Dare to express your inner whims at a home that understands your daily mood. Feel free to cuddle in life's colorful spectra and dance your days in splendor.
The Fast Fish Forum is an opportunity for challengers of convention and drivers of progress to come together for the benefit of South African business and society. The forum consists of purposeful, committed and open-minded people across industries, organisations and roles who collaborate and learn together; creating a critical mass that drives innovative change in our country.
At the second event, held at the BSG offices on 16 November 2016, we discussed two highly topical subjects:
1. Enhancing customer value using big data and actionable insights.
2. Driving innovation through customer insights.
To find out more and join the conversation follow us @FastFishForum and http://bit.ly/fastfishforum.
Dare to express your inner whims at a home that understands your daily mood. Feel free to cuddle in life's colorful spectra and dance your days in splendor.
The Fast Fish Forum is an opportunity for challengers of convention and drivers of progress to come together for the benefit of South African business and society. The forum consists of purposeful, committed and open-minded people across industries, organisations and roles who collaborate and learn together; creating a critical mass that drives innovative change in our country.
At the second event, held at the BSG offices on 16 November 2016, we discussed two highly topical subjects:
1. Enhancing customer value using big data and actionable insights.
2. Driving innovation through customer insights.
To find out more and join the conversation follow us @FastFishForum and http://bit.ly/fastfishforum.
Divisions Council - Education Committee (Summer 2011)
Introduction
This report provides a description of existing services, both external and in-house, available to APA divisions for hosting and broadcasting webcasts to their members and other interested professionals, and specifically looks at the external Planning Webcast series. In addition, it includes an analysis of options for expanding these services. The report was produced in response to a request from the APA Divisions Council (DC), as follows:
Mission Statement *
To develop DC’s recommendations for educational programs, professional development and mentoring to be provided by divisions.
1. To seek opportunities for complementary efforts among divisions, and with APA's component groups, including the Chapter Presidents Council (CPC), Student Representative Council (SRC), and American Institute of Certified Planners (AICP).
2. The committee will also consider collaboration opportunities with external organizations where it serves APA's interests and furthers the adopted Development Plan.
“In addition to its standing mission, the DC Education Committee (EC) shall develop one or more models through which Divisions may both deliver Certification Maintenance (CM) content and also generate additional sources of revenue for Divisions. The Committee shall consider current APA policies regarding access to Webinar software and the pricing of such access. Also, in building a revenue or business model, consider the pricing of other CM offerings, especially Webinars.”
Towards these objectives, key team members were recruited at the National Conference in Boston. Refer to Appendix 2 for committee composition.
(Tags: aicp, american, association, chapter, committee, conference, council, education, external, goto, internal, meeting, planning, revenue, series, service, sponsor, training, utah, webcast)
Reston Transportation Funding Plan: July 15, 2016Fairfax County
This presentation was delivered to stakeholder on July 15, 2016, covering the purpose of the plan, improvements to be funded, preliminary cost estimates, and overview of the funding plan.
IBM Streams V4.1 and JAAS Login Module Supportlisanl
Yip-Hing Ng is a senior software engineer with the IBM Streams development team. In this presentation, Yip covers the topics of IBM Streams V4.1 security enhancement overview, implementing a custom JAAS login module, and login module deployment and configuration.
Spring Security is a powerful and highly customizable authentication and access-control framework. It is the de-facto standard for securing Spring-based applications.
ADAPTIVE AUTHENTICATION: A CASE STUDY FOR UNIFIED AUTHENTICATION PLATFORM csandit
Adaptive authentication is a risk-based authentication that identifies high-risk and suspicious
illegitimate login attempts. User past login records which implicitly contains attribute factors
context information are used to establish user behavior profile. Later if the user logins under
different environmental context from that established profile, the identity of the user may be
questioned. The system may challenge the user to present additional authentication method to
get authenticated. We implemented such adaptive authentication system in our production
server and collected user login records for more than six months. In this paper, we presents the
analysis of the user login profile with regards to attribute factors such as geographical location
and time of login. We also developed testbed system that uses the collected real data to evaluate
the system for different ratio threshold values.
Getting Started with IBM i Security: User PrivilegesHelpSystems
IBM i users with excess privileges are a security risk. The 2016 State of IBM i Security Study, published annually, the results reveal most Power Systems lack adequate security controls and auditing measures.This PowerPoint will teach you how to limit access without hurting productivity.
5 Reasons to Always Keep an Eye on Privileged Business AccountsAnayaGrewal
In today’s digital world, monitoring privileged accounts is paramount to ensuring your business isn’t exposed to cyberattacks. Fortunately, there are many software development tracking options available to give you visibility into your organization’s most important accounts and activities.
With tools like privileged activity monitoring and privileged user monitoring, you can identify when an account has been used or accessed by someone not authorized for that access. And that information can ultimately save your company from a serious breach and/or compliance issue down the road.
Here are five key benefits of privileged account monitoring:
Managing cloud IAM in a hybrid environment means using a complex set of one-off procedures. As companies add more cloud services to their IT environments, the process of managing identities is getting more complex.
Railsplitter is a framework which significantly reduces development cost to expose a hierarchical data model as a production quality Create, Read, Update, and Delete (CRUD) web service. Railsplitter adopts JSON API [10] as the standard for the service definition given its focus on consumption by front-end developers. Inherent in the design of JSON API are capabilities that reduce the number of round trips from client to server to fetch or update data. Updates on disparate models can happen in a single request allowing the server to build atomicity guarantees. Rather than starting from scratch with a domain-specific language (DSL) to describe a data model, Railsplitter adopts Java Persistence API (JPA) [6] - a modeling definition that is rich and has a long tenure of proven provider implementations. Unlike other approaches, Railsplitter addresses the fundamental needs of flexible, model driven authorization, interoperability with client side applications, and test automation.
Web Component Development Using Servlet & JSP Technologies (EE6) - Chapter 1...WebStackAcademy
Security Implementation Mechanisms
The characteristics of an application should be considered when deciding the layer and type of security to be provided for applications. The following sections discuss the characteristics of the common mechanisms that can be used to secure Java EE applications. Each of these mechanisms can be used individually or with others to provide protection layers based on the specific needs of your implementation.
Java SE Security Implementation Mechanisms
Java SE provides support for a variety of security features and mechanisms, including:
Java Authentication and Authorization Service (JAAS): JAAS is a set of APIs that enable services to authenticate and enforce access controls upon users. JAAS provides a pluggable and extensible framework for programmatic user authentication and authorization. JAAS is a core Java SE API and is an underlying technology for Java EE security mechanisms.
Java Generic Security Services (Java GSS-API): Java GSS-API is a token-based API used to securely exchange messages between communicating applications. The GSS-API offers application programmers uniform access to security services atop a variety of underlying security mechanisms, including Kerberos.
Java Cryptography Extension (JCE): JCE provides a framework and implementations for encryption, key generation and key agreement, and Message Authentication Code (MAC) algorithms. Support for encryption includes symmetric, asymmetric, block, and stream ciphers. Block ciphers operate on groups of bytes while stream ciphers operate on one byte at a time. The software also supports secure streams and sealed objects.
Java Secure Sockets Extension (JSSE): JSSE provides a framework and an implementation for a Java version of the SSL and TLS protocols and includes functionality for data encryption, server authentication, message integrity, and optional client authentication to enable secure Internet communications.
Simple Authentication and Security Layer (SASL): SASL is an Internet standard (RFC 2222) that specifies a protocol for authentication and optional establishment of a security layer between client and server applications. SASL defines how authentication data is to be exchanged but does not itself specify the contents of that data. It is a framework into which specific authentication mechanisms that specify the contents and semantics of the authentication data can fit.
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
2. 2
Jaas Security
The JaasSimpleAuthenticationProvider is a security provider that provides
a way to interact with the Jaas Authentication Service.
The security provider for Jaas can be configured in a couple of different
ways. It allows you to configure Jaas either by passing to the provider a
Jaas configuration file or by passing the required attributes directly to the
JaasSimpleAuthenticationProvider. These two configuration methods are
described below.
3. 3
Jaas Configuration
Using the Jaas Configuration File
Usually, JAAS authentication is performed in a pluggable fashion, so
applications can remain independent from underlying authentication
technologies.
jaasTest{
org.mule.module.jaas.loginmodule.DefaultLoginModule required
credentials="anon:anon;Marie.Rizzo:dragon;"
};
4. 4
The above example was saved in a file called jaas.conf. This file contains
just one entry called com.ss.jaasTest, which is where the application we
want to protect can be found. The entry specifies the login module that's
used to authenticate the user. As a login module, you can either use Mule's
DefaultLoginModule, one of the login modules that come with Sun, or else
create your own. In this case, we have opted for Mule's
DefaultLoginModule.
5. 5
The required flag that follows the login module specifies that the login
module must succeed for the authentication to be considered successful.
Additional flags are:
Required - The login module is required to succeed. If it succeeds or fails,
authentication still continues to proceed down the login module list.
Requisite - The login module is required to succeed. If it succeeds,
authentication continues down the login module list. If it fails, control
immediately returns to the application.
Sufficient - The login module is not required to succeed. If it does succeed,
control immediately returns to the application (authentication does not
proceed down the login module list). If it fails, authentication continues
down the login module list.
Optional - The login module is not required to succeed. If it succeeds or
fails, authentication still continues to proceed down the login module list.
6. 6
The entry also specifies the credentials, in which we put a string of
authorized users together with their passwords. The credentials are put
here only when the DefaultLoginModule is going to be used, as the method
in which the user names and passwords are obtained may vary from one
login module to another.
The format of the credentials string must adhere to the following format if
the DefaultLoginModule is going to be used:
<username>:<password>;
7. 7
Configuring the Provider in the Mule Configuration File
<mule xmlns="http://www.mulesource.org/schema/mule/core/3.2"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:jaas="http://www.mulesource.org/schema/mule/jaas/3.2"
...cut...
<jaas:security-manager>
<jaas:security-provider name="jaasSecurityProvider"
loginContextName="jaasTest" loginConfig="jaas.conf"/>
</jaas:security-manager>
