SlideShare a Scribd company logo

Secure development 2014

Download as PPTX, PDF
Ariel Evans
Ariel Evans

Secure development 2014

Technology
1 of 22
How does the CIO deliver? With good vibrations… Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph Pini Cohen Sigal Russin STKI “IT Knowledge Integrators” pini@stki.info sitalr@stki.info 1
Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph 2
Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph 3
STKI index website 2 Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph 4
STKI index website 3 Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph 5
New business scenario: big maneuvers vs. small gains • Examples: Walmart, social time to respond, smaller telemarketing list
Or: Take full advantage
Why does IT need to adapt? Source: 2006 http://cacm.acm.org/magazines/2006/10/5805-why-spoofing-is-serious-internet-fraud/abstract 2006 E-Banking Site DX.com Comparison engines Alerts Wish Lists Social media integration A-B testing Web Analytics Recommendation engines Likes Much more 8
These new systems are called: “Systems of Engagement” Source: http://www.agencyport.com/blog/?attachment_id=3713 9
IT is divided into two distinct “worlds” Invest in new systems Long development and deployment cycles Reduce Operating Expenses Touch people In-moment decisions Personalized & in-context Social and analytics driven short & rapid releases 10
Pini Cohen and Sigal Russin's work Copyright@2013 Do not remove source or attribution from any slide, graph or portion of graph Domains of change • Focus on generating business value through agility and flexibility  Agile Development  BYOD BYO everything  Public Cloud  Open Source  Big Data  Devops  Mobile First  Commodity HW (or specific build) 11 Source: http://highscalability.com/blog/2012/5/7/startups-are-creating-a-new-system-of-the-world-for-it.html STKI modifications
Lately “I was not happy” (corporate IT situation) 12
This year is “Good Vibrations Year” •Continuous integration with Jenkins. Agile development projects. •Open source code in governmental projects. Hadoop, NoSQL initial projects. •Users deploy CRM and other strategic application in SaaS. Corporate sites at Azure. Email at 365 and Google. •Develop web apps in php, python. Users consider Puppet, Chef, Openstack. 13 Not in all organization. Not in all areas. But still, organizations starting to embrace contemporary technologies and processes!
The current “kings” are threatened CISCO • SDN – Openflow , Nicira • Mobile market share • Traction of startups and cloud providers Microsoft HP • Lower margins in printers, servers, PC VMWARE • Open source alternatives – Openstack • NoSQLHadoop • Cloud SaaS Oracle Monitoring vendors • Monitoring is provided by platforms (cloud, PaaS, etc.) (CA BMC HP IBM) • Publick Cloud • Software Defined Storage • NoSQLHadoop Storage vendors (EMC NETAPP, etc.) Redhat • Centos 14
Major Application development trends •Mobile first •Responsive Web •Client based web applications (with Rest API’s) •Proliferation of web JS frameworks and in general development tools •Development on cloud. PAAS frameworks (CloudFoundry, Openshift) •Continuous integrationdeployment – Devops –Dockers •Microservices 15
Major security trends 16 IT is not only changing information security tools but also an internal vision of security inside your business.
For a start - Development Problems •Buffer Overflow Buffer which crosses the volume of information allocated to it in a timely manner. It allows attackers to travel outside the buffer and overwrite important information to continue running the program. In many, utilizing this weakness allows running code injected by the attacker. 17
Development Problems •DOS- Denial Of Service Ping of death- Due to increased bandwidth browsing, this attack does not pose a risk. Local Denial of Service: "Stealing" all possible memory from the operating system, as well as prevention service by blocking the regular work with your computer. 18
Development Problems Distributed Denial of Service: Many different points make one or more requests for a particular service any network and is usually carried out through many computers controlled by a single operator. •Code Injection Cross Site Scripting HTML/Javascript/ SQL injection The user can enter any code to run it through the software, and do whatever the spirit through the code they injected. •Race Condition- Resource Condition Resource conflicts in software refers to the fact that the resource is used by more than one code divides the software (memory disposed). 19
Development vs. Security 20
סדר יום לדיון •מהו תהליך פיתוח "אידאלי" בעזרת מעורבות אבטחת מידע- נציגות אבטחת מידע באגף הפיתוח מוצרים בנושא פיתוח מאובטח כולל מוצרים בענן ·• תקציב אבטחת המידע בתחילת פרויקט פיתוח ·• כיצד לשפר תהליכים ארגוניים עוד בשלב הפיתוח מבחינת אבטחה ·• טיפים והמלצות ארגונים בנושא ·• 21
Sigal Russin & Pini Cohen / Copyright@2014 Thank you! Do not remove source or attribution From any slide, graph or portion of graph 22

Recommended

Devops a la sauce Microsoft
Devops a la sauce MicrosoftDevops a la sauce Microsoft
Devops a la sauce MicrosoftMicrosoft
 
Is DevOps Really Changing IT Support?
Is DevOps Really Changing IT Support?Is DevOps Really Changing IT Support?
Is DevOps Really Changing IT Support?Jon Stevens-Hall
 
Mendix-7-Keynote
Mendix-7-KeynoteMendix-7-Keynote
Mendix-7-KeynoteMichael Swarte
 
Application Darwinism: Why Most Enterprise Apps Will Move to the Cloud (SVC20...
Application Darwinism: Why Most Enterprise Apps Will Move to the Cloud (SVC20...Application Darwinism: Why Most Enterprise Apps Will Move to the Cloud (SVC20...
Application Darwinism: Why Most Enterprise Apps Will Move to the Cloud (SVC20...Amazon Web Services
 
Digital transformation buzzword or reality - Alon Fliess
Digital transformation buzzword or reality - Alon FliessDigital transformation buzzword or reality - Alon Fliess
Digital transformation buzzword or reality - Alon FliessCodeValue
 
Artificial Intelligence and Machine Learning with the Oracle Data Science Cloud
Artificial Intelligence and Machine Learning with the Oracle Data Science CloudArtificial Intelligence and Machine Learning with the Oracle Data Science Cloud
Artificial Intelligence and Machine Learning with the Oracle Data Science CloudJuarez Junior
 
The influence of consumerization on enterprise apps
The influence of consumerization on enterprise appsThe influence of consumerization on enterprise apps
The influence of consumerization on enterprise appsMichel de Goede
 
Pivotal Digital Transformation Forum: Accelerate Time to Market with Business...
Pivotal Digital Transformation Forum: Accelerate Time to Market with Business...Pivotal Digital Transformation Forum: Accelerate Time to Market with Business...
Pivotal Digital Transformation Forum: Accelerate Time to Market with Business...VMware Tanzu
 

Recommended

Devops a la sauce Microsoft
Devops a la sauce MicrosoftDevops a la sauce Microsoft
Devops a la sauce MicrosoftMicrosoft
 
Is DevOps Really Changing IT Support?
Is DevOps Really Changing IT Support?Is DevOps Really Changing IT Support?
Is DevOps Really Changing IT Support?Jon Stevens-Hall
 
Mendix-7-Keynote
Mendix-7-KeynoteMendix-7-Keynote
Mendix-7-KeynoteMichael Swarte
 
Application Darwinism: Why Most Enterprise Apps Will Move to the Cloud (SVC20...
Application Darwinism: Why Most Enterprise Apps Will Move to the Cloud (SVC20...Application Darwinism: Why Most Enterprise Apps Will Move to the Cloud (SVC20...
Application Darwinism: Why Most Enterprise Apps Will Move to the Cloud (SVC20...Amazon Web Services
 
Digital transformation buzzword or reality - Alon Fliess
Digital transformation buzzword or reality - Alon FliessDigital transformation buzzword or reality - Alon Fliess
Digital transformation buzzword or reality - Alon FliessCodeValue
 
Artificial Intelligence and Machine Learning with the Oracle Data Science Cloud
Artificial Intelligence and Machine Learning with the Oracle Data Science CloudArtificial Intelligence and Machine Learning with the Oracle Data Science Cloud
Artificial Intelligence and Machine Learning with the Oracle Data Science CloudJuarez Junior
 
The influence of consumerization on enterprise apps
The influence of consumerization on enterprise appsThe influence of consumerization on enterprise apps
The influence of consumerization on enterprise appsMichel de Goede
 
Pivotal Digital Transformation Forum: Accelerate Time to Market with Business...
Pivotal Digital Transformation Forum: Accelerate Time to Market with Business...Pivotal Digital Transformation Forum: Accelerate Time to Market with Business...
Pivotal Digital Transformation Forum: Accelerate Time to Market with Business...VMware Tanzu
 
CloudConnect 2012: Surprise! Your enterprise is already using cloud computing
CloudConnect 2012: Surprise! Your enterprise is already using cloud computingCloudConnect 2012: Surprise! Your enterprise is already using cloud computing
CloudConnect 2012: Surprise! Your enterprise is already using cloud computingGeva Perry
 
Madrid Alfresco Day 2015 - Paul Holmes-Higgin - Activiti BPM
Madrid Alfresco Day 2015 - Paul Holmes-Higgin - Activiti BPMMadrid Alfresco Day 2015 - Paul Holmes-Higgin - Activiti BPM
Madrid Alfresco Day 2015 - Paul Holmes-Higgin - Activiti BPMJohn Newton
 
I Love APIs 2015: Patterns for Letting the Community Extend your UI
I Love APIs 2015: Patterns for Letting the Community Extend your UII Love APIs 2015: Patterns for Letting the Community Extend your UI
I Love APIs 2015: Patterns for Letting the Community Extend your UIApigee | Google Cloud
 
The Future of ECM: new models for success
The Future of ECM: new models for successThe Future of ECM: new models for success
The Future of ECM: new models for successAIIM International
 
Four Trends of Next Generation ECM
Four Trends of Next Generation ECMFour Trends of Next Generation ECM
Four Trends of Next Generation ECMJohn Newton
 
The intricacies of cloud integration
The intricacies of cloud integrationThe intricacies of cloud integration
The intricacies of cloud integrationMichel de Goede
 
Delivery positionnig 2017 v2
Delivery positionnig 2017 v2Delivery positionnig 2017 v2
Delivery positionnig 2017 v2Pini Cohen
 
Two-Speed IT: Driving Innovation by Extending Your Exisiting IT Investments
Two-Speed IT: Driving Innovation by Extending Your Exisiting IT InvestmentsTwo-Speed IT: Driving Innovation by Extending Your Exisiting IT Investments
Two-Speed IT: Driving Innovation by Extending Your Exisiting IT InvestmentsApigee | Google Cloud
 
Case Studies: Harnessing Speed for Competitive Advantage
Case Studies: Harnessing Speed for Competitive AdvantageCase Studies: Harnessing Speed for Competitive Advantage
Case Studies: Harnessing Speed for Competitive AdvantageVMware Tanzu
 
Containers and microservices create new performance challenges kowall - app...
Containers and microservices create new performance challenges kowall - app...Containers and microservices create new performance challenges kowall - app...
Containers and microservices create new performance challenges kowall - app...Jonah Kowall
 
2015 positioning security & networking
2015 positioning security & networking2015 positioning security & networking
2015 positioning security & networkingAriel Evans
 
Closing the Visibility Gap | How to Combine Application & Infrastructure Moni...
Closing the Visibility Gap | How to Combine Application & Infrastructure Moni...Closing the Visibility Gap | How to Combine Application & Infrastructure Moni...
Closing the Visibility Gap | How to Combine Application & Infrastructure Moni...John Williams
 
Next Steps In Your Digital Transformation
Next Steps In Your Digital TransformationNext Steps In Your Digital Transformation
Next Steps In Your Digital TransformationVMware Tanzu
 
Evolving Service for the Digital Workplace
Evolving Service for the Digital WorkplaceEvolving Service for the Digital Workplace
Evolving Service for the Digital WorkplaceJon Stevens-Hall
 
Why Hybrid Cloud Demands Consistency
Why Hybrid Cloud Demands ConsistencyWhy Hybrid Cloud Demands Consistency
Why Hybrid Cloud Demands ConsistencyVMware Tanzu
 
SnapLogic Overview: Are You Feeling SMACT?
SnapLogic Overview: Are You Feeling SMACT?SnapLogic Overview: Are You Feeling SMACT?
SnapLogic Overview: Are You Feeling SMACT?SnapLogic
 
Pivotal: The Power of Enterprise PaaS
Pivotal: The Power of Enterprise PaaSPivotal: The Power of Enterprise PaaS
Pivotal: The Power of Enterprise PaaSVMware Tanzu
 
5 dirt easy patterns for value delivery with IT in M&A
5 dirt easy patterns for value delivery with IT in M&A5 dirt easy patterns for value delivery with IT in M&A
5 dirt easy patterns for value delivery with IT in M&AMichel de Goede
 
How To Leverage Cloud Computing for Business & Operational Benefit - CAMP IT
How To Leverage Cloud Computing for Business & Operational Benefit - CAMP ITHow To Leverage Cloud Computing for Business & Operational Benefit - CAMP IT
How To Leverage Cloud Computing for Business & Operational Benefit - CAMP ITSkytap Cloud
 
Open Source as a Business Opportunity
Open Source as a Business OpportunityOpen Source as a Business Opportunity
Open Source as a Business OpportunityAPPSTACLE Project
 
From Shadow IT to Empowered IT
From Shadow IT to Empowered ITFrom Shadow IT to Empowered IT
From Shadow IT to Empowered ITWSO2
 
DevOps for Enterprise Systems - Rosalind Radcliffe
DevOps for Enterprise Systems - Rosalind RadcliffeDevOps for Enterprise Systems - Rosalind Radcliffe
DevOps for Enterprise Systems - Rosalind RadcliffeDevOps for Enterprise Systems
 

More Related Content

What's hot

CloudConnect 2012: Surprise! Your enterprise is already using cloud computing
CloudConnect 2012: Surprise! Your enterprise is already using cloud computingCloudConnect 2012: Surprise! Your enterprise is already using cloud computing
CloudConnect 2012: Surprise! Your enterprise is already using cloud computingGeva Perry
 
Madrid Alfresco Day 2015 - Paul Holmes-Higgin - Activiti BPM
Madrid Alfresco Day 2015 - Paul Holmes-Higgin - Activiti BPMMadrid Alfresco Day 2015 - Paul Holmes-Higgin - Activiti BPM
Madrid Alfresco Day 2015 - Paul Holmes-Higgin - Activiti BPMJohn Newton
 
I Love APIs 2015: Patterns for Letting the Community Extend your UI
I Love APIs 2015: Patterns for Letting the Community Extend your UII Love APIs 2015: Patterns for Letting the Community Extend your UI
I Love APIs 2015: Patterns for Letting the Community Extend your UIApigee | Google Cloud
 
The Future of ECM: new models for success
The Future of ECM: new models for successThe Future of ECM: new models for success
The Future of ECM: new models for successAIIM International
 
Four Trends of Next Generation ECM
Four Trends of Next Generation ECMFour Trends of Next Generation ECM
Four Trends of Next Generation ECMJohn Newton
 
The intricacies of cloud integration
The intricacies of cloud integrationThe intricacies of cloud integration
The intricacies of cloud integrationMichel de Goede
 
Delivery positionnig 2017 v2
Delivery positionnig 2017 v2Delivery positionnig 2017 v2
Delivery positionnig 2017 v2Pini Cohen
 
Two-Speed IT: Driving Innovation by Extending Your Exisiting IT Investments
Two-Speed IT: Driving Innovation by Extending Your Exisiting IT InvestmentsTwo-Speed IT: Driving Innovation by Extending Your Exisiting IT Investments
Two-Speed IT: Driving Innovation by Extending Your Exisiting IT InvestmentsApigee | Google Cloud
 
Case Studies: Harnessing Speed for Competitive Advantage
Case Studies: Harnessing Speed for Competitive AdvantageCase Studies: Harnessing Speed for Competitive Advantage
Case Studies: Harnessing Speed for Competitive AdvantageVMware Tanzu
 
Containers and microservices create new performance challenges kowall - app...
Containers and microservices create new performance challenges kowall - app...Containers and microservices create new performance challenges kowall - app...
Containers and microservices create new performance challenges kowall - app...Jonah Kowall
 
2015 positioning security & networking
2015 positioning security & networking2015 positioning security & networking
2015 positioning security & networkingAriel Evans
 
Closing the Visibility Gap | How to Combine Application & Infrastructure Moni...
Closing the Visibility Gap | How to Combine Application & Infrastructure Moni...Closing the Visibility Gap | How to Combine Application & Infrastructure Moni...
Closing the Visibility Gap | How to Combine Application & Infrastructure Moni...John Williams
 
Next Steps In Your Digital Transformation
Next Steps In Your Digital TransformationNext Steps In Your Digital Transformation
Next Steps In Your Digital TransformationVMware Tanzu
 
Evolving Service for the Digital Workplace
Evolving Service for the Digital WorkplaceEvolving Service for the Digital Workplace
Evolving Service for the Digital WorkplaceJon Stevens-Hall
 
Why Hybrid Cloud Demands Consistency
Why Hybrid Cloud Demands ConsistencyWhy Hybrid Cloud Demands Consistency
Why Hybrid Cloud Demands ConsistencyVMware Tanzu
 
SnapLogic Overview: Are You Feeling SMACT?
SnapLogic Overview: Are You Feeling SMACT?SnapLogic Overview: Are You Feeling SMACT?
SnapLogic Overview: Are You Feeling SMACT?SnapLogic
 
Pivotal: The Power of Enterprise PaaS
Pivotal: The Power of Enterprise PaaSPivotal: The Power of Enterprise PaaS
Pivotal: The Power of Enterprise PaaSVMware Tanzu
 
5 dirt easy patterns for value delivery with IT in M&A
5 dirt easy patterns for value delivery with IT in M&A5 dirt easy patterns for value delivery with IT in M&A
5 dirt easy patterns for value delivery with IT in M&AMichel de Goede
 
How To Leverage Cloud Computing for Business & Operational Benefit - CAMP IT
How To Leverage Cloud Computing for Business & Operational Benefit - CAMP ITHow To Leverage Cloud Computing for Business & Operational Benefit - CAMP IT
How To Leverage Cloud Computing for Business & Operational Benefit - CAMP ITSkytap Cloud
 
Open Source as a Business Opportunity
Open Source as a Business OpportunityOpen Source as a Business Opportunity
Open Source as a Business OpportunityAPPSTACLE Project
 

What's hot (20)

CloudConnect 2012: Surprise! Your enterprise is already using cloud computing
CloudConnect 2012: Surprise! Your enterprise is already using cloud computingCloudConnect 2012: Surprise! Your enterprise is already using cloud computing
CloudConnect 2012: Surprise! Your enterprise is already using cloud computing
 
Madrid Alfresco Day 2015 - Paul Holmes-Higgin - Activiti BPM
Madrid Alfresco Day 2015 - Paul Holmes-Higgin - Activiti BPMMadrid Alfresco Day 2015 - Paul Holmes-Higgin - Activiti BPM
Madrid Alfresco Day 2015 - Paul Holmes-Higgin - Activiti BPM
 
I Love APIs 2015: Patterns for Letting the Community Extend your UI
I Love APIs 2015: Patterns for Letting the Community Extend your UII Love APIs 2015: Patterns for Letting the Community Extend your UI
I Love APIs 2015: Patterns for Letting the Community Extend your UI
 
The Future of ECM: new models for success
The Future of ECM: new models for successThe Future of ECM: new models for success
The Future of ECM: new models for success
 
Four Trends of Next Generation ECM
Four Trends of Next Generation ECMFour Trends of Next Generation ECM
Four Trends of Next Generation ECM
 
The intricacies of cloud integration
The intricacies of cloud integrationThe intricacies of cloud integration
The intricacies of cloud integration
 
Delivery positionnig 2017 v2
Delivery positionnig 2017 v2Delivery positionnig 2017 v2
Delivery positionnig 2017 v2
 
Two-Speed IT: Driving Innovation by Extending Your Exisiting IT Investments
Two-Speed IT: Driving Innovation by Extending Your Exisiting IT InvestmentsTwo-Speed IT: Driving Innovation by Extending Your Exisiting IT Investments
Two-Speed IT: Driving Innovation by Extending Your Exisiting IT Investments
 
Case Studies: Harnessing Speed for Competitive Advantage
Case Studies: Harnessing Speed for Competitive AdvantageCase Studies: Harnessing Speed for Competitive Advantage
Case Studies: Harnessing Speed for Competitive Advantage
 
Containers and microservices create new performance challenges kowall - app...
Containers and microservices create new performance challenges kowall - app...Containers and microservices create new performance challenges kowall - app...
Containers and microservices create new performance challenges kowall - app...
 
2015 positioning security & networking
2015 positioning security & networking2015 positioning security & networking
2015 positioning security & networking
 
Closing the Visibility Gap | How to Combine Application & Infrastructure Moni...
Closing the Visibility Gap | How to Combine Application & Infrastructure Moni...Closing the Visibility Gap | How to Combine Application & Infrastructure Moni...
Closing the Visibility Gap | How to Combine Application & Infrastructure Moni...
 
Next Steps In Your Digital Transformation
Next Steps In Your Digital TransformationNext Steps In Your Digital Transformation
Next Steps In Your Digital Transformation
 
Evolving Service for the Digital Workplace
Evolving Service for the Digital WorkplaceEvolving Service for the Digital Workplace
Evolving Service for the Digital Workplace
 
Why Hybrid Cloud Demands Consistency
Why Hybrid Cloud Demands ConsistencyWhy Hybrid Cloud Demands Consistency
Why Hybrid Cloud Demands Consistency
 
SnapLogic Overview: Are You Feeling SMACT?
SnapLogic Overview: Are You Feeling SMACT?SnapLogic Overview: Are You Feeling SMACT?
SnapLogic Overview: Are You Feeling SMACT?
 
Pivotal: The Power of Enterprise PaaS
Pivotal: The Power of Enterprise PaaSPivotal: The Power of Enterprise PaaS
Pivotal: The Power of Enterprise PaaS
 
5 dirt easy patterns for value delivery with IT in M&A
5 dirt easy patterns for value delivery with IT in M&A5 dirt easy patterns for value delivery with IT in M&A
5 dirt easy patterns for value delivery with IT in M&A
 
How To Leverage Cloud Computing for Business & Operational Benefit - CAMP IT
How To Leverage Cloud Computing for Business & Operational Benefit - CAMP ITHow To Leverage Cloud Computing for Business & Operational Benefit - CAMP IT
How To Leverage Cloud Computing for Business & Operational Benefit - CAMP IT
 
Open Source as a Business Opportunity
Open Source as a Business OpportunityOpen Source as a Business Opportunity
Open Source as a Business Opportunity
 

Similar to Secure development 2014

From Shadow IT to Empowered IT
From Shadow IT to Empowered ITFrom Shadow IT to Empowered IT
From Shadow IT to Empowered ITWSO2
 
DevOps for Enterprise Systems : Innovate like a Startup
DevOps for Enterprise Systems : Innovate like a StartupDevOps for Enterprise Systems : Innovate like a Startup
DevOps for Enterprise Systems : Innovate like a StartupDevOps for Enterprise Systems
 
How to Monitor Digital Dependencies Across Your Modern IT Stack
How to Monitor Digital Dependencies Across Your Modern IT StackHow to Monitor Digital Dependencies Across Your Modern IT Stack
How to Monitor Digital Dependencies Across Your Modern IT StackThousandEyes
 
Delivery 2015 pini
Delivery 2015 piniDelivery 2015 pini
Delivery 2015 piniPini Cohen
 
DevOps Thinking for the Line of Business
DevOps Thinking for the Line of BusinessDevOps Thinking for the Line of Business
DevOps Thinking for the Line of BusinessSanjeev Sharma
 
Cloud Innovation Tour - Discover Track
Cloud Innovation Tour - Discover TrackCloud Innovation Tour - Discover Track
Cloud Innovation Tour - Discover TrackLaurenWendler
 
Customer Presentation - IBM Cloud Pak for Data Overview (Level 100).PPTX
Customer Presentation - IBM Cloud Pak for Data Overview (Level 100).PPTXCustomer Presentation - IBM Cloud Pak for Data Overview (Level 100).PPTX
Customer Presentation - IBM Cloud Pak for Data Overview (Level 100).PPTXtsigitnist02
 
from shadow IT to empowered IT-asanka 2014 08-gartner catalyst
from shadow IT to empowered IT-asanka 2014 08-gartner catalystfrom shadow IT to empowered IT-asanka 2014 08-gartner catalyst
from shadow IT to empowered IT-asanka 2014 08-gartner catalystWSO2
 
From Shadow IT to Empowered IT: Unshackling Your Developers’ Creativity!
From Shadow IT to Empowered IT: Unshackling Your Developers’ Creativity!From Shadow IT to Empowered IT: Unshackling Your Developers’ Creativity!
From Shadow IT to Empowered IT: Unshackling Your Developers’ Creativity!WSO2
 
apidays LIVE Hong Kong - The Future of Legacy - How to leverage legacy and on...
apidays LIVE Hong Kong - The Future of Legacy - How to leverage legacy and on...apidays LIVE Hong Kong - The Future of Legacy - How to leverage legacy and on...
apidays LIVE Hong Kong - The Future of Legacy - How to leverage legacy and on...apidays
 
Loras College 2014 Business Analytics Symposium | Aaron Lanzen: Creating Busi...
Loras College 2014 Business Analytics Symposium | Aaron Lanzen: Creating Busi...Loras College 2014 Business Analytics Symposium | Aaron Lanzen: Creating Busi...
Loras College 2014 Business Analytics Symposium | Aaron Lanzen: Creating Busi...Cartegraph
 
Ensuring Cloud Native Success: Organization Transformation
Ensuring Cloud Native Success: Organization TransformationEnsuring Cloud Native Success: Organization Transformation
Ensuring Cloud Native Success: Organization TransformationChloe Jackson
 
Ensuring Cloud Native Success: Organization Transformation
Ensuring Cloud Native Success: Organization TransformationEnsuring Cloud Native Success: Organization Transformation
Ensuring Cloud Native Success: Organization TransformationVMware Tanzu
 
Secure, Strengthen, Automate, and Scale Modern Workloads with Red Hat & NGINX
Secure, Strengthen, Automate, and Scale Modern Workloads with Red Hat & NGINXSecure, Strengthen, Automate, and Scale Modern Workloads with Red Hat & NGINX
Secure, Strengthen, Automate, and Scale Modern Workloads with Red Hat & NGINXNGINX, Inc.
 
Keynote: Software Kept Eating the World (Pivotal Cloud Platform Roadshow)
Keynote: Software Kept Eating the World (Pivotal Cloud Platform Roadshow)Keynote: Software Kept Eating the World (Pivotal Cloud Platform Roadshow)
Keynote: Software Kept Eating the World (Pivotal Cloud Platform Roadshow)VMware Tanzu
 
Unlocking Engineering Observability with advanced IT analytics
Unlocking Engineering Observability with advanced IT analyticsUnlocking Engineering Observability with advanced IT analytics
Unlocking Engineering Observability with advanced IT analyticssource{d}
 
Application Darwinism - Why Most Enterprise Apps Will Evolve to the Cloud
Application Darwinism - Why Most Enterprise Apps Will Evolve to the CloudApplication Darwinism - Why Most Enterprise Apps Will Evolve to the Cloud
Application Darwinism - Why Most Enterprise Apps Will Evolve to the CloudSkytap Cloud
 

Similar to Secure development 2014 (20)

From Shadow IT to Empowered IT
From Shadow IT to Empowered ITFrom Shadow IT to Empowered IT
From Shadow IT to Empowered IT
 
DevOps for Enterprise Systems - Rosalind Radcliffe
DevOps for Enterprise Systems - Rosalind RadcliffeDevOps for Enterprise Systems - Rosalind Radcliffe
DevOps for Enterprise Systems - Rosalind Radcliffe
 
DevOps for Enterprise Systems : Innovate like a Startup
DevOps for Enterprise Systems : Innovate like a StartupDevOps for Enterprise Systems : Innovate like a Startup
DevOps for Enterprise Systems : Innovate like a Startup
 
Devops the Microsoft Way
Devops the Microsoft WayDevops the Microsoft Way
Devops the Microsoft Way
 
How to Monitor Digital Dependencies Across Your Modern IT Stack
How to Monitor Digital Dependencies Across Your Modern IT StackHow to Monitor Digital Dependencies Across Your Modern IT Stack
How to Monitor Digital Dependencies Across Your Modern IT Stack
 
Delivery 2015 pini
Delivery 2015 piniDelivery 2015 pini
Delivery 2015 pini
 
DevOps Thinking for the Line of Business
DevOps Thinking for the Line of BusinessDevOps Thinking for the Line of Business
DevOps Thinking for the Line of Business
 
Cloud Innovation Tour - Discover Track
Cloud Innovation Tour - Discover TrackCloud Innovation Tour - Discover Track
Cloud Innovation Tour - Discover Track
 
Customer Presentation - IBM Cloud Pak for Data Overview (Level 100).PPTX
Customer Presentation - IBM Cloud Pak for Data Overview (Level 100).PPTXCustomer Presentation - IBM Cloud Pak for Data Overview (Level 100).PPTX
Customer Presentation - IBM Cloud Pak for Data Overview (Level 100).PPTX
 
from shadow IT to empowered IT-asanka 2014 08-gartner catalyst
from shadow IT to empowered IT-asanka 2014 08-gartner catalystfrom shadow IT to empowered IT-asanka 2014 08-gartner catalyst
from shadow IT to empowered IT-asanka 2014 08-gartner catalyst
 
From Shadow IT to Empowered IT: Unshackling Your Developers’ Creativity!
From Shadow IT to Empowered IT: Unshackling Your Developers’ Creativity!From Shadow IT to Empowered IT: Unshackling Your Developers’ Creativity!
From Shadow IT to Empowered IT: Unshackling Your Developers’ Creativity!
 
apidays LIVE Hong Kong - The Future of Legacy - How to leverage legacy and on...
apidays LIVE Hong Kong - The Future of Legacy - How to leverage legacy and on...apidays LIVE Hong Kong - The Future of Legacy - How to leverage legacy and on...
apidays LIVE Hong Kong - The Future of Legacy - How to leverage legacy and on...
 
Loras College 2014 Business Analytics Symposium | Aaron Lanzen: Creating Busi...
Loras College 2014 Business Analytics Symposium | Aaron Lanzen: Creating Busi...Loras College 2014 Business Analytics Symposium | Aaron Lanzen: Creating Busi...
Loras College 2014 Business Analytics Symposium | Aaron Lanzen: Creating Busi...
 
Ensuring Cloud Native Success: Organization Transformation
Ensuring Cloud Native Success: Organization TransformationEnsuring Cloud Native Success: Organization Transformation
Ensuring Cloud Native Success: Organization Transformation
 
Ensuring Cloud Native Success: Organization Transformation
Ensuring Cloud Native Success: Organization TransformationEnsuring Cloud Native Success: Organization Transformation
Ensuring Cloud Native Success: Organization Transformation
 
Secure, Strengthen, Automate, and Scale Modern Workloads with Red Hat & NGINX
Secure, Strengthen, Automate, and Scale Modern Workloads with Red Hat & NGINXSecure, Strengthen, Automate, and Scale Modern Workloads with Red Hat & NGINX
Secure, Strengthen, Automate, and Scale Modern Workloads with Red Hat & NGINX
 
Keynote: Software Kept Eating the World (Pivotal Cloud Platform Roadshow)
Keynote: Software Kept Eating the World (Pivotal Cloud Platform Roadshow)Keynote: Software Kept Eating the World (Pivotal Cloud Platform Roadshow)
Keynote: Software Kept Eating the World (Pivotal Cloud Platform Roadshow)
 
Unlocking Engineering Observability with advanced IT analytics
Unlocking Engineering Observability with advanced IT analyticsUnlocking Engineering Observability with advanced IT analytics
Unlocking Engineering Observability with advanced IT analytics
 
Cisco & Open Source
Cisco & Open SourceCisco & Open Source
Cisco & Open Source
 
Application Darwinism - Why Most Enterprise Apps Will Evolve to the Cloud
Application Darwinism - Why Most Enterprise Apps Will Evolve to the CloudApplication Darwinism - Why Most Enterprise Apps Will Evolve to the Cloud
Application Darwinism - Why Most Enterprise Apps Will Evolve to the Cloud
 

More from Ariel Evans

infra 2015 delivery
infra 2015 deliveryinfra 2015 delivery
infra 2015 deliveryAriel Evans
 
Risk mngt gov compliance security cyber
Risk mngt gov compliance security cyberRisk mngt gov compliance security cyber
Risk mngt gov compliance security cyberAriel Evans
 
CONTACT CENTER TRENDS 2014
CONTACT CENTER TRENDS 2014CONTACT CENTER TRENDS 2014
CONTACT CENTER TRENDS 2014Ariel Evans
 
contact center trends 2014
contact center trends 2014contact center trends 2014
contact center trends 2014Ariel Evans
 
Printing om 2014
Printing om 2014Printing om 2014
Printing om 2014Ariel Evans
 
Contact Center infrastructure 2014
Contact Center infrastructure 2014Contact Center infrastructure 2014
Contact Center infrastructure 2014Ariel Evans
 
Secure develpment 2014
Secure develpment 2014Secure develpment 2014
Secure develpment 2014Ariel Evans
 
DLP Data leak prevention
DLP Data leak preventionDLP Data leak prevention
DLP Data leak preventionAriel Evans
 
Positioning+trends sigal summit 2014
Positioning+trends sigal summit 2014Positioning+trends sigal summit 2014
Positioning+trends sigal summit 2014Ariel Evans
 
Sigal summit 2014 final
Sigal summit 2014 finalSigal summit 2014 final
Sigal summit 2014 finalAriel Evans
 
Pini sigal Summit 2014 final
Pini sigal Summit 2014 finalPini sigal Summit 2014 final
Pini sigal Summit 2014 finalAriel Evans
 
Output management 2013
Output management 2013 Output management 2013
Output management 2013 Ariel Evans
 
Stki summit2013 infra_pini sigaltechnologies_v5 final
Stki summit2013 infra_pini sigaltechnologies_v5 finalStki summit2013 infra_pini sigaltechnologies_v5 final
Stki summit2013 infra_pini sigaltechnologies_v5 finalAriel Evans
 
Cyber security 2013
Cyber security 2013 Cyber security 2013
Cyber security 2013 Ariel Evans
 
Stki summit2013 ratios
Stki summit2013 ratiosStki summit2013 ratios
Stki summit2013 ratiosAriel Evans
 
Cloud cc security
Cloud cc securityCloud cc security
Cloud cc securityAriel Evans
 
Stki summit2013 infra_pini sigal_mega_v10 final
Stki summit2013 infra_pini sigal_mega_v10 finalStki summit2013 infra_pini sigal_mega_v10 final
Stki summit2013 infra_pini sigal_mega_v10 finalAriel Evans
 
Mdm byod survey results 2013
Mdm byod survey results 2013Mdm byod survey results 2013
Mdm byod survey results 2013Ariel Evans
 
Trends In Infrastructure Services
Trends In Infrastructure ServicesTrends In Infrastructure Services
Trends In Infrastructure ServicesAriel Evans
 

More from Ariel Evans (20)

infra 2015 delivery
infra 2015 deliveryinfra 2015 delivery
infra 2015 delivery
 
Risk mngt gov compliance security cyber
Risk mngt gov compliance security cyberRisk mngt gov compliance security cyber
Risk mngt gov compliance security cyber
 
CONTACT CENTER TRENDS 2014
CONTACT CENTER TRENDS 2014CONTACT CENTER TRENDS 2014
CONTACT CENTER TRENDS 2014
 
contact center trends 2014
contact center trends 2014contact center trends 2014
contact center trends 2014
 
Printing om 2014
Printing om 2014Printing om 2014
Printing om 2014
 
Contact Center infrastructure 2014
Contact Center infrastructure 2014Contact Center infrastructure 2014
Contact Center infrastructure 2014
 
Secure develpment 2014
Secure develpment 2014Secure develpment 2014
Secure develpment 2014
 
DLP Data leak prevention
DLP Data leak preventionDLP Data leak prevention
DLP Data leak prevention
 
Positioning+trends sigal summit 2014
Positioning+trends sigal summit 2014Positioning+trends sigal summit 2014
Positioning+trends sigal summit 2014
 
Sigal summit 2014 final
Sigal summit 2014 finalSigal summit 2014 final
Sigal summit 2014 final
 
Pini sigal Summit 2014 final
Pini sigal Summit 2014 finalPini sigal Summit 2014 final
Pini sigal Summit 2014 final
 
Output management 2013
Output management 2013 Output management 2013
Output management 2013
 
Stki summit2013 infra_pini sigaltechnologies_v5 final
Stki summit2013 infra_pini sigaltechnologies_v5 finalStki summit2013 infra_pini sigaltechnologies_v5 final
Stki summit2013 infra_pini sigaltechnologies_v5 final
 
Cyber security 2013
Cyber security 2013 Cyber security 2013
Cyber security 2013
 
Stki summit2013 ratios
Stki summit2013 ratiosStki summit2013 ratios
Stki summit2013 ratios
 
Cloud cc security
Cloud cc securityCloud cc security
Cloud cc security
 
Stki summit2013 infra_pini sigal_mega_v10 final
Stki summit2013 infra_pini sigal_mega_v10 finalStki summit2013 infra_pini sigal_mega_v10 final
Stki summit2013 infra_pini sigal_mega_v10 final
 
Mdm byod survey results 2013
Mdm byod survey results 2013Mdm byod survey results 2013
Mdm byod survey results 2013
 
IDM & IAM 2012
IDM & IAM 2012IDM & IAM 2012
IDM & IAM 2012
 
Trends In Infrastructure Services
Trends In Infrastructure ServicesTrends In Infrastructure Services
Trends In Infrastructure Services
 

Recently uploaded

Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
Bluetooth Controlled Car with Arduino.pdf
Bluetooth Controlled Car with Arduino.pdfBluetooth Controlled Car with Arduino.pdf
Bluetooth Controlled Car with Arduino.pdfngoud9212
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsMiki Katsuragi
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxLBM Solutions
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024BookNet Canada
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024The Digital Insurer
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraDeakin University
 

Recently uploaded (20)

Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
Bluetooth Controlled Car with Arduino.pdf
Bluetooth Controlled Car with Arduino.pdfBluetooth Controlled Car with Arduino.pdf
Bluetooth Controlled Car with Arduino.pdf
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptx
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning era
 

Secure development 2014

  • 1. How does the CIO deliver? With good vibrations… Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph Pini Cohen Sigal Russin STKI “IT Knowledge Integrators” pini@stki.info sitalr@stki.info 1
  • 2. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph 2
  • 3. Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph 3
  • 4. STKI index website 2 Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph 4
  • 5. STKI index website 3 Sigal Russin & Pini Cohen / Copyright@2014 Do not remove source or attribution From any slide, graph or portion of graph 5
  • 6. New business scenario: big maneuvers vs. small gains • Examples: Walmart, social time to respond, smaller telemarketing list
  • 7. Or: Take full advantage
  • 8. Why does IT need to adapt? Source: 2006 http://cacm.acm.org/magazines/2006/10/5805-why-spoofing-is-serious-internet-fraud/abstract 2006 E-Banking Site DX.com Comparison engines Alerts Wish Lists Social media integration A-B testing Web Analytics Recommendation engines Likes Much more 8
  • 9. These new systems are called: “Systems of Engagement” Source: http://www.agencyport.com/blog/?attachment_id=3713 9
  • 10. IT is divided into two distinct “worlds” Invest in new systems Long development and deployment cycles Reduce Operating Expenses Touch people In-moment decisions Personalized & in-context Social and analytics driven short & rapid releases 10
  • 11. Pini Cohen and Sigal Russin's work Copyright@2013 Do not remove source or attribution from any slide, graph or portion of graph Domains of change • Focus on generating business value through agility and flexibility  Agile Development  BYOD BYO everything  Public Cloud  Open Source  Big Data  Devops  Mobile First  Commodity HW (or specific build) 11 Source: http://highscalability.com/blog/2012/5/7/startups-are-creating-a-new-system-of-the-world-for-it.html STKI modifications
  • 12. Lately “I was not happy” (corporate IT situation) 12
  • 13. This year is “Good Vibrations Year” •Continuous integration with Jenkins. Agile development projects. •Open source code in governmental projects. Hadoop, NoSQL initial projects. •Users deploy CRM and other strategic application in SaaS. Corporate sites at Azure. Email at 365 and Google. •Develop web apps in php, python. Users consider Puppet, Chef, Openstack. 13 Not in all organization. Not in all areas. But still, organizations starting to embrace contemporary technologies and processes!
  • 14. The current “kings” are threatened CISCO • SDN – Openflow , Nicira • Mobile market share • Traction of startups and cloud providers Microsoft HP • Lower margins in printers, servers, PC VMWARE • Open source alternatives – Openstack • NoSQLHadoop • Cloud SaaS Oracle Monitoring vendors • Monitoring is provided by platforms (cloud, PaaS, etc.) (CA BMC HP IBM) • Publick Cloud • Software Defined Storage • NoSQLHadoop Storage vendors (EMC NETAPP, etc.) Redhat • Centos 14
  • 15. Major Application development trends •Mobile first •Responsive Web •Client based web applications (with Rest API’s) •Proliferation of web JS frameworks and in general development tools •Development on cloud. PAAS frameworks (CloudFoundry, Openshift) •Continuous integrationdeployment – Devops –Dockers •Microservices 15
  • 16. Major security trends 16 IT is not only changing information security tools but also an internal vision of security inside your business.
  • 17. For a start - Development Problems •Buffer Overflow Buffer which crosses the volume of information allocated to it in a timely manner. It allows attackers to travel outside the buffer and overwrite important information to continue running the program. In many, utilizing this weakness allows running code injected by the attacker. 17
  • 18. Development Problems •DOS- Denial Of Service Ping of death- Due to increased bandwidth browsing, this attack does not pose a risk. Local Denial of Service: "Stealing" all possible memory from the operating system, as well as prevention service by blocking the regular work with your computer. 18
  • 19. Development Problems Distributed Denial of Service: Many different points make one or more requests for a particular service any network and is usually carried out through many computers controlled by a single operator. •Code Injection Cross Site Scripting HTML/Javascript/ SQL injection The user can enter any code to run it through the software, and do whatever the spirit through the code they injected. •Race Condition- Resource Condition Resource conflicts in software refers to the fact that the resource is used by more than one code divides the software (memory disposed). 19
  • 21. סדר יום לדיון •מהו תהליך פיתוח "אידאלי" בעזרת מעורבות אבטחת מידע- נציגות אבטחת מידע באגף הפיתוח מוצרים בנושא פיתוח מאובטח כולל מוצרים בענן ·• תקציב אבטחת המידע בתחילת פרויקט פיתוח ·• כיצד לשפר תהליכים ארגוניים עוד בשלב הפיתוח מבחינת אבטחה ·• טיפים והמלצות ארגונים בנושא ·• 21
  • 22. Sigal Russin & Pini Cohen / Copyright@2014 Thank you! Do not remove source or attribution From any slide, graph or portion of graph 22

Editor's Notes

  1. לחוצץ אשר חוצה את נפח המידע שהוקצה לו מבעוד מועד. חריגה זו מאפשרת לתוקפים לצאת מגבולות החוצץ וכך לשכתב מידע חשוב להמשך ריצת התוכנית. במקרים רבים, ניצול חולשה זו מאפשר הרצת קוד המוזרק על ידי התוקף
  2. רקורסיה ללא תנאי עצירה אשר בצורה אין סופית יוצרת עוד רקורסיה עד ”אין סוף“, כאשר ה"אין הסוף" הזה הוא המשאבים של מערכת ההפעלה הפנויים במערכת. למרות שזו דוגמה סטטית, עדיין קיימת מניעת שירות לכל דבר בשל "גניבת" כל זיכרון אפשרי ממערכת ההפעלה, וכן מניעת שירות על ידי חסימת עבודה סדירה עם המחשב.
  3. מניעת שירות שכזו גורמת לנקודות שונות ורבות לבצע בקשה אחת או יותר כלפי שירות מסויים .(Service ברשת כלשהי והיא בדרך כלל מתבצעת באמצעות מחשבים רבים בשליטתו של מפעיל בודד, כאשר התקפה זו מצליחה ברוב המקרים משום שיש הרבה מאוד בקשות בו .zombies מחשבים אלו נקראים זמנית והשירות לא מסוגל לענות לכל הבקשות. במקרה הטוב השירות רק נחסם לעוד בקשות ובמקרה הרע גורם למערכת לקרוס מחוסר במשאבים פנויים להתמודד עם הבקשות השונות, גם לאחר שהמתקפה מסתיימת.