A presentation for the Contributing to Open Government session at the 2014 Cyber Summit by Mark Diner, Chief Advisor, Open Government, Government of Alberta.
Research Transformed by Cyberinfrastructure: Two Possible Scenarios for the...Cybera Inc.
John Bonnett
Canada Research Chair in Digital Humanities, Brock University
Presented at the Cybera/CANARIE National Summit 2009, as part of the session "Research Transformed by Cyberinfrastructure." This panel featured researchers who have seen their work transformed through cyberinfrastructure – ie. collaborations made possible, mountains of data rendered intelligible, remote instrumentation accessed. less
Presentation by Hamish Campbell on Koordinates Ltd, based in New Zealand. Delivered at the Water and Environmental Hub track of the 2011 Cybera Summit.
GeoCENS presentation on Angelo Coast Range Reserve Environmental Sensor Obse...Cybera Inc.
Collin Bode delivered this presentation to the GeoCENS SSC on the Angelo Coast Range Reserve Environmental Sensor Observatory in Banff, September 23, 2010.
Research Transformed by Cyberinfrastructure: Two Possible Scenarios for the...Cybera Inc.
John Bonnett
Canada Research Chair in Digital Humanities, Brock University
Presented at the Cybera/CANARIE National Summit 2009, as part of the session "Research Transformed by Cyberinfrastructure." This panel featured researchers who have seen their work transformed through cyberinfrastructure – ie. collaborations made possible, mountains of data rendered intelligible, remote instrumentation accessed. less
Presentation by Hamish Campbell on Koordinates Ltd, based in New Zealand. Delivered at the Water and Environmental Hub track of the 2011 Cybera Summit.
GeoCENS presentation on Angelo Coast Range Reserve Environmental Sensor Obse...Cybera Inc.
Collin Bode delivered this presentation to the GeoCENS SSC on the Angelo Coast Range Reserve Environmental Sensor Observatory in Banff, September 23, 2010.
Lecture given at Tel Aviv University by Andrew Krzmarzick, GovLoop Director of Community Engagement, on September 4, 2012. Sponsored by Transparency International-Israel and the Hartog School of Government.
Lecture on Open Government at Tel Aviv University on September 5, 2012. Event hosted by Transparency International - Israel and the Hartog School of Government,
I spoke at DrupalSouth 2017 about open data, open government, open source and civic technology. These are my slides.
You can read my talk at https://medium.com/quicksand/towards-a-more-open-nz-e045bbf14196.
The Convergence Partnership, formed in 2006, is a collaborative of funders, such as Kresge, RWJF and Kellogg, whose goal of policy and environmental change will help reinvent communities of healthy people living in healthy places. The partnership has been doing collective impact for seven years, long before this became the buzz in the nonprofit world. During this webinar, the speakers discussed how these examples of local and regional partnerships can inform future collective impact work and help advance CI work with the use of an equity, policy and advocacy lens.
Speakers:
• Jasmine N. Hall Ratliff, Program Officer, Robert Wood Johnson Foundation
• Amanda Maria Navarro, Deputy Director, PolicyLink
Presentation by Yeama Thompson, Chairwoman of the Right to Access Information Commission, for the monthly meeting of Africa Open Data Collaboratives : africaopendata.net & meetup.com/africaopendata
Intro to Open data - presentation made as part of Food and Agriculture Organization meeting with Statistician Generals from around Nigeria + other government reps. **References are in the ppt notes
Open Government has little meaning if not related to the citizens and businesses it serves. An Open Gov 101 is provided together with a current state summary of Open Gov. The core elements of Open Gov are discussed in terms of Citizen Engagement, Open Data, Collaboration and Innovation.
Open Kent is a powerful and innovative tool, which enables organisations and customers easy access to a range of publically available data in a secure way. It will provide the platform to help Kent Connects develop and implement a coherent approach to sharing public information across the County.
Theresa Pardo, Director of CTG, presents on the issues for public libraries that are seeking to proactively engage with government partners and other key stakeholders to develop portfolios of programs and services geared toward the realization of a more open government, and addresses the challenges of balancing traditional programs and services with public library capabilities and resources.
The Open Data Barometer aims to uncover the true prevalence and impact of open data initiatives around the world. It analyses global trends, and provides comparative data on countries and regions via an in-depth methodology combining contextual data, technical assessments and secondary indicators to explore multiple dimensions of open data readiness, implementation and impact.
This is the second edition of the Open Data Barometer, completing a two-year pilot of the Barometer methodology and providing data for comparative research. This report is just one expression of the Barometer, for which full data is also available, supporting secondary research into the progression of open data policies and practices across the world.
The Open Data Barometer forms part of the World Wide Web Foundation’s work on common assessment methods for open data.
Cyber Summit 2016: Technology, Education, and DemocracyCybera Inc.
What are the opportunities and the challenges offered by emerging modes of technologically-inflected communication and decision-making? What is our role and responsibility as educators and as developers of research and teaching digital infrastructures? What do students need in the 21st century? As education institutions and providers struggle to respond to the first two questions, are we abrogating our responsibility to the last?
In this talk, Matt Ratto will describe some of the opportunities and the challenges we currently face, laying out a model of action for how to potentially address the questions raised above. Core to his thinking are two related points; first that we must help students develop a greater sense of how the informational world and its attendant infrastructures helps shape how and what we think, and second, that a good way to do this is to give students the space to engage in reflexive acts of technological production – what Matt has termed ‘critical making.’ He will provide concrete examples from both his research and his teaching that demonstrate the value and importance of reflexive, hands-on work with digital technologies in helping students develop the critical digital literacy skills they need to function in today’s society.
Matt Ratto is an Associate Professor in the Faculty of Information at the University of Toronto and directs the Semaphore Research cluster on Inclusive Design, Mobile and Pervasive Computing and, as part of Semaphore, the Critical Making lab.
Cyber Summit 2016: Understanding Users' (In)Secure BehaviourCybera Inc.
There is a prevailing belief that users are the weakest link the security chain. In this presentation, Dr. Chiasson discusses how this perspective is inherently counterproductive to achieving increased cyber security and explore alternatives with a higher chance of improving security. Why do users behave insecurely even though most will readily state that security and privacy are important? This talk will cover some of our recent research exploring reasons why users' actions do not necessarily reflect their desire for security and how the configuration of security systems may actually weaken security in practice. She presents her work using eye-tracking to determine how users make phishing determinations, and how we can persuade users to behave more securely through improving their mental models of passwords and by making adjustments to the system configurations.
Lecture given at Tel Aviv University by Andrew Krzmarzick, GovLoop Director of Community Engagement, on September 4, 2012. Sponsored by Transparency International-Israel and the Hartog School of Government.
Lecture on Open Government at Tel Aviv University on September 5, 2012. Event hosted by Transparency International - Israel and the Hartog School of Government,
I spoke at DrupalSouth 2017 about open data, open government, open source and civic technology. These are my slides.
You can read my talk at https://medium.com/quicksand/towards-a-more-open-nz-e045bbf14196.
The Convergence Partnership, formed in 2006, is a collaborative of funders, such as Kresge, RWJF and Kellogg, whose goal of policy and environmental change will help reinvent communities of healthy people living in healthy places. The partnership has been doing collective impact for seven years, long before this became the buzz in the nonprofit world. During this webinar, the speakers discussed how these examples of local and regional partnerships can inform future collective impact work and help advance CI work with the use of an equity, policy and advocacy lens.
Speakers:
• Jasmine N. Hall Ratliff, Program Officer, Robert Wood Johnson Foundation
• Amanda Maria Navarro, Deputy Director, PolicyLink
Presentation by Yeama Thompson, Chairwoman of the Right to Access Information Commission, for the monthly meeting of Africa Open Data Collaboratives : africaopendata.net & meetup.com/africaopendata
Intro to Open data - presentation made as part of Food and Agriculture Organization meeting with Statistician Generals from around Nigeria + other government reps. **References are in the ppt notes
Open Government has little meaning if not related to the citizens and businesses it serves. An Open Gov 101 is provided together with a current state summary of Open Gov. The core elements of Open Gov are discussed in terms of Citizen Engagement, Open Data, Collaboration and Innovation.
Open Kent is a powerful and innovative tool, which enables organisations and customers easy access to a range of publically available data in a secure way. It will provide the platform to help Kent Connects develop and implement a coherent approach to sharing public information across the County.
Theresa Pardo, Director of CTG, presents on the issues for public libraries that are seeking to proactively engage with government partners and other key stakeholders to develop portfolios of programs and services geared toward the realization of a more open government, and addresses the challenges of balancing traditional programs and services with public library capabilities and resources.
The Open Data Barometer aims to uncover the true prevalence and impact of open data initiatives around the world. It analyses global trends, and provides comparative data on countries and regions via an in-depth methodology combining contextual data, technical assessments and secondary indicators to explore multiple dimensions of open data readiness, implementation and impact.
This is the second edition of the Open Data Barometer, completing a two-year pilot of the Barometer methodology and providing data for comparative research. This report is just one expression of the Barometer, for which full data is also available, supporting secondary research into the progression of open data policies and practices across the world.
The Open Data Barometer forms part of the World Wide Web Foundation’s work on common assessment methods for open data.
Cyber Summit 2016: Technology, Education, and DemocracyCybera Inc.
What are the opportunities and the challenges offered by emerging modes of technologically-inflected communication and decision-making? What is our role and responsibility as educators and as developers of research and teaching digital infrastructures? What do students need in the 21st century? As education institutions and providers struggle to respond to the first two questions, are we abrogating our responsibility to the last?
In this talk, Matt Ratto will describe some of the opportunities and the challenges we currently face, laying out a model of action for how to potentially address the questions raised above. Core to his thinking are two related points; first that we must help students develop a greater sense of how the informational world and its attendant infrastructures helps shape how and what we think, and second, that a good way to do this is to give students the space to engage in reflexive acts of technological production – what Matt has termed ‘critical making.’ He will provide concrete examples from both his research and his teaching that demonstrate the value and importance of reflexive, hands-on work with digital technologies in helping students develop the critical digital literacy skills they need to function in today’s society.
Matt Ratto is an Associate Professor in the Faculty of Information at the University of Toronto and directs the Semaphore Research cluster on Inclusive Design, Mobile and Pervasive Computing and, as part of Semaphore, the Critical Making lab.
Cyber Summit 2016: Understanding Users' (In)Secure BehaviourCybera Inc.
There is a prevailing belief that users are the weakest link the security chain. In this presentation, Dr. Chiasson discusses how this perspective is inherently counterproductive to achieving increased cyber security and explore alternatives with a higher chance of improving security. Why do users behave insecurely even though most will readily state that security and privacy are important? This talk will cover some of our recent research exploring reasons why users' actions do not necessarily reflect their desire for security and how the configuration of security systems may actually weaken security in practice. She presents her work using eye-tracking to determine how users make phishing determinations, and how we can persuade users to behave more securely through improving their mental models of passwords and by making adjustments to the system configurations.
Cyber Summit 2016: Insider Threat Indicators: Human BehaviourCybera Inc.
Serious threats to private and governmental organizations do not only come from the outside world, but also come from within. Some employees and contractors with legitimate access to buildings, networks, assets and information deliberately misuse their priviledged access to cause harm to their organization. What are the reasons behind their actions? Is it debts, greed, ideology, disgruntlement, or divided loyalty?
Regardless of their motivations or vulnerabilities, traitors have very similar types of personality and display a certain pattern of behaviours before committing an insider incident. As a prevention measure, it is vital that organizations and employees understand, recognize and detect the common indicators of insider threat. Would you recognize the signs?
Mario Vachon is an Insider Threat Security Specialist with the RCMP Departmental Security Branch.
Cyber Summit 2016: Research Data and the Canadian Innovation ChallengeCybera Inc.
Canada allocates a substantial amount of public funding to research, which is a critical factor in ensuring we remain innovative and competitive. Increasingly this funding is geared to the support and development of digital research infrastructure (DRI), including the underlying networks and the associated data acquisition, storage, analysis and visualization. In order to maximize the benefits of increasingly complex DRI and the research it facilitates, it is important to make sure data is properly stewarded, accessible and reusable. By adopting appropriate approaches to research data management we are better positioned to respond to challenges, such as effectively measuring research impacts, and ensuring the reproducibility, privacy, and security of research outputs.
Research Data Canada (RDC) is a member-driven organization committed to developing a sustainable approach to research data management, one based on interoperability and best practices. This session will provide an update on the efforts of RDC and partner organizations, including: CANARIE, Compute Canada, CARL Portage Network, CASRAI, the TriAgencies, and the Leadership Council for Digital Infrastructure. Intersections with international activities and projects will also be highlighted. These efforts are ultimately designed to faciliate a cohesive national approach to research data management, and one based on a clearly articulated vision for supporting innovation and discovery in Canada.
Mark Leggott is the Executive Director of Research Data Canada.
Cyber Summit 2016: Knowing More and Understanding Less in the Age of Big DataCybera Inc.
The Internet has revolutionized how — and how much — each of us can know. Our digital tools put the knowledge of the world at our fingertips — and soon, maybe, right into our heads. But what kinds of of knowledge do our devices give us, and how are they reshaping and challenging the role that education and libraries should play in our lives?
This talk was delivered by Michael Patrick Lynch, professor of philosophy at the University of Connecticut, where he directs the university’s Humanities Institute.
Cyber Summit 2016: Privacy Issues in Big Data Sharing and ReuseCybera Inc.
Although there is no well-established definition of big data, its main characteristic is its sheer volume. Large volumes of data are generated by people (e.g., via social media) and by technology, including sensors (e.g., cameras, microphones), trackers (e.g., RFID tags, web surfing behavior) and other devices (e.g., mobile phones, wearables for self-surveillance/quantified self), whether or not they are connected to the Internet of Things. However, the large volumes of data needed to capitalize on the benefits of big data can to some extent also be established by the reuse of existing data, a source that is sometimes overlooked.
Data can be reused for purposes similar to that for which it was initially collected, but also beyond these purposes. Similarly, data can be reused in its original context, but also beyond this context. However, such repurposing and recontextualizing of data may lead to privacy issues. For instance, data reuse may lead to issues regarding informed consent and informational self-determination. When the data is used for profiling and other types of predictive analytics, also issues regarding stigmatization and discrimination may arise. This presentation by Bart Custers, Head of Research, eLaw – Center for Law and Digital Technologies at Leiden University, The Netherlands, focuses on the privacy issues of big data sharing and reuse and how these issues could be addressed.
Cyber Summit 2016: Establishing an Ethics Framework for Predictive Analytics ...Cybera Inc.
Stephen Childs was hired by the University of Calgary to develop an individual-level predictive model mapping students' decisions to attend the University. In his experience, the higher education sector was slow to use all the data it has available, but this is now changing.
As interest in making use of organizational data grows, staff must consider how these models will be used, and any problems that could arise. When individual predictions become the basis for decisions, how do we ensure our algorithms don't make existing problems worse? A framework for handling these issues now will let organizations handle these issues in a way that is consistent with their values.
Given the culture of today's institutions, and the success of predictive analytics in other fields, there is no doubt that these tools will be used. These techniques can improve student success and the competitiveness of educational organizations, but the benefits should not be gained at the expense of individuals within the system. This talk will propose a set of best practices for using institutional data for predictive modelling to address equity, privacy and other concerns. We must start thinking of this now, before other practices become entrenched.
Cyber Summit 2016: The Data Tsunami vs The Network: How More Data Changes Eve...Cybera Inc.
Canada’s National Research and Education Network, like other ultra-speed research networks, has evolved to transfer massive amounts of data at 100Gbps and beyond. But with the volume of data traffic growing at more than 50% per year, the ability to move increasing volumes of data is challenging. What are the kinds of applications in research and education that are driving this growth? What are the implications of the coming data tsunami on our communication networks? And what happens to network economics to keep up with the demand? CANARIE’s Chief Technology Officer, Mark Wolff, explores these topics and offer insights into how the NREN will evolve to continue to meet the unique needs of Canada’s research and education community.
Cyber Summit 2016: Issues and Challenges Facing Municipalities In Securing DataCybera Inc.
The City of Calgary is responsible for providing municipal services to 1.1 million people and 16,000 employees with more than 700 sites and critical infrastructure units. The municipal services represent a $60B asset base including water and wastewater treatment plants, light rapid transit, emergency services, roads and recreation facilities, and has revenue and procurement streams of $4.0B annually. During his tenure, Owen Key, Chief Security Officer and the Chief Information Officer for the City, has implemented enterprise systems for CCTV, access and ID control, physical security information management systems, and has responsibility for information security.
Cyber Summit 2016: Using Law Responsibly: What Happens When Law Meets Technol...Cybera Inc.
The law has long struggled to keep pace with the rapid change that comes with the Internet and new technologies. From the cross-border challenges posed by a global network to the privacy implications of big data, law and policy simply cannot move at “Internet speed.” Yet despite the difficulties, politicians and policy makers increasingly find themselves at the heart of emerging policy issues, asked to address the balance between privacy and surveillance, the competing copyright interests of creators and users, and the market structure for network providers and disruptive competitors. This keynote talk will explore the emerging law and policy challenges, highlighting how all Internet users have the opportunity to help shape the digital policy landscape. Dr. Michael Geist is a law professor at the University of Ottawa where he holds the Canada Research Chair in Internet and E-commerce Law.
As institutions start to delve into the staff / student / consumer data they have been storing for years, new questions are emerging about the repercussions of using this data. How will it be analyzed? Who is doing the analysis? And what steps should be taken to protect user’s privacy?
Historically, the University of Alberta lacked a centrally managed repository for reporting data, resulting in inconsistency and disparity in access for units across campus. Meaningful and actionable reports were limited, and only focused on the interests and goals of the few units with data analysts who could synthesize the information.
Over the last couple of years, the University of Alberta has undertaken major changes in how information is managed and utilized. At the forefront of this change has been an increased interest in supporting the development of analytics and supporting tools. Beginning with the implementation of a centrally managed data warehouse with self-service capabilities, and the introduction of cloud services with business process analysis tools, the University is just starting down the road of big data.
This presentation explores opportunities and challenges for the University of Alberta in utilizing big data.
Predicting the Future With Microsoft BingCybera Inc.
The next generation of data scientists will be asked to build predictive models that can extract inferences from very large datasets which are unobservable at the surface, even to the best domain experts. Microsoft has access to some truly large data sets, web and search data from the Bing search engine and social data through collaborations with Twitter. In this talk, we show you how a small team of data scientists used this data to build the Bing Predicts engine — a collection of machine learnt predictive models that is beating industry experts at predicting the outcome of events like the Super Bowl, the Oscars, elections and referendums and even breakthroughs in health sciences. The talk will also give a preview of how organizations can adopt a big data mindset to generate and experiment with large data sets and to make amazing predictions using their own data.
Analytics 101: How to not fail at analyticsCybera Inc.
"Data Scientist" is perhaps the hottest job title of recent years. But what is a data scientist? What does a data scientist actually do? And where can they be found? In this talk, presenter Daniel Haight describes the benefits of analytics to decision-making, and explores the characteristics of successful organizations that have fostered their own team of data scientists.
The MOOC movement is only four years old, but has already had a tremendous impact on teaching and learning. While the some of the original hype surrounding MOOCs has not been realized, the reality is that they are here for good and are influencing institutional thinking. This talk will discuss the past, present and future of MOOCs.
While the use of online instructional technologies allows the presentation of theoretical science materials, how do we deal with the fact that such courses often include hands-on labs? Laboratory simulations can only provide a solution for online students in a limited and often artificial way. Nearly 20 years ago, Athabasca University developed a solution to the problem of students having to travel to complete their lab work. Emerging technologies at the time allowed for quantitative physics labs to be sent to students as a small kit. The physics initiative was so successful, with over 5,000 students served, that it was picked up in other fields at Athabasca University.
Over the years, such material has become cheaper, easier to use, and more integrated with modern computers. Athabasca is now pioneering ways to put real labs directly onto the internet. In this session, the methods used to make real lab experiences available to online students will be discussed, and some of them demonstrated.
Canadian municipalities are making great strides when it comes to sharing their data in fun, interactive ways. In this session, presenters will look at cities that are using their data to create useful apps and services for citizens; and describe how all community leaders can get involved to make their municipality more open and accessible.
Data science and the use of big data in healthcare delivery could revolutionize the field by decreasing costs and vastly improving efficiency and outcomes. There is an abundance of healthcare data in Canada, but it is mostly siloed and difficult to access due to privacy and security challenges. This session will offer insights into best practices for healthcare analytics programs, as well as use cases that demonstrate the potential benefits that can be realized through this work.
Checking in on Healthcare Data AnalyticsCybera Inc.
Data science and the use of big data in healthcare delivery could revolutionize the field by decreasing costs and vastly improving efficiency and outcomes. There is an abundance of healthcare data in Canada, but it is mostly siloed and difficult to access due to privacy and security challenges.
Open access and open data: international trends and strategic contextCybera Inc.
Governments around the world fund billions of dollars in research every year. Ensuring that the results of research are available to the public, other researchers and industry has become an important underlying value in order to maximize the impact of our publicly funded research. This session will discuss what’s driving the trend towards greater openness and provide an overview of international developments that will help put Canada’s activities into context.
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionAggregage
Join Maher Hanafi, VP of Engineering at Betterworks, in this new session where he'll share a practical framework to transform Gen AI prototypes into impactful products! He'll delve into the complexities of data collection and management, model selection and optimization, and ensuring security, scalability, and responsible use.
Removing Uninteresting Bytes in Software FuzzingAftab Hussain
Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process.
In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds.
- These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...SOFTTECHHUB
The choice of an operating system plays a pivotal role in shaping our computing experience. For decades, Microsoft's Windows has dominated the market, offering a familiar and widely adopted platform for personal and professional use. However, as technological advancements continue to push the boundaries of innovation, alternative operating systems have emerged, challenging the status quo and offering users a fresh perspective on computing.
One such alternative that has garnered significant attention and acclaim is Nitrux Linux 3.5.0, a sleek, powerful, and user-friendly Linux distribution that promises to redefine the way we interact with our devices. With its focus on performance, security, and customization, Nitrux Linux presents a compelling case for those seeking to break free from the constraints of proprietary software and embrace the freedom and flexibility of open-source computing.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Threats to mobile devices are more prevalent and increasing in scope and complexity. Users of mobile devices desire to take full advantage of the features
available on those devices, but many of the features provide convenience and capability but sacrifice security. This best practices guide outlines steps the users can take to better protect personal devices and information.
Pushing the limits of ePRTC: 100ns holdover for 100 daysAdtran
At WSTS 2024, Alon Stern explored the topic of parametric holdover and explained how recent research findings can be implemented in real-world PNT networks to achieve 100 nanoseconds of accuracy for up to 100 days.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
6. 6
Our
Mission
To
create
a
stronger,
transparent
rela/onship
between
government
and
ci/zens
by
listening
to
and
openly
engaging
with
ci/zens
and
strengthening
the
collabora/ve
culture
within
the
Government
of
Alberta.
7. 7
Open
Government
across
the
G8
“We,
the
G8,
agree
that
open
data
are
an
untapped
resource
with
huge
poten/al
to
encourage
the
building
of
stronger,
more
interconnected
socie/es
that
beAer
meet
the
needs
of
our
ci/zens
and
allow
innova/on
and
prosperity
to
flourish.
“We
therefore
agree
to
follow
a
set
of
principles
that
will
be
the
founda/on
for
access
to,
and
the
release
and
re-‐use
of,
data
made
available
by
G8
governments.
They
are:
• Open
Data
by
Default
• Quality
and
Quan/ty
• Useable
by
All
• Releasing
Data
for
Improved
Governance
• Releasing
Data
for
Innova/on”
11. 11
Open
InformaLon
“Implement
a
ci/zen
facing
virtual,
or
digital
library
based
on
principles
of
transparency
and
open
Informa/on
that
facilitates
a
stronger
rela/onship
between
ci/zens
and
government.
“
Over
20,000
publicaLons