This document provides an overview and comparison of common container orchestration platforms including Docker Swarm, Mesosphere DC/OS, and Kubernetes. It begins with an introduction to using containers without an orchestrator and the challenges that presents at scale. Examples of Docker Swarm, DC/OS, and Kubernetes demonstrations are then shown. The document analyzes the features and suitability of each orchestrator for both production and development uses before concluding with additional resources.
Real-World Docker: 10 Things We've Learned RightScale
Docker has taken the world of software by storm, offering the promise of a portable way to build and ship software - including software running in the cloud. The RightScale development team has been diving into Docker for several projects, and we'll share our lessons learned on using Docker for our cloud-based applications.
This talk gives a brief introduction to OpenStack and Chef, then outlines the current state of deploying OpenStack with Chef. There was a live demo deploying to a Dell rack during the talk.
SCALE 9x, February 25-27 in Los Angeles.
Deploying containers and managing them on multiple Docker hosts, Docker Meetu...dotCloud
Docker is an open-source project to easily create lightweight, portable, self-sufficient containers from any application. The same container that a developer builds and tests on a laptop can run at scale, in production, on VMs, bare metal, OpenStack clusters, public clouds and more.
All Things Containers - Docker, Kubernetes, Helm, Istio, GitOps and moreAll Things Open
Presented by: Brent Laster, SAS
Presented at All Things Open 2020
Abstract: In this workshop, students will get a quick overview of what containers are and why they form the basis for many of the key technologies that we use today in cloud environments.
We’ll explore what makes up a container and how they are managed and leveraged in key industry tooling including Docker, Kubernetes, Helm, and Istio. You’ll also learn the basics of these technologies, what they are used for, and see some simple examples of how to use them.
This workshop will include hands-on labs where you will get experience:
Building container images, running them as containers, and tagging and pushing them into a Docker repository.
Creating deployments, services, and pods for containers and instantiating and running those in Kubernetes.
Working with Helm to leverage templates for Kubernetes objects and managing releases in Kubernetes.
Working with Istio to do traffic shaping between multiple versions of your app, fault and delay injection for testing and validation in Kubernetes.
We’ll also briefly cover GitOps – the recommended Git-based way to manage infrastructure like your Kubernetes cluster.
Real-World Docker: 10 Things We've Learned RightScale
Docker has taken the world of software by storm, offering the promise of a portable way to build and ship software - including software running in the cloud. The RightScale development team has been diving into Docker for several projects, and we'll share our lessons learned on using Docker for our cloud-based applications.
This talk gives a brief introduction to OpenStack and Chef, then outlines the current state of deploying OpenStack with Chef. There was a live demo deploying to a Dell rack during the talk.
SCALE 9x, February 25-27 in Los Angeles.
Deploying containers and managing them on multiple Docker hosts, Docker Meetu...dotCloud
Docker is an open-source project to easily create lightweight, portable, self-sufficient containers from any application. The same container that a developer builds and tests on a laptop can run at scale, in production, on VMs, bare metal, OpenStack clusters, public clouds and more.
All Things Containers - Docker, Kubernetes, Helm, Istio, GitOps and moreAll Things Open
Presented by: Brent Laster, SAS
Presented at All Things Open 2020
Abstract: In this workshop, students will get a quick overview of what containers are and why they form the basis for many of the key technologies that we use today in cloud environments.
We’ll explore what makes up a container and how they are managed and leveraged in key industry tooling including Docker, Kubernetes, Helm, and Istio. You’ll also learn the basics of these technologies, what they are used for, and see some simple examples of how to use them.
This workshop will include hands-on labs where you will get experience:
Building container images, running them as containers, and tagging and pushing them into a Docker repository.
Creating deployments, services, and pods for containers and instantiating and running those in Kubernetes.
Working with Helm to leverage templates for Kubernetes objects and managing releases in Kubernetes.
Working with Istio to do traffic shaping between multiple versions of your app, fault and delay injection for testing and validation in Kubernetes.
We’ll also briefly cover GitOps – the recommended Git-based way to manage infrastructure like your Kubernetes cluster.
Orchestrating Docker containers at scaleMaciej Lasyk
Many of us already poked around Docker. Let's recap what we know and then think what do we know about scaling apps & whole environments which are Docker - based? Should we PaaS, IaaS or go with bare? Which tools to use on a given scale?
Bare Metal to OpenStack with Razor and ChefMatt Ray
Slides from the OpenStack Spring 2013 Summit workshop presented by Egle Sigler (@eglute) and Matt Ray (@mattray) from Rackspace and Opscode respectively. Please refer to http://anystacker.com/ for additional content.
An introduction to Docker and docker-compose. Starting from single docker run commands we discover docker file basics, docker-compose basics and finally we play around with scaling containers in docker-compose.
CONTAINERS WORKSHOP DURING SAUDI HPC 2016 : DOCKER 101, DOCKER, AND ITS ECO SYSTEM FOR DISTRIBUTED SYSTEMS by Walid Shaari
This workshop will cover the Theory and hands-on of Docker containers, and Its eco system. The foundations of the Docker platform, including an overview of the platform system components, images, containers and repositories, installation , using Docker containers from repositories e.g. dockerhub, how to create a container using Dockerfile, containers development life cycle. The strategy is to demonstrate through "live demo, and shared exercise" the reuse and customization of components to build a distributed system case service gradually
http://www.hpcsaudi.com/
As developers, we are blessed with a huge variety of tools to help us in our daily jobs. One of the most popular ones that has shown up over the last few years is Docker. How does one go about getting started with Docker? Why should you invest your time in this new technology? What can you do with Docker? Let's find out!
[DockerCon 2019] Hardening Docker daemon with Rootless modeAkihiro Suda
https://dockercon19.smarteventscloud.com/connect/sessionDetail.ww?SESSION_ID=281879
Docker CE 19.03 is going to support "Rootless mode", which allows running the entire Docker daemon and its dependencies as a non-root user on the host, so as to protect the host from malicious containers in a simple but very strong way. Rootless mode is also attractive for users who cannot get `sudo` permission for installing Docker on shared computing machines. e.g. HPC users. In this talk, Akihiro Suda, the author of the Rootless mode (PR: moby#38050), will explain how users can get started with Rootless mode. He will also explain the implementation details of Rootless mode and planned enhancements such as LDAP integration.
Introduction to Docker and all things containers, Docker Meetup at RelateIQdotCloud
Docker is an open-source project to easily create lightweight, portable, self-sufficient containers from any application. The same container that a developer builds and tests on a laptop can run at scale, in production, on VMs, bare metal, OpenStack clusters, public clouds and more.
Introduction what is container and how to use it. staring from the comparison to virtual machine and also show how to use the persistent storage and port mapping in containers.
In the last part, shows what is kubernetes and what kind of problems kubernetes want to solve and how it solves.
Slides from my Docker workshop at PHPCon 2016. From a simple docker run command through own images and Dockerfiles to docker-compose setup supporting scalable app testing on local environment
Docker provides a new, powerful way of prototyping, testing and deploying applications on cloud-based infrastructures. In this seminar we delve into the concept of Docker containers without requiring any previous knowledge from the audience.
How we dockerized a startup? #meetup #docker Jonathan Martin
Docker in production, for real!
The Yuzu startup, helped by Vixns, chose to have a docker infrastructure with Mesos/Marathon/Consul. From the development environment to our prod monitoring, we share our mistakes, successes, workflows and tools.
Webinar: End-to-End CI/CD with GitLab and DC/OSMesosphere Inc.
Seven years ago, Apache Mesos was born as a platform to bring the distributed computing capabilities that powered the largest digital companies to the masses. Today, Mesosphere DC/OS technologies power more containers in production than any other software stack in the world, and has emerged as the premier platform for building and elastically scaling data-rich, modern applications and the associated CI/CD infrastructure across any infrastructure, public or private.
GitLab is an end-to-end software development and delivery platform with built-in CI/CD, monitoring, and performance metrics. With a unified experience for every step of the development lifecycle and seamless integration with container schedulers, GitLab provides the most efficient approach to reduce cycle time, increase velocity, and improve software quality.
In this webinar, you will learn how to combine DC/OS and GitLab to easily build a CI/CD infrastructure and build a complete CI/CD pipeline in minutes.
Slides cover:
1. An introduction to Apache Mesos and Mesosphere DC/OS and overview of DC/OS features and capabilities for developing, deploying, and operating containerized applications, microservices and CI/CD
2. An introduction to GitLab
3. How to use DC/OS and GitLab to build a CI/CD solution and go from idea to production
Orchestrating Docker containers at scaleMaciej Lasyk
Many of us already poked around Docker. Let's recap what we know and then think what do we know about scaling apps & whole environments which are Docker - based? Should we PaaS, IaaS or go with bare? Which tools to use on a given scale?
Bare Metal to OpenStack with Razor and ChefMatt Ray
Slides from the OpenStack Spring 2013 Summit workshop presented by Egle Sigler (@eglute) and Matt Ray (@mattray) from Rackspace and Opscode respectively. Please refer to http://anystacker.com/ for additional content.
An introduction to Docker and docker-compose. Starting from single docker run commands we discover docker file basics, docker-compose basics and finally we play around with scaling containers in docker-compose.
CONTAINERS WORKSHOP DURING SAUDI HPC 2016 : DOCKER 101, DOCKER, AND ITS ECO SYSTEM FOR DISTRIBUTED SYSTEMS by Walid Shaari
This workshop will cover the Theory and hands-on of Docker containers, and Its eco system. The foundations of the Docker platform, including an overview of the platform system components, images, containers and repositories, installation , using Docker containers from repositories e.g. dockerhub, how to create a container using Dockerfile, containers development life cycle. The strategy is to demonstrate through "live demo, and shared exercise" the reuse and customization of components to build a distributed system case service gradually
http://www.hpcsaudi.com/
As developers, we are blessed with a huge variety of tools to help us in our daily jobs. One of the most popular ones that has shown up over the last few years is Docker. How does one go about getting started with Docker? Why should you invest your time in this new technology? What can you do with Docker? Let's find out!
[DockerCon 2019] Hardening Docker daemon with Rootless modeAkihiro Suda
https://dockercon19.smarteventscloud.com/connect/sessionDetail.ww?SESSION_ID=281879
Docker CE 19.03 is going to support "Rootless mode", which allows running the entire Docker daemon and its dependencies as a non-root user on the host, so as to protect the host from malicious containers in a simple but very strong way. Rootless mode is also attractive for users who cannot get `sudo` permission for installing Docker on shared computing machines. e.g. HPC users. In this talk, Akihiro Suda, the author of the Rootless mode (PR: moby#38050), will explain how users can get started with Rootless mode. He will also explain the implementation details of Rootless mode and planned enhancements such as LDAP integration.
Introduction to Docker and all things containers, Docker Meetup at RelateIQdotCloud
Docker is an open-source project to easily create lightweight, portable, self-sufficient containers from any application. The same container that a developer builds and tests on a laptop can run at scale, in production, on VMs, bare metal, OpenStack clusters, public clouds and more.
Introduction what is container and how to use it. staring from the comparison to virtual machine and also show how to use the persistent storage and port mapping in containers.
In the last part, shows what is kubernetes and what kind of problems kubernetes want to solve and how it solves.
Slides from my Docker workshop at PHPCon 2016. From a simple docker run command through own images and Dockerfiles to docker-compose setup supporting scalable app testing on local environment
Docker provides a new, powerful way of prototyping, testing and deploying applications on cloud-based infrastructures. In this seminar we delve into the concept of Docker containers without requiring any previous knowledge from the audience.
How we dockerized a startup? #meetup #docker Jonathan Martin
Docker in production, for real!
The Yuzu startup, helped by Vixns, chose to have a docker infrastructure with Mesos/Marathon/Consul. From the development environment to our prod monitoring, we share our mistakes, successes, workflows and tools.
Webinar: End-to-End CI/CD with GitLab and DC/OSMesosphere Inc.
Seven years ago, Apache Mesos was born as a platform to bring the distributed computing capabilities that powered the largest digital companies to the masses. Today, Mesosphere DC/OS technologies power more containers in production than any other software stack in the world, and has emerged as the premier platform for building and elastically scaling data-rich, modern applications and the associated CI/CD infrastructure across any infrastructure, public or private.
GitLab is an end-to-end software development and delivery platform with built-in CI/CD, monitoring, and performance metrics. With a unified experience for every step of the development lifecycle and seamless integration with container schedulers, GitLab provides the most efficient approach to reduce cycle time, increase velocity, and improve software quality.
In this webinar, you will learn how to combine DC/OS and GitLab to easily build a CI/CD infrastructure and build a complete CI/CD pipeline in minutes.
Slides cover:
1. An introduction to Apache Mesos and Mesosphere DC/OS and overview of DC/OS features and capabilities for developing, deploying, and operating containerized applications, microservices and CI/CD
2. An introduction to GitLab
3. How to use DC/OS and GitLab to build a CI/CD solution and go from idea to production
Managing ScaleIO as Software on Mesos - David vonThenen - Dell EMC World 2017{code} by Dell EMC
Software can be complex, but it is a key part of modern data centers. {code}'s ScaleIO Framework for Apache Mesos is a storage framework that automates the complete lifecycle of the ScaleIO storage platform on top of commodity hardware. Moving storage to a framework reduces the complexity involved and transforms the operational approach. Watch how the Mesos framework simplifies all aspects of ScaleIO to provide storage for containerized applications.
Software can be complex, but it is a key part of modern data centers. {code}'s ScaleIO Framework for Apache Mesos is a storage framework that automates the complete lifecycle of the ScaleIO storage platform on top of commodity hardware. Moving storage to a framework reduces the complexity involved and transforms the operational approach. Watch how the Mesos framework simplifies all aspects of ScaleIO to provide storage for containerized applications.
HBaseCon2017 Splice Machine as a Service: Multi-tenant HBase using DCOS (Meso...HBaseCon
The talk will go through the following topics and experiences.
1. Container Strategy and Implementation for HBase.
2. Resource Management inside a containerized environment.
3. Network Isolation and Policy Management (Project Calico)
4. Orchestration Structure using DCOS Commons
5. Internal and External Load Balancing using Marathon Load Balancer.
6. Auto-scaling of HBase
7. AWS Deployment learnings.
This talk will be interesting to developers and administrators who are attempting to automate the deployment of HBase and HDFS in containers.
by John Leach and Daniel Gomez Ferro of Splice Machine
How to build "AutoScale and AutoHeal" systems using DevOps practices by using modern technologies.
A complete build pipeline and the process of architecting a nearly unbreakable system were part of the presentation.
These slides were presented at 2018 DevOps conference in Singapore. http://claridenglobal.com/conference/devops-sg-2018/
The folk wisdom has always been that when running stateful applications inside containers, the only viable choice is to externalize the state so that the containers themselves are stateless or nearly so. Keeping large amounts of state inside containers is possible, but it’s considered a problem because stateful containers generally can’t preserve that state across restarts.
In practice, this complicates the management of large-scale Kubernetes-based infrastructure because these high-performance storage systems require separate management. In terms of overall system management, it would be ideal if we could run a software-defined storage system directly in containers managed by Kubernetes, but that has been hampered by lack of direct device access and difficult questions about what happens to the state on container restarts.
Ted Dunning describes recent developments that make it possible for Kubernetes to manage both compute and storage tiers in the same cluster. Container restarts can be handled gracefully without loss of data or a requirement to rebuild storage structures and access to storage from compute containers is extremely fast. In some environments, it’s even possible to implement elastic storage frameworks that can fold data onto just a few containers during quiescent periods or explode it in just a few seconds across a large number of machines when higher speed access is required.
The benefits of systems like this extend beyond management simplicity, because applications can be more Agile precisely because the storage layer is more stable and can be uniformly accessed from any container host. Even better, it makes it a snap to configure and deploy a full-scale compute and storage infrastructure.
Storage for containers and cloud-native deployments - Rancher Online Meetup -...Shannon Williams
In our March 2017 Rancher Online Meetup we dove into running persistent storage for containers in Rancher. The presentation included an overview of persistent storage in Rancher, an introduction to Quobyte and an overview of Portworx.
(RivieraDev 2018) #serverless - 2 ans de retourS d'expérienceLudovic Piot
Le serverless est le buzzword du moment. Il a même une conférence à son nom ! :smile:
Et à juste titre !
Comme le Cloud IaaS avant lui, il promet de fluidifier la collaboration entre les devs et les ops et d'accélérer le fameux Time to Market des projets.
Il faut reconnaître que bon nombre de technos facilitent plus que jamais sa mise en œuvre : Infra as Code, cloud public, Docker, Kubernetes…
Oui mais… Comment s'est passé le dernier projet de cloud privé dans votre entreprise ? Et le run de production, ça va ? A quel prix ? Alors imaginez les efforts et les coûts nécessaires pour implémenter cette plateforme, encore plus complexe, à la stack technique encore plus riche, plus dente !
Dans cette session, nous irons au-delà du POC et de la démonstration du potentiel de ces technologies.
Nous vous présenterons comment nous gérons, depuis 2 ans, en 24/7, des plateformes serverless de production.
Leur implémentation, à base de Terraform / Ansible / Kubernetes, dans le Cloud public IaaS, ou on-premise, sur du VMware. Ou bien à base du savoir-faire de Clever Cloud sur du bare-metal. Les adaptations organisationnelles que ça implique entre les Devs et les Ops. La gestion des patches et des vulnérabilités au quotidien. La gestion de la supervision et de l'alerting de la plateforme et des stacks techniques embarquées.
Building the Glue for Service Discovery & Load Balancing MicroservicesSargun Dhillon
One of the challenges that comes from deploying multi-tiered distributed systems, or microservices, atop a dynamic scheduler is the introduction of new problems surrounding load balancing. There are some inherent challenges in building a load balancer that's meant to operate in a highly available way, without any single points of failure. In this talk, Sargun Dhillon will walk through the distributed load balancing mechanism that he built for Mesos. This service discovery mechanism is meant to have the same kinds of features, api, and availability that existed in legacy, statically partitioned environments. The purpose of this is to ease the transition, and remove some of the largest road blocks in moving applications over to modern datacenters. In addition, he will speak to why he built it as opposed to other alternatives for service discovery and load balancing such as using Zookeeper, and the challenges that came from it. We built a library called Lashup that has a membership protocol, a multicast layer, failure detector, and CRDT key/value store. This has allowed us to build applications that orchestrate Mesos clusters with great ease.
The Perils and Triumphs of using Cassandra at a .NET/Microsoft ShopJeff Smoley
NativeX recently transitioned a large portion of their backend infrastructure from Microsoft SQL Server to Apache Cassandra. Check out our story about how we were successful at getting our .NET web apps to reliably connect to Cassandra. Learn about FluentCassandra, Snowflake, Hector, and IKVM. It's a story of struggle and perseverance, where everyone lives happily ever after.
Containerizing couchbase with microservice architecture on mesosphere.pptxRavi Yadav
Ravi Yadav, Mesosphere
Anil Kumar, Couchbase
Organizations focused on delivering exceptional customer experiences are building applications using microservice architectures because of the flexibility, speed of delivery, and maintainability that they provide. In this session, you will learn how Couchbase can fit into a microservice architecture using containers and orchestration. We will explore how Couchbase and Mesosphere work together to simplify application development and delivery. Additionally, you will see a demonstration of exactly how to create a Couchbase cluster on Mesosphere DC/OS Enterprise.
Real World Modern Development Use Cases with RackHD and AdobeTimothy Gelter
Adobe and the Dell EMC RackHD team provide an overview on how Adobe is modernizing their datacenters using public and private clouds enabled by infrastructure as code technologies to abstract their infrastructure for application deployments and improve operational efficiencies.
Similar to Mesos swam-kubernetes-vds-02062017 (20)
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Unlocking Productivity: Leveraging the Potential of Copilot in Microsoft 365, a presentation by Christoforos Vlachos, Senior Solutions Manager – Modern Workplace, Uni Systems
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Threats to mobile devices are more prevalent and increasing in scope and complexity. Users of mobile devices desire to take full advantage of the features
available on those devices, but many of the features provide convenience and capability but sacrifice security. This best practices guide outlines steps the users can take to better protect personal devices and information.
Removing Uninteresting Bytes in Software FuzzingAftab Hussain
Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process.
In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds.
- These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.
Climate Impact of Software Testing at Nordic Testing DaysKari Kakkonen
My slides at Nordic Testing Days 6.6.2024
Climate impact / sustainability of software testing discussed on the talk. ICT and testing must carry their part of global responsibility to help with the climat warming. We can minimize the carbon footprint but we can also have a carbon handprint, a positive impact on the climate. Quality characteristics can be added with sustainability, and then measured continuously. Test environments can be used less, and in smaller scale and on demand. Test techniques can be used in optimizing or minimizing number of tests. Test automation can be used to speed up testing.
Dr. Sean Tan, Head of Data Science, Changi Airport Group
Discover how Changi Airport Group (CAG) leverages graph technologies and generative AI to revolutionize their search capabilities. This session delves into the unique search needs of CAG’s diverse passengers and customers, showcasing how graph data structures enhance the accuracy and relevance of AI-generated search results, mitigating the risk of “hallucinations” and improving the overall customer journey.
A tale of scale & speed: How the US Navy is enabling software delivery from l...sonjaschweigert1
Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved:
- Reduction in onboarding time from 5 weeks to 1 day
- Improved developer experience and productivity through actionable findings and reduction of false positives
- Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO)
Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production.
We will cover:
- How to remove silos in DevSecOps
- How to build efficient development pipeline roles and component templates
- How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence)
- How to streamline operations with automated policy checks on container images
How DockerCoins works:
worker asks to rng to give it random bytes
worker feeds those random bytes into hasher
each hash starting with 0 is a DockerCoin
DockerCoins are stored in redis
redis is also updated every second to track speed
you can see the progress with the webui