SlideShare a Scribd company logo
Secure Software Ecosystem
22 May - Soroosh Khodami & Ali Yazdani
NOT VERY LONG AGO
██╗░░░░░░█████╗░░██████╗░░░██╗██╗░██████╗██╗░░██╗███████╗██╗░░░░░██╗░░░░░
██║░░░░░██╔══██╗██╔════╝░░██╔╝██║██╔════╝██║░░██║██╔════╝██║░░░░░██║░░░░░
██║░░░░░██║░░██║██║░░██╗░██╔╝░██║╚█████╗░███████║█████╗░░██║░░░░░██║░░░░░
██║░░░░░██║░░██║██║░░╚██╗███████║░╚═══██╗██╔══██║██╔══╝░░██║░░░░░██║░░░░░
███████╗╚█████╔╝╚██████╔╝╚════██║██████╔╝██║░░██║███████╗███████╗███████╗
╚══════╝░╚════╝░░╚═════╝░░░░░░╚═╝╚═════╝░╚═╝░░╚═╝╚══════╝╚══════╝╚══════╝
CVE-2021-44228
CVSS Score 10 / 10
CVE-2024-3094
CVSS Score 10 / 10
CVE-2022-22965
CVSS Score 9.8 / 10
CVE-2020-10148
CVSS Score 9.8 / 10
We are living in unsecure world
everything is probable to get
exploited. We could be the next
target, are we ready ?
of all downloads of Log4J are still
vulnerable to the Log4Shell
Vulnerability
30% Reported By Sonatype (Maven Central)
Previous Update: https://www.sonatype.com/en/press-releases/critical-log4j-vulnerability-still-being-downloaded-40-of-the-time
2 Years After Release
WHY WE ARE HERE
SECURITY ENGINEER
D E V I L
D E V E L O P E R
WHO WE ARE
SECURITY ENGINEER
D E V E L O P E R
Ali Yazdani
Soroosh Khodami
+10 Years of Software Development Experience
Researcher in Software Supply Chain Security
Solution Architect at Rabobank via Code Nomads
+10 Years of Security Experience
Principal Security Engineer @ Scoutbee
OWASP DevSecOps Guideline Project Lead
@SorooshKh
linkedin.com/in/sorooshkhodami
ASecurityEngineer.com @asecengineer linkedin.com/in/aliyazdani
CLASSIC
CYBER ATTACKS
SQL Injection
Cross-Site Scripting
(XSS)
Cross-Site Request
Forgery (CSRF)
DDoS
Man-in-the-Middle
Remote Command
Execution
Malware Injection Buffer Overflow
Privilege Escalation Zero-Day Exploits
Server-Side Forgery
(SSRF)
Read More
§ https://portswigger.net/web-security/learning-paths
§ https://www.certifiedsecure.com
Phishing
Security Risk Transformation
Read More
https://owasp.org/www-project-top-ten/
Supply chain attack
Dependency Confusion
Software Supply Chain Hijacking
Counterfeit Components
Third-Party Compromise
Compromised Build Environments
Dependency Confusion
mycompany-ui-component
version : 6.6.6
mycompany-ui-component
version : 1.2.5
Private Repository
Source Code
?
Read More
• How it started - https://medium.com/@alex.birsan/dependency-confusion-4a5d60fec610
HOW TO DOWNLOAD
WHOLE INTERNET
WITH ONE COMMAND ?
$ npm install
Let’s create a HELLO WORLD APP
HELLO WORLD Dependency GRAPH
Depth = 0 -> 1 Dependency
Depth = 1 -> 32 Dependencies
Depth = 2 -> 65 Dependencies
Supply Chain Protection Best Practices
Reserve
Namespace / Scope / Prefix
Version Pinning
No Latest or Range
Package Integrity Check
Using SCA Tools
Using Dependency
Firewall
Official Repositories
MUST
GOOD
NICE
Read More
• How it started - https://medium.com/@alex.birsan/dependency-confusion-4a5d60fec610
• https://xygeni.io/blog/lack-of-version-pinning-and-dependency-confusion/
• https://github.blog/2021-02-12-avoiding-npm-substitution-attacks/
• https://books.sonatype.com/mvnref-book/reference/running-sect-options.html#running-sect-deps-option
Keep Dependencies
Up to Date
Clean Up
Unused Libraries
Immutable Versions
When Security is Involved in
Software Development?
Application Development Journey Already Changed!
Traditional Approach
Design Develop Deploy Staging Production
Lucky security tester
Unlucky security tester
Detect Early, Pay Less!
Refrence
https://www.nowsecure.com/blog/2017/05/10/level-up-mobile-app-security-metrics-to-measure-success/
https://www.packtpub.com/product/practical-cybersecurity-architecture/9781838989927
Modern Approach
Design Develop Deploy Staging Production
§ DAST
§ Load/Stress Test
§ 4-Eyes Principle
§ Secret Scanning
§ SAST/SCA
§ IaC Scanning
§ Container Image Scanning
§ Security Design
§ Threat Modelling
S H I F T L E F T
Phases can cover but can't replace each other.
• Continuous Dependency Monitoring
• Firewall
• Runtime Application Security
• Pentest / Bug Bounty
• Vulnerability Disclosure Program
• Logging & Monitoring
• Cloud Native Application Protection
Read more
• OWASP DevSecOps Guideline - https://github.com/OWASP/DevSecOpsGuideline
Still ...
lop Deploy Staging Production
§ DAST
§ Container Image Scanning
§ Load/Stress Test
t Scanning
SCA
canning
• Continuous Dependency Monitoring
• Firewall
• Runtime Application Security
• Pentest / Bug Bounty
• Vulnerability Disclosure Program
• Logging & Monitoring
• Cloud Native Application Protection
https://www.youtube.com/watch?v=gdsUKphmB3Y
Read more
• OWASP DevSecOps Guideline - https://github.com/OWASP/DevSecOpsGuideline
Continuous
Dependency Monitoring
In Production
Continuous Dependency Monitoring
Generating list of
Dependencies (SBOM)
Continuous Monitoring
After Deploying to Production
Software Bill of Material (SBOM)
Dependencies Components / Libraries
Licenses
Vulnerabilities
Suppliers
App Meta-Data
App Identifier
Authors
Which Application ?
Who to contact ?
How to Fix ?
How to detect ?
██╗░░░░░░█████╗░░██████╗░░░██╗██╗░██████╗██╗░░██╗███████╗██╗░░░░░██╗░░░░░
██║░░░░░██╔══██╗██╔════╝░░██╔╝██║██╔════╝██║░░██║██╔════╝██║░░░░░██║░░░░░
██║░░░░░██║░░██║██║░░██╗░██╔╝░██║╚█████╗░███████║█████╗░░██║░░░░░██║░░░░░
██║░░░░░██║░░██║██║░░╚██╗███████║░╚═══██╗██╔══██║██╔══╝░░██║░░░░░██║░░░░░
███████╗╚█████╔╝╚██████╔╝╚════██║██████╔╝██║░░██║███████╗███████╗███████╗
╚══════╝░╚════╝░░╚═════╝░░░░░░╚═╝╚═════╝░╚═╝░░╚═╝╚══════╝╚══════╝╚══════╝
CVE-2021-44228
CVSS Score 10 / 10
h Application ?
Who to contact ?
How to Fix ?
How to detect ?
cation ?
Who to contact ?
How to Fix ?
How to detect ?
Which Application ?
Who to contact ?
How to Fix ?
How to d
Which Application ?
Who to contact ?
How
x ?
How to detect ?
SBOM Management
SBOM In Practice
SBOM
App
SBOM
App
SBOM
App
SBOM
App
Continuous
Monitoring
ZERO DAY
ALERT !
Search Apps Based On Dependency or CVE
Which Applications ?
Authors/Committers Information is Available
Who to Contact ?
Continuous Monitoring on New SBOMs
Are we safe now ?(Realtime-overview)
Application Metadata
Prioritization on Fix
How to Generate
SBOM
SBOM Generation
Artifact
Container Image
Source Code
Runtime Env
SBOM Journey In CI/CD
Generate Software Bill of Material
SBOM Generation - Generic
Read more
• OWASP DevSecOps Guideline https://github.com/OWASP/DevSecOpsGuideline
SBOM Generation – Java Ecosystem
Version +3.3
Read more
• OWASP DevSecOps Guideline https://github.com/OWASP/DevSecOpsGuideline
• Securing the Supply Chain for Your Java Applications by THOMAS VITALE - https://www.youtube.com/watch?v=VM7lJ0f_xhQ
SBOM Generation - Docker
Read more
• OWASP DevSecOps Guideline - https://github.com/OWASP/DevSecOpsGuideline
• Securing the Supply Chain for Your Java Applications by THOMAS VITALE - https://www.youtube.com/watch?v=VM7lJ0f_xhQ
• https://earthly.dev/blog/docker-sbom/
Software Composition Analysis
(SCA)
SBOM Journey In CI/CD
Software Composition Analysis (SCA)
Software Composition Analysis (SCA)
Software Composition Analysis (SCA)
Commercial
Free/Open-Source
Read more
• OWASP DevSecOps Guideline - https://github.com/OWASP/DevSecOpsGuideline
SBOM Journey In CI/CD
SBOM Management & Continious Monitoring
SBOM Management
SBOM Management
Commercial Tools
Free / Open-Source
OWASP Dependency Track
Read more
• OWASP DevSecOps Guideline https://github.com/OWASP/DevSecOpsGuideline
Am I Prepared Now?
Firewall Continuous Monitoring Logging & Monitoring
Dev Sec Ops
The team story
The team story
DevSecOps destroy silos to achieve
the goal of delivering secure and
stable software quickly.
Regulations Insights
Regulations
Read more
• NITA - https://www.ntia.gov/page/software-bill-materials
• NIST - https://www.nist.gov/itl/executive-order-14028-improving-nations-cybersecurity/software-security-supply-chains-software-1+
• EU Cyber Resilience Act (CRA)
§ Executive Order 14028 on Improving the Nation’s Cybersecurity
§ DHS Software Supply Chain Risk Management Act
§ FDA Medical Device Cybersecurity Requirements
§ NIST SP 800-218
• DORA – EU Cyber Resilience Operation (Financial Sector)
• GERMANY – TR - 03183: SBOM Requirements for CRA
Regulations –CRA Timeline
NOW
Enter Into Force
2024 – Q2
Deadline 2026
Q1
Read more
• https://medium.com/@bugprove/eu-cyber-resilience-act-cra-all-you-need-to-know-in-a-nutshell-b843d149e18a
Regulations – DORA Timeline
NOW
Enter Into Force
Deadline 2025 - Q1
Read more
• https://www.eiopa.europa.eu/digital-operational-resilience-act-dora_en
• https://www.eiopa.europa.eu/document/download/2888a8e8-4a20-4e27-ad51-7ad4e5b511f7_en
Standards
ISO/IEC 27036
Cybersecurity — Supplier relationships
Frameworks
Supply-chain Levels for Software Artifacts
Read more
• https://www.iso.org/standard/82905.html
• https://cyclonedx.org
• https://spdx.dev/
• https://slsa.dev/
SBOM Format Standard
Software package data exchange (SPDX)
SBOM Format Standard
CycloneDX (CDX)
Thanks for your attention
Please Rate This Talk in NLJUG App
If you have any other questions, you can reach out to us via Social Media
@SorooshKh linkedin.com/in/sorooshkhodami
@asecengineer linkedin.com/in/aliyazdani
QR CODE
Secure Software Ecosystem Teqnation 2024

More Related Content

Similar to Secure Software Ecosystem Teqnation 2024

Null singapore - Mobile Security Essentials
Null singapore - Mobile Security EssentialsNull singapore - Mobile Security Essentials
Null singapore - Mobile Security Essentials
Sven Schleier
 
Escape the defaults - Configure Sling like AEM as a Cloud Service
Escape the defaults - Configure Sling like AEM as a Cloud ServiceEscape the defaults - Configure Sling like AEM as a Cloud Service
Escape the defaults - Configure Sling like AEM as a Cloud Service
Robert Munteanu
 
System Hardening Using Ansible
System Hardening Using AnsibleSystem Hardening Using Ansible
System Hardening Using Ansible
Sonatype
 
Advanced deployment scenarios
Advanced deployment scenariosAdvanced deployment scenarios
Advanced deployment scenarios
Sergio Navarro Pino
 
Getting started with docker
Getting started with dockerGetting started with docker
Getting started with docker
Saim Safder
 
How to build observability into Serverless (O'Reilly Velocity 2018)
How to build observability into Serverless (O'Reilly Velocity 2018)How to build observability into Serverless (O'Reilly Velocity 2018)
How to build observability into Serverless (O'Reilly Velocity 2018)
Yan Cui
 
OISC 2019 - The OWASP Top 10 & AppSec Primer
OISC 2019 - The OWASP Top 10 & AppSec PrimerOISC 2019 - The OWASP Top 10 & AppSec Primer
OISC 2019 - The OWASP Top 10 & AppSec Primer
ThreatReel Podcast
 
Deployment talk dpc 13
Deployment talk dpc 13Deployment talk dpc 13
Deployment talk dpc 13
Robbert van den Bogerd
 
Advanced deployment scenarios (netcoreconf)
Advanced deployment scenarios (netcoreconf)Advanced deployment scenarios (netcoreconf)
Advanced deployment scenarios (netcoreconf)
Sergio Navarro Pino
 
Cloud-powered Continuous Integration and Deployment architectures - Jinesh Varia
Cloud-powered Continuous Integration and Deployment architectures - Jinesh VariaCloud-powered Continuous Integration and Deployment architectures - Jinesh Varia
Cloud-powered Continuous Integration and Deployment architectures - Jinesh Varia
Amazon Web Services
 
Building a low cost hack lab
Building a low cost hack labBuilding a low cost hack lab
Building a low cost hack lab
Joe McCray
 
AppSec & OWASP Top 10 Primer
AppSec & OWASP Top 10 PrimerAppSec & OWASP Top 10 Primer
AppSec & OWASP Top 10 Primer
ThreatReel Podcast
 
The Emergent Cloud Security Toolchain for CI/CD
The Emergent Cloud Security Toolchain for CI/CDThe Emergent Cloud Security Toolchain for CI/CD
The Emergent Cloud Security Toolchain for CI/CD
James Wickett
 
Devoxx France 2013 Cloud Best Practices
Devoxx France 2013 Cloud Best PracticesDevoxx France 2013 Cloud Best Practices
Devoxx France 2013 Cloud Best Practices
Eric Bottard
 
Java Insecurity: How to Deal with the Constant Vulnerabilities
Java Insecurity: How to Deal with the Constant VulnerabilitiesJava Insecurity: How to Deal with the Constant Vulnerabilities
Java Insecurity: How to Deal with the Constant Vulnerabilities
Lumension
 
Dev{sec}ops
Dev{sec}opsDev{sec}ops
Dev{sec}ops
Steven Carlson
 
CloudNativeAalborg2023_Jan.pdf
CloudNativeAalborg2023_Jan.pdfCloudNativeAalborg2023_Jan.pdf
CloudNativeAalborg2023_Jan.pdf
ahjensen
 
WebAssembly & Zero Trust for Code
WebAssembly & Zero Trust for CodeWebAssembly & Zero Trust for Code
WebAssembly & Zero Trust for Code
All Things Open
 
Continuous delivery applied
Continuous delivery appliedContinuous delivery applied
Continuous delivery applied
Mike McGarr
 
App sec in the time of docker containers
App sec in the time of docker containersApp sec in the time of docker containers
App sec in the time of docker containers
Akash Mahajan
 

Similar to Secure Software Ecosystem Teqnation 2024 (20)

Null singapore - Mobile Security Essentials
Null singapore - Mobile Security EssentialsNull singapore - Mobile Security Essentials
Null singapore - Mobile Security Essentials
 
Escape the defaults - Configure Sling like AEM as a Cloud Service
Escape the defaults - Configure Sling like AEM as a Cloud ServiceEscape the defaults - Configure Sling like AEM as a Cloud Service
Escape the defaults - Configure Sling like AEM as a Cloud Service
 
System Hardening Using Ansible
System Hardening Using AnsibleSystem Hardening Using Ansible
System Hardening Using Ansible
 
Advanced deployment scenarios
Advanced deployment scenariosAdvanced deployment scenarios
Advanced deployment scenarios
 
Getting started with docker
Getting started with dockerGetting started with docker
Getting started with docker
 
How to build observability into Serverless (O'Reilly Velocity 2018)
How to build observability into Serverless (O'Reilly Velocity 2018)How to build observability into Serverless (O'Reilly Velocity 2018)
How to build observability into Serverless (O'Reilly Velocity 2018)
 
OISC 2019 - The OWASP Top 10 & AppSec Primer
OISC 2019 - The OWASP Top 10 & AppSec PrimerOISC 2019 - The OWASP Top 10 & AppSec Primer
OISC 2019 - The OWASP Top 10 & AppSec Primer
 
Deployment talk dpc 13
Deployment talk dpc 13Deployment talk dpc 13
Deployment talk dpc 13
 
Advanced deployment scenarios (netcoreconf)
Advanced deployment scenarios (netcoreconf)Advanced deployment scenarios (netcoreconf)
Advanced deployment scenarios (netcoreconf)
 
Cloud-powered Continuous Integration and Deployment architectures - Jinesh Varia
Cloud-powered Continuous Integration and Deployment architectures - Jinesh VariaCloud-powered Continuous Integration and Deployment architectures - Jinesh Varia
Cloud-powered Continuous Integration and Deployment architectures - Jinesh Varia
 
Building a low cost hack lab
Building a low cost hack labBuilding a low cost hack lab
Building a low cost hack lab
 
AppSec & OWASP Top 10 Primer
AppSec & OWASP Top 10 PrimerAppSec & OWASP Top 10 Primer
AppSec & OWASP Top 10 Primer
 
The Emergent Cloud Security Toolchain for CI/CD
The Emergent Cloud Security Toolchain for CI/CDThe Emergent Cloud Security Toolchain for CI/CD
The Emergent Cloud Security Toolchain for CI/CD
 
Devoxx France 2013 Cloud Best Practices
Devoxx France 2013 Cloud Best PracticesDevoxx France 2013 Cloud Best Practices
Devoxx France 2013 Cloud Best Practices
 
Java Insecurity: How to Deal with the Constant Vulnerabilities
Java Insecurity: How to Deal with the Constant VulnerabilitiesJava Insecurity: How to Deal with the Constant Vulnerabilities
Java Insecurity: How to Deal with the Constant Vulnerabilities
 
Dev{sec}ops
Dev{sec}opsDev{sec}ops
Dev{sec}ops
 
CloudNativeAalborg2023_Jan.pdf
CloudNativeAalborg2023_Jan.pdfCloudNativeAalborg2023_Jan.pdf
CloudNativeAalborg2023_Jan.pdf
 
WebAssembly & Zero Trust for Code
WebAssembly & Zero Trust for CodeWebAssembly & Zero Trust for Code
WebAssembly & Zero Trust for Code
 
Continuous delivery applied
Continuous delivery appliedContinuous delivery applied
Continuous delivery applied
 
App sec in the time of docker containers
App sec in the time of docker containersApp sec in the time of docker containers
App sec in the time of docker containers
 

Recently uploaded

E-commerce Development Services- Hornet Dynamics
E-commerce Development Services- Hornet DynamicsE-commerce Development Services- Hornet Dynamics
E-commerce Development Services- Hornet Dynamics
Hornet Dynamics
 
Lecture 2 - software testing SE 412.pptx
Lecture 2 - software testing SE 412.pptxLecture 2 - software testing SE 412.pptx
Lecture 2 - software testing SE 412.pptx
TaghreedAltamimi
 
Microservice Teams - How the cloud changes the way we work
Microservice Teams - How the cloud changes the way we workMicroservice Teams - How the cloud changes the way we work
Microservice Teams - How the cloud changes the way we work
Sven Peters
 
fiscal year variant fiscal year variant.
fiscal year variant fiscal year variant.fiscal year variant fiscal year variant.
fiscal year variant fiscal year variant.
AnkitaPandya11
 
Measures in SQL (SIGMOD 2024, Santiago, Chile)
Measures in SQL (SIGMOD 2024, Santiago, Chile)Measures in SQL (SIGMOD 2024, Santiago, Chile)
Measures in SQL (SIGMOD 2024, Santiago, Chile)
Julian Hyde
 
The Key to Digital Success_ A Comprehensive Guide to Continuous Testing Integ...
The Key to Digital Success_ A Comprehensive Guide to Continuous Testing Integ...The Key to Digital Success_ A Comprehensive Guide to Continuous Testing Integ...
The Key to Digital Success_ A Comprehensive Guide to Continuous Testing Integ...
kalichargn70th171
 
如何办理(hull学位证书)英国赫尔大学毕业证硕士文凭原版一模一样
如何办理(hull学位证书)英国赫尔大学毕业证硕士文凭原版一模一样如何办理(hull学位证书)英国赫尔大学毕业证硕士文凭原版一模一样
如何办理(hull学位证书)英国赫尔大学毕业证硕士文凭原版一模一样
gapen1
 
8 Best Automated Android App Testing Tool and Framework in 2024.pdf
8 Best Automated Android App Testing Tool and Framework in 2024.pdf8 Best Automated Android App Testing Tool and Framework in 2024.pdf
8 Best Automated Android App Testing Tool and Framework in 2024.pdf
kalichargn70th171
 
WWDC 2024 Keynote Review: For CocoaCoders Austin
WWDC 2024 Keynote Review: For CocoaCoders AustinWWDC 2024 Keynote Review: For CocoaCoders Austin
WWDC 2024 Keynote Review: For CocoaCoders Austin
Patrick Weigel
 
Energy consumption of Database Management - Florina Jonuzi
Energy consumption of Database Management - Florina JonuziEnergy consumption of Database Management - Florina Jonuzi
Energy consumption of Database Management - Florina Jonuzi
Green Software Development
 
Malibou Pitch Deck For Its €3M Seed Round
Malibou Pitch Deck For Its €3M Seed RoundMalibou Pitch Deck For Its €3M Seed Round
Malibou Pitch Deck For Its €3M Seed Round
sjcobrien
 
GreenCode-A-VSCode-Plugin--Dario-Jurisic
GreenCode-A-VSCode-Plugin--Dario-JurisicGreenCode-A-VSCode-Plugin--Dario-Jurisic
GreenCode-A-VSCode-Plugin--Dario-Jurisic
Green Software Development
 
14 th Edition of International conference on computer vision
14 th Edition of International conference on computer vision14 th Edition of International conference on computer vision
14 th Edition of International conference on computer vision
ShulagnaSarkar2
 
Hand Rolled Applicative User Validation Code Kata
Hand Rolled Applicative User ValidationCode KataHand Rolled Applicative User ValidationCode Kata
Hand Rolled Applicative User Validation Code Kata
Philip Schwarz
 
Using Query Store in Azure PostgreSQL to Understand Query Performance
Using Query Store in Azure PostgreSQL to Understand Query PerformanceUsing Query Store in Azure PostgreSQL to Understand Query Performance
Using Query Store in Azure PostgreSQL to Understand Query Performance
Grant Fritchey
 
UI5con 2024 - Bring Your Own Design System
UI5con 2024 - Bring Your Own Design SystemUI5con 2024 - Bring Your Own Design System
UI5con 2024 - Bring Your Own Design System
Peter Muessig
 
Oracle 23c New Features For DBAs and Developers.pptx
Oracle 23c New Features For DBAs and Developers.pptxOracle 23c New Features For DBAs and Developers.pptx
Oracle 23c New Features For DBAs and Developers.pptx
Remote DBA Services
 
Safelyio Toolbox Talk Softwate & App (How To Digitize Safety Meetings)
Safelyio Toolbox Talk Softwate & App (How To Digitize Safety Meetings)Safelyio Toolbox Talk Softwate & App (How To Digitize Safety Meetings)
Safelyio Toolbox Talk Softwate & App (How To Digitize Safety Meetings)
safelyiotech
 
YAML crash COURSE how to write yaml file for adding configuring details
YAML crash COURSE how to write yaml file for adding configuring detailsYAML crash COURSE how to write yaml file for adding configuring details
YAML crash COURSE how to write yaml file for adding configuring details
NishanthaBulumulla1
 
UI5con 2024 - Boost Your Development Experience with UI5 Tooling Extensions
UI5con 2024 - Boost Your Development Experience with UI5 Tooling ExtensionsUI5con 2024 - Boost Your Development Experience with UI5 Tooling Extensions
UI5con 2024 - Boost Your Development Experience with UI5 Tooling Extensions
Peter Muessig
 

Recently uploaded (20)

E-commerce Development Services- Hornet Dynamics
E-commerce Development Services- Hornet DynamicsE-commerce Development Services- Hornet Dynamics
E-commerce Development Services- Hornet Dynamics
 
Lecture 2 - software testing SE 412.pptx
Lecture 2 - software testing SE 412.pptxLecture 2 - software testing SE 412.pptx
Lecture 2 - software testing SE 412.pptx
 
Microservice Teams - How the cloud changes the way we work
Microservice Teams - How the cloud changes the way we workMicroservice Teams - How the cloud changes the way we work
Microservice Teams - How the cloud changes the way we work
 
fiscal year variant fiscal year variant.
fiscal year variant fiscal year variant.fiscal year variant fiscal year variant.
fiscal year variant fiscal year variant.
 
Measures in SQL (SIGMOD 2024, Santiago, Chile)
Measures in SQL (SIGMOD 2024, Santiago, Chile)Measures in SQL (SIGMOD 2024, Santiago, Chile)
Measures in SQL (SIGMOD 2024, Santiago, Chile)
 
The Key to Digital Success_ A Comprehensive Guide to Continuous Testing Integ...
The Key to Digital Success_ A Comprehensive Guide to Continuous Testing Integ...The Key to Digital Success_ A Comprehensive Guide to Continuous Testing Integ...
The Key to Digital Success_ A Comprehensive Guide to Continuous Testing Integ...
 
如何办理(hull学位证书)英国赫尔大学毕业证硕士文凭原版一模一样
如何办理(hull学位证书)英国赫尔大学毕业证硕士文凭原版一模一样如何办理(hull学位证书)英国赫尔大学毕业证硕士文凭原版一模一样
如何办理(hull学位证书)英国赫尔大学毕业证硕士文凭原版一模一样
 
8 Best Automated Android App Testing Tool and Framework in 2024.pdf
8 Best Automated Android App Testing Tool and Framework in 2024.pdf8 Best Automated Android App Testing Tool and Framework in 2024.pdf
8 Best Automated Android App Testing Tool and Framework in 2024.pdf
 
WWDC 2024 Keynote Review: For CocoaCoders Austin
WWDC 2024 Keynote Review: For CocoaCoders AustinWWDC 2024 Keynote Review: For CocoaCoders Austin
WWDC 2024 Keynote Review: For CocoaCoders Austin
 
Energy consumption of Database Management - Florina Jonuzi
Energy consumption of Database Management - Florina JonuziEnergy consumption of Database Management - Florina Jonuzi
Energy consumption of Database Management - Florina Jonuzi
 
Malibou Pitch Deck For Its €3M Seed Round
Malibou Pitch Deck For Its €3M Seed RoundMalibou Pitch Deck For Its €3M Seed Round
Malibou Pitch Deck For Its €3M Seed Round
 
GreenCode-A-VSCode-Plugin--Dario-Jurisic
GreenCode-A-VSCode-Plugin--Dario-JurisicGreenCode-A-VSCode-Plugin--Dario-Jurisic
GreenCode-A-VSCode-Plugin--Dario-Jurisic
 
14 th Edition of International conference on computer vision
14 th Edition of International conference on computer vision14 th Edition of International conference on computer vision
14 th Edition of International conference on computer vision
 
Hand Rolled Applicative User Validation Code Kata
Hand Rolled Applicative User ValidationCode KataHand Rolled Applicative User ValidationCode Kata
Hand Rolled Applicative User Validation Code Kata
 
Using Query Store in Azure PostgreSQL to Understand Query Performance
Using Query Store in Azure PostgreSQL to Understand Query PerformanceUsing Query Store in Azure PostgreSQL to Understand Query Performance
Using Query Store in Azure PostgreSQL to Understand Query Performance
 
UI5con 2024 - Bring Your Own Design System
UI5con 2024 - Bring Your Own Design SystemUI5con 2024 - Bring Your Own Design System
UI5con 2024 - Bring Your Own Design System
 
Oracle 23c New Features For DBAs and Developers.pptx
Oracle 23c New Features For DBAs and Developers.pptxOracle 23c New Features For DBAs and Developers.pptx
Oracle 23c New Features For DBAs and Developers.pptx
 
Safelyio Toolbox Talk Softwate & App (How To Digitize Safety Meetings)
Safelyio Toolbox Talk Softwate & App (How To Digitize Safety Meetings)Safelyio Toolbox Talk Softwate & App (How To Digitize Safety Meetings)
Safelyio Toolbox Talk Softwate & App (How To Digitize Safety Meetings)
 
YAML crash COURSE how to write yaml file for adding configuring details
YAML crash COURSE how to write yaml file for adding configuring detailsYAML crash COURSE how to write yaml file for adding configuring details
YAML crash COURSE how to write yaml file for adding configuring details
 
UI5con 2024 - Boost Your Development Experience with UI5 Tooling Extensions
UI5con 2024 - Boost Your Development Experience with UI5 Tooling ExtensionsUI5con 2024 - Boost Your Development Experience with UI5 Tooling Extensions
UI5con 2024 - Boost Your Development Experience with UI5 Tooling Extensions
 

Secure Software Ecosystem Teqnation 2024