Puppet is an automation tool that uses a master-agent architecture to configure and report on nodes. The Puppet master stores configuration templates (manifests) and compiles them into a catalog for each agent based on facts collected from the node. The agent downloads the catalog and any plugins and uses local methods to apply the configuration. Cisco's onePK provides a manageability layer that allows Puppet to configure Cisco devices by running as an agent inside a Linux container on the device OS, avoiding direct CLI access.
How to Install & Configure Your Own Identity Manager GEFIWARE
How to Install & Configure Your Own Identity Manager GE, by Alvaro Alonso & Federico Fernández (UPM)
Security Team. How-to session. 1st FIWARE Summit, Málaga, Dec. 13-15, 2016.
Puppet for Production in WebEx - PuppetConf 2013Puppet
"Puppet for Production in WebEx" by Reinhardt Quelle, Cloud Services Architect, Cisco.
Presentation Overview: Getting started with Puppet configuring an individual machine is straightforward. Managing a cluster of machines across multiple data centers, supporting upgrades while running a 7x24 service, and building for collaboration is significantly more challenging. The WebEx team will discuss the problems and some strategies they are using to manage this complexity.
Speaker Bio: Reinhardt Quelle is a Cloud Services Architect in the Cloud Collaboration Applications group at Cisco, where he’s responsible for defining infrastructure architecture and deployment automation . His group manages thousands of servers across multiple data centers around the world serving multiple applications, including WebEx conferencing, to tens of millions of users. In prior roles, he’s worked extensively in SaaS operations, delivering diverse applications from email security through social media applications.
Further expanding the discussion on inter-networking devices (Routers and Switches) the NETCONF protocol will be discussed. NETCONF is a open standard protocol supported by major inter-networking vendors. This session looks to leveraging the NETCONF schema to retrieve the configuration files from inter-networking devices. This session will cover issues and challenges related to:
•Security Automation and inter-networking devices.
•Access methods to retrieve and process device configuration settings.
Enterprise Node - Securing Your EnvironmentKurtis Kemple
Just like any other language, Node is susceptible to vulnerabilities, dependency issues, and other problems that can bring down or prevent you from releasing new versions of your application.
Learn how to safe-guard your environment with things like private registries and vulnerability testing during your CI build in this one-hour lightning talk.
=================================
TOPICS COVERED:
Why is Securing Your Environment Important
• Protects Your Company from Potential Threats
• Improves Confidence in Code and Systems
• Helps You Meet Legal and Organization Restrictions
Securing Your Runtime
• N|Solid - Enterprise Runtime
• Containerization
• Monitoring
Securing Your Dependencies
• Whitelisting Modules
• NSP
Securing Your Applications
• HTTPS ALL THE THINGS
• Encrypt Sensitive Data
=================================
Enabling policy migration in the Data Center with AnsibleJoel W. King
At AnsibleFest Austin 2018, we demonstrated using Ansible to extract policy from Cisco Tetration Analytics and expose it as variables to playbooks.
The internal World Wide Technology IT department is migrating from a traditional Nexus fabric to Application Centric Infrastructure (ACI).
This talk describes how Ansible is used to migrate policy to, and automate the configuration of, the new data center fabric.
How to Install & Configure Your Own Identity Manager GEFIWARE
How to Install & Configure Your Own Identity Manager GE, by Alvaro Alonso & Federico Fernández (UPM)
Security Team. How-to session. 1st FIWARE Summit, Málaga, Dec. 13-15, 2016.
Puppet for Production in WebEx - PuppetConf 2013Puppet
"Puppet for Production in WebEx" by Reinhardt Quelle, Cloud Services Architect, Cisco.
Presentation Overview: Getting started with Puppet configuring an individual machine is straightforward. Managing a cluster of machines across multiple data centers, supporting upgrades while running a 7x24 service, and building for collaboration is significantly more challenging. The WebEx team will discuss the problems and some strategies they are using to manage this complexity.
Speaker Bio: Reinhardt Quelle is a Cloud Services Architect in the Cloud Collaboration Applications group at Cisco, where he’s responsible for defining infrastructure architecture and deployment automation . His group manages thousands of servers across multiple data centers around the world serving multiple applications, including WebEx conferencing, to tens of millions of users. In prior roles, he’s worked extensively in SaaS operations, delivering diverse applications from email security through social media applications.
Further expanding the discussion on inter-networking devices (Routers and Switches) the NETCONF protocol will be discussed. NETCONF is a open standard protocol supported by major inter-networking vendors. This session looks to leveraging the NETCONF schema to retrieve the configuration files from inter-networking devices. This session will cover issues and challenges related to:
•Security Automation and inter-networking devices.
•Access methods to retrieve and process device configuration settings.
Enterprise Node - Securing Your EnvironmentKurtis Kemple
Just like any other language, Node is susceptible to vulnerabilities, dependency issues, and other problems that can bring down or prevent you from releasing new versions of your application.
Learn how to safe-guard your environment with things like private registries and vulnerability testing during your CI build in this one-hour lightning talk.
=================================
TOPICS COVERED:
Why is Securing Your Environment Important
• Protects Your Company from Potential Threats
• Improves Confidence in Code and Systems
• Helps You Meet Legal and Organization Restrictions
Securing Your Runtime
• N|Solid - Enterprise Runtime
• Containerization
• Monitoring
Securing Your Dependencies
• Whitelisting Modules
• NSP
Securing Your Applications
• HTTPS ALL THE THINGS
• Encrypt Sensitive Data
=================================
Enabling policy migration in the Data Center with AnsibleJoel W. King
At AnsibleFest Austin 2018, we demonstrated using Ansible to extract policy from Cisco Tetration Analytics and expose it as variables to playbooks.
The internal World Wide Technology IT department is migrating from a traditional Nexus fabric to Application Centric Infrastructure (ACI).
This talk describes how Ansible is used to migrate policy to, and automate the configuration of, the new data center fabric.
Equifax cyber attack contained by containersAqua Security
Equifax cyber attack - What if they had used containers?
Block Image with Struts Vulnerability
Virtual Patch Patching To Block Exploit
Prevent Host-based DOS Attack
Situational Awareness
Intro to the FIWARE Lab: Setting Up Your Virtual Infrastructure Using FIWARE Lab Cloud, by Fernando López.
1st FIWARE Summit, Málaga, Dec. 13-15, 2016.
DevOpsDaysRiga 2018: Andrew Martin - Continuous Kubernetes Security DevOpsDays Riga
Now that we have passed “peak orchestrator” and as Kubernetes eats the world, we are left wondering: how secure is Kubernetes? Can we really run Google-style multi tenanted infrastructure safely? And how can we be sure what we configured yesterday will be in place tomorrow? In this talk we discuss: - the Kubernetes security landscape - risks, security models, and configuration best-practices - how to configure users and applications with least-privilege - how to isolate and segregate workloads and networks - hard and soft multi-tenancy - Continuous Security approaches to Kubernetes.
Effective security requires a layered approach. If one layer is comprised, the additional layers will (hopefully) stop an attacker from going further. Much of container security has focused on the image build process and providing providence for the artifacts in a container image, and restricting kernel level tunables in the container runtime (seccomp, SELinux, capabilities, etc). What if we can detect abnormal behavior in the application and the container runtime environment as well? In this talk, we’ll present Falco - an open source project for runtime security - and discuss how it provides application and container runtime security. We will show how Falco taps Linux system calls to provide low level insight into application behavior, and how to write Falco rules to detect abnormal behavior. Finally we will show how Falco can trigger notifications to stop abnormal behavior, notify humans, and isolate the compromised application for forensics. Attendees will leave with a better understanding of the container security landscape, what problems runtime security solves, & how Falco can provide runtime security and incident response.
Advanced OSSEC Training: Integration Strategies for Open Source SecurityAlienVault
During this technical one-hour session, Santiago Gonzalez, an OSSEC core team member (System integration, rules & SIEM) and AlienVault Director of Professional Services, will demonstrate how to integrate OSSEC with other 3rd party applications for greater security visibility and response.
To learn more, check out the video: https://www.alienvault.com/resource-center/webcasts/advanced-ossec-training-integration-strategies-for-open-source-security
Control Plane: Security Rationale for Istio (DevSecOps - London Gathering, Ja...Michael Man
Security Rationale For Istio
An introduction to Istio security, looking at how Istio helps to keeps your security team happy by satisfying Kubernetes security requirements for multi-tenancy, and your developers happy by reducing implementation effort. Istio is still an evolving technology, and outstanding issues and impending improvements will be discussed.
How to detect side channel attacks in cloud infrastructuresPasquale Puzio
http://www.secludit.com
We integrated Elastic Detector, which is SecludIT's product, with OSSIM in order to detect side-channel attacks occurring in cloud infrastructures.
Elastic Detector takes care of solving the cloud elasticity issue, collecting security-relevant logs and forwarding (rsyslog) them to OSSIM where the correlation takes place (thanks to our plugin).
DEMO showed at the RaSIEM workshop (ARES conference) in Regensburg, Germany.
In the Juno summit, Symantec presented it's perspective on securing Keystone. Security is really a mindset and process. We proposed a layered security approach starting with the process for securing Keystone architecture, followed by securing the environment where Keystone is deployed and configured. Since then we have been implementing those security measures in our production environment. In this talk, we will discuss exactly how we have made our Keystone deployment secure and what we have learnt along the way.
3 Years of Puppet at Cisco: The Secrets to Our Success - PuppetConf 2013Puppet
"3 Years of Puppet at Cisco: The Secrets to Our Success" by Keith Chambers and Ryan Uber, Cisco WebEx.
Presentation Overview: WebEx Social (WxS) is an enterprise social networking product by Cisco. Customers can subscribe to WxS as a cloud service or they can purchase a license and run WxS on-premise. Puppet is at the core of our technology stack that includes MongoDB, Solr, RabbitMQ, memcached, ZooKeeper, Nagios, and Graphite. We love Puppet. We pioneered embedding Puppet in Cisco products 3 years ago and have been tireless advocates ever since. We have learned valuable technology/process/culture lessons and developed reusable patterns for: - Scaling to thousands hosts with Puppet - Ensuring host upgrades are 100% reliable - Avoiding Puppet codebase spaghetti - Detecting and eliminating system drift at scale - Creating a culture of shared responsibility through architecture design.
Speaker Bio: Keith Chambers,Technical Leader, Cisco
Keith Chambers is the platform architect for the WebEx Social product at Cisco. He joined Cisco in 2000 and is based out of Seattle Washington. In his current role, Keith leads the engineering team responsible for deploying and operating WebEx Social. Prior to joining the WebEx Social team, Keith worked in Cisco's Unified Communication Business Unit and Technical Assistance Center. Keith was instrumental in the successful virtualization of Cisco's entire Unified Communications portfolio and spoke at VMworld 2009 on the topic of "virtualizing real-time applications". VMware presented Keith with their prestigious vExpert award in 2009. Outside of Cisco, Keith is a house deejay and producer. He enjoys traveling the world and spending time with his family, friends, and beautiful wife Jackie.
Using Kubernetes to make cellular data plans cheaper for 50M usersMirantis
Use case of Kubernetes based NFV infrastructure used in production to run an open source evolved packet core. Presented by Facebook Connectivity and Mirantis at KubeCon + CloudNativeCon Europe 2020.
SecPod: A Framework for Virtualization-based Security SystemsYue Chen
The OS kernel is critical to the security of a computer system. Many systems have been proposed to improve its security. A fundamental weakness of those systems is that page tables, the data structures that control the memory protection, are not isolated from the vulnerable kernel, and thus subject to tampering. To address that, researchers have relied on virtualization for reliable kernel memory protection. Unfortunately, such memory protection requires to monitor every update to the guest’s page tables. This fundamentally conflicts with the recent advances in the hardware virtualization support. In this paper, we propose SecPod, an extensible framework for virtualization-based security systems that can provide both strong isolation and the compatibility with modern hardware. SecPod has two key techniques: paging delegation delegates and audits the kernel’s paging operations to a secure space; execution trapping intercepts the (compromised) kernel’s attempts to subvert SecPod by misusing privileged instructions. We have implemented a prototype of SecPod based on KVM. Our experiments show that SecPod is both effective and efficient.
Chris Rutter: Avoiding The Security BrickMichael Man
DevSecOps - London Gathering (March 2019)
This is a continuation of Chris Rutter's security talks (typically focused around Threat Modelling). In this talk Chris will explore real techniques, both technical and organisational, to introduce security into DevOps without hitting people with bricks [Not literally].
Equifax cyber attack contained by containersAqua Security
Equifax cyber attack - What if they had used containers?
Block Image with Struts Vulnerability
Virtual Patch Patching To Block Exploit
Prevent Host-based DOS Attack
Situational Awareness
Intro to the FIWARE Lab: Setting Up Your Virtual Infrastructure Using FIWARE Lab Cloud, by Fernando López.
1st FIWARE Summit, Málaga, Dec. 13-15, 2016.
DevOpsDaysRiga 2018: Andrew Martin - Continuous Kubernetes Security DevOpsDays Riga
Now that we have passed “peak orchestrator” and as Kubernetes eats the world, we are left wondering: how secure is Kubernetes? Can we really run Google-style multi tenanted infrastructure safely? And how can we be sure what we configured yesterday will be in place tomorrow? In this talk we discuss: - the Kubernetes security landscape - risks, security models, and configuration best-practices - how to configure users and applications with least-privilege - how to isolate and segregate workloads and networks - hard and soft multi-tenancy - Continuous Security approaches to Kubernetes.
Effective security requires a layered approach. If one layer is comprised, the additional layers will (hopefully) stop an attacker from going further. Much of container security has focused on the image build process and providing providence for the artifacts in a container image, and restricting kernel level tunables in the container runtime (seccomp, SELinux, capabilities, etc). What if we can detect abnormal behavior in the application and the container runtime environment as well? In this talk, we’ll present Falco - an open source project for runtime security - and discuss how it provides application and container runtime security. We will show how Falco taps Linux system calls to provide low level insight into application behavior, and how to write Falco rules to detect abnormal behavior. Finally we will show how Falco can trigger notifications to stop abnormal behavior, notify humans, and isolate the compromised application for forensics. Attendees will leave with a better understanding of the container security landscape, what problems runtime security solves, & how Falco can provide runtime security and incident response.
Advanced OSSEC Training: Integration Strategies for Open Source SecurityAlienVault
During this technical one-hour session, Santiago Gonzalez, an OSSEC core team member (System integration, rules & SIEM) and AlienVault Director of Professional Services, will demonstrate how to integrate OSSEC with other 3rd party applications for greater security visibility and response.
To learn more, check out the video: https://www.alienvault.com/resource-center/webcasts/advanced-ossec-training-integration-strategies-for-open-source-security
Control Plane: Security Rationale for Istio (DevSecOps - London Gathering, Ja...Michael Man
Security Rationale For Istio
An introduction to Istio security, looking at how Istio helps to keeps your security team happy by satisfying Kubernetes security requirements for multi-tenancy, and your developers happy by reducing implementation effort. Istio is still an evolving technology, and outstanding issues and impending improvements will be discussed.
How to detect side channel attacks in cloud infrastructuresPasquale Puzio
http://www.secludit.com
We integrated Elastic Detector, which is SecludIT's product, with OSSIM in order to detect side-channel attacks occurring in cloud infrastructures.
Elastic Detector takes care of solving the cloud elasticity issue, collecting security-relevant logs and forwarding (rsyslog) them to OSSIM where the correlation takes place (thanks to our plugin).
DEMO showed at the RaSIEM workshop (ARES conference) in Regensburg, Germany.
In the Juno summit, Symantec presented it's perspective on securing Keystone. Security is really a mindset and process. We proposed a layered security approach starting with the process for securing Keystone architecture, followed by securing the environment where Keystone is deployed and configured. Since then we have been implementing those security measures in our production environment. In this talk, we will discuss exactly how we have made our Keystone deployment secure and what we have learnt along the way.
3 Years of Puppet at Cisco: The Secrets to Our Success - PuppetConf 2013Puppet
"3 Years of Puppet at Cisco: The Secrets to Our Success" by Keith Chambers and Ryan Uber, Cisco WebEx.
Presentation Overview: WebEx Social (WxS) is an enterprise social networking product by Cisco. Customers can subscribe to WxS as a cloud service or they can purchase a license and run WxS on-premise. Puppet is at the core of our technology stack that includes MongoDB, Solr, RabbitMQ, memcached, ZooKeeper, Nagios, and Graphite. We love Puppet. We pioneered embedding Puppet in Cisco products 3 years ago and have been tireless advocates ever since. We have learned valuable technology/process/culture lessons and developed reusable patterns for: - Scaling to thousands hosts with Puppet - Ensuring host upgrades are 100% reliable - Avoiding Puppet codebase spaghetti - Detecting and eliminating system drift at scale - Creating a culture of shared responsibility through architecture design.
Speaker Bio: Keith Chambers,Technical Leader, Cisco
Keith Chambers is the platform architect for the WebEx Social product at Cisco. He joined Cisco in 2000 and is based out of Seattle Washington. In his current role, Keith leads the engineering team responsible for deploying and operating WebEx Social. Prior to joining the WebEx Social team, Keith worked in Cisco's Unified Communication Business Unit and Technical Assistance Center. Keith was instrumental in the successful virtualization of Cisco's entire Unified Communications portfolio and spoke at VMworld 2009 on the topic of "virtualizing real-time applications". VMware presented Keith with their prestigious vExpert award in 2009. Outside of Cisco, Keith is a house deejay and producer. He enjoys traveling the world and spending time with his family, friends, and beautiful wife Jackie.
Using Kubernetes to make cellular data plans cheaper for 50M usersMirantis
Use case of Kubernetes based NFV infrastructure used in production to run an open source evolved packet core. Presented by Facebook Connectivity and Mirantis at KubeCon + CloudNativeCon Europe 2020.
SecPod: A Framework for Virtualization-based Security SystemsYue Chen
The OS kernel is critical to the security of a computer system. Many systems have been proposed to improve its security. A fundamental weakness of those systems is that page tables, the data structures that control the memory protection, are not isolated from the vulnerable kernel, and thus subject to tampering. To address that, researchers have relied on virtualization for reliable kernel memory protection. Unfortunately, such memory protection requires to monitor every update to the guest’s page tables. This fundamentally conflicts with the recent advances in the hardware virtualization support. In this paper, we propose SecPod, an extensible framework for virtualization-based security systems that can provide both strong isolation and the compatibility with modern hardware. SecPod has two key techniques: paging delegation delegates and audits the kernel’s paging operations to a secure space; execution trapping intercepts the (compromised) kernel’s attempts to subvert SecPod by misusing privileged instructions. We have implemented a prototype of SecPod based on KVM. Our experiments show that SecPod is both effective and efficient.
Chris Rutter: Avoiding The Security BrickMichael Man
DevSecOps - London Gathering (March 2019)
This is a continuation of Chris Rutter's security talks (typically focused around Threat Modelling). In this talk Chris will explore real techniques, both technical and organisational, to introduce security into DevOps without hitting people with bricks [Not literally].
NLP TOP COACH, International Training & Coaching & Leadership DevelopmentAh Roi
NLP TOP COACH is a team of dedicated, enthusiastic and motivational Coaches, Trainers & Business strategists. From experiences covering 5 continents, our breadth of knowledge and expertise will ensure you receive the best advice, consultancy and solutions for yourself and your corporation. We are passionate about helping you ‘Unleash your Power for Success and Happiness.
MISSION
Creating World-Class Leaders, Coaches & Trainers.
VISION
World’s No.1 Certification provider for NLP, Coaching & Leadership Development Training.
CORE VALUES
Passion– We coach and train with passion, enthusiasm and confidence
Authentic – Genuine team, delivering pure high quality NLP, Coaching & Leadership Certification
Results – Creating Success & Happiness in your business, health, wealth & relationships.
Cisco Automation with Puppet and onePK - PuppetConf 2013Puppet
"Cisco Automation with Puppet and onePK" by Jason Pfeifer Technical Marketing Engineer, Cisco.
Presentation Overview: This session will provide an overview of the cisco developed puppet functionality for management and configuration of Cisco devices.
Speaker Bio: Jason is a Cisco Technical Marketing Engineer focusing on programmability and automation of Cisco network devices. He is currently supporting, discussing, evangelizing, and writing applications against Cisco's onePK SDK. He also has a long term love affair with Cisco's Embedded Event Manager.
Better Network Management Through Network ProgrammabilityCisco Canada
As we enter the age of network programmability the data models, protocols, and tools provided by a programmable network can greatly improve and simplify network management tasks. Configuration and operational data can be read and set regardless of the underlying device. Errors are properly reported to ensure reliable delivery of data. Connections are secure and robust. Data is more intelligently extracted. This presentation will explore how tools like NETCONF, YANG, as well as Cisco's Embedded Event Manager, onePK APIs, and embedded Python scripting can radically improve network management applications by offering visibility and provisioning power throughout the network stack. For more information please visit our website here: http://www.cisco.com/web/CA/index.html
FIWARE Wednesday Webinars - Short Term History within Smart SystemsFIWARE
FIWARE Wednesday Webinar - Short Term History within Smart Systems (2nd April 2020)
Corresponding webinar recording: https://youtu.be/fX_YAc7G4Dk
This webinar will show how to utilise times series components and monitor and display trends within FIWARE applications.
Chapter: Core Context
Difficulty: 3
Audience: Any Technical
Presenter: Jason Fox (Senior Technical Evangelist, FIWARE Foundation)
Pluggable Infrastructure with CI/CD and DockerBob Killen
The docker cluster ecosystem is still young, and highly modular. This presentation covers some of the challenges we faced deciding on what infrastructure to deploy, and a few tips and tricks in making both applications and infrastructure easily adaptable.
Cloud native architecture is emerging for Telecom workloads. To support these emerging trends, Intel is targeting enhancements to the Dataplane Development Kit (DPDK). The enhancements would target network service mesh with dedicated sidecar accelerators and the mechanism to build the mesh dynamically.
Speaker: Gerald Rogers. Gerald Rogers is a Principal Engineer in the Network Products Group focused on virtual switching, network function virtualization and Data Plane Development Kit (DPDK). After joining Intel in 2005, Gerald has worked as a software engineer and architect in the embedded and networking groups. For the past 7 years Gerald has led the network virtual switching software and hardware acceleration effort to drive Intel architecture into the networking and telecommunications industry. Gerald holds a Bachelor’s degree in Electrical Engineering and a Master’s degree in Computer Science, and has 20 years of experience in the networking and telecommunications industry.
Moderne Serverless-Computing-Plattformen sind in aller Munde und stellen ein Programmiermodell zur Verfügung, wo sich der Nutzer keine Gedanken mehr über die Administration der Server, Storage, Netzwerk, virtuelle Maschinen, Hochverfügbarkeit und Skalierbarkeit machen brauch, sondern sich auf das Schreiben von eigenen Code konzentriert. Der Code bildet die Geschäftsanforderungen modular in Form von kleinen Funktionspaketen (Functions) ab. Functions sind das Herzstück der Serverless-Computing-Plattform. Sie lesen von der (oft Standard-)Eingabe, tätigen ihre Berechnungen und erzeugen eine Ausgabe. Die zu speichernden Ergebnisse von Funktionen werden in einem permanenten Datastore abgelegt, wie z.B. der Autonomous Database gespeichert. Die Autonomous Database besitzt folgende drei Eigenschaften self-driving, self-repairing und self-securing, die für einen modernen Anwendungsentwicklungsansatz benötigt werden.
Leveraging the strength of OSGi to deliver a convergent IoT Ecosystem - O Log...mfrancis
The “internet of things” is the next revolutionary wave following profound changes brought to us by Personal Computers (connecting places) and Mobile Phones (connecting people on the go). This third wave heralds the beginning of the new era of pervasive connectivity, embedded intelligence, and application convergence. It will be the world where smart things will communicate among themselves and with us enabling greener, more efficient, and at the same time more comfortable environment.
This talk will present a platform and products designed to serve the new markets enabled by the Internet of Things, with a particular focus on the value of the OSGi framework enabling convergence of Home Automation, Smart Energy, Electric Vehicle Charging, and e-health on a single remotely manageable platform. It will also provide insights on how the platform was developed leveraging the extensibility offered by the OSGi framework and ProSyst’s modular architecture.
The built-in OSGi stack provides Java-level abstraction of the network interfaces and Smart Energy Profile 2.0 stack as well as cloud integration features such as web server, web services and standards-based remote management. The OSGi framework is the key enabler of the product lifecycle and remote application management mandatory for service provider driven deployments. The Smart Energy 2.0 standard is a key element of the future smart grid. And the work presented in this talk describes the first platform integrating the SEP 2.0 protocol stack with an OSGi based middleware. The OSGi based solution also provides higher level of device security through the use of secure element. The UDK-21 is build around a System-on-Chip STreamPlug (ST2100), the solution features a fully integrated HomePlug PHY/MAC and Analog Front End combined with the ARM926EJ-S processor and a rich set of interfaces.
A demo showing Smart Energy Profile 2.0 use cases will outline these features. The demo will show how web based applications can interact with the OSGi stack on the already publicly available UDK-21 based gateway to control remote devices, such as a thermostat or an electric load. The access to SEP 2.0 devices will be done by the means of JSON-RPC based APIs, independent of the underlying device protocol, hence highlighting the benefits of a generic protocol agnostic architecture from the application standpoint. Other examples of the products that can be built around UDK-21 include Electric Vehicle Charger, Smart Meter, and a Basement Sensor Hub.
TechWiseTV Workshop: Application Hosting on Catalyst 9000 Series SwitchesRobb Boyd
Watch the REPLAY right now: http://bit.ly/2YoLbt3
Enterprise networks are now dealing with massive volumes of data, with a critical need to collect and analyze this data to respond faster and deliver insightful context. Traditional approaches, in which data is processed in remote servers, will no longer work. Data can burden the network unless some context is known. Edge computing can greatly reduce the data sent to the cloud or a remote server. Collecting and analyzing the data at the edge and making decisions locally rather than in centralized servers significantly reduces the latency and bandwidth of the network.
Powered by an x86 CPU, the application hosting solution on the Cisco Catalyst 9000 switching family provides the intelligence required at the edge. Native Docker engine support on the switches will enable users to build and bring their own applications without additional packaging. Cisco DNA Center will provide consistent workflows to manage the entire application lifecycle across multiple Cisco Catalyst 9000 switches through the App Hosting dashboard.
Resources:
Watch the related TechWiseTV episode: http://cs.co/9001EIbih
TechWiseTV: http://cs.co/9009DzrjN
BsidesSP: Pentesting in SDN - Owning the ControllersRoberto Soares
Conference:
BsidesSP
Description:
SDN (Software Defined Network) has attracted the attention of many technology giants from various segments such as VMware, Juniper, Cisco, HP, IBM, Google, China Telecom, Huawei and others by providing more virtualized services that can be scheduled, managed and monitored faster, more efficient and in a less costly manner than the usual solutions. Defining routes, switching, QoS treatment and security policies that happened in stocky and specific hardware now has performed his duties in higher layers of software, installed on virtualized machine. But how can we test this? First, we'll address an overview of the SDN architecture, soon after, it will be explained how to find SDN controllers, and if present in our network, steal critical information so that we can proceed with our exploitation. In the end, we will take possession of the controllers and make unexpected. There will be a smattering of codes for metasploit that will be demonstrated. Does a controller can control us? We'll see.
Generating a custom Ruby SDK for your web service or Rails API using Smithyg2nightmarescribd
Have you ever wanted a Ruby client API to communicate with your web service? Smithy is a protocol-agnostic language for defining services and SDKs. Smithy Ruby is an implementation of Smithy that generates a Ruby SDK using a Smithy model. In this talk, we will explore Smithy and Smithy Ruby to learn how to generate custom feature-rich SDKs that can communicate with any web service, such as a Rails JSON API.
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.