Security has become more and more important as we move to the cloud and countries & companies are being hacked – remember the Sony hack? But how do we securely store sensitive data such as connection strings to our databases? Where do we store our encryption keys? Can I share them with my customers? How do I prevent abuse of my secrets and block them from doing so?
That’s what this session is all about – I will introduce you to the concepts of Microsoft Azure Key Vault where you can use this as it allows you to securely store keys, credentials and other secrets in the cloud. We will also have a look at how it enables us to store encryption keys for SQL Server TDE and how it can help you safeguard your cloud solutions even more.
Securing sensitive data with Azure Key VaultTom Kerkhove
As a developer you often have to use & store a lot of sensitive data going from service credentials to connection strings or even encryption keys. But how do I store these in a secure way? How do I know who has access to them and how do I prevent people from copying them and abusing them? On the other hand, SaaS customers have no clue how you store their sensitive data and how they use it. How can they monitor that? How can they revoke your access easily?
Watch the recording here - http://azug.be/2015-05-05---securing-sensitive-data-with-azure-key-vault
Azure Low Lands 2019 - Building secure cloud applications with Azure Key VaultTom Kerkhove
It is not a secret that it is hard to manage sensitive information. Azure Key Vault allows you to securely store this kind of information ranging from secrets & certificates to cryptographic keys.
Great! But how do you use it? How do I authenticate with it and how do I build robust applications with it?
Come join me and I'll walk you through the challenges and give you some recommendations.
Sesión del Global Azure Bootcamp 2017. Azure Key Vault nos permite asegurar los servicios alojados, las claves y contraseñas en un almacenamiento especial y protegido. En esta sesión exploraremos las capacidades de Azure Key Vault y veremos como es necesario su uso en la Star Trek para garantizar la seguridad.
A description of Azure Key Vault. Why do we need Azure Key Vault where does it fit in a solution. The details of storing keys, secrets and certificate inside of key vault. Using key vault for encryption and decryption of data
Conference Talk at ForwardJS at Ottawa on using Vault to store your secrets for your nodejs application. How to use Vault to store secrets. How to use approles to authenticate with vault using node-vault. How not to use env variable to pass in secrets.
Securing sensitive data with Azure Key VaultTom Kerkhove
As a developer you often have to use & store a lot of sensitive data going from service credentials to connection strings or even encryption keys. But how do I store these in a secure way? How do I know who has access to them and how do I prevent people from copying them and abusing them? On the other hand, SaaS customers have no clue how you store their sensitive data and how they use it. How can they monitor that? How can they revoke your access easily?
Watch the recording here - http://azug.be/2015-05-05---securing-sensitive-data-with-azure-key-vault
Azure Low Lands 2019 - Building secure cloud applications with Azure Key VaultTom Kerkhove
It is not a secret that it is hard to manage sensitive information. Azure Key Vault allows you to securely store this kind of information ranging from secrets & certificates to cryptographic keys.
Great! But how do you use it? How do I authenticate with it and how do I build robust applications with it?
Come join me and I'll walk you through the challenges and give you some recommendations.
Sesión del Global Azure Bootcamp 2017. Azure Key Vault nos permite asegurar los servicios alojados, las claves y contraseñas en un almacenamiento especial y protegido. En esta sesión exploraremos las capacidades de Azure Key Vault y veremos como es necesario su uso en la Star Trek para garantizar la seguridad.
A description of Azure Key Vault. Why do we need Azure Key Vault where does it fit in a solution. The details of storing keys, secrets and certificate inside of key vault. Using key vault for encryption and decryption of data
Conference Talk at ForwardJS at Ottawa on using Vault to store your secrets for your nodejs application. How to use Vault to store secrets. How to use approles to authenticate with vault using node-vault. How not to use env variable to pass in secrets.
Describes 3 levels of complexity when implementing a secret management architecture, and presents 2 real world examples.
Technologies used: Hashicorp Vault, Chef Vault, AWS KMS, git-crypt.
Eliminating Secret Sprawl in the Cloud with HashiCorp Vault - 07.11.2018HashiCorp
Managing secrets in a distributed cloud world requires a new approach to security. Applications and systems are now frequently created and destroyed. The network between distributed clouds, applications, and systems is low-trust, furthering the complexities of secrets sprawl. So, what is the solution?
HashiCorp Vault seeks to solve the problem of secret sprawl by centralizing secrets management in a scalable, repeatable workflow to be able to create, manage, and revoke secrets as needed.
Watch this webinar to learn:
- How Vault addresses today’s security threats
- How security teams can use Vault to store and manage all their secrets across their private and public infrastructure, globally.
- How Adobe reduced secret sprawl, increased operational performance of a key security process, and processes 100 trillion transactions with Vault
For full webinar recording: https://hashicorp.com/resources/eliminating-secret-sprawl-in-the-cloud
In this talk, Oded Hareven, Co-Founder & CEO of Akeyless.io, discusses the history of the movement toward best practices in password, token, key, and credential management, including HSMs, KMSs, PAMs, and PKI management. He explores how secrets management is now a MUST for DevOps and security teams of all enterprises and why the right tool needs to be cloud-agnostic, cloud-native, integrable with any DevOps pipelines, and infinitely scalable.
Secrets management has come a long way - from simple credentials kept in code to KMS tools to privileged access management and then secrets vaults. Digital transformation is still a thing in 2021, and since we’re all using multiple clouds, Kubernetes, and moving towards microservices and serverless architectures, the right tool for the right job is that much more important, especially when it comes to securing your infrastructure and applications.
This talk will discuss some of the history of the movement toward best practices in password, token, key, and credential management, including HSMs, KMSs, PAMs, and PKI management. Finally, how secrets management became a MUST for DevOps and security teams of all enterprises, and why the right tool needs to be cloud agnostic, cloud-native, integrable with any DevOps pipelines and infinitely scalable.
Kubernetes Secrets - The Good, The Bad, and The Ugly - AkeylessAkeyless
Oded Harevern, CEO & co-founder of Akeyless discusses how Kubernetes secrets management is done today and how to do secrets management better.
Learn more about Akeyless Vault Platform for secrets management: https://www.akeyless.io/product-secrets-management/
Watch the video here: https://www.youtube.com/watch?v=hvUuYWXGSJM
Secure Secret Management on a Budget: Reasoning about Scalable SM with Vault ...Mary Racter
Secret-based protocols are the most popular methods for establishing trust in authentication. Unfortunately, they are also one of the first attack surfaces to be probed when system compromise is attempted. Today’s digital services often focus on scalability, high-availability, and fault tolerance, leading to a shift towards microservices on cluster-based architectures. Secret management has evolved as well, leading to the development of cluster-compatible, open-source SM tools such as HashiCorp’s Vault. This talk is designed to help SecOps professionals leverage security concepts such as spatial and temporal attack surfaces, trust, and risk acceptance to secure their cluster credential management.
Automation Patterns for Scalable Secret ManagementMary Racter
So you’ve scaled your app up to 1000 instances. Do they all share the same credentials for access to stateful resources? Then the attack surface for your stateful resources just got scaled up too. Automated secret management lets you focus on scaling up your app, not your risk of data compromise.
This talk aims to introduce some important considerations in attack surface management at scale, and provide some patterns and tips on integrating secret management workflows into Continuous Deployment infrastructure.
Using Azure Managed Identities for your App Services by Jan de Vries from 4Do...DevClub_lv
Jan de Vries from 4DotNet will share experience on “Using Azure Managed Identities for your App Services“.
He will show you what needs to be set up in your application and AAD to get you started. When everything is set up correctly you can manage the access to all of your API’s via Azure Active Directory and even restrict access to specific endpoints if you want.
You’ll leave this session knowing how to set up your services by using the built-in capabilities of Azure and make your complete environment more secure and easy to manage.
Jan is a Cloud Solution Architect at 4DotNet (Netherlands). His main focus is on developing highly performant and scalable solutions using the awesome services provided by the Microsoft Azure platform. Because of his expertise, he has been able to help out multiple customers to bring their on-premise solution to the cloud and guide them towards a better software development ecosystem.
Secret Management with Hashicorp’s VaultAWS Germany
When running a Kubernetes Cluster in AWS there are secrets like AWS and Kubernetes credentials, access information for databases or integration with the company LDAP that need to be stored and managed.
HashiCorp’s Vault secures, stores, and controls access to tokens, passwords, certificates, API keys, and other secrets . It handles leasing, key revocation, key rolling, and auditing.
This talk will give an overview of secret management in general and Vault’s concepts. The talk will explain how to make use of Vault’s extensive feature set and show patterns that implement integration between Kubernetes applications and Vault.
GAB 2015 - Nouveautes sur le stockage de donnees dans AzureJean-Luc Boucho
Cette présentation parcourt les principales nouveautés concernant le stockage de données dans Azure. Au menu : évolutions du Storage (Premium), SQL Database (V12) et Cache Redis, nouveaux services Elastic Scale, DocumentDB et améliorations du Backup et Recovery.
Session animée à l'événement Global Azure Bootcamp à Paris, 25 Avril 2015.
El servicio de Microsoft Azure nos brinda el respaldo de datos on Premisse asi como tambien en la Nube para nuestras maquina Virtuales asegurando nuestros datos de manera encriptada
Describes 3 levels of complexity when implementing a secret management architecture, and presents 2 real world examples.
Technologies used: Hashicorp Vault, Chef Vault, AWS KMS, git-crypt.
Eliminating Secret Sprawl in the Cloud with HashiCorp Vault - 07.11.2018HashiCorp
Managing secrets in a distributed cloud world requires a new approach to security. Applications and systems are now frequently created and destroyed. The network between distributed clouds, applications, and systems is low-trust, furthering the complexities of secrets sprawl. So, what is the solution?
HashiCorp Vault seeks to solve the problem of secret sprawl by centralizing secrets management in a scalable, repeatable workflow to be able to create, manage, and revoke secrets as needed.
Watch this webinar to learn:
- How Vault addresses today’s security threats
- How security teams can use Vault to store and manage all their secrets across their private and public infrastructure, globally.
- How Adobe reduced secret sprawl, increased operational performance of a key security process, and processes 100 trillion transactions with Vault
For full webinar recording: https://hashicorp.com/resources/eliminating-secret-sprawl-in-the-cloud
In this talk, Oded Hareven, Co-Founder & CEO of Akeyless.io, discusses the history of the movement toward best practices in password, token, key, and credential management, including HSMs, KMSs, PAMs, and PKI management. He explores how secrets management is now a MUST for DevOps and security teams of all enterprises and why the right tool needs to be cloud-agnostic, cloud-native, integrable with any DevOps pipelines, and infinitely scalable.
Secrets management has come a long way - from simple credentials kept in code to KMS tools to privileged access management and then secrets vaults. Digital transformation is still a thing in 2021, and since we’re all using multiple clouds, Kubernetes, and moving towards microservices and serverless architectures, the right tool for the right job is that much more important, especially when it comes to securing your infrastructure and applications.
This talk will discuss some of the history of the movement toward best practices in password, token, key, and credential management, including HSMs, KMSs, PAMs, and PKI management. Finally, how secrets management became a MUST for DevOps and security teams of all enterprises, and why the right tool needs to be cloud agnostic, cloud-native, integrable with any DevOps pipelines and infinitely scalable.
Kubernetes Secrets - The Good, The Bad, and The Ugly - AkeylessAkeyless
Oded Harevern, CEO & co-founder of Akeyless discusses how Kubernetes secrets management is done today and how to do secrets management better.
Learn more about Akeyless Vault Platform for secrets management: https://www.akeyless.io/product-secrets-management/
Watch the video here: https://www.youtube.com/watch?v=hvUuYWXGSJM
Secure Secret Management on a Budget: Reasoning about Scalable SM with Vault ...Mary Racter
Secret-based protocols are the most popular methods for establishing trust in authentication. Unfortunately, they are also one of the first attack surfaces to be probed when system compromise is attempted. Today’s digital services often focus on scalability, high-availability, and fault tolerance, leading to a shift towards microservices on cluster-based architectures. Secret management has evolved as well, leading to the development of cluster-compatible, open-source SM tools such as HashiCorp’s Vault. This talk is designed to help SecOps professionals leverage security concepts such as spatial and temporal attack surfaces, trust, and risk acceptance to secure their cluster credential management.
Automation Patterns for Scalable Secret ManagementMary Racter
So you’ve scaled your app up to 1000 instances. Do they all share the same credentials for access to stateful resources? Then the attack surface for your stateful resources just got scaled up too. Automated secret management lets you focus on scaling up your app, not your risk of data compromise.
This talk aims to introduce some important considerations in attack surface management at scale, and provide some patterns and tips on integrating secret management workflows into Continuous Deployment infrastructure.
Using Azure Managed Identities for your App Services by Jan de Vries from 4Do...DevClub_lv
Jan de Vries from 4DotNet will share experience on “Using Azure Managed Identities for your App Services“.
He will show you what needs to be set up in your application and AAD to get you started. When everything is set up correctly you can manage the access to all of your API’s via Azure Active Directory and even restrict access to specific endpoints if you want.
You’ll leave this session knowing how to set up your services by using the built-in capabilities of Azure and make your complete environment more secure and easy to manage.
Jan is a Cloud Solution Architect at 4DotNet (Netherlands). His main focus is on developing highly performant and scalable solutions using the awesome services provided by the Microsoft Azure platform. Because of his expertise, he has been able to help out multiple customers to bring their on-premise solution to the cloud and guide them towards a better software development ecosystem.
Secret Management with Hashicorp’s VaultAWS Germany
When running a Kubernetes Cluster in AWS there are secrets like AWS and Kubernetes credentials, access information for databases or integration with the company LDAP that need to be stored and managed.
HashiCorp’s Vault secures, stores, and controls access to tokens, passwords, certificates, API keys, and other secrets . It handles leasing, key revocation, key rolling, and auditing.
This talk will give an overview of secret management in general and Vault’s concepts. The talk will explain how to make use of Vault’s extensive feature set and show patterns that implement integration between Kubernetes applications and Vault.
GAB 2015 - Nouveautes sur le stockage de donnees dans AzureJean-Luc Boucho
Cette présentation parcourt les principales nouveautés concernant le stockage de données dans Azure. Au menu : évolutions du Storage (Premium), SQL Database (V12) et Cache Redis, nouveaux services Elastic Scale, DocumentDB et améliorations du Backup et Recovery.
Session animée à l'événement Global Azure Bootcamp à Paris, 25 Avril 2015.
El servicio de Microsoft Azure nos brinda el respaldo de datos on Premisse asi como tambien en la Nube para nuestras maquina Virtuales asegurando nuestros datos de manera encriptada
Tokyo Azure Meetup #5 - Microservices and Azure Service FabricTokyo Azure Meetup
Azure Service Fabric is now Generally Available!
In this meetup we will start from the beginning and define what is microservice.
Next we will have a deep dive in Azure Service Fabric. Azure Service Fabric is one of the most interesting Azure service. Used internally in Microsoft for 5 years and backing up one of the most demanding Azure services today such as Azure SQL, Document DB, Cortana and Skype for Business.
We will be talking about the two models that are supported by Azure Service Fabric:
- Reliable Services (We will explore the reasons for having both stateful and stateless offerings in this model)
- Reliable Actors
Then we will talk how you can create Azure Service Fabric cluster on premise or in another cloud.
We will demo deployments in Azure for the various models.
Azure Service Fabric is the most advanced and complete offering for developing and hosting microservices in Azure. It builds on years experience Microsoft acquired running one of the most demanding services such as Azure SQL. Moreover, Azure Service Fabric solves very difficult distributed computing problems such as data synchronization, zero downtime deployment, update and rollback operations at large scale.
Join us to learn more about Azure Service Fabric and start using it immediately after the meetup!
Modern business is fast and needs to take decisions immediatly. It cannot wait that a traditional BI task that works on data snapshots at some time. Social data, Internet of Things, Just in Time don't undestand "snapshot" and needs working on streaming, live data. Microsoft offers a PaaS solution to satisfy this need with Azure Stream Analytics. Let's see how it works.
Microsoft Azure vs Amazon Web Services (AWS) Services & Feature MappingIlyas F ☁☁☁
If you are a Cloud Architect, Developer, IT Manager, Director or whoever may be, if you are associated with Azure or AWS cloud in some form, I’m sure you must have come across a common question.
“What is the alternate service available in Azure or AWS vice versa and it’s pricing?” I’m sure you will say yes!
Agreed, it’s hard to remember all the services offered by public clouds, i.e. Azure and AWS. Remembering existing services and their benefits itself is a big task, on top of that updating ourselves with the new feature releases and enhancements is another major task.
So I put together a Service & Feature Mappings between Microsoft Azure & AWS for my and colleagues quick reference.
I hope you also find this piece informative.
Security Considerations for Microservices and Multi cloudNeelkamal Gaharwar
These slides contains my notes on what are the security consideration w.r.t Micro services and Multi Cloud. I am still working on this part. It is just a comprehension of whatever I have studied so far.
Intelligent Cloud Conference 2018 - Building secure cloud applications with A...Tom Kerkhove
It is not a secret that it is hard to manage sensitive information. Azure Key Vault allows you to securely store this kind of information ranging from secrets & certificates to cryptographic keys.
Great! But how do you use it? How do I authenticate with it and how do I build robust applications with it?
Come join me and I'll walk you through the challenges and give you some recommendations.
Encryption and key management in AWS (SEC304) | AWS re:Invent 2013Amazon Web Services
This session will discuss the options available for encrypting data at rest and key management in AWS. It will focus on two primary scenarios: (1) AWS manages encryption keys on behalf of the customer to provide automated server-side encryption; (2) the customer manages their own encryption keys using partner solutions and/or AWS CloudHSM. Real-world customer examples will be presented to demonstrate adoption drivers of specific encryption technologies in AWS. Netflix Jason Chan will provide an overview of how NetFlix uses CloudHSM for secure key storage.
This presentation is an introduction about Cloud Computing and Microsoft Windows Azure. Microsoft Public Cloud solution for Platform and Infrastructure layers.
AWS Summit 2013 | India - Extend your Datacenter in the Cloud and achieve Hig...Amazon Web Services
The cloud is not an 'All or Nothing' approach with regards to replacing workloads inside your datacenter. Enterprises with existing datacenters can easily extend their Infrastructure into the cloud to seamlessly leverage the benefits of cloud while using the same set of controls familiar to their business. However availability and security still remain among the top two concerns for CIOs when deciding on cloud adoption for their organization.
Amazon Web Services has infrastructure across multiple geographical Regions spanning five continents, with multiple Availability Zones in each Region along with a set of global edge locations. Building a similar infrastructure for high availability with your traditional datacenter would be non-trivial and cost prohibitive. Join this session to understand how you can achieve high availability across geographies, deploy your applications close to your users, control where your data is located, achieve low latency, and migrate your applications around the world in a cost-effective and easy manner using AWS services. You will also learn how AWS builds services in accordance with security best practices, provides appropriate security features in those services, has achieved industry standard certifications, and other third-party attestations. In addition, in line with the shared security model on the cloud, AWS customers must leverage on security features and best practices to architect an appropriately secure application environment. Enabling customers to ensure the confidentiality, integrity, and availability of their data is of the utmost importance to AWS, as is maintaining trust and confidence.
Your security is our number one priority. In this session, we'll review best practices that will make your AWS platform even more secure. Using a number of services such as IAM, KMS, CloudTrail, Inspector, etc, we'll show you easy, concrete steps that you can take in minutes to significantly raise your security level.
AWS Summit 2014 Perth - Breakout 3
The AWS Cloud infrastructure has been architected to be one of the most flexible and secure cloud computing environments available today. In this session, we’ll provide a practical understanding of the assurance programs that AWS provides; such as HIPAA, FedRAMP(SM), PCI DSS Level 1, MPAA, and many others. We’ll also address the types of business solutions that these certifications enable you to deploy on the AWS Cloud, as well as the tools and services AWS makes available to customers to secure and manage their resources.
Presenter: James Bromberger, Solutions Architect, Amazon Web Services
The AWS cloud infrastructure has been architected to be one of the most flexible and secure cloud computing environments available today. In this session, we’ll provide a practical understanding of the assurance programs that AWS provides; such as HIPAA, FedRAMP(SM), PCI DSS Level 1, MPAA, and many others. We’ll also address the types of business solutions that these certifications enable you to deploy on the AWS Cloud, as well as the tools and services AWS makes available to customers to secure and manage their resources.
Security in the cloud Workshop HSTC 2014Akash Mahajan
A broad overview of what it takes to be secure. This is more of an introduction where we introduce the basic terms around Cloud Computing and how do we go about securing our information assets(Data, Applications and Infrastructure)
The workshop was fun because all the slides were paired with real world examples of security breaches and attacks.
Mike Allen's AWS + OWASP talk "AWS secret manager for protecting and rotating...AWS Chicago
Turbo talk 1: "AWS secret manager for protecting and rotating credentials" - Mike Allen, CIO at Morningstar // @mikeoninfosec
OWASP + AWS user groups: Using the OWASP Top 10 in AWS
The AWS platform offers a rich set of capabilities that can be leveraged by the customer to better control applications state, configuration, and supporting infrastructure throughout the service lifecycle – all while operating with security best practices such as audit and accountability, access control, change review and governance, and systems integrity. We will showcase and discuss design patterns for using these capabilities in synergy with fast-paced and agile application development methodologies – such as DevOps – to achieve an integrated security operations program.
Techorama 2022 - Adventures of building Promitor, an open-source productTom Kerkhove
When a wild idea becomes an open-source product you need to get organized, automate and make a contributor-friendly environment - It is more than just writing code. This talk will walk through the phases that the product has been through, how I was discouraged by others and how important it is to not become the slave of your own success.
AZUG Lightning Talk - Application autoscaling on Kubernetes with Kubernetes E...Tom Kerkhove
Kubernetes with Kubernetes Event-driven Autoscaling (KEDA) 1.0 has been released at KubeCon North America 2019.
Let’s have a quick look what it is, how it can helps and where it’s going!
Microsoft Ignite 2019 - API management for microservices in a hybrid and mult...Tom Kerkhove
Microservices are on the cusp of becoming the dominant style of software architecture in the enterprise. The benefits that are realized—increased developer velocity, improved organizational agility, and reduced time-to-market of new services—are a powerful catalyst that is driving this transformation. As practitioners, how do we successfully fit microservices into the models and processes we already have in place?
Join Tom Kerkhove, an Azure Architect with many years of experience helping enterprises make this exact transition, for a hands-on experience demonstrating how he helps enterprises make the transition to API-first architectures and microservices in a hybrid, multi-cloud world.
Integrate UK 2019 - Adventures of building a (multi-tenant) PaaS on Microsoft...Tom Kerkhove
Building a multi-tenant PaaS is not a walk in the part, certainly if the platform you are building on is constantly changing.
Cloud projects are never finished so you'd better come prepared.
Techdays Finland 2019 - Adventures of building a (multi-tenant) PaaS on Micro...Tom Kerkhove
Building a multi-tenant PaaS is not a walk in the part, certainly if the platform you are building on is constantly changing.
In this session I'll walk you through the adventure we've been on where you'll learn about the challenges we've had and how we approached them and whether or not our decisions worked out or not.
– How to design for scale
– How to operate the platform
– How to grow a platform mindset and force ownership
– How to run tests for your whole platform
– How to design for multi-tenancy
– How to approach constant change
– etc
Cloud projects are never finished so you'd better come prepared.
Intelligent Cloud Conference 2018 - Next Generation of Data Integration with ...Tom Kerkhove
Azure Data Factory is a hybrid data integration service in Azure that allows you to create, manage & operate data pipelines in Azure. It is a serverless orchestrator that allows you to create data pipelines to either move, transform, load data; a fully managed Extract, Transform, Load (ETL) & Extract, Load, Transform (ELT) service if you will.
In this talk I'll cover the basics of Azure Data Factory and show you how you can create, manage & operate data pipelines.
NDC Sydney - Analyzing StackExchange with Azure Data LakeTom Kerkhove
Big data is the new big thing where storing the data is the easy part. Gaining insights in your pile of data is something different.
Based on a data dump of the well-known StackExchange websites, we will store & analyse 150+ GB of data with Azure Data Lake Store & Analytics to gain some insights about their users.
After that we will use Power BI to give an at a glance overview of our learnings.
If you are a developer that is interested in big data, this is your time to shine! We will use our existing SQL & C# skills to analyse everything without having to worry about running clusters.
TechDays NL 2016 - Building your scalable secure IoT Solution on AzureTom Kerkhove
The Internet-of-Things was one of the big hypes in 2015 but it’s more than that – Customers want to build out their own infrastructures and act on their data.
Today we’ll look at how Microsoft Azure helps us to build scalable solutions to process events from thousands of devices in a secure manner and the challenges it has. Once the data is in the cloud we’ll also take a look at ways we can learn from our measurements.
Integration Monday - Analysing StackExchange data with Azure Data LakeTom Kerkhove
Big data is the new big thing where storing the data is the easy part. Gaining insights in your pile of data is something different.
Based on a data dump of the well-known StackExchange websites, we will store & analyse 150+ GB of data with Azure Data Lake Store & Analytics to gain some insights about their users. After that we will use Power BI to give an at a glance overview of our learnings.
If you are a developer that is interested in big data, this is your time to shine! We will use our existing SQL & C# skills to analyse everything without having to worry about running clusters.
top nidhi software solution freedownloadvrstrong314
This presentation emphasizes the importance of data security and legal compliance for Nidhi companies in India. It highlights how online Nidhi software solutions, like Vector Nidhi Software, offer advanced features tailored to these needs. Key aspects include encryption, access controls, and audit trails to ensure data security. The software complies with regulatory guidelines from the MCA and RBI and adheres to Nidhi Rules, 2014. With customizable, user-friendly interfaces and real-time features, these Nidhi software solutions enhance efficiency, support growth, and provide exceptional member services. The presentation concludes with contact information for further inquiries.
Paketo Buildpacks : la meilleure façon de construire des images OCI? DevopsDa...Anthony Dahanne
Les Buildpacks existent depuis plus de 10 ans ! D’abord, ils étaient utilisés pour détecter et construire une application avant de la déployer sur certains PaaS. Ensuite, nous avons pu créer des images Docker (OCI) avec leur dernière génération, les Cloud Native Buildpacks (CNCF en incubation). Sont-ils une bonne alternative au Dockerfile ? Que sont les buildpacks Paketo ? Quelles communautés les soutiennent et comment ?
Venez le découvrir lors de cette session ignite
Cyaniclab : Software Development Agency Portfolio.pdfCyanic lab
CyanicLab, an offshore custom software development company based in Sweden,India, Finland, is your go-to partner for startup development and innovative web design solutions. Our expert team specializes in crafting cutting-edge software tailored to meet the unique needs of startups and established enterprises alike. From conceptualization to execution, we offer comprehensive services including web and mobile app development, UI/UX design, and ongoing software maintenance. Ready to elevate your business? Contact CyanicLab today and let us propel your vision to success with our top-notch IT solutions.
Gamify Your Mind; The Secret Sauce to Delivering Success, Continuously Improv...Shahin Sheidaei
Games are powerful teaching tools, fostering hands-on engagement and fun. But they require careful consideration to succeed. Join me to explore factors in running and selecting games, ensuring they serve as effective teaching tools. Learn to maintain focus on learning objectives while playing, and how to measure the ROI of gaming in education. Discover strategies for pitching gaming to leadership. This session offers insights, tips, and examples for coaches, team leads, and enterprise leaders seeking to teach from simple to complex concepts.
Providing Globus Services to Users of JASMIN for Environmental Data AnalysisGlobus
JASMIN is the UK’s high-performance data analysis platform for environmental science, operated by STFC on behalf of the UK Natural Environment Research Council (NERC). In addition to its role in hosting the CEDA Archive (NERC’s long-term repository for climate, atmospheric science & Earth observation data in the UK), JASMIN provides a collaborative platform to a community of around 2,000 scientists in the UK and beyond, providing nearly 400 environmental science projects with working space, compute resources and tools to facilitate their work. High-performance data transfer into and out of JASMIN has always been a key feature, with many scientists bringing model outputs from supercomputers elsewhere in the UK, to analyse against observational or other model data in the CEDA Archive. A growing number of JASMIN users are now realising the benefits of using the Globus service to provide reliable and efficient data movement and other tasks in this and other contexts. Further use cases involve long-distance (intercontinental) transfers to and from JASMIN, and collecting results from a mobile atmospheric radar system, pushing data to JASMIN via a lightweight Globus deployment. We provide details of how Globus fits into our current infrastructure, our experience of the recent migration to GCSv5.4, and of our interest in developing use of the wider ecosystem of Globus services for the benefit of our user community.
Your Digital Assistant.
Making complex approach simple. Straightforward process saves time. No more waiting to connect with people that matter to you. Safety first is not a cliché - Securely protect information in cloud storage to prevent any third party from accessing data.
Would you rather make your visitors feel burdened by making them wait? Or choose VizMan for a stress-free experience? VizMan is an automated visitor management system that works for any industries not limited to factories, societies, government institutes, and warehouses. A new age contactless way of logging information of visitors, employees, packages, and vehicles. VizMan is a digital logbook so it deters unnecessary use of paper or space since there is no requirement of bundles of registers that is left to collect dust in a corner of a room. Visitor’s essential details, helps in scheduling meetings for visitors and employees, and assists in supervising the attendance of the employees. With VizMan, visitors don’t need to wait for hours in long queues. VizMan handles visitors with the value they deserve because we know time is important to you.
Feasible Features
One Subscription, Four Modules – Admin, Employee, Receptionist, and Gatekeeper ensures confidentiality and prevents data from being manipulated
User Friendly – can be easily used on Android, iOS, and Web Interface
Multiple Accessibility – Log in through any device from any place at any time
One app for all industries – a Visitor Management System that works for any organisation.
Stress-free Sign-up
Visitor is registered and checked-in by the Receptionist
Host gets a notification, where they opt to Approve the meeting
Host notifies the Receptionist of the end of the meeting
Visitor is checked-out by the Receptionist
Host enters notes and remarks of the meeting
Customizable Components
Scheduling Meetings – Host can invite visitors for meetings and also approve, reject and reschedule meetings
Single/Bulk invites – Invitations can be sent individually to a visitor or collectively to many visitors
VIP Visitors – Additional security of data for VIP visitors to avoid misuse of information
Courier Management – Keeps a check on deliveries like commodities being delivered in and out of establishments
Alerts & Notifications – Get notified on SMS, email, and application
Parking Management – Manage availability of parking space
Individual log-in – Every user has their own log-in id
Visitor/Meeting Analytics – Evaluate notes and remarks of the meeting stored in the system
Visitor Management System is a secure and user friendly database manager that records, filters, tracks the visitors to your organization.
"Secure Your Premises with VizMan (VMS) – Get It Now"
Code reviews are vital for ensuring good code quality. They serve as one of our last lines of defense against bugs and subpar code reaching production.
Yet, they often turn into annoying tasks riddled with frustration, hostility, unclear feedback and lack of standards. How can we improve this crucial process?
In this session we will cover:
- The Art of Effective Code Reviews
- Streamlining the Review Process
- Elevating Reviews with Automated Tools
By the end of this presentation, you'll have the knowledge on how to organize and improve your code review proces
Experience our free, in-depth three-part Tendenci Platform Corporate Membership Management workshop series! In Session 1 on May 14th, 2024, we began with an Introduction and Setup, mastering the configuration of your Corporate Membership Module settings to establish membership types, applications, and more. Then, on May 16th, 2024, in Session 2, we focused on binding individual members to a Corporate Membership and Corporate Reps, teaching you how to add individual members and assign Corporate Representatives to manage dues, renewals, and associated members. Finally, on May 28th, 2024, in Session 3, we covered questions and concerns, addressing any queries or issues you may have.
For more Tendenci AMS events, check out www.tendenci.com/events
Advanced Flow Concepts Every Developer Should KnowPeter Caitens
Tim Combridge from Sensible Giraffe and Salesforce Ben presents some important tips that all developers should know when dealing with Flows in Salesforce.
Designing for Privacy in Amazon Web ServicesKrzysztofKkol1
Data privacy is one of the most critical issues that businesses face. This presentation shares insights on the principles and best practices for ensuring the resilience and security of your workload.
Drawing on a real-life project from the HR industry, the various challenges will be demonstrated: data protection, self-healing, business continuity, security, and transparency of data processing. This systematized approach allowed to create a secure AWS cloud infrastructure that not only met strict compliance rules but also exceeded the client's expectations.
OpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoamtakuyayamamoto1800
In this slide, we show the simulation example and the way to compile this solver.
In this solver, the Helmholtz equation can be solved by helmholtzFoam. Also, the Helmholtz equation with uniformly dispersed bubbles can be simulated by helmholtzBubbleFoam.
Quarkus Hidden and Forbidden ExtensionsMax Andersen
Quarkus has a vast extension ecosystem and is known for its subsonic and subatomic feature set. Some of these features are not as well known, and some extensions are less talked about, but that does not make them less interesting - quite the opposite.
Come join this talk to see some tips and tricks for using Quarkus and some of the lesser known features, extensions and development techniques.
How Recreation Management Software Can Streamline Your Operations.pptxwottaspaceseo
Recreation management software streamlines operations by automating key tasks such as scheduling, registration, and payment processing, reducing manual workload and errors. It provides centralized management of facilities, classes, and events, ensuring efficient resource allocation and facility usage. The software offers user-friendly online portals for easy access to bookings and program information, enhancing customer experience. Real-time reporting and data analytics deliver insights into attendance and preferences, aiding in strategic decision-making. Additionally, effective communication tools keep participants and staff informed with timely updates. Overall, recreation management software enhances efficiency, improves service delivery, and boosts customer satisfaction.
A Comprehensive Look at Generative AI in Retail App Testing.pdfkalichargn70th171
Traditional software testing methods are being challenged in retail, where customer expectations and technological advancements continually shape the landscape. Enter generative AI—a transformative subset of artificial intelligence technologies poised to revolutionize software testing.
Check out the webinar slides to learn more about how XfilesPro transforms Salesforce document management by leveraging its world-class applications. For more details, please connect with sales@xfilespro.com
If you want to watch the on-demand webinar, please click here: https://www.xfilespro.com/webinars/salesforce-document-management-2-0-smarter-faster-better/
Understanding Globus Data Transfers with NetSageGlobus
NetSage is an open privacy-aware network measurement, analysis, and visualization service designed to help end-users visualize and reason about large data transfers. NetSage traditionally has used a combination of passive measurements, including SNMP and flow data, as well as active measurements, mainly perfSONAR, to provide longitudinal network performance data visualization. It has been deployed by dozens of networks world wide, and is supported domestically by the Engagement and Performance Operations Center (EPOC), NSF #2328479. We have recently expanded the NetSage data sources to include logs for Globus data transfers, following the same privacy-preserving approach as for Flow data. Using the logs for the Texas Advanced Computing Center (TACC) as an example, this talk will walk through several different example use cases that NetSage can answer, including: Who is using Globus to share data with my institution, and what kind of performance are they able to achieve? How many transfers has Globus supported for us? Which sites are we sharing the most data with, and how is that changing over time? How is my site using Globus to move data internally, and what kind of performance do we see for those transfers? What percentage of data transfers at my institution used Globus, and how did the overall data transfer performance compare to the Globus users?
How Does XfilesPro Ensure Security While Sharing Documents in Salesforce?XfilesPro
Worried about document security while sharing them in Salesforce? Fret no more! Here are the top-notch security standards XfilesPro upholds to ensure strong security for your Salesforce documents while sharing with internal or external people.
To learn more, read the blog: https://www.xfilespro.com/how-does-xfilespro-make-document-sharing-secure-and-seamless-in-salesforce/
Exploring Innovations in Data Repository Solutions - Insights from the U.S. G...Globus
The U.S. Geological Survey (USGS) has made substantial investments in meeting evolving scientific, technical, and policy driven demands on storing, managing, and delivering data. As these demands continue to grow in complexity and scale, the USGS must continue to explore innovative solutions to improve its management, curation, sharing, delivering, and preservation approaches for large-scale research data. Supporting these needs, the USGS has partnered with the University of Chicago-Globus to research and develop advanced repository components and workflows leveraging its current investment in Globus. The primary outcome of this partnership includes the development of a prototype enterprise repository, driven by USGS Data Release requirements, through exploration and implementation of the entire suite of the Globus platform offerings, including Globus Flow, Globus Auth, Globus Transfer, and Globus Search. This presentation will provide insights into this research partnership, introduce the unique requirements and challenges being addressed and provide relevant project progress.
In software engineering, the right architecture is essential for robust, scalable platforms. Wix has undergone a pivotal shift from event sourcing to a CRUD-based model for its microservices. This talk will chart the course of this pivotal journey.
Event sourcing, which records state changes as immutable events, provided robust auditing and "time travel" debugging for Wix Stores' microservices. Despite its benefits, the complexity it introduced in state management slowed development. Wix responded by adopting a simpler, unified CRUD model. This talk will explore the challenges of event sourcing and the advantages of Wix's new "CRUD on steroids" approach, which streamlines API integration and domain event management while preserving data integrity and system resilience.
Participants will gain valuable insights into Wix's strategies for ensuring atomicity in database updates and event production, as well as caching, materialization, and performance optimization techniques within a distributed system.
Join us to discover how Wix has mastered the art of balancing simplicity and extensibility, and learn how the re-adoption of the modest CRUD has turbocharged their development velocity, resilience, and scalability in a high-growth environment.
ITProceed 2015 - Securing Sensitive Data with Azure Key Vault
1. Securing sensitive data with
Azure Key Vault
Tom Kerkhove
Tweet and win an Ignite 2016 ticket #itproceed
2. Who am I?
Tom Kerkhove
• Integration Professional at Codit
• IoT Competency Lead at Codit
• Kinect for Windows MVP
• Microsoft Azure Advisor
3. How can Codit help?
Integration services
• Advice
• Projects
• Implementation
• SOA Governance
• Managed Services
• Integration as a Service
• Integration Cloud
• API Management
• Internet of Things
4.
5. Demo Scenario
• Customer applies to the SaaS
– Gives Twilio & Azure Storage credentials
• Application uses API to send text messages
7. Demo Summary
• Security flaws
– Storing sensitive data as clear text in DB
– Google authentication as clear text
– Unencrypted connection string
– Unsecured API
– Probably more
• On the other hand...
– Transport security with SSL (Although default Azure cert)
– External login
11. What is Azure Key Vault?
• Storing sensitive data in hardware security modules
(HSM)
• Giving back control to the customer
– Full controll over key lifecycle with audit logs
– Management of all keys in one place
– Store encryption keys in HSMs
• Removes responsibility from developers
– Secure storage for passwords, encryption keys & certificates
– Protects sensitive data in production
13. Secrets
• Used to store sequences of bytes
• Consumers can read & store secrets
• Encrypted before stored in vault
• Limited to 10 kB
• Versioned
• Typically used for connection strings, certificates, etc.
14. Keys
• Stores a RSA 2048 key
• Created by Key Vault owner
• Can be used to decrypt/sign with
• Can’t be read back
• Higher latency
• For frequent usage of keys, store it as a Secret
15. Different Key Types
• Software Keys
– Stored encrypted in
HSM
– Operations performed
on VM in Azure
– Typically used for
Dev/Test
– Cheaper
• HSM Keys
– Stored encrypted in
HSM
– Operations performed
on HSM directly
– Requires Premium Vault
– More secure
16. Basic LOB Scenario
Database
3. Connect to DB
1. Deploy application
2. Read from settings
Fabricam Customer X
Single-tenant app
App Settings
Developer
18. Vault Owners vs Consumers
• Vault Owners
– Has full control over vault
– All keys & secrets in one
place
– Ability to change
permissions
– Ability to fully revoke
consumer
– Ability to regenerate keys
without breaking apps
– Audit logs for monitoring
• Vault Consumers
– Authenticate with Azure AD
– Not able to see encrypted
keys
– Limited to granted
permissions
19. Access Control
• Access control based on Azure AD
• Access assigned at the Vault-level
– Permissions to keys
– Permissions to secrets
• Authentication against Azure AD
– Application ID & Key
– Application ID & Certificate
• No isolation between clients, they see everything
23. Summary
• Security flaws
– Vault credentials stored as plain-text
– Unsecured API
• On the other hand...
– Message encryption supported based on customer vault
– External vault authentication stored in internal vault
– Customers data is securely stored in their vault
– Encrypted database
31. Vault Isolation
• Vault dedicated to one region
– Vault, Keys & Secrets stay within same region
• Stored in physical HSMs
• Reason - Laws & compliances
– Each vault has its own URL
– Manual synchronisation if required
33. Pricing Overview(*)
• Vault owner pays for everything
Standard Premium
Secrets & Software-protected keys
$0.0112 / 10,000
operations
$0.0112 / 10,000
operations
HSM Protected keys N/A
$0.0112 / 10,000
operations
$0.3724 per key per
month
(For every version of the key)
* = 50% discount during public preview