HTML5 is great. Everyone thinks so. You just can't wait until the web has enough support for it, right? Well, there are plenty of tools you can use to make that dream a reality. Learn how to build on the HTML5 stack without looking behind your back the whole time. Modernizr provides the ideology behind doing this. Yepnope (Modernizr.load) provides the means for making it fast, and the polyfills do all the hard work to make your app consistent and beautiful... today.
If you had to rank the best and worst moments of your JavaScript life, you’d probably rank reading “The Good Parts” up towards the top, and deep down at the bottom of the list would be the day that you found out that you couldn’t make cross-domain requests in the browser. This talk covers the hacks, tips, and tricks to leave the Same Origin Policy in the dust. So grab a cookie, pad your JSON, and learn how to communicate properly.
Building Desktop RIAs with JavaScript and PHP - ZendCon09funkatron
Web runtimes like Adobe AIR, Titanium and webOS open up interesting possibilities for web developers, allowing them to leverage their existing skills to develop desktop applications. Aimed at current PHP developers, this talk will focus on common web application technologies - PHP, HTML, Javascript - and explore how to utilize them to create desktop "Rich Internet Applications."
If you want to build cool stuff and not just be a code monkey in a cubicle, then I recommend you start hacking today.
This is my intro talk for Yahoo's HackU program.
If you had to rank the best and worst moments of your JavaScript life, you’d probably rank reading “The Good Parts” up towards the top, and deep down at the bottom of the list would be the day that you found out that you couldn’t make cross-domain requests in the browser. This talk covers the hacks, tips, and tricks to leave the Same Origin Policy in the dust. So grab a cookie, pad your JSON, and learn how to communicate properly.
Building Desktop RIAs with JavaScript and PHP - ZendCon09funkatron
Web runtimes like Adobe AIR, Titanium and webOS open up interesting possibilities for web developers, allowing them to leverage their existing skills to develop desktop applications. Aimed at current PHP developers, this talk will focus on common web application technologies - PHP, HTML, Javascript - and explore how to utilize them to create desktop "Rich Internet Applications."
If you want to build cool stuff and not just be a code monkey in a cubicle, then I recommend you start hacking today.
This is my intro talk for Yahoo's HackU program.
Phishing and client-side exploitation DevOps for all your needs. Combine BeEF, PhishingFrenzy and your fishy business to automate most of the usual phishing workflow while minimising human interaction.
Remove web calls and scale your site like crazy !Wim Godden
Although tools like Varnish can improve performance and scalability for static sites, when user-specific content is needed, a hit to the PHP/Ruby/Python/.Net backend is still required, causing scalability issues. We'll look at a brand-new Nginx module which implements an ultra-fast and scalable solution to solve this problem, changing the way you think about designing sites with user-specific content.
Building a Multithreaded Web-Based Game Engine Using HTML5/CSS3 and JavaScrip...Corey Clark, Ph.D.
As hardware developer’s push away from creating faster processors in lieu of multicore architectures game developers have to leverage multithreading technologies to capitalize on these new devices. With multicore mobile devices the need for a multithreaded web based game engine is a reality. This talk will discuss design of various multithreaded web engine architectures. Two specific threading implementations will be discussed. First technique shows how to create a static thread that is registered with the engine with the same techniques as other loaded resource. A second technique will focus on using a Thread Controller, which has the ability to create dynamic generic threads that can be passed functions during run time and process them in parallel. This also allows for coupling threaded commands together thereby creating critical sections and other common multithreading techniques utilized in C++ coding.
Focus will also be placed on design consideration and operation performance. An example will be show that demonstrates how the proper coding style and data structures can make or break your design. Also timing and performance standards will be given for various browsers so users can understand the overall overhead and operational considerations that need to be considered when using threads in a browser based environment.
Technology and capability limitations will also be discussed so developers can understand the differences between multithreading in C++ native applications and JavaScript browser-based application. This will also include some tricks on how to design an architecture that allows for some workarounds. Other JavaScript APIs such as WebGL, and WebSockets will also be discussed and demonstrated to help show the full realization of a web based game engine.
Coding samples and architectural layouts will be shown to the audience to help drive home the concepts being discussed during the lecture. A functional HTML5 JavaScript Multithreaded Web Engine will be demonstrated during the lectured to show the overall functionality and performance of the techniques described.
A summary write up of a sample engine architecture is attached in the supplemental documents that gives a brief description and architectural figures. These will be integrated into the lecture to help visualize some of the concepts being discussed.
High Performance/Real-Time Web Applications can suffer from serial program execution, which can greatly decrease user experience, usability, application capabilities and overall performance. The new HTML5 WebWorker JavaScript API allows for multithreading in browser environment, which has removed serial code bottleneck that has always been an issue for processor intensive applications. Specifically at Game Theory Labs we were able to increase the performance of our application by 55% utilizing the techniques discussed. This meetup will show off the variations in the WebWorker API, associated overhead using the API, various WebWorker architectures (Inline vs External, Static vs Dynamic, Nested vs Shared) as well as implementing a 2-Tier Thread Management system that allows for generating child process outside of the main thread thereby increasing performance of handling/merging data between threads and the main application.
Rooting your internals - Exploiting Internal Network Vulns via the Browser Us...Michele Orru
Browser exploits are a primary attack vector to compromise a victims internal network, but they have major restrictions including; limited current browser exploits; the huge price for 0-day browser exploits; and exploit complexity due to sandboxing. So, instead of exploiting the victims browser, what if the victims browser exploited internal systems for you?
The new "BeEF Bind Exploit Proxy" module does this! This BeEF (Browser Exploitation Framework) module will allow penetration testers to proxy exploits through a victims web browser to compromise internal services. Not only this, but the new "BeEF Bind" shellcode also enables the communication channel to the attacker to pass back through the existing browser session.
This attack technique (Inter-protocol Exploitation) removes browser-based attacks from being dependent upon browser vulnerabilities. It increases the number of potential exploits to include many service vulnerabilities throughout the internal corporate network. This includes whatever service can be contacted via a browser request. This increases the success rate of client-side exploitation attempts by dramatically increasing the number of vulnerabilities accessible to the attacker.
So how does the new BeEF Bind Exploit Proxy work? BeEF is configured to use the BeEF Bind Exploit Proxy, and is set as the payload for XSS exploits or Phishing attacks. Once the victim visits the malicious site, their web browser becomes hooked and performs JavaScript port scanning across the internal corporate network looking for chosen open ports. Once a server has been identified, the BeEF server is notified and begins to send exploits through the hooked web browser to the service on the internal server. Each of these exploits are configured to use the new BeEF Bind shellcode.
Once an exploit has successfully triggered a vulnerability within the internal service, the BeEF Bind shellcode is executed. This shellcode is designed to setup a web-listener that proxies commands through to a shell on the compromised server. This allows the attacker to send commands through the hooked web browser to the BeEF Bind payload. The command is executed on the compromised server and returned to the web browser in HTTP responses. The hooked web browser is then able to receive the command output and proxy it back to the attacker at the BeEF server.
Penetration testers can now inject steroids into their XSS exploits by replacing simple alert boxes with demonstrations of actual compromised internal machines. They can also now increase the scope and success rate of their Phishing attacks to compromise internal servers. This new approach also minimizes the likelihood of IDS/IPS detection, and does not require an additional socket open back to the attacker via the firewall.
Web site owners use the /robots.txt file to give instructions about their site to web robots; this is called The Robots Exclusion Protocol.
It works likes this: a robot wants to vists a Web site URL, say http://www.example.com/welcome.html. Before it does so, it firsts checks for http://www.example.com/robots.txt, and finds:
User-agent: *
Disallow: /
Phishing and client-side exploitation DevOps for all your needs. Combine BeEF, PhishingFrenzy and your fishy business to automate most of the usual phishing workflow while minimising human interaction.
Remove web calls and scale your site like crazy !Wim Godden
Although tools like Varnish can improve performance and scalability for static sites, when user-specific content is needed, a hit to the PHP/Ruby/Python/.Net backend is still required, causing scalability issues. We'll look at a brand-new Nginx module which implements an ultra-fast and scalable solution to solve this problem, changing the way you think about designing sites with user-specific content.
Building a Multithreaded Web-Based Game Engine Using HTML5/CSS3 and JavaScrip...Corey Clark, Ph.D.
As hardware developer’s push away from creating faster processors in lieu of multicore architectures game developers have to leverage multithreading technologies to capitalize on these new devices. With multicore mobile devices the need for a multithreaded web based game engine is a reality. This talk will discuss design of various multithreaded web engine architectures. Two specific threading implementations will be discussed. First technique shows how to create a static thread that is registered with the engine with the same techniques as other loaded resource. A second technique will focus on using a Thread Controller, which has the ability to create dynamic generic threads that can be passed functions during run time and process them in parallel. This also allows for coupling threaded commands together thereby creating critical sections and other common multithreading techniques utilized in C++ coding.
Focus will also be placed on design consideration and operation performance. An example will be show that demonstrates how the proper coding style and data structures can make or break your design. Also timing and performance standards will be given for various browsers so users can understand the overall overhead and operational considerations that need to be considered when using threads in a browser based environment.
Technology and capability limitations will also be discussed so developers can understand the differences between multithreading in C++ native applications and JavaScript browser-based application. This will also include some tricks on how to design an architecture that allows for some workarounds. Other JavaScript APIs such as WebGL, and WebSockets will also be discussed and demonstrated to help show the full realization of a web based game engine.
Coding samples and architectural layouts will be shown to the audience to help drive home the concepts being discussed during the lecture. A functional HTML5 JavaScript Multithreaded Web Engine will be demonstrated during the lectured to show the overall functionality and performance of the techniques described.
A summary write up of a sample engine architecture is attached in the supplemental documents that gives a brief description and architectural figures. These will be integrated into the lecture to help visualize some of the concepts being discussed.
High Performance/Real-Time Web Applications can suffer from serial program execution, which can greatly decrease user experience, usability, application capabilities and overall performance. The new HTML5 WebWorker JavaScript API allows for multithreading in browser environment, which has removed serial code bottleneck that has always been an issue for processor intensive applications. Specifically at Game Theory Labs we were able to increase the performance of our application by 55% utilizing the techniques discussed. This meetup will show off the variations in the WebWorker API, associated overhead using the API, various WebWorker architectures (Inline vs External, Static vs Dynamic, Nested vs Shared) as well as implementing a 2-Tier Thread Management system that allows for generating child process outside of the main thread thereby increasing performance of handling/merging data between threads and the main application.
Rooting your internals - Exploiting Internal Network Vulns via the Browser Us...Michele Orru
Browser exploits are a primary attack vector to compromise a victims internal network, but they have major restrictions including; limited current browser exploits; the huge price for 0-day browser exploits; and exploit complexity due to sandboxing. So, instead of exploiting the victims browser, what if the victims browser exploited internal systems for you?
The new "BeEF Bind Exploit Proxy" module does this! This BeEF (Browser Exploitation Framework) module will allow penetration testers to proxy exploits through a victims web browser to compromise internal services. Not only this, but the new "BeEF Bind" shellcode also enables the communication channel to the attacker to pass back through the existing browser session.
This attack technique (Inter-protocol Exploitation) removes browser-based attacks from being dependent upon browser vulnerabilities. It increases the number of potential exploits to include many service vulnerabilities throughout the internal corporate network. This includes whatever service can be contacted via a browser request. This increases the success rate of client-side exploitation attempts by dramatically increasing the number of vulnerabilities accessible to the attacker.
So how does the new BeEF Bind Exploit Proxy work? BeEF is configured to use the BeEF Bind Exploit Proxy, and is set as the payload for XSS exploits or Phishing attacks. Once the victim visits the malicious site, their web browser becomes hooked and performs JavaScript port scanning across the internal corporate network looking for chosen open ports. Once a server has been identified, the BeEF server is notified and begins to send exploits through the hooked web browser to the service on the internal server. Each of these exploits are configured to use the new BeEF Bind shellcode.
Once an exploit has successfully triggered a vulnerability within the internal service, the BeEF Bind shellcode is executed. This shellcode is designed to setup a web-listener that proxies commands through to a shell on the compromised server. This allows the attacker to send commands through the hooked web browser to the BeEF Bind payload. The command is executed on the compromised server and returned to the web browser in HTTP responses. The hooked web browser is then able to receive the command output and proxy it back to the attacker at the BeEF server.
Penetration testers can now inject steroids into their XSS exploits by replacing simple alert boxes with demonstrations of actual compromised internal machines. They can also now increase the scope and success rate of their Phishing attacks to compromise internal servers. This new approach also minimizes the likelihood of IDS/IPS detection, and does not require an additional socket open back to the attacker via the firewall.
Web site owners use the /robots.txt file to give instructions about their site to web robots; this is called The Robots Exclusion Protocol.
It works likes this: a robot wants to vists a Web site URL, say http://www.example.com/welcome.html. Before it does so, it firsts checks for http://www.example.com/robots.txt, and finds:
User-agent: *
Disallow: /
RTCMultiConnection is an open-source WebRTC wrapper Library for all RTCWeb API.
RTCMultiConnection is the only "Dynamic" WebRTC Library on the Web!
http://www.rtcmulticonnection.org/
Why Toastmasters - The story of a fishermanRaj Lal
If you are wondering why should we do toastmasters, when you don't have to speak everyday and public speaking makes you nervous. This might be the story for you.
https://www.linkedin.com/pulse/why-toastmasters-story-fisherman-raj-lal
Some of the very things that make JavaScript awesome can also leave it exposed. Guy Podjarny and Danny Grander walk through some sample security flaws unique to Node’s async nature and surrounding ecosystem (or especially relevant to it)—e.g., memory leaks via the buffer object, ReDoS and other algorithmic DoS attacks (which impact Node due to its single-threaded nature), and timing attacks leveraging the EventLoop—and show how these could occur in your own code or in npm dependencies.
What echo/noise occurs? Is there any solution to manage echo in WebRTC?
What is echo cancellation support on mobile platforms?
AEC or AECM?
This presentation mainly focused on role of echo in WebRTC and echo cancellation solutions using AEC and maybe AECM!
How WebRTC ushers the next wave of e-Learning innovationTsahi Levent-levi
In recent years, the education sector is going through a transition brought about by new technologies and the need to address the changing employment marketplace.
WebRTC brings with it new opportunities in the e-Learning space by opening the path to innovative tutoring options and business models. Many companies - big and small - are experimenting and launching learning systems that embed real time communications in them.
In this webinar, we will cover this new and challenging domain, and learn how it fits the education sector.
Key topics covered:
* What is WebRTC?
* WebRTC use cases related to education
* Development challenges of WebRTC, and how to overcome them
ViziCities - Lessons Learnt Visualising Real-world Cities in 3DRobin Hawkes
ViziCities is an open-source 3D city visualisation platform powered by JavaScript, WebGL and many other cutting-edge Web technologies. Think SimCity meets the real world!
In this talk, Robin Hawkes, ViziCities’ creator will highlight the development issues experienced along the way and show you how he overcame them – ranging from how you tackle the realtime processing of thousands of 3D buildings without locking up the browser, to how you visualise the entire world without needing a server or your own geographic data source.
There are tons of awesome new tools produced by terrific companies and developers that get everyone excited about using their fancy new tool-set by essentially starting from scratch. This talk is not about using a fancy new framework and rewriting your entire application. As a developer who has spent the majority of his time working in legacy codebases where the first commits pre-date jQuery, it's hard not to get wrapped up in the "I want to rewrite the whole app with X" mentality. But in reality, time constraints or just the legacy framework you're building your apps with doesn't allow for that. Or, more realistically, it just needs to work and there is no business case for a rewrite. What this talk will show you how you can still enhance your front-end operation within an existing legacy codebase. I'll talk about first steps to modularizing a monolith, or simply taking a portion of a legacy app and modernizing it with a new toolset. This not only helps you as a developer to succeed with new tools, it makes you feel like you aren't being left behind in the modern world. Whether you're using legacy jQuery, or just some crammed together JavaScript, you shouldn't lose the ability to modernize your application, just because you can't buy in 100% to a modern framework.
Tips on how to break apart your monolithic JavaScript
Building an extension method to modularize your application
Creating backcompat methods for legacy code modernization
Using a modern framework for a portion of your app, and integrating that with your existing code.
Other considerations (minification, module loaders, tests, etc)
Reuven Lerner's presentation from Open Ruby Day in Herzliya, Israel on June 27th, 2010. I covered a few tools that are not part of Rails, but which help you with deployment,
The Art Of Performance Tuning - with presenter notes!Jonathan Ross
A somewhat more verbose version of https://www.slideshare.net/JonathanRoss74/the-art-of-performance-tuning.
Presented at JavaOne 2017 [CON4027], this presentation takes a practical, hands-on look at Java performance tuning. It discusses methodology (spoiler: it’s the scientific method) and how to apply it to Java SE systems (on any budget). Exploring concrete examples with tools such as the Oracle Java Mission Control feature of Oracle Java SE Advanced, VisualVM, YourKit, and JMH, the presentation focuses on ways of measuring performance, how to interpret data, ways of eliminating bottlenecks, and even how to avoid future performance regressions.
DockerCon EU 2015 in Barcelona
Practical tips for using Docker to run tests during development, CI/CD, and different strategies for speeding up the run of your test suite by using parallel pipelines in containers.
The jet tool used to demonstrate parallel testing is available here: https://codeship.com/documentation/docker/installation/
DockerCon EU 2015: Stop Being Lazy and Test Your Software!Docker, Inc.
Presented by Laura Frank, Engineer, Codeship
Testing software is necessary, no matter the size or status of your company. Introducing Docker to your development workflow can help you write and run your testing frameworks more efficiently, so that you can always deliver your best product to your customers and there are no excuses for not writing tests anymore. You’ll walk away from this talk with practical advice for using Docker to run your test frameworks more efficiently, as well as some solid knowledge of software testing principles.
This was a talk given internally at BloomReach as well as a guest lecture to a grad level Data Structures and Algorithms class at the University of Texas at Arlington.
A Deep dive on the history of containers, and how they work under the cover utilizing Linux Kernel features such as Process Namespaces and Control Groups.
I also go over a bit of the history of Container technology, going from Chroot and Jails and Zones, to LXC and Docker
The Coming Earthquake in WebSphere Application Server Configuration Management DevOps.com
A marketing-free, engineering-led webinar: What was “state of the art” in configuration management has changed a lot in just a few years. It is about to change a lot more. Hear DevOps and IT automation practitioners and visionaries outline recent configuration management evolution and contrast that to the coming revolution which includes automatic drift detection, automatic config comparisons and auto-remediation of out-of-compliance configurations. Q&A afterwards.
The Coming Earthquake in WebSphere Application Server Configuration ManagementDeborah Schalm
A marketing-free, engineering-led webinar: What was “state of the art” in configuration management has changed a lot in just a few years. It is about to change a lot more. Hear DevOps and IT automation practitioners and visionaries outline recent configuration management evolution and contrast that to the coming revolution which includes automatic drift detection, automatic config comparisons and auto-remediation of out-of-compliance configurations. Q&A afterwards.
The Coming Earthquake in IIS and SQL Configuration ManagementJules Pierre-Louis
A marketing-free, engineering-led webinar: What was “state of the art” in IIS configuration management has changed a lot in just a few years. It is about to change a lot more. Hear DevOps and IT automation practitioners and visionaries outline recent IIS configuration management evolution and contrast that to the coming revolution. Q&A afterwards.
2019 PHP Serbia - Boosting your performance with BlackfireMarko Mitranić
We aim to dispel the notion that large PHP applications tend to be sluggish, resource-intensive and slow compared to what the likes of Python, Erlang or even Node can do. The issue is not with optimising PHP internals - it's the lack of proper introspection tools and getting them into our every day workflow that counts! In this workshop we will talk about our struggles with whipping PHP Applications into shape, as well as work together on some of the more interesting examples of CPU or IO drain.
Building a µservice with Kotlin, Micronaut & GCPRobert MacLean
In this session, Robert will take the audience through the real-life learnings he has gained in building microservices for a large UK retailer using Kotlin, Micronaut, DataStore and running it on GCP.
This session is meant to be practical in its advice and is targetted at those new to Kotlin and microservice development and attendees can expect to walk away knowing how to get started in this space.
While GCP, in particular, DataStore, Storage, and GKE will be mentioned they are not the core focus with about 10min of the talk focused on that (and the bulk of that being on DataStore).
First shared at DevFest 2019
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
16. make your life easier
care about good experiences, not identical experiences
17. you’ve heard this all before
re: every article written in the past year
http://www.slideshare.net/nzakas/progressive-
enhancement-20-conference-agnostic
18. you can’t beat his analogy
consumption device :: content
television :: television show
web browser :: web page
http://www.slideshare.net/nzakas/progressive-enhancement-20-conference-agnostic
19. tv
http://www.slideshare.net/nzakas/progressive-enhancement-20-conference-agnostic
20. tv :: web browser
http://www.slideshare.net/nzakas/progressive-enhancement-20-conference-agnostic
21. sweet sweet
TAFEE (pronounced: taffy): tiered, adaptive front-
end experiences. Customizing the experience to the unique
capabilities of each browser, prioritizing a fast and good UX
over consistency.
definition from the book of Paul Irish
22. make your life easier
use the right tools for you
but definitely use them
23. modernizr
an object of named booleans
an ideology
in the ‘not-creepy-and-with-exceptions’ kind of way
32. obligatory browser sniff PSA
Ask Mike Taylor (here) how the Opera 10.0 release went.
Opera/9.80 (Windows NT 5.1; U; cs) Presto/2.2.15 Version/10.00
33. obligatory browser sniff PSA
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_1) AppleWebKit/535.6
(KHTML, like Gecko) Chrome/16.0.899.0 Safari/535.6
35. roll your own
you can
but steal the tests from modernizr, plz
feature testing can even be hard w/ false positives
you can should always just run a build
36. challenge : speed
some argue that feature testing is too slow
solution : cache your tests, only run what you need
37. challenge : false positives
we’re hard-pressed to get touch events exactly right
you _have_ localstorage, but you disabled it? wtf.
SECURITY WARNING ALERT POPUP
linux video drivers, lol
46. breakdown
Low-res: IE6 and Feature Phones (IE7&8 for cool kids)
SD : Lots of mobile, IE9 (or 7&8), <=FF3
HD : Chrome, Safari, FF 7, etc
These breakdowns happen based on feature tests, not because
you singled them out.
51. polyfills
coined by remy sharp in Introducing HTML5
regressive enhancement
fills the gaps between browsers on the same ‘definition’
_not_ necessarily _across_ definitions
52. too many to count
https://github.com/Modernizr/Modernizr/wiki/HTML5-
Cross-Browser-Polyfills
- we all have a passion for this or we wouldn&#x2019;t put up with it\n- the new stuff that is _possible_ is absolutely mind blowing\n- constraints are an implementation detail\n\n
- it&#x2019;s all cool, but it&#x2019;s all different, and hardly mainstream\n
- you want what your clients and users want\n- your clients and users are likely completely unqualified to explain to you what they want (technically)\n\n
- there&#x2019;s the bugs\n- there&#x2019;s the missing features (apis and actual browser chrome features)\n- there&#x2019;s the sheer speed difference\n
\n
- this is a primer to the main idea of the talk. you must buy into this for any of the rest to matter\n- free consistency is obviously ideal, but careful differentiation is most practical \n
- these are mostly ideas i stole from other smart people\n
\n
\n
\n
- technically he wanted to call it SAFE, which was way worse. I came up with the TAFEE name. straight up.\n- ooh a cool name for something we&#x2019;ve seen already. next thing you know html5 will have a logo\n- names can be important for buy-in of the masses. use it. your boss loves acronyms.\n
\n
\n
\n
\n
\n
\n
- iepp as well\n
\n
\n
from msdn on how to detect ie\n
- \n
- What browser is this?\n
\n
feature-tests directory\n
\n
\n
- break here. go to modernizr.com - go to the builder - run it.\n- copy the code\n- paste into a jsbin\n- use it an &#x2018;alert&#x2019; example\n- move on\n
\n
\n
\n
paul irish&#x2019;s low res sd and hd\n
\n
And then consider how you could use yepnope to run those 3 resolutions\n