weblaps.pro - secure way to get passwords of local administrators managed by LAPS. Web portal with 2FA, extended audit log, flexible access control and other paranoid security features. Mobile app helps to use LAPS passwords in more convenient way.
This document summarizes an event about Microsoft 365 Copilot hosted by Pune Tech Community. The event featured a presentation and demo of M365 Copilot by Vignesh Ganesan. Copilot is an AI assistant currently in early access that can help automate tasks across M365 apps like Word, PowerPoint, Excel, Outlook and Teams. The presentation provided an overview of Copilot's capabilities, a demo of its features, and discussed considerations for enterprises looking to pilot Copilot, including technical prerequisites, licensing costs, and developing a pilot program. Useful resources for learning more about Copilot were also shared.
The document lists the executive team of a company and then provides information about SIEM integration, escalation, use cases, and an informational interview. It discusses how SIEM can integrate with various platforms and software to secure them from threats. It also describes how SIEM has escalated to work with different technologies over time and provides security updates. The informational interview covers benefits of SIEM, investment aspects, data storage strategies, analytics techniques, challenges, cloud capabilities, and skills needed for implementation.
20210906-Nessus-FundamentalInfoSec.ppsxSuman Garai
This PowerPoint presentation offers a comprehensive guide to Nessus Essentials, a vulnerability scanning tool used by cybersecurity professionals. It covers the history and background of Nessus, the hardware requirements, and the installation procedure. The presentation showcases the features and functionalities available in Nessus, including its ability to identify vulnerabilities and malware infections. Best practices for using the tool effectively are also discussed. The presentation concludes by summarizing the key takeaways and offering insights on the future of Nessus Essentials. This presentation is suitable for cybersecurity professionals, IT administrators, and beginners seeking to learn about Nessus and its capabilities.
Azure AD Privileged Identity Management (PIM) allows just-in-time access to privileged roles in Azure AD and Azure resources. It requires approval and multi-factor authentication to activate time-bound privileged roles. PIM also enables access reviews, notifications, and audit history to provide oversight of privileged access. PIM requires an Azure AD Premium P2, EMS E5, or Microsoft 365 M5 license and designates the first user who enables it as the initial Privileged Role Administrator.
This document summarizes an event about Microsoft 365 Copilot hosted by Pune Tech Community. The event featured a presentation and demo of M365 Copilot by Vignesh Ganesan. Copilot is an AI assistant currently in early access that can help automate tasks across M365 apps like Word, PowerPoint, Excel, Outlook and Teams. The presentation provided an overview of Copilot's capabilities, a demo of its features, and discussed considerations for enterprises looking to pilot Copilot, including technical prerequisites, licensing costs, and developing a pilot program. Useful resources for learning more about Copilot were also shared.
The document lists the executive team of a company and then provides information about SIEM integration, escalation, use cases, and an informational interview. It discusses how SIEM can integrate with various platforms and software to secure them from threats. It also describes how SIEM has escalated to work with different technologies over time and provides security updates. The informational interview covers benefits of SIEM, investment aspects, data storage strategies, analytics techniques, challenges, cloud capabilities, and skills needed for implementation.
20210906-Nessus-FundamentalInfoSec.ppsxSuman Garai
This PowerPoint presentation offers a comprehensive guide to Nessus Essentials, a vulnerability scanning tool used by cybersecurity professionals. It covers the history and background of Nessus, the hardware requirements, and the installation procedure. The presentation showcases the features and functionalities available in Nessus, including its ability to identify vulnerabilities and malware infections. Best practices for using the tool effectively are also discussed. The presentation concludes by summarizing the key takeaways and offering insights on the future of Nessus Essentials. This presentation is suitable for cybersecurity professionals, IT administrators, and beginners seeking to learn about Nessus and its capabilities.
Azure AD Privileged Identity Management (PIM) allows just-in-time access to privileged roles in Azure AD and Azure resources. It requires approval and multi-factor authentication to activate time-bound privileged roles. PIM also enables access reviews, notifications, and audit history to provide oversight of privileged access. PIM requires an Azure AD Premium P2, EMS E5, or Microsoft 365 M5 license and designates the first user who enables it as the initial Privileged Role Administrator.
Pentest ekiplerinin kullandığı Kali dağıtımı ile Linux dünyasına giriş dökümanıdır. Bu döküman; güvenlik alanına giriş yapmak isteyen insanların Türkçe kaynak problemini gidermeyi amaçlayarak hazırlanmıştır. Bu açık kaynak projesine katkı sağlamak isteyen gönüllü linux kullanıcıları ise bize ulaşabilirler. Yazım hatası, anlam karmaşası, yanlış bilgi veya iyileştirmeler için mehmet.ince@intelrad.com adresine mail atabilirsiniz. İyi çalışmalar.
A Collaborative Data Science Development WorkflowDatabricks
Collaborative data science workflows have several moving parts, and many organizations struggle with developing an efficient and scalable process. Our solution consists of data scientists individually building and testing Kedro pipelines and measuring performance using MLflow tracking. Once a strong solution is created, the candidate pipeline is trained on cloud-agnostic, GPU-enabled containers. If this pipeline is production worthy, the resulting model is served to a production application through MLflow.
The document provides an overview of Salesforce, including:
- What Salesforce is and its multi-tenant architecture model
- The concepts of cloud computing, platforms and applications moving to the cloud
- Details on the Salesforce editions, features like reports, dashboards, and customization controls
- How the Force.com platform works using the model-view-controller pattern
- Advantages of Salesforce like scalability and lower costs versus some limitations around data protection and fit for small companies.
CyberArk Training is Privileged Account Security Solutions across the global organizations. Best CyberArk Online Training and corporate Training by experts
Module 2: AWS Foundational Services - AWSome Day Online ConferenceAmazon Web Services
Module 2: AWS Infrastructure – Compute, Storage and Networking
This module will cover:
- Modern Data Center Design Models
- Amazon Elastic Cloud Compute (EC2) concepts including instance types and families, AMIs and meta and user data
- Storage Concepts including Amazon Simple Storage Service (S3)
- Networking Concepts
- Amazon Virtual Private Cloud (VPC) concepts
This SAP security course syllabus covers key topics such as the different layers of SAP security including data, access, and operational security. It addresses user administration, authorization objects, roles and role transportation. The syllabus also examines client administration, background jobs, transport management and monitoring within the context of the SAP R/3 architecture.
The document discusses Cisco VPN solutions, including an introduction to IPSec and IPSec VPN topologies. It provides information on Cisco site-to-site VPN solutions and the basics of initiating an IPSec session through phase one and two negotiations. It also briefly summarizes encrypting and decrypting packets, rebuilding security associations, and provides a simple IPSec configuration example.
This session will provide a basic overview of Microsoft 365 and will then dive into how to position its benefits for customers. You'll learn how the Microsoft 365 features help resolve many common business challenges today and how you should be speaking with customers about these.
This document provides an overview of the Power Platform suite from Microsoft, including Power BI, Power Apps, Power Automate, and Power Virtual Agents. It outlines the key features and capabilities of each product, as well as pricing and certification information. The Power Platform allows users to analyze and visualize data, build applications, automate workflows, and create conversational bots and virtual agents. It offers self-service options for a variety of users and helps reduce dependency on third parties through integration with Microsoft tools and a common data platform.
Christian Buckley is the Director of Product Evangelism at Axceler. He has extensive experience with Microsoft technologies such as SharePoint and has worked for Microsoft and other companies. He is the author of several books on software configuration management and SharePoint.
When planning a SharePoint migration, it is important to understand customizations on the source system, plan the migration schedule and type of migration, plan for file shares and content migration, and plan taxonomy, metadata and tagging strategies. Not doing proper planning can lead to issues with content being migrated or found.
Windows management for a modern workplace
As companies embrace the modern workplace, they’re also evolving their approach to managing and deploying Windows 10 and Office 365 ProPlus. Flexibility, security and ease are at the core of providing a better user experience, and a lower TCO.
Introduction to the what, when, why, where, and who of conducting website content inventories and audits, with tips on auditing for content quality, performance, and competitive advantage.
2022 APIsecure_Passwordless Multi-factor Authentication Security and IdentityAPIsecure_ Official
APIsecure - April 6 & 7, 2022
APIsecure is the world’s first conference dedicated to API threat management; bringing together breakers, defenders, and solutions in API security.
Passwordless Multi-factor Authentication Security and Identity
Sal Karatas, CEO at SAASPASS
Pentest ekiplerinin kullandığı Kali dağıtımı ile Linux dünyasına giriş dökümanıdır. Bu döküman; güvenlik alanına giriş yapmak isteyen insanların Türkçe kaynak problemini gidermeyi amaçlayarak hazırlanmıştır. Bu açık kaynak projesine katkı sağlamak isteyen gönüllü linux kullanıcıları ise bize ulaşabilirler. Yazım hatası, anlam karmaşası, yanlış bilgi veya iyileştirmeler için mehmet.ince@intelrad.com adresine mail atabilirsiniz. İyi çalışmalar.
A Collaborative Data Science Development WorkflowDatabricks
Collaborative data science workflows have several moving parts, and many organizations struggle with developing an efficient and scalable process. Our solution consists of data scientists individually building and testing Kedro pipelines and measuring performance using MLflow tracking. Once a strong solution is created, the candidate pipeline is trained on cloud-agnostic, GPU-enabled containers. If this pipeline is production worthy, the resulting model is served to a production application through MLflow.
The document provides an overview of Salesforce, including:
- What Salesforce is and its multi-tenant architecture model
- The concepts of cloud computing, platforms and applications moving to the cloud
- Details on the Salesforce editions, features like reports, dashboards, and customization controls
- How the Force.com platform works using the model-view-controller pattern
- Advantages of Salesforce like scalability and lower costs versus some limitations around data protection and fit for small companies.
CyberArk Training is Privileged Account Security Solutions across the global organizations. Best CyberArk Online Training and corporate Training by experts
Module 2: AWS Foundational Services - AWSome Day Online ConferenceAmazon Web Services
Module 2: AWS Infrastructure – Compute, Storage and Networking
This module will cover:
- Modern Data Center Design Models
- Amazon Elastic Cloud Compute (EC2) concepts including instance types and families, AMIs and meta and user data
- Storage Concepts including Amazon Simple Storage Service (S3)
- Networking Concepts
- Amazon Virtual Private Cloud (VPC) concepts
This SAP security course syllabus covers key topics such as the different layers of SAP security including data, access, and operational security. It addresses user administration, authorization objects, roles and role transportation. The syllabus also examines client administration, background jobs, transport management and monitoring within the context of the SAP R/3 architecture.
The document discusses Cisco VPN solutions, including an introduction to IPSec and IPSec VPN topologies. It provides information on Cisco site-to-site VPN solutions and the basics of initiating an IPSec session through phase one and two negotiations. It also briefly summarizes encrypting and decrypting packets, rebuilding security associations, and provides a simple IPSec configuration example.
This session will provide a basic overview of Microsoft 365 and will then dive into how to position its benefits for customers. You'll learn how the Microsoft 365 features help resolve many common business challenges today and how you should be speaking with customers about these.
This document provides an overview of the Power Platform suite from Microsoft, including Power BI, Power Apps, Power Automate, and Power Virtual Agents. It outlines the key features and capabilities of each product, as well as pricing and certification information. The Power Platform allows users to analyze and visualize data, build applications, automate workflows, and create conversational bots and virtual agents. It offers self-service options for a variety of users and helps reduce dependency on third parties through integration with Microsoft tools and a common data platform.
Christian Buckley is the Director of Product Evangelism at Axceler. He has extensive experience with Microsoft technologies such as SharePoint and has worked for Microsoft and other companies. He is the author of several books on software configuration management and SharePoint.
When planning a SharePoint migration, it is important to understand customizations on the source system, plan the migration schedule and type of migration, plan for file shares and content migration, and plan taxonomy, metadata and tagging strategies. Not doing proper planning can lead to issues with content being migrated or found.
Windows management for a modern workplace
As companies embrace the modern workplace, they’re also evolving their approach to managing and deploying Windows 10 and Office 365 ProPlus. Flexibility, security and ease are at the core of providing a better user experience, and a lower TCO.
Introduction to the what, when, why, where, and who of conducting website content inventories and audits, with tips on auditing for content quality, performance, and competitive advantage.
2022 APIsecure_Passwordless Multi-factor Authentication Security and IdentityAPIsecure_ Official
APIsecure - April 6 & 7, 2022
APIsecure is the world’s first conference dedicated to API threat management; bringing together breakers, defenders, and solutions in API security.
Passwordless Multi-factor Authentication Security and Identity
Sal Karatas, CEO at SAASPASS
Заполучили права администратора домена? Игра еще не оконченаPositive Hack Days
Получение прав администратора домена не всегда означает, что сразу появляется доступ ко всем хостам, общим ресурсам или базам данных сети. Хитрость в том, чтобы найти нужный аккаунт. Докладчик приведет примеры различных сценариев внутреннего тестирования на проникновение, расскажет о сложностях, с которыми столкнулась его команда и о том, как разрабатывался инструмент, позволивший справиться с ними.
Deploying privileged access workstations (PAWs) is part of a strategy to limit credential theft and lateral movement in an organization's network. PAWs are hardened administrative workstations designed to isolate privileged accounts and limit the exposure of credentials. An effective PAW strategy involves deploying dedicated hardware for administrators, applying security group policies and logon restrictions, and implementing additional controls like multi-factor authentication and device whitelisting.
Eyes Wide Shut: What Do Your Passwords Do When No One is Watching?BeyondTrust
Catch the full webinar here: https://www.beyondtrust.com/resources/webinar/eyes-wide-shut-passwords-no-one-watching/?access_code=a4cd9bc071c923daab48132b0bb2e4f3
Check out this presentation from the intensivewebinar of
Paula Januszkiewicz, CEO CQURE, penetration tester and mentor of CQURE Academy. Paula demonstrates common encryption and decryption password in use today, with an eye toward revealing technology holes and weaknesses that put passwords at risk. Paula will also demonstrate how to locate passwords in some unexpected places, and then walk you through mitigation of these risks.
Protecting Windows Passwords and Preventing Windows Computer / Password AttacksZoho Corporation
Derek Melber, Technical Evangelist for the AD Solutions team at ManageEngine and one of only 12 Microsoft Group Policy MVPs in the world, from his extensive knowledge in the Windows Active Directory security domain shares practical tips on the various ways to protect a computer / organization from Windows computer / password attacks. Gain strength from the detailed 14 tips and tricks!
Practical security - access control, least privilege, cryptography at work, security attacks and pen testing your system with MetaSploit. The enemy knows the system. Not security by obscurity
This document discusses deploying Privileged Access Workstations (PAWs) to limit credential theft and lateral movement in an attack. It describes common attack scenarios where attackers leverage stolen credentials to escalate privileges and access sensitive systems. PAWs aim to address this by restricting which accounts can be used to log on to different systems using techniques like logon restrictions, network segmentation, and credential hardening. The document provides guidance on implementing a phased PAW deployment starting with administrative systems and extending to other privileged accounts.
This document provides an overview of different techniques for implementing single sign-on (SSO):
- LTPA is IBM's default SSO mechanism, using a Base64 encoded token containing user identity and expiration time.
- SAML resolves domain boundaries using cookies and requires additional software, using XML assertion tokens between an identity provider and service provider.
- OAuth allows external apps to access user data in Connections by obtaining a token after the user logs into Connections.
- SPNEGO provides SSO by logging into Windows and accessing IBM software without additional logins. External security managers can also manage access to protected resources across applications.
This presentation is intended to provide an overview of vulnerabilities and attack techniques that are popular in penetration testing at the moment. This talk includes real-world examples of attacks that they use on a daily basis, and some reflections on what techniques have changed over the last year. Vulnerabilities related to the application, network, and server layers will all be covered along with current anti-virus bypass and privilege escalation techniques used by attackers and penetration testers. This presentation should be interesting to security professionals and system administrators looking for more insight into real world attacks.
More security blogs by the authors can be found @
https://www.netspi.com/blog/
Feature presentation of Password Pusher (https://pwpush.com) with media assets and an explanation of major points.
Can be used as a basis for other presentations covering Password Pusher.
---------------------------------
Password Pusher is an application to communicate passwords over the web. Links to passwords expire after a certain number of views and/or time has passed.
Hosted at pwpush.com or you can run your own private instance wherever you like.
The source code is on Github. It’s opensource and free for anyone to use, review or modify.
------------------------------------------------
Hitachi ID provides privileged access management solutions to secure administrative passwords across on-premises and cloud applications. The presentation discusses Hitachi ID's corporate overview and product suite, focusing on its privileged access manager which randomizes privileged passwords daily, controls password disclosure, and provides logging and reporting for accountability. It also describes the fault-tolerant architecture with replicated password vaults across multiple sites to prevent data loss or service disruption in case of server crashes or site disasters.
Attack All the Layers - What's Working in Penetration TestingNetSPI
The document discusses techniques for attacking different layers during a penetration test. It covers attacking protocols like ARP, NBNS, SMB, PXE and DTP. It also discusses attacking passwords by cracking hashes, dictionary attacks, and dumping passwords in cleartext. Additionally, it covers attacking applications, bypassing endpoint protection, and escalating privileges on Windows systems locally and within a domain. The overall message is that penetration testers should attack all layers of the stack during a test to fully evaluate security.
Attack All The Layers - What's Working in Penetration TestingNetSPI
The document discusses techniques for attacking different layers during a penetration test. It covers attacking protocols like ARP, NBNS, SMB, PXE and DTP. It also discusses attacking passwords by cracking hashes, dictionary attacks, and dumping passwords in cleartext. Application attacks like SQL injection and directory traversals are mentioned. Bypassing endpoint protection through code injection and modifying application whitelisting is covered. Windows privilege escalation techniques like exploiting insecure service configurations and dumping credentials from memory are also summarized. The conclusions state that most networks and protocols have vulnerabilities but can be fixed through proper controls and patching.
Attack All the Layers: What's Working during Pentests (OWASP NYC)Scott Sutherland
This presentation is intended to provide an overview of vulnerabilities and attack techniques that are popular in penetration testing at the moment. Vulnerabilities related to the application, network, and server layers will be covered along with current anti-virus bypass and privilege escalation techniques used by attackers and penetration testers. This presentation should be interesting to security professionals and system administrators looking for more insight into real world attacks.
This is the version modified for the OWASP meeting in June of 2014.
Security is more critical than ever with new computing environments in the cloud and expanding access to the Internet. There are a number of security protection mechanisms available for MongoDB to ensure you have a stable and secure architecture for your deployment. We'll walk through general security threats to databases and specifically how they can be mitigated for MongoDB deployments.
Exploiting Active Directory Administrator InsecuritiesPriyanka Aash
"Defenders have been slowly adapting to the new reality: Any organization is a target. They bought boxes that blink and software that floods the SOC with alerts. None of this matters as much as how administration is performed: Pop an admin, own the system. Admins are being dragged into a new paradigm where they have to more securely administer the environment. What does this mean for the pentester or Red Teamer?
Admins are gradually using better methods like two-factor and more secure administrative channels. Security is improving at many organizations, often quite rapidly. If we can quickly identify the way that administration is being performed, we can better highlight the flaws in the admin process.
This talk explores some common methods Active Directory administrators (and others) use to protect their admin credentials and the flaws with these approaches. New recon methods will be provided on how to identify if the org uses an AD Red Forest (aka Admin Forest) and what that means for one hired to test the organization's defenses, as well as how to successfully avoid the Red Forest and still be successful on an engagement.
Some of the areas explored in this talk:
Current methods organizations use to administer Active Directory and the weaknesses around them.
Using RODCs in the environment in ways the organization didn't plan for (including persistence).
Exploiting access to agents typically installed on Domain Controllers and other highly privileged systems to run/install code when that's not their typical purpose.
Discovering and exploiting an AD forest that leverages an AD Admin Forest (aka Red Forest) without touching the Admin Forest.
If you are wondering how to pentest/red team against organizations that are improving their defenses, this talk is for you. If you are a blue team looking for inspiration on effective defenses, this talk is also for you to gain better insight into how you can be attacked."
This document introduces Ranger, an automated Windows attack tool that uses methods like WMIEXEC, SMBEXEC, and PSEXEC to quickly access and exploit targets in a stealthy manner. It summarizes Ranger's capabilities such as identifying systems an account has access to, executing code without dropping payloads, and automatically logging results. The document outlines how Ranger delivers payloads through an HTTP catapult server and employs techniques like double encoding and direct memory injection to avoid detection. It also describes how Ranger can take input like IP ranges/files and output aggregated credential data. Mitigations like credential hygiene practices and PowerShell logging are proposed to prevent Ranger attacks.
Database Security Threats - MariaDB Security Best PracticesMariaDB plc
The document discusses security best practices and features for MariaDB and MaxScale databases. It describes threats like SQL injection, denial of service attacks, and excessive trust. It recommends defenses like limiting network access, restricting user privileges, and enabling encryption, auditing, and firewall features. It also explains how MaxScale provides selective data masking, database firewall filtering, and other protections to prevent unauthorized access and secure sensitive data.
Similar to MS LAPS protection: portal for secure access to local admin passwords (20)
What is an RPA CoE? Session 1 – CoE VisionDianaGray10
In the first session, we will review the organization's vision and how this has an impact on the COE Structure.
Topics covered:
• The role of a steering committee
• How do the organization’s priorities determine CoE Structure?
Speaker:
Chris Bolin, Senior Intelligent Automation Architect Anika Systems
Discover top-tier mobile app development services, offering innovative solutions for iOS and Android. Enhance your business with custom, user-friendly mobile applications.
Skybuffer SAM4U tool for SAP license adoptionTatiana Kojar
Manage and optimize your license adoption and consumption with SAM4U, an SAP free customer software asset management tool.
SAM4U, an SAP complimentary software asset management tool for customers, delivers a detailed and well-structured overview of license inventory and usage with a user-friendly interface. We offer a hosted, cost-effective, and performance-optimized SAM4U setup in the Skybuffer Cloud environment. You retain ownership of the system and data, while we manage the ABAP 7.58 infrastructure, ensuring fixed Total Cost of Ownership (TCO) and exceptional services through the SAP Fiori interface.
Introduction of Cybersecurity with OSS at Code Europe 2024Hiroshi SHIBATA
I develop the Ruby programming language, RubyGems, and Bundler, which are package managers for Ruby. Today, I will introduce how to enhance the security of your application using open-source software (OSS) examples from Ruby and RubyGems.
The first topic is CVE (Common Vulnerabilities and Exposures). I have published CVEs many times. But what exactly is a CVE? I'll provide a basic understanding of CVEs and explain how to detect and handle vulnerabilities in OSS.
Next, let's discuss package managers. Package managers play a critical role in the OSS ecosystem. I'll explain how to manage library dependencies in your application.
I'll share insights into how the Ruby and RubyGems core team works to keep our ecosystem safe. By the end of this talk, you'll have a better understanding of how to safeguard your code.
For the full video of this presentation, please visit: https://www.edge-ai-vision.com/2024/06/temporal-event-neural-networks-a-more-efficient-alternative-to-the-transformer-a-presentation-from-brainchip/
Chris Jones, Director of Product Management at BrainChip , presents the “Temporal Event Neural Networks: A More Efficient Alternative to the Transformer” tutorial at the May 2024 Embedded Vision Summit.
The expansion of AI services necessitates enhanced computational capabilities on edge devices. Temporal Event Neural Networks (TENNs), developed by BrainChip, represent a novel and highly efficient state-space network. TENNs demonstrate exceptional proficiency in handling multi-dimensional streaming data, facilitating advancements in object detection, action recognition, speech enhancement and language model/sequence generation. Through the utilization of polynomial-based continuous convolutions, TENNs streamline models, expedite training processes and significantly diminish memory requirements, achieving notable reductions of up to 50x in parameters and 5,000x in energy consumption compared to prevailing methodologies like transformers.
Integration with BrainChip’s Akida neuromorphic hardware IP further enhances TENNs’ capabilities, enabling the realization of highly capable, portable and passively cooled edge devices. This presentation delves into the technical innovations underlying TENNs, presents real-world benchmarks, and elucidates how this cutting-edge approach is positioned to revolutionize edge AI across diverse applications.
Freshworks Rethinks NoSQL for Rapid Scaling & Cost-EfficiencyScyllaDB
Freshworks creates AI-boosted business software that helps employees work more efficiently and effectively. Managing data across multiple RDBMS and NoSQL databases was already a challenge at their current scale. To prepare for 10X growth, they knew it was time to rethink their database strategy. Learn how they architected a solution that would simplify scaling while keeping costs under control.
Conversational agents, or chatbots, are increasingly used to access all sorts of services using natural language. While open-domain chatbots - like ChatGPT - can converse on any topic, task-oriented chatbots - the focus of this paper - are designed for specific tasks, like booking a flight, obtaining customer support, or setting an appointment. Like any other software, task-oriented chatbots need to be properly tested, usually by defining and executing test scenarios (i.e., sequences of user-chatbot interactions). However, there is currently a lack of methods to quantify the completeness and strength of such test scenarios, which can lead to low-quality tests, and hence to buggy chatbots.
To fill this gap, we propose adapting mutation testing (MuT) for task-oriented chatbots. To this end, we introduce a set of mutation operators that emulate faults in chatbot designs, an architecture that enables MuT on chatbots built using heterogeneous technologies, and a practical realisation as an Eclipse plugin. Moreover, we evaluate the applicability, effectiveness and efficiency of our approach on open-source chatbots, with promising results.
Dandelion Hashtable: beyond billion requests per second on a commodity serverAntonios Katsarakis
This slide deck presents DLHT, a concurrent in-memory hashtable. Despite efforts to optimize hashtables, that go as far as sacrificing core functionality, state-of-the-art designs still incur multiple memory accesses per request and block request processing in three cases. First, most hashtables block while waiting for data to be retrieved from memory. Second, open-addressing designs, which represent the current state-of-the-art, either cannot free index slots on deletes or must block all requests to do so. Third, index resizes block every request until all objects are copied to the new index. Defying folklore wisdom, DLHT forgoes open-addressing and adopts a fully-featured and memory-aware closed-addressing design based on bounded cache-line-chaining. This design offers lock-free index operations and deletes that free slots instantly, (2) completes most requests with a single memory access, (3) utilizes software prefetching to hide memory latencies, and (4) employs a novel non-blocking and parallel resizing. In a commodity server and a memory-resident workload, DLHT surpasses 1.6B requests per second and provides 3.5x (12x) the throughput of the state-of-the-art closed-addressing (open-addressing) resizable hashtable on Gets (Deletes).
The Microsoft 365 Migration Tutorial For Beginner.pptxoperationspcvita
This presentation will help you understand the power of Microsoft 365. However, we have mentioned every productivity app included in Office 365. Additionally, we have suggested the migration situation related to Office 365 and how we can help you.
You can also read: https://www.systoolsgroup.com/updates/office-365-tenant-to-tenant-migration-step-by-step-complete-guide/
Programming Foundation Models with DSPy - Meetup SlidesZilliz
Prompting language models is hard, while programming language models is easy. In this talk, I will discuss the state-of-the-art framework DSPy for programming foundation models with its powerful optimizers and runtime constraint system.
Northern Engraving | Nameplate Manufacturing Process - 2024Northern Engraving
Manufacturing custom quality metal nameplates and badges involves several standard operations. Processes include sheet prep, lithography, screening, coating, punch press and inspection. All decoration is completed in the flat sheet with adhesive and tooling operations following. The possibilities for creating unique durable nameplates are endless. How will you create your brand identity? We can help!
Taking AI to the Next Level in Manufacturing.pdfssuserfac0301
Read Taking AI to the Next Level in Manufacturing to gain insights on AI adoption in the manufacturing industry, such as:
1. How quickly AI is being implemented in manufacturing.
2. Which barriers stand in the way of AI adoption.
3. How data quality and governance form the backbone of AI.
4. Organizational processes and structures that may inhibit effective AI adoption.
6. Ideas and approaches to help build your organization's AI strategy.
MS LAPS protection: portal for secure access to local admin passwords
1. MS LAPS protection:
portal for secure access
to local admin passwords
Nikolay Klendar,
Home Credit Bank, CISO
2. #PHDaysphdays.com
Who am I
• Head of IT Security at
• Offensive Security Certified Expert
• ZeroNights speaker
• Hobbies:
• programming
• snowboarding
3. #PHDaysphdays.com
What we will talk about
• Privileged access in Windows infrastructure:
• Common approaches
• Ways to compromise
• MS LAPS (Local Administrator Password Solution):
• Overview
• Pitfalls
• WebLAPS – secure LAPS portal overview
6. #PHDaysphdays.com
Common flaws of privileged access
• Non unique password for enabled built-in local Administrator account
• Using same account for productivity tasks (email, internet, etc) and for admin
tasks, especially when this account is admin at more than one computer
• Saving passwords at Credentials Manager, notepad, etc
• Using accounts with admin rights at “dirty” workstations
Smart cards - is not 2FA replacement, be aware of NT hash rotation
https://blogs.technet.microsoft.com/positivesecurity/2017/05/17/smartcard-and-
pass-the-hash/
Credentials guard could be bypassed with malicious Security Support Providers
https://blog.nviso.be/2018/01/09/windows-credential-guard-mimikatz/
7. #PHDaysphdays.com
Securing privileged access (quick wins)
Best practice from MS for workstation support*:
Allowed: Retrieve the local account password set by LAPS from an admin workstation before
connecting to user workstation
Forbidden: Logging on with domain account administrative credentials
* https://docs.microsoft.com/en-us/windows-server/identity/securing-privileged-access/securing-privileged-access
8. #PHDaysphdays.com
MS LAPS overview
• Client UI, PowerShell Module, GPO Templates
• ms-mcs-AdmPwd – a special “confidential” computer
attribute that stores the clear-text LAPS password
• ms-mcs-AdmPwdExpirationTime –stores the LAPS
password reset date/time value
• Access via LDAP over ssl
https://adsecurity.org/?p=3164
9. #PHDaysphdays.com
MS LAPS pitfalls
• Using client GUI or powershell from “dirty” workstations to get admin
passwords
• No way to get password in case of network fault
• 2FA not supported
• Leave GUI opened (no session limits)
• Setting too long password expiration time
• No limits access (single LDAP query returns all passwords)
• No IP address in security logs
• LAPS and permission to join computer to domain* => do not forget to
modify computer owner rights
*https://blogs.msdn.microsoft.com/laps/2015/07/17/laps-and-permission-to-join-computer-to-domain/
10. #PHDaysphdays.com
So what we want?
• Comfortable usage:
• web portal, mobile app to get local admin passwords
• API
• Paranoid security:
• 2FA, capcha, bruteforce protection, logoff on remote connection
detection
• IP logging, SIEM integration
• High availability
• balancer mode support
• secure passwords backup in case of AD unavailability
11. #PHDaysphdays.com
WebLAPS overview
• Web portal + mobile app
• Standalone java app (jetty based) => only JRE required
• Works under Windows and Unix in service/daemon mode (yajsw)
• DBMS: built-in sqlite or external Mysql/Maridb
• High availability mode (balancer mode support, caches
synchronizations)
• API to get passwords
http://weblaps.pro
22. #PHDaysphdays.com
LAPS mobile. Main security features
• Customizable URL to work with remote server like
https://example.com/jfheuosliekusj
• AES key generated during device enrollment process, all sensitive information
is additionally encrypted during transmission over TLS
• Device profile check at server side (platform, OS version, device ID, etc)
• Fingerprint sensor/FaceID support
• Login to WebLAPS portal by push notification confirmation
23. #PHDaysphdays.com
Ideas for future releases
• Windows thick client
• quick launch actions
• context menu integration => launch any app in privileged mode
• easy RDP access (get password with OTP => put to credentials
manager => open RDP => clean credential manager)
• Just in time administration mode support: put user account to privileged
group => delete from group after defined timeout
• Something about unix, oracle, etc?
• Any ideas =>