobile apps. In this session, we will introduce how to use AWS services include Lambda, DynamoDB, Cognito, Mobile Analytics and SNS, to create a serverless location aware mobile app.
AWS re:Invent 2016: IAM Best Practices to Live By (SAC317)Amazon Web Services
This session covers AWS Identity and Access Management (IAM) best practices that can help improve your security posture. We cover how to manage users and their security credentials. We also explain why you should delete your root access keys—or at the very least, rotate them regularly. Using common use cases, we demonstrate when to choose between using IAM users and IAM roles. Finally, we explore how to set permissions to grant least privilege access control in one or more of your AWS accounts.
Access Control for the Cloud: AWS Identity and Access Management (IAM) (SEC20...Amazon Web Services
Learn how AWS IAM enables you to control who can do what in your AWS environment. We discuss how IAM provides flexible access control that helps you maintain security while adapting to your evolving business needs. Wel review how to integrate AWS IAM with your existing identity directories via identity federation. We outline some of the unique challenges that make providing IAM for the cloud a little different. And throughout the presentation, we highlight recent features that make it even easier to manage the security of your workloads on the cloud.
Level 100: Get Started and Migrate Your Data to AWS
Millions of customers are leveraging AWS for increased flexibility, scalability, and reliability. This "how-to" webinar will cover the basics of getting started with AWS and migrating your data to AWS. this session will also cover core AWS services, such as Amazon EC2 and Amazon S3, and provide demonstrations of how to set up and utilize those services to launch virtual machines in the cloud, backup and restore data. This session will also cover the storage options available today to upload/move your data to AWS.
Reasons to attend:
Learn how to create an AWS account and access its free services, to create and run a virtual machine in the cloud
Understand how to create backup and restore an Amazon EC2 instance
Store and share files online with Amazon S3
Learn how to manage costs and set up billing alerts
Leverage the different storage options to migrate your data
(MBL402) Mobile Identity Management & Data Sync Using Amazon CognitoAmazon Web Services
Developing mobile apps can be complex and time-consuming. Learn how to simplify mobile identity management and data synchronization across devices. In addition, learn how to follow security best practices to give your app access to the resources it needs to provide a great user experience without hard-coding security credentials. We will cover how to easily and securely onboard users as anonymous guests using public login providers like Amazon, Facebook, Twitter, or your own user identity system. We are very excited to have Twitter representatives join us on stage for a deep dive on authenticating users with Twitter and Digits, which enables users to sign in with their phone numbers.
(SEC305) How to Become an IAM Policy Ninja in 60 Minutes or LessAmazon Web Services
Are you interested in learning how to control access to your AWS resources? Have you ever wondered how to best scope down permissions to achieve least privilege permissions access control? If your answer to these questions is "yes," this session is for you. We will take an in-depth look at the AWS Identity and Access Management (IAM) policy language. We will start with the basics of the policy language and how to create and attach policies to IAM users, groups, and roles. As we dive deeper, we will explore policy variables, conditions, and other tools to help you author least privilege policies. Throughout the session, we will cover some common use cases, such as granting a user secure access to an Amazon S3 bucket or locking down access to Amazon EC2 instances. The demonstrations will use tools such as the policy editor and policy simulator to debug policies.
AWS and its partners offer a wide range of tools and features to help you to meet your security objectives. These tools mirror the familiar controls you deploy within your on-premises environments. AWS provides security-specific tools and features across network security, configuration management, access control and data security. In addition, AWS provides monitoring and logging tools to can provide full visibility into what is happening in your environment. In this session, you will get introduced to the range of security tools and features that AWS offers, and the latest security innovations coming from AWS.
AWS provides several security capabilities and services to increase privacy and control infrastructure access. Built-in firewalls allow you to create private networks within AWS, and also control network access to your instances and subnets. Identity and access management capabilities enable you to define individual user accounts with permissions across AWS resources. AWS also provides tools and features that enable you to see exactly what’s happening in your AWS environment. In this session, you will gain an understanding of preventive and detective controls at the infrastructure level on AWS. We will cover Identity and Access Management as well as the security aspects of Amazon EC2, Virtual Private Cloud (VPC), Elastic Load Balancing (ELB), and CloudTrail.
AWS re:Invent 2016: Scaling Security Resources for Your First 10 Million Cust...Amazon Web Services
Cloud computing offers many advantages, such as the ability to scale your web applications or website on demand. But how do you scale your security and compliance infrastructure along with the business? Join this session to understand best practices for scaling your security resources as you grow from zero to millions of users. Specifically, you learn the following:
How to scale your security and compliance infrastructure to keep up with a rapidly expanding threat base.
The security implications of scaling for numbers of users and numbers of applications, and how to satisfy both needs.
How agile development with integrated security testing and validation leads to a secure environment.
Best practices and design patterns of a continuous delivery pipeline and the appropriate security-focused testing for each.
The necessity of treating your security as code, just as you would do with infrastructure.
The services covered in this session include AWS IAM, Auto Scaling, Amazon Inspector, AWS WAF, and Amazon Cognito.
(SEC303) Architecting for End-To-End Security in the EnterpriseAmazon Web Services
This session tells the story of how security-minded enterprises provide end-to-end protection of their sensitive data in AWS. Learn about the enterprise security architecture decisions made by Fortune 500 organizations during actual sensitive workload deployments as told by the AWS professional service security, risk, and compliance team members who lived them. In this technical walkthrough, we share lessons learned from the development of enterprise security strategy, security use-case development, end-to-end security architecture and service composition, security configuration decisions, and the creation of AWS security operations playbooks to support the architecture.
AWS IoT is a managed cloud platform that lets connected devices easily and securely interact with cloud applications and other devices. In this session, we will discuss how constrained devices can leverage AWS IoT to send data to the cloud and receive commands back to the device using the protocol of their choice. We will discuss how devices can connect securely using MQTT and HTTP protocols, and how can developers and businesses can leverage the AWS IoT Rules Engine, Thing Shadows, and accelerate prototype development using AWS IoT Device SDKs. We will cover major hardware platforms from Arduino, Marvell, Dragonboard and MediaTek.
(SEC402) Intrusion Detection in the Cloud | AWS re:Invent 2014Amazon Web Services
If your business runs entirely on AWS, your AWS account is one of your most critical assets. Just as you might run an intrusion detection system in your on-premises network, you should monitor activity in your AWS account to detect abnormal behavior. This session walks you through leveraging unique capabilities in AWS that you can use to detect and respond to changes in your environment.
(SEC316) Harden Your Architecture w/ Security Incident Response SimulationsAmazon Web Services
Using Security Incident Response Simulations (SIRS--also commonly called IR Game Days) regularly keeps your first responders in practice and ready to engage in real events. SIRS help you identify and close security gaps in your platform, and application layers then validate your ability to respond. In this session, we will share a straightforward method for conducting SIRS. Then AWS enterprise customers will take the stage to share their experience running joint SIRS with AWS on their AWS architectures. Learn about detection, containment, data preservation, security controls, and more.
AWS APAC Webinar Week - Real Time Data Processing with KinesisAmazon Web Services
Extracting real-time information from streaming data generated by mobile devices, sensors, and servers used to require distributed systems skills and writing custom code. This presentation will introduce Kinesis Streams and Kinesis Firehose, the AWS services for real-time streaming big data ingestion and processing.
We’ll provide an overview of the key scenarios and business use cases suitable for real-time processing, and how Kinesis can help customers shift from a traditional batch-oriented processing of data to a continual real-time processing model. We’ll explore the key concepts, attributes, APIs and features of the service, and discuss building a Kinesis-enabled application for real-time processing. This talk will also include key lessons learnt, architectural tips and design considerations in working with Kinesis and building real-time processing applications.
In this webinar, we will also provide an overview of Amazon Kinesis Firehose. We will then walk through a demo showing how to create an Amazon Kinesis Firehose delivery stream, send data to the stream, and configure it to load the data automatically into Amazon S3 and Amazon Redshift.
Amazon EC2 forms the backbone compute platform for hundreds of thousands of AWS customers, but how do you go beyond starting an instance and manually configuring it? This webinar takes you on a journey starting with the basics of key creation and security groups and ending with an Auto Scaling application driven by dynamic policies. It will explain the tools you need to create an Auto Scaling configuration and show you how to bootstrap an instance.
Building Scalable Windows and .NET Apps on AWS (TLS302) | AWS re:Invent 2013Amazon Web Services
The AWS SDK for .NET and the AWS Toolkit for Visual Studio help developers build scalable apps on AWS services. Learn how to use these tools to define app data in Amazon DynamoDB and access it through a simple object persistence framework. We demonstrate deploying a web app to a customized, auto-scaled AWS Elastic Beanstalk environment. Finally, using the new version of the AWS SDK for .NET, you learn how to access your AWS data from apps targeting the Windows Store and Windows Phone platforms.
How to use Lambda to build web, mobile, or IoT backends and voice-enabled apps, and we'll show you how to extend both AWS and third party services by triggering Lambda functions.
Microservices on AWS: Divide & Conquer for Agility and ScalabilityAmazon Web Services
To tackle complexity and change, AWS customers are increasingly evolving their architectures from monoliths towards microservices, and benefiting from increased agility, simplified scalability, resiliency, and faster deployments. However, microservices also introduce new technical challenges. In this session, we'll provide an introduction and overview of the benefits and challenges of micrososervices, and share best practices for architecting and deploying microservices on AWS.
Join ClearScale and AWS to learn how the San Jose Water Company worked with ClearScale to leverage Docker and the latest AWS DevOps tools including Amazon ECS, Amazon EC2 Container Registry (ECR) and AWS CodePipeline, to deliver new app features faster, with lower overhead. Gaining a competitive edge in the modern business landscape often depends on delivering apps with small, quick changes that create faster time-to-market, with focused value for the end customer. Successful companies adopt a DevOps model that automates continuous app delivery and may use a software containerization platform, both to accelerate releases and reduce risk. ClearScale is an AWS DevOps Premier Consulting Partner that helps decrease your time to market, governance and compliance risks, and lower your operational costs.
Join us to learn:
• The advantages of DevOps on AWS, using the latest AWS tools and Docker
• Best practices to design and deploy containers on AWS, based on experiences of the San Jose Water Company
• Learn from ClearScale experts about proven automation techniques for DevOps on AWS
Who should attend: CTOs, CIOs, CISOs, VPs of Engineering, VPs of Development, Business Development Directors, Senior Development Managers, Senior Architects, Business Development Managers
Mobile App development is very popular today and cloud provides a highly scalable and available backend for mobile apps. In this session, we will introduce how to use AWS services include Lambda, DynamoDB, Cognito, Mobile Analytics and SNS, to create a serverless location aware mobile app.
AWS re:Invent 2016: IAM Best Practices to Live By (SAC317)Amazon Web Services
This session covers AWS Identity and Access Management (IAM) best practices that can help improve your security posture. We cover how to manage users and their security credentials. We also explain why you should delete your root access keys—or at the very least, rotate them regularly. Using common use cases, we demonstrate when to choose between using IAM users and IAM roles. Finally, we explore how to set permissions to grant least privilege access control in one or more of your AWS accounts.
Access Control for the Cloud: AWS Identity and Access Management (IAM) (SEC20...Amazon Web Services
Learn how AWS IAM enables you to control who can do what in your AWS environment. We discuss how IAM provides flexible access control that helps you maintain security while adapting to your evolving business needs. Wel review how to integrate AWS IAM with your existing identity directories via identity federation. We outline some of the unique challenges that make providing IAM for the cloud a little different. And throughout the presentation, we highlight recent features that make it even easier to manage the security of your workloads on the cloud.
Level 100: Get Started and Migrate Your Data to AWS
Millions of customers are leveraging AWS for increased flexibility, scalability, and reliability. This "how-to" webinar will cover the basics of getting started with AWS and migrating your data to AWS. this session will also cover core AWS services, such as Amazon EC2 and Amazon S3, and provide demonstrations of how to set up and utilize those services to launch virtual machines in the cloud, backup and restore data. This session will also cover the storage options available today to upload/move your data to AWS.
Reasons to attend:
Learn how to create an AWS account and access its free services, to create and run a virtual machine in the cloud
Understand how to create backup and restore an Amazon EC2 instance
Store and share files online with Amazon S3
Learn how to manage costs and set up billing alerts
Leverage the different storage options to migrate your data
(MBL402) Mobile Identity Management & Data Sync Using Amazon CognitoAmazon Web Services
Developing mobile apps can be complex and time-consuming. Learn how to simplify mobile identity management and data synchronization across devices. In addition, learn how to follow security best practices to give your app access to the resources it needs to provide a great user experience without hard-coding security credentials. We will cover how to easily and securely onboard users as anonymous guests using public login providers like Amazon, Facebook, Twitter, or your own user identity system. We are very excited to have Twitter representatives join us on stage for a deep dive on authenticating users with Twitter and Digits, which enables users to sign in with their phone numbers.
(SEC305) How to Become an IAM Policy Ninja in 60 Minutes or LessAmazon Web Services
Are you interested in learning how to control access to your AWS resources? Have you ever wondered how to best scope down permissions to achieve least privilege permissions access control? If your answer to these questions is "yes," this session is for you. We will take an in-depth look at the AWS Identity and Access Management (IAM) policy language. We will start with the basics of the policy language and how to create and attach policies to IAM users, groups, and roles. As we dive deeper, we will explore policy variables, conditions, and other tools to help you author least privilege policies. Throughout the session, we will cover some common use cases, such as granting a user secure access to an Amazon S3 bucket or locking down access to Amazon EC2 instances. The demonstrations will use tools such as the policy editor and policy simulator to debug policies.
AWS and its partners offer a wide range of tools and features to help you to meet your security objectives. These tools mirror the familiar controls you deploy within your on-premises environments. AWS provides security-specific tools and features across network security, configuration management, access control and data security. In addition, AWS provides monitoring and logging tools to can provide full visibility into what is happening in your environment. In this session, you will get introduced to the range of security tools and features that AWS offers, and the latest security innovations coming from AWS.
AWS provides several security capabilities and services to increase privacy and control infrastructure access. Built-in firewalls allow you to create private networks within AWS, and also control network access to your instances and subnets. Identity and access management capabilities enable you to define individual user accounts with permissions across AWS resources. AWS also provides tools and features that enable you to see exactly what’s happening in your AWS environment. In this session, you will gain an understanding of preventive and detective controls at the infrastructure level on AWS. We will cover Identity and Access Management as well as the security aspects of Amazon EC2, Virtual Private Cloud (VPC), Elastic Load Balancing (ELB), and CloudTrail.
AWS re:Invent 2016: Scaling Security Resources for Your First 10 Million Cust...Amazon Web Services
Cloud computing offers many advantages, such as the ability to scale your web applications or website on demand. But how do you scale your security and compliance infrastructure along with the business? Join this session to understand best practices for scaling your security resources as you grow from zero to millions of users. Specifically, you learn the following:
How to scale your security and compliance infrastructure to keep up with a rapidly expanding threat base.
The security implications of scaling for numbers of users and numbers of applications, and how to satisfy both needs.
How agile development with integrated security testing and validation leads to a secure environment.
Best practices and design patterns of a continuous delivery pipeline and the appropriate security-focused testing for each.
The necessity of treating your security as code, just as you would do with infrastructure.
The services covered in this session include AWS IAM, Auto Scaling, Amazon Inspector, AWS WAF, and Amazon Cognito.
(SEC303) Architecting for End-To-End Security in the EnterpriseAmazon Web Services
This session tells the story of how security-minded enterprises provide end-to-end protection of their sensitive data in AWS. Learn about the enterprise security architecture decisions made by Fortune 500 organizations during actual sensitive workload deployments as told by the AWS professional service security, risk, and compliance team members who lived them. In this technical walkthrough, we share lessons learned from the development of enterprise security strategy, security use-case development, end-to-end security architecture and service composition, security configuration decisions, and the creation of AWS security operations playbooks to support the architecture.
AWS IoT is a managed cloud platform that lets connected devices easily and securely interact with cloud applications and other devices. In this session, we will discuss how constrained devices can leverage AWS IoT to send data to the cloud and receive commands back to the device using the protocol of their choice. We will discuss how devices can connect securely using MQTT and HTTP protocols, and how can developers and businesses can leverage the AWS IoT Rules Engine, Thing Shadows, and accelerate prototype development using AWS IoT Device SDKs. We will cover major hardware platforms from Arduino, Marvell, Dragonboard and MediaTek.
(SEC402) Intrusion Detection in the Cloud | AWS re:Invent 2014Amazon Web Services
If your business runs entirely on AWS, your AWS account is one of your most critical assets. Just as you might run an intrusion detection system in your on-premises network, you should monitor activity in your AWS account to detect abnormal behavior. This session walks you through leveraging unique capabilities in AWS that you can use to detect and respond to changes in your environment.
(SEC316) Harden Your Architecture w/ Security Incident Response SimulationsAmazon Web Services
Using Security Incident Response Simulations (SIRS--also commonly called IR Game Days) regularly keeps your first responders in practice and ready to engage in real events. SIRS help you identify and close security gaps in your platform, and application layers then validate your ability to respond. In this session, we will share a straightforward method for conducting SIRS. Then AWS enterprise customers will take the stage to share their experience running joint SIRS with AWS on their AWS architectures. Learn about detection, containment, data preservation, security controls, and more.
Analysis and Design for Intrusion Detection System Based on Data MiningPritesh Ranjan
Reference:
Dyuanyang Zhao, Zhilin Feng, Qingxiang Xu, “Analysis and design for Intrusion detection system based on data mining” in proceedings of 2010 IEEE second international workshop on education technology and computer science
Open Source Private Cloud Management with OpenStack and Security Evaluation w...XHANI TRUNGU
Nowadays, we hear about terms like, cloud computing, cloud architectures, virtualization technologies, cloud management systems, clustering and cloud security systems. By a first glance these terms are a bit vague, and questions arise about what is a cloud, what is virtualization and finally what is clustering.
Architecture Challenges In Cloud ComputingIndicThreads
Session Presented @IndicThreads Cloud Computing Conference, Pune, India ( http://u10.indicthreads.com )
------------
The Java EE 6 platform is an extreme makeover from the previous versions. It breaks the “one size fits all” approach with Profiles and improves on the Java EE 5 developer productivity features. It enables extensibility by embracing open source libraries and frameworks such that they are treated as first class citizens of the platform. NetBeans, Eclipse, and IntelliJ provide extensive tooling for Java EE 6.
But how can you leverage all of this on a cloud ?
GlassFish v3, the Reference Implementation of Java EE 6, can easily run on multiple cloud infrastructures. This talk will provide a brief introduction to Java EE 6 and GlassFish v3. The attendees will learn how to create a simple Java EE 6 sample application and deploy them on GlassFish v3 running locally. Then it will deploy that sample using Amazon, RightScale, Joyent, and Elastra cloud infrastructures. It will also show how servers are dynamically provisioned in some environments to meet the demand. The talk will also explain the advantages of each approach enabling you to choose the optimal strategy for your environment.
Takeaways from the session
The attendees will be able to learn how to deploy a Java EE 6 application in different cloud environments. They’ll also learn about the pros/cons of these infrastructures.
(SEC404) Incident Response in the Cloud | AWS re:Invent 2014Amazon Web Services
You've employed the practices outlined for incident detection, but what do you do when you detect an incident in the cloud? This session walks you through a hypothetical incident response on AWS. Learn to leverage the unique capabilities of the AWS environment when you respond to an incident, which in many ways is similar to how you respond to incidents in your own infrastructure. This session also covers specific environment recovery steps available on AWS.
The “Gartner Perspective: IT Spending” booklet provides an
overview of Gartner research on IT spending and functions as
a reference guide to top-level statistics and IT spending analysis.
It provides a glimpse into the
powerful insight Gartner can
provide as you navigate through
what may be the most important
year of your career.
Description:
With the Summer '15 release, you will be able to automatically create, update, and delete user accounts on services such as Google and Box, based on changes to user accounts in your Salesforce organization or Active Directory service. This feature also provides a centralized view of all user accounts across your applications and services. Learn how you can automate user account management across third-party applications and services!
What you will learn:
How user events, such as creating a user or assigning a permission set, can trigger corresponding updates in third-party services
How automatic de-provisioning of third-party user accounts can improve security while saving you time and money
How Salesforce Identity Connect can capture events in Active Directory and apply user provisioning updates to Salesforce that in turn can trigger updates to an external application
How approval processes, auditing, and reporting help you manage user accounts effectively
Intended audience
Existing or prospective Salesforce Platform admins and developers
ISV partners who want to package this feature to automate user creation and deletion in their applications running outside the Salesforce platform.
Maybe you have hosted multiple webinars, or are leading up to your first event! Either way, learn the proper webinar etiquette for being the presenter, co-presenter and an attendee.
Email is the cornerstone of any successful marketing campaign. In fact, 68% of marketers say that email is a core component of their business strategy. So, maximizing the impact of your customer emails is more important today than ever before.
Nearly 83 promotional emails are sent to your customers each day, heightening the scrutiny of inbox management. By leveraging the power of Predictive Intelligence in your email marketing strategy, you help your customers make the ‘keep or delete’ decision effortless with meaningful, personalized content in each email that subscribers won’t ignore.
Please join Eric Tobias, Vice President of Web and Predictive Intelligence Products, Salesforce ExactTarget Marketing Cloud, for an insightful webinar that will focus on nurturing your 1:1 customer relationships and maximizing inbox relevancy with seven strategies to enrich your email marketing.
Mission Critical Applications Workloads on Amazon Web ServicesAmazon Web Services
In this session we will walk through practical examples of how Amazon Web Services customers operate heavily regulated workloads and mission critical applications in the cloud. Through real world customer examples we will apply security and governance controls which will provide you with increased visibility and control of your application and infrastructure for these workloads. You will learn how Enterprise secure and enable audit controls on their heavily regulated workloads in an Amazon Web Services Account. At the same time, extend your datacenter and control mechanisms to Amazon Web Services.
Shaun Ray, Head of Solutions Architect, Amazon Web Services, ASEAN
How to Identify and Prevent ESD Failures using PathFinderAnsys
This presentation provides an introduction to common ESD failure mechanism in today's ICs and the challenges in addressing them. It will highlight PathFinder, a layout based ESD integrity analysis platform with an integrated modeling, extraction and simulation environment that enables IC designers perform exhaustive verification of all ESD discharge pathways at the IP and full-chip level. It will also share case study of some real life ESD failure scenarios and how PathFinder was used to root-cause them. It reviews the list of ESD checks that can be performed from early floor planning to final sign-off for ESD robustness and ESD failure prevention. Learn more on our website: https://bit.ly/1vRDycB
AWSome Day Online 2020_Modul 4: Mengamankan aplikasi cloud AndaAmazon Web Services
Modul ini membahas bagaimana pendekatan AWS dapat mengamankan cloud, bersama dengan Model Tanggung Jawab Bersama AWS, Manajemen dan Kontrol Akses AWS, Program Kepatuhan Keamanan AWS, dan sumber daya yang tersedia bagi Anda guna memahami opsi keamanan AWS Cloud dengan lebih baik.
AWSome Day Online 2020_Module 4: Secure your cloud applicationsAmazon Web Services
This module covers how AWS approaches securing the cloud, along with the AWS Shared Responsibility Model, AWS Access Control and Management, AWS Security Compliance Programs, and resources available to you in better understanding AWS Cloud security options.
AWS re:Invent 2016: Hackproof Your Cloud: Responding to 2016 Threats (SAC308)Amazon Web Services
CloudCheckr Co-Founders Aaron Newman and Aaron Klein will highlight effective strategies and tools that AWS users can employ to improve their security posture. Specific emphasis will be placed upon leveraging native AWS services and the talk will include concrete steps that users can begin employing immediately. Session sponsored by CloudCheckr.
AWS Competency Partner
AWS SSA Webinar 11 - Getting started on AWS: SecurityCobus Bernard
In this session, we will take a deeper look at the security services and features available on AWS. We will look at how Identity and Access Management (IAM) works by covering IAM users, policies, roles, groups. We will also look at AWS Security groups and how they are applied to the different infrastructure components, e.g. Amazon EC2 instances, Load Balancers, Databases (via Amazon RDS). Lastly, we will take a quick look at Amazon Certificate Manager for SSL certificates and mention additional services like Amazon Detective, GuardDuty, Macie, WAF.
Hackproof Your Gov Cloud: Mitigating Risks for 2017 and Beyond | AWS Public S...Amazon Web Services
We constantly hear about huge hacks in the media, with companies losing millions of dollars in an instant. While this problem is large for the enterprise side of the world, it is even more detrimental when it comes to the fedspace. CloudCheckr Co-Founder & CEO Aaron Newman will highlight effective strategies and tools that AWS users can employ to improve their security posture. Often times the biggest threat to security is the human, Aaron will go through ways to work around this and how you can shore up security to avoid these errors. Specific emphasis will be placed upon leveraging native AWS services and the talk will include concrete steps that users can begin employing immediately. Learn More: https://aws.amazon.com/government-education/
* 발표 동영상: https://youtu.be/NoCh_GFudiM
본 세션에서는 Amazon 컨테이너 환경에서 애플리케이션을 구동할 때 고려해야 하는 보안 요소들을 알아봅니다. 특히, 컨테이너 이미지 저장소인 Amazon ECR의 이미지 스캐닝, 그리고 접근제어, 민감 정보 처리 등의 컨테이너 보안 베스트 프랙티스를 다룹니다.
In addition to running databases in Amazon EC2, AWS customers can choose among a variety of managed database services. These services save effort, save time, and unlock new capabilities and economies. In this session, we make it easy to understand how they differ, what they have in common, and how to choose one or more. We explain the fundamentals of Amazon DynamoDB, a fully managed NoSQL database service; Amazon RDS, a relational database service in the cloud; Amazon ElastiCache, a fast, in-memory caching service in the cloud; and Amazon Redshift, a fully managed, petabyte-scale data-warehouse solution that can be surprisingly economical. We will cover how each service might help support your application, how much each service costs, and how to get started.
AWS Summit 2014 Melbourne - Breakout 3
The AWS Cloud infrastructure has been architected to be one of the most flexible and secure cloud computing environments available today. In this session, we’ll provide a practical understanding of the assurance programs that AWS provides; such as HIPAA, FedRAMP(SM), PCI DSS Level 1, MPAA, and many others. We’ll also address the types of business solutions that these certifications enable you to deploy on the AWS Cloud, as well as the tools and services AWS makes available to customers to secure and manage their resources.
Presenter: Stephen Quigg, Solutions Architect, APAC, Amazon Web Services
The AWS cloud infrastructure has been architected to be one of the most flexible and secure cloud computing environments available today. In this session, we’ll provide a practical understanding of the assurance programs that AWS provides; such as HIPAA, FedRAMP(SM), PCI DSS Level 1, MPAA, and many others. We’ll also address the types of business solutions that these certifications enable you to deploy on the AWS Cloud, as well as the tools and services AWS makes available to customers to secure and manage their resources.
The AWS cloud infrastructure has been architected to be one of the most flexible and secure cloud computing environments available today. In this session, we’ll provide a practical understanding of the assurance programs that AWS provides; such as HIPAA, FedRAMP(SM), PCI DSS Level 1, MPAA, and many others. We’ll also address the types of business solutions that these certifications enable you to deploy on the AWS Cloud, as well as the tools and services AWS makes available to customers to secure and manage their resources.
At our winter East Midlands Cyber Security Forum event, Dave Walker gave a presentation looking at Amazon’s security approach for their web services, outlining the key tools that are available to ensure a secure deployment.
http://qonex.com/east-midlands-cyber-security-forum/
Evolve Your Incident Response Process and Powers for AWS Amazon Web Services
You want your current incident response (IR) runbooks to account for your AWS workloads ASAP, and eventually, you want cloud-based IR superpowers, too. In this session, we cover the basics that you must get in place, runbook updates specific to AWS, and we show you how to build initial IR capabilities that blend well with existing processes and partner offerings. We also walk through a hypothetical IR scenario for an AWS environment that uses an evolved on-premises IR runbook that accounts for the differences of an AWS environment. In this scenario, we demonstrate unique AWS platform capabilities for IR success. Go beyond updating your IR runbooks, and start your journey toward gaining cloud-based IR superpowers today!
Module 4: Secure your cloud applications - AWSome Day Online Conference 2019Amazon Web Services
This module covers how AWS approaches securing the cloud, along with the AWS Shared Responsibility Model, AWS Access Control and Management, AWS Security Compliance Programs, and resources available to you in better understanding AWS Cloud security options.
Integrate Social Login Into Mobile Apps (SEC401) | AWS re:Invent 2013Amazon Web Services
Streamline your mobile app signup experience with social login. We demonstrate how to use web identity federation to enable users to log into your app using their existing Facebook, Google, or Amazon accounts. Learn how to apply policies to these identities to secure access to AWS resources, such as personal files stored in Amazon S3. Finally, we show how to handle anonymous access to AWS from mobile apps when there is no user logged in.
Similar to Intrusion Detection in the Cloud (SEC402) | AWS re:Invent 2013 (20)
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Amazon Web Services
Il Forecasting è un processo importante per tantissime aziende e viene utilizzato in vari ambiti per cercare di prevedere in modo accurato la crescita e distribuzione di un prodotto, l’utilizzo delle risorse necessarie nelle linee produttive, presentazioni finanziarie e tanto altro. Amazon utilizza delle tecniche avanzate di forecasting, in parte questi servizi sono stati messi a disposizione di tutti i clienti AWS.
In questa sessione illustreremo come pre-processare i dati che contengono una componente temporale e successivamente utilizzare un algoritmo che a partire dal tipo di dato analizzato produce un forecasting accurato.
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Amazon Web Services
La varietà e la quantità di dati che si crea ogni giorno accelera sempre più velocemente e rappresenta una opportunità irripetibile per innovare e creare nuove startup.
Tuttavia gestire grandi quantità di dati può apparire complesso: creare cluster Big Data su larga scala sembra essere un investimento accessibile solo ad aziende consolidate. Ma l’elasticità del Cloud e, in particolare, i servizi Serverless ci permettono di rompere questi limiti.
Vediamo quindi come è possibile sviluppare applicazioni Big Data rapidamente, senza preoccuparci dell’infrastruttura, ma dedicando tutte le risorse allo sviluppo delle nostre le nostre idee per creare prodotti innovativi.
Ora puoi utilizzare Amazon Elastic Kubernetes Service (EKS) per eseguire pod Kubernetes su AWS Fargate, il motore di elaborazione serverless creato per container su AWS. Questo rende più semplice che mai costruire ed eseguire le tue applicazioni Kubernetes nel cloud AWS.In questa sessione presenteremo le caratteristiche principali del servizio e come distribuire la tua applicazione in pochi passaggi
Vent'anni fa Amazon ha attraversato una trasformazione radicale con l'obiettivo di aumentare il ritmo dell'innovazione. In questo periodo abbiamo imparato come cambiare il nostro approccio allo sviluppo delle applicazioni ci ha permesso di aumentare notevolmente l'agilità, la velocità di rilascio e, in definitiva, ci ha consentito di creare applicazioni più affidabili e scalabili. In questa sessione illustreremo come definiamo le applicazioni moderne e come la creazione di app moderne influisce non solo sull'architettura dell'applicazione, ma sulla struttura organizzativa, sulle pipeline di rilascio dello sviluppo e persino sul modello operativo. Descriveremo anche approcci comuni alla modernizzazione, compreso l'approccio utilizzato dalla stessa Amazon.com.
Come spendere fino al 90% in meno con i container e le istanze spot Amazon Web Services
L’utilizzo dei container è in continua crescita.
Se correttamente disegnate, le applicazioni basate su Container sono molto spesso stateless e flessibili.
I servizi AWS ECS, EKS e Kubernetes su EC2 possono sfruttare le istanze Spot, portando ad un risparmio medio del 70% rispetto alle istanze On Demand. In questa sessione scopriremo insieme quali sono le caratteristiche delle istanze Spot e come possono essere utilizzate facilmente su AWS. Impareremo inoltre come Spreaker sfrutta le istanze spot per eseguire applicazioni di diverso tipo, in produzione, ad una frazione del costo on-demand!
In recent months, many customers have been asking us the question – how to monetise Open APIs, simplify Fintech integrations and accelerate adoption of various Open Banking business models. Therefore, AWS and FinConecta would like to invite you to Open Finance marketplace presentation on October 20th.
Event Agenda :
Open banking so far (short recap)
• PSD2, OB UK, OB Australia, OB LATAM, OB Israel
Intro to Open Finance marketplace
• Scope
• Features
• Tech overview and Demo
The role of the Cloud
The Future of APIs
• Complying with regulation
• Monetizing data / APIs
• Business models
• Time to market
One platform for all: a Strategic approach
Q&A
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Amazon Web Services
Per creare valore e costruire una propria offerta differenziante e riconoscibile, le startup di successo sanno come combinare tecnologie consolidate con componenti innovativi creati ad hoc.
AWS fornisce servizi pronti all'utilizzo e, allo stesso tempo, permette di personalizzare e creare gli elementi differenzianti della propria offerta.
Concentrandoci sulle tecnologie di Machine Learning, vedremo come selezionare i servizi di intelligenza artificiale offerti da AWS e, anche attraverso una demo, come costruire modelli di Machine Learning personalizzati utilizzando SageMaker Studio.
OpsWorks Configuration Management: automatizza la gestione e i deployment del...Amazon Web Services
Con l'approccio tradizionale al mondo IT per molti anni è stato difficile implementare tecniche di DevOps, che finora spesso hanno previsto attività manuali portando di tanto in tanto a dei downtime degli applicativi interrompendo l'operatività dell'utente. Con l'avvento del cloud, le tecniche di DevOps sono ormai a portata di tutti a basso costo per qualsiasi genere di workload, garantendo maggiore affidabilità del sistema e risultando in dei significativi miglioramenti della business continuity.
AWS mette a disposizione AWS OpsWork come strumento di Configuration Management che mira ad automatizzare e semplificare la gestione e i deployment delle istanze EC2 per mezzo di workload Chef e Puppet.
Scopri come sfruttare AWS OpsWork a garanzia e affidabilità del tuo applicativo installato su Instanze EC2.
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsAmazon Web Services
Vuoi conoscere le opzioni per eseguire Microsoft Active Directory su AWS? Quando si spostano carichi di lavoro Microsoft in AWS, è importante considerare come distribuire Microsoft Active Directory per supportare la gestione, l'autenticazione e l'autorizzazione dei criteri di gruppo. In questa sessione, discuteremo le opzioni per la distribuzione di Microsoft Active Directory su AWS, incluso AWS Directory Service per Microsoft Active Directory e la distribuzione di Active Directory su Windows su Amazon Elastic Compute Cloud (Amazon EC2). Trattiamo argomenti quali l'integrazione del tuo ambiente Microsoft Active Directory locale nel cloud e l'utilizzo di applicazioni SaaS, come Office 365, con AWS Single Sign-On.
Dal riconoscimento facciale al riconoscimento di frodi o difetti di fabbricazione, l'analisi di immagini e video che sfruttano tecniche di intelligenza artificiale, si stanno evolvendo e raffinando a ritmi elevati. In questo webinar esploreremo le possibilità messe a disposizione dai servizi AWS per applicare lo stato dell'arte delle tecniche di computer vision a scenari reali.
Amazon Web Services e VMware organizzano un evento virtuale gratuito il prossimo mercoledì 14 Ottobre dalle 12:00 alle 13:00 dedicato a VMware Cloud ™ on AWS, il servizio on demand che consente di eseguire applicazioni in ambienti cloud basati su VMware vSphere® e di accedere ad una vasta gamma di servizi AWS, sfruttando a pieno le potenzialità del cloud AWS e tutelando gli investimenti VMware esistenti.
Molte organizzazioni sfruttano i vantaggi del cloud migrando i propri carichi di lavoro Oracle e assicurandosi notevoli vantaggi in termini di agilità ed efficienza dei costi.
La migrazione di questi carichi di lavoro, può creare complessità durante la modernizzazione e il refactoring delle applicazioni e a questo si possono aggiungere rischi di prestazione che possono essere introdotti quando si spostano le applicazioni dai data center locali.
Crea la tua prima serverless ledger-based app con QLDB e NodeJSAmazon Web Services
Molte aziende oggi, costruiscono applicazioni con funzionalità di tipo ledger ad esempio per verificare lo storico di accrediti o addebiti nelle transazioni bancarie o ancora per tenere traccia del flusso supply chain dei propri prodotti.
Alla base di queste soluzioni ci sono i database ledger che permettono di avere un log delle transazioni trasparente, immutabile e crittograficamente verificabile, ma sono strumenti complessi e onerosi da gestire.
Amazon QLDB elimina la necessità di costruire sistemi personalizzati e complessi fornendo un database ledger serverless completamente gestito.
In questa sessione scopriremo come realizzare un'applicazione serverless completa che utilizzi le funzionalità di QLDB.
Con l’ascesa delle architetture di microservizi e delle ricche applicazioni mobili e Web, le API sono più importanti che mai per offrire agli utenti finali una user experience eccezionale. In questa sessione impareremo come affrontare le moderne sfide di progettazione delle API con GraphQL, un linguaggio di query API open source utilizzato da Facebook, Amazon e altro e come utilizzare AWS AppSync, un servizio GraphQL serverless gestito su AWS. Approfondiremo diversi scenari, comprendendo come AppSync può aiutare a risolvere questi casi d’uso creando API moderne con funzionalità di aggiornamento dati in tempo reale e offline.
Inoltre, impareremo come Sky Italia utilizza AWS AppSync per fornire aggiornamenti sportivi in tempo reale agli utenti del proprio portale web.
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareAmazon Web Services
Molte organizzazioni sfruttano i vantaggi del cloud migrando i propri carichi di lavoro Oracle e assicurandosi notevoli vantaggi in termini di agilità ed efficienza dei costi.
La migrazione di questi carichi di lavoro, può creare complessità durante la modernizzazione e il refactoring delle applicazioni e a questo si possono aggiungere rischi di prestazione che possono essere introdotti quando si spostano le applicazioni dai data center locali.
In queste slide, gli esperti AWS e VMware presentano semplici e pratici accorgimenti per facilitare e semplificare la migrazione dei carichi di lavoro Oracle accelerando la trasformazione verso il cloud, approfondiranno l’architettura e dimostreranno come sfruttare a pieno le potenzialità di VMware Cloud ™ on AWS.
Amazon Elastic Container Service (Amazon ECS) è un servizio di gestione dei container altamente scalabile, che semplifica la gestione dei contenitori Docker attraverso un layer di orchestrazione per il controllo del deployment e del relativo lifecycle. In questa sessione presenteremo le principali caratteristiche del servizio, le architetture di riferimento per i differenti carichi di lavoro e i semplici passi necessari per poter velocemente migrare uno o più dei tuo container.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™UiPathCommunity
In questo evento online gratuito, organizzato dalla Community Italiana di UiPath, potrai esplorare le nuove funzionalità di Autopilot, il tool che integra l'Intelligenza Artificiale nei processi di sviluppo e utilizzo delle Automazioni.
📕 Vedremo insieme alcuni esempi dell'utilizzo di Autopilot in diversi tool della Suite UiPath:
Autopilot per Studio Web
Autopilot per Studio
Autopilot per Apps
Clipboard AI
GenAI applicata alla Document Understanding
👨🏫👨💻 Speakers:
Stefano Negro, UiPath MVPx3, RPA Tech Lead @ BSP Consultant
Flavio Martinelli, UiPath MVP 2023, Technical Account Manager @UiPath
Andrei Tasca, RPA Solutions Team Lead @NTT Data
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
Pushing the limits of ePRTC: 100ns holdover for 100 daysAdtran
At WSTS 2024, Alon Stern explored the topic of parametric holdover and explained how recent research findings can be implemented in real-world PNT networks to achieve 100 nanoseconds of accuracy for up to 100 days.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
In his public lecture, Christian Timmerer provides insights into the fascinating history of video streaming, starting from its humble beginnings before YouTube to the groundbreaking technologies that now dominate platforms like Netflix and ORF ON. Timmerer also presents provocative contributions of his own that have significantly influenced the industry. He concludes by looking at future challenges and invites the audience to join in a discussion.
Removing Uninteresting Bytes in Software FuzzingAftab Hussain
Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process.
In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds.
- These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
Enhancing Performance with Globus and the Science DMZGlobus
ESnet has led the way in helping national facilities—and many other institutions in the research community—configure Science DMZs and troubleshoot network issues to maximize data transfer performance. In this talk we will present a summary of approaches and tips for getting the most out of your network infrastructure using Globus Connect Server.
2. Why should you care about this?
• Change management / monitoring is a good
thing™
• Traditional intrusion detection may not detect
AWS-specific environment changes
• Figure it out now, rather than later
• News flash: The bad guys know about the cloud
3. So let’s geek for a bit
•
•
•
•
Intrusion detection in your AWS environment
Universal adversary tactics to focus on
AWS-specific security features to build with
AWS-specific intrusion detection mechanisms w/
demos!
• Other tips, resources, Q&A
4. Can you have your IDS in AWS?
• Short answer: YES!
• What IS an intrusion detection system?
– System that monitors environment; alerting to detected intrusions.
• On premise, your IDS takes advantage of that
environment’s features.
• Within your AWS environment, you should do the
same: Your AWS-specific IDS will likely NOT look
like your traditional IDS. That’s OK!
7. Wait! I want MY IDS in AWS!
• I.e., “traditional” IDS – rackable, stackable,
network-sniffing box that streams alerts night &
day
• You ♥ traditional IDS, for a number of reasons,
not all of them your own, eg., compliance.
• No worries! You can still do that too in AWS
8. Traditional IDS in AWS
• On premises, VPC endpoint
Router
VPN
Gateway
Amazon Virtual Private Cloud
Customer
Gateway
Corporate Data Center
9. Traditional IDS in AWS
• In cloud, as VPC NAT gateway or on-instance
Internet
Gateway
Instances
VPC Subnet
Virtual Private Cloud
10. Traditional IDS in AWS
•
•
•
•
On premises, VPC endpoint
In cloud, as VPC NAT gateway or on-instance
Numerous AWS technology partners here
Visit their booths … or the AWS Marketplace!
14. Prerequisites
• AWS Identity and Access Management (IAM)
http://docs.aws.amazon.com/IAM/latest/UserGuide/IAMGettingStarted.html
• Multi-Factor Authentication (MFA)
http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_ManagingMFA.html
• Amazon S3 Bucket Logging
http://docs.aws.amazon.com/AmazonS3/latest/UG/ManagingBucketLogging.html
• And THREE more …
15. Security Role
• You need insight when managing the security of
many AWS accounts
• Create a “security audit role” with “read” access
to policies and configurations you want to
monitor.
• For more info or getting started, check out
http://docs.aws.amazon.com/IAM/latest/UserGui
de/WorkingWithRoles.html
16. What’s a Role
• Named IAM entity (name isn’t a secret)
• Set of permissions
• No credentials: Policy specifies who can
assume
24. Write-Once Storage
• What is it good for
– Tripwire
– Configuration audits
– Logs
• Integrity for records of activity, historical
configurations
• Further enhanced by moving off-system or
limiting availability to a VERY select few
25. Configuring Write-Once Storage
• Bucket versioning
http://docs.aws.amazon.com/AmazonS3/latest/dev/Versioning.html
• MFA delete
http://docs.aws.amazon.com/AmazonS3/latest/dev/MultiFactorAuthent
icationDelete.html
• Go for the gusto! Create a SECOND account
– Bucket policy
– Role
26.
27.
28. Audit Logs via AWS CloudTrail
• AWS CloudTrail records API calls in your
account and delivers logs to your S3
bucket.
• Typically, delivers an event within 15
minutes of the API call.
• Log files are delivered approximately
every 5 minutes.
• Currently in us-east-1 and us-west-2
Image Source: Jeff Barr
29. AWS Services Supported by AWS CloudTrail
• Currently, records API call made to these AWS services.
Amazon EC2
Amazon Redshift
AWS IAM
Amazon EBS
Amazon VPC
AWS STS
Amazon RDS
AWS CloudTrail
(Security Token Service)
• Includes API calls made by higher-level AWS services such as AWS
CloudFormation, AWS Elastic Beanstalk and AWS OpsWorks
30. Turning on AWS CloudTrail
• Have a centralized write-only store? Use it!
31. What is in the logs?
• Who made the API call?
• When was the API call made?
• What was the API call?
• What were the resources that were acted up on in the API call?
• Where was the API call made from?
32. Who? Example 1: API Call by IAM User Bob
"userIdentity": {
"accessKeyId": "AKEXAMPLE123EJVA",
"accountId": “123456789012",
"arn": "arn:aws:iam::123456789012:user/Bob",
"principalId": "AIEXAMPLE987ZKLALD3HS",
"type": "IAMUser",
"userName": “Bob"
}
Anonymized data
33. Who? Example 2: API Call by Federated User Alice
"userIdentity":{
"type":"FederatedUser",
"principalId":"123456789012:Alice",
"arn":"arn:aws:sts::123456789012:federated-user/Alice",
"accountId":"123456789012",
"accessKeyId":"ASEXAMPLE1234WTROX8F",
"sessionIssuer":{
"type":"IAMUser",
"accountId":"123456789012",
"userName":“Bob"
}
}
Anonymized data; Partial Output
34. Who? Example 3: AWS Service Creating Resource,
on Behalf of a User
• Elastic Beanstalk creating AWS resources on behalf of IAM user
Bob
"userIdentity": {
"accountId": "123456789012",
"arn": "arn:aws:iam::123456789012:user/Bob",
"invokedBy":"elasticbeanstalk.amazonaws.com",
"principalId": " ASEXAMPLE123XWTROX8F ",
"type": "IAMUser",
"userName": “Bob"
}
Anonymized data
35. When was the API call made?
• Start time and date of the event in ISO 8601 format.
• Unambiguous and well-defined method of representing date and
time.
• AWS services sync all system clocks with centralized Network
Time Protocol (NTP) servers
"eventTime": "2013-10-23T23:30:42Z“
36. What was the API call?
What resources were acted up on?
• API call and the service the API call belongs to.
"eventName": "RunInstances"
"eventSource": "EC2"
• Request parameters provided by the requester and Response
elements returned by the AWS service.
• Response elements for read only API calls (Describe*, Get*,
List*) are not recorded to prevent event size inflation.
39. Detecting Unauthorized Access – Credentials
• Types of credentials
–
–
–
–
–
Login profile
Access key
X509
Cloudfront
Temporary Security
Credentials
• Attachment points
– Root account
– IAM users
• You want to know what
credentials are out there
with access to your
account.
42. Detecting Unauthorized Access – Public
• Publically accessible resources (NOT by default,
but could be configured as such)
– Amazon S3 Bucket
– Amazon S3 Anonymous Objects
– Amazon SQS Open / Public Queues
• You want to keep track of which resources are
readable (or writable even) to the world
43. Detecting Unauthorized Access – Cross Account
• Resources that support resource policies
– Amazon S3 Buckets
– Amazon SQS queues
– Amazon SNS topics
• You want to pay particular attention to any
resources that have resource policies allowing
cross account access.
46. Detecting Unauthorized Access – Roles
• What is a role
– Name
– AssumeRole Policy
– Capabilites
• You want to look at what roles are present in the
account and who can assume them
49. Detecting Unauthorized Access – Effective Access
• Ways of expressing * (IMPLICIT *)
– PutUserPolicy
– Credential creation
– PassRole *
• You want to look out for policies that could be
used to GAIN all access (IAM APIs)
• IAM Policy Simulator …
https://policysim.aws.amazon.com/
53. Detecting Unauthorized Access – Effective Access
• Dump the output of various configuration APIs
into write-once storage
• Pay attention to changes
• Some examples for grabbing this data …
https://s3.amazonaws.com/reinvent2013-sec402/SecConfig.py
54. Using Security Role for Amazon S3
Audit (Bucket Policies)
s3 = boto.connect_s3(access_key_id,secret_access_key)
bucket_info=[]
buckets=s3.get_all_buckets()
for bucket in buckets:
try:
policy=bucket.get_policy()
bucket_info.append(config_line_policy("s3:bucketpolicy",bucket.name,"",policy))
except boto.exception.S3ResponseError as e:
bucket_info.append(config_line("s3:bucketpolicy",bucket.name,"",e.code))
output_lines(bucket_info)
https://s3.amazonaws.com/reinvent2013-sec402/SecConfig.py
55. Using Security Role for IAM Audit (Users)
user_info=[]
users=iam.get_all_users().list_users_response.list_users_result.users
debug(users)
for user in users:
policies=iam.get_all_user_policies(user.user_name)
policies=policies.list_user_policies_response.list_user_policies_result.policy_names
for policy_name in policies:
policy=iam.get_user_policy(user.user_name, policy_name)
.get_user_policy_response.get_user_policy_result.policy_document
policy=urllib.unquote(policy)
user_info.append(config_line_policy("iam:userpolicy", user.user_name,
policy_name, policy))
output_lines(user_info)
https://s3.amazonaws.com/reinvent2013-sec402/SecConfig.py
56. Account Configuration Change Security Alerts
• Dump all the users, groups, roles, attached
permissions, creds for all users
• Amazon S3 bucket, Amazon SQS queue,
Amazon SNS topic policies
• Amazon EC2 security group configuration
• All goes to flat file, write-once Amazon S3 object
• Diff and detect changes
https://s3.amazonaws.com/reinvent2013-sec402/SecConfig.py
66. Billing Alerts!
• No need to wait until end of month to become aware
of unexpected utilization
• Establish a baseline of known good billing over time;
set your thresholds (overall or service specific)
• Investigate alerts to determine r00t (?) cause
• Simplest cloud IDS mechanism, and FREE*
* Setup of 10 alarms and receipt of 1 K notifications
67.
68.
69.
70.
71.
72. Example Billing Alert via CLI
mon-put-metric-alarm ec2billing --comparison-operator
GreaterThanOrEqualToThreshold --evaluation-periods 1 --metric-name
EstimatedCharges --namespace AWS/Billing --dimensions "Currency=USD" -period 21600 --statistic Maximum --threshold 200 --actions-enabled true -alarm-actions arn:aws:sns:us-east-1:111111111111:NotifyMe
75. More than One “Early” Alert …?
$1000
$750
$500
$250
Week 1
= OK!
Week 2
Week 3
= Hmm …
Week 4
= Uh-Oh!
76. More Resources on Billing Alerts Setup …
• Monitoring your AWS charges
http://docs.amazonwebservices.com/AmazonCloudWatch/latest/De
veloperGuide/monitor_estimated_charges_with_cloudwatch.html
• Amazon CloudWatch Command Line Interface
Reference
http://docs.aws.amazon.com/AmazonCloudWatch/latest/Developer
Guide/CLIReference.html
77. Create Your Own Meter-based Alerts?
• Use: programmatic access to billing data
• You have more info about the types and
locations of charges
• Allows for looking for unexpected usage per
region
http://docs.aws.amazon.com/awsaccountbilling/latest/about/progra
maccess.html
78. Another Tactic? Rebuild Frequently
• Breaking in is noisy and the holes tend to get
patched [intrusion lifecycle]
• Auditing a system is easiest after creation
• Rebuild everything every day
79. Premium Support / Trusted Advisor
• Inspects AWS environment; can identify and
help close security gaps, enable security
features, examine permissions
– Open security groups
– Bucket policy
– IAM, passwords, MFA
https://aws.amazon.com/premiumsupport/trustedadvisor/
80.
81.
82. Support for Security
• AWS support is the one-stop shop for AWS
customers, for ANY concerns, including securityrelated
• If support can not immediately address your
concern, they will escalate internally to the
appropriate technical team, AWS security
included
https://aws.amazon.com/support
83. Other Resources
• AWS Security Blog
http://blogs.aws.amazon.com/security/
• AWS Security Center
https://aws.amazon.com/security
• Contact the AWS security team
aws-security@amazon.com
84. NEW! Security Best Practices Whitepaper
• Help for designing security infrastructure and
configuration for your AWS environment
• High-level guidance for …
–
–
–
–
Managing accounts, users, groups roles
Managing OS-level access to instances
Securing your data, OS, apps, infrastructure
Managing security monitoring, auditing, alerting, incident
response
http://media.amazonwebservices.com/AWS_Security_Best_Practices.pdf
85. Key Takeaways
• Beyond traditional host- or network-based
intrusion detection, there is intrusion detection
for the cloud
• AWS provides a variety of mechanisms and
support that you can and should leverage to
monitor key security controls
• Tinker, give us feedback, and approach our
partners about incorporating some ideas here