AWS has taken over the responsibilities of patching the OS and securing the underlying physical infrastructure that runs your serverless application, so what's left for you to secure? Quite a bit it turns out.
Lambda is the next stage in the evolution of the AWS platform. It allows you to build reactive, event-driven systems that are easy to deploy, update and scale. Amazon manages all the undifferentiated heavy-lifting for you so you can focus on delivering value to your customers with even greater speed and cost efficiency.
Join Yan in this talk as we take a deep dive through AWS Lambda and the Serverless framework.
We'll see how to start building reactive systems using AWS Lambda, Kinesis and API Gateway, without having to manage any servers. And, you only pay for your services when they are used. We'll discuss lessons learned, best practices and current limitations with AWS Lambda.
We'll also get to know the Serverless framework, which helps automate both deployment and versioning so that you can better focus on the things that matter to your customers.
AWS Lambda has changed the way we deploy and run software, but this new serverless paradigm has created new challenges to old problems - how do you test a cloud-hosted function locally? How do you monitor them? What about logging and config management? And how do we start migrating from existing architectures?
In this talk Yan will discuss solutions to these challenges by drawing from real-world experience running Lambda in production and migrating from an existing monolithic architecture.
Lambda is the next stage in the evolution of the AWS platform. It allows you to build reactive, event-driven systems that are easy to deploy, update and scale. Amazon manages all the undifferentiated heavy-lifting for you so you can focus on delivering value to your customers with even greater speed and cost efficiency.
Join Yan in this talk as we take a deep dive through AWS Lambda and the Serverless framework.
We'll see how to start building reactive systems using AWS Lambda, Kinesis and API Gateway, without having to manage any servers. And, you only pay for your services when they are used. We'll discuss lessons learned, best practices and current limitations with AWS Lambda.
We'll also get to know the Serverless framework, which helps automate both deployment and versioning so that you can better focus on the things that matter to your customers.
My talk Qual'è la prima cosa che ti viene in mente se ti chiedessi di associare "container" e "architetture" ? Esatto ! Container e microservizi sono di fatto gli argomenti più chiacchierati degli ultimi anni e che spesso vanno a braccetto. Ma quand'è che i due mondi iniziano ad incontrarsi, se non nel tuo computer? Ti porterò la mia esperienza sul uso dei container per lo sviluppo di un applicativo con architettura a microservizi, partendo dalle scelte fatte fin dai primi momenti dello sviluppo fino ad arrivare alla sua messa in produzione.
Serverless in production, an experience reportYan Cui
AWS Lambda has changed the way we deploy and run software, but this new serverless paradigm has created new challenges to old problems - how do you test a cloud-hosted function locally? How do you monitor them? What about logging and config management? And how do we start migrating from existing architectures?
In this talk Yan and Scott will discuss solutions to these challenges by drawing from real-world experience running Lambda in production and migrating from an existing monolithic architecture.
AWS has taken over the responsibilities of patching the OS and securing the underlying physical infrastructure that runs your serverless application, so what’s left for you to secure? Quite a bit it turns out.
The OWASP top 10 is as relevant to you as ever; DOS attacks are still a threat even if you can probably brute force your way through it as AWS auto-scales Lambda functions automatically; and did you know attackers can easily steal your AWS credentials via your application dependencies?
In addition to the traditional threats, serverless applications have more granular deployment units and therefore there are more things to configure and secure, and the tools and practices are still catching up with this fast-changing world.
Serverless is all the rage these days, but how did we get here and why should businesses and developer care about serverless? In this talk, we will hear about Yan's journey from running on-prem servers to EC2, to containers, and finally to serverless. We will hear about the evolution of development practices and debunk some common misconceptions about serverless. We'll also get a glimpse of how we can build new kinds of businesses on top of serverless, and why FinDev might be an even bigger game changer for businesses than DevOps.
Keeping consistent environments across your development, test, and production systems can be a complex task. Docker containers offer a way to develop and test your application in the same environment in which it runs in production. You can use tools such as Docker Compose for local testing of applications; Jenkins and AWS CodePipeline for code builds and workflow automation; and Amazon EC2 Container Service (ECS) to manage and scale containers.
AWS DevDay San Francisco, June 21, 2016.
Presenter: Nate Slater, Sr. Manager, Solutions Architecture
Lambda is the next stage in the evolution of the AWS platform. It allows you to build reactive, event-driven systems that are easy to deploy, update and scale. Amazon manages all the undifferentiated heavy-lifting for you so you can focus on delivering value to your customers with even greater speed and cost efficiency.
Join Yan in this talk as we take a deep dive through AWS Lambda and the Serverless framework.
We'll see how to start building reactive systems using AWS Lambda, Kinesis and API Gateway, without having to manage any servers. And, you only pay for your services when they are used. We'll discuss lessons learned, best practices and current limitations with AWS Lambda.
We'll also get to know the Serverless framework, which helps automate both deployment and versioning so that you can better focus on the things that matter to your customers.
AWS Lambda has changed the way we deploy and run software, but this new serverless paradigm has created new challenges to old problems - how do you test a cloud-hosted function locally? How do you monitor them? What about logging and config management? And how do we start migrating from existing architectures?
In this talk Yan will discuss solutions to these challenges by drawing from real-world experience running Lambda in production and migrating from an existing monolithic architecture.
Lambda is the next stage in the evolution of the AWS platform. It allows you to build reactive, event-driven systems that are easy to deploy, update and scale. Amazon manages all the undifferentiated heavy-lifting for you so you can focus on delivering value to your customers with even greater speed and cost efficiency.
Join Yan in this talk as we take a deep dive through AWS Lambda and the Serverless framework.
We'll see how to start building reactive systems using AWS Lambda, Kinesis and API Gateway, without having to manage any servers. And, you only pay for your services when they are used. We'll discuss lessons learned, best practices and current limitations with AWS Lambda.
We'll also get to know the Serverless framework, which helps automate both deployment and versioning so that you can better focus on the things that matter to your customers.
My talk Qual'è la prima cosa che ti viene in mente se ti chiedessi di associare "container" e "architetture" ? Esatto ! Container e microservizi sono di fatto gli argomenti più chiacchierati degli ultimi anni e che spesso vanno a braccetto. Ma quand'è che i due mondi iniziano ad incontrarsi, se non nel tuo computer? Ti porterò la mia esperienza sul uso dei container per lo sviluppo di un applicativo con architettura a microservizi, partendo dalle scelte fatte fin dai primi momenti dello sviluppo fino ad arrivare alla sua messa in produzione.
Serverless in production, an experience reportYan Cui
AWS Lambda has changed the way we deploy and run software, but this new serverless paradigm has created new challenges to old problems - how do you test a cloud-hosted function locally? How do you monitor them? What about logging and config management? And how do we start migrating from existing architectures?
In this talk Yan and Scott will discuss solutions to these challenges by drawing from real-world experience running Lambda in production and migrating from an existing monolithic architecture.
AWS has taken over the responsibilities of patching the OS and securing the underlying physical infrastructure that runs your serverless application, so what’s left for you to secure? Quite a bit it turns out.
The OWASP top 10 is as relevant to you as ever; DOS attacks are still a threat even if you can probably brute force your way through it as AWS auto-scales Lambda functions automatically; and did you know attackers can easily steal your AWS credentials via your application dependencies?
In addition to the traditional threats, serverless applications have more granular deployment units and therefore there are more things to configure and secure, and the tools and practices are still catching up with this fast-changing world.
Serverless is all the rage these days, but how did we get here and why should businesses and developer care about serverless? In this talk, we will hear about Yan's journey from running on-prem servers to EC2, to containers, and finally to serverless. We will hear about the evolution of development practices and debunk some common misconceptions about serverless. We'll also get a glimpse of how we can build new kinds of businesses on top of serverless, and why FinDev might be an even bigger game changer for businesses than DevOps.
Keeping consistent environments across your development, test, and production systems can be a complex task. Docker containers offer a way to develop and test your application in the same environment in which it runs in production. You can use tools such as Docker Compose for local testing of applications; Jenkins and AWS CodePipeline for code builds and workflow automation; and Amazon EC2 Container Service (ECS) to manage and scale containers.
AWS DevDay San Francisco, June 21, 2016.
Presenter: Nate Slater, Sr. Manager, Solutions Architecture
Serverless security: defence against the dark artsYan Cui
AWS has taken over the responsibilities of patching the OS and securing the underlying physical infrastructure that runs your serverless application, so what’s left for you to secure? Quite a bit it turns out.
The OWASP top 10 is as relevant to you as ever; DOS attacks are still a threat even if you can probably brute force your way through it as AWS auto-scales Lambda functions automatically; and did you know attackers can easily steal your AWS credentials via your application dependencies?
In addition to the traditional threats, serverless applications have more granular deployment units and therefore there are more things to configure and secure, and the tools and practices are still catching up with this fast-changing world.
In 2011, Thomas Thwaites spent 9 months and £1187.54 and built his own toaster.
In his own words, he described the toaster as a partial success because "for about five seconds, the toaster toasted, but then unfortunately, the elements kind of melted itself". He is right in the sense that his audacious attempt won him fame and attention, and his TED talk was viewed more than 1M times. But judging his creation on its own and it's an abject failure that was 300 time more expensive than a commercial toaster, took too long to build and was utterly unfit for purpose.
As a business that is competing in an increasingly competitive world enabled by advancements in technology, the questions we should be asking ourselves are: "what are the business value, cost and risk in building our own infrastructure vs using a managed service?". In this talk, let's take an objective look at the ongoing debate of containers vs serverless and look at the arguments of control vs responsibility, vendor lock-in and more!
In this talk we debunk common myths and misconceptions about serverless - how cold starts works, serverless is not just about saving operational cost, think about control with responsibility, and think about vendor lock-in with the reward.
Open stack ocata summit enabling aws lambda-like functionality with openstac...Shaun Murakami
Presentation delivered at the OpenStack summit Barcelona 2016.
https://www.openstack.org/videos/video/enabling-aws-s3-lambda-like-functionality-with-openstack-swift-and-openwhisk
Does the concept of server-less architecture intrigue you? OpenWhisk (https://git.io/vKeu3) accelerates innovation through creative chaining of microservices into highly scalable applications. By abstracting away infrastructure, OpenWhisk frees small teams to rapidly work on independent pieces of code simultaneously, keeping development focused solely on creating essential business logic. OpenWhisk allows you to create rules to connect events with actions and compose microservices that get executed independently and in parallel.
With a bit of code, you can have OpenWhisk process events from your Swift Object Storage; similar to what you can do with Lambda functions and AWS S3 storage. As an example, we will demonstrate how you can create an OpenWhisk action to transform an image into a thumbnail whenever a new (larger) image is uploaded into a Swift Container.
Find out how to configure and package clustered Payara Micro with load balancing, automatic scaling and dedicated storage for building cloud-native microservices. Then with the help of cloud scripting and triggering, automate CI/CD for the deployed application and emulate the load to check the scaling and performance results.
A presentation covering three new services from Amazon Web Services: the new Application Load Balancer (ALB), recent updates to the EC2 Container Service (ECS), and the new Kinesis Analytics.
Lucio Grenzi - Building serverless applications on the Apache OpenWhisk platf...Codemotion
Apache OpenWhisk provides a powerful and flexible environment for deploying cloud-native applications driven by data, message, and API call events. We will show how and why we integrated Apache OpenWhisk and GitHub to make deployment as easy and transparent as `git push`. We will also discuss the benefit of using an open source cloud platform and explain how serverless allows developers to focus on writing value-adding code.
Serverless in production, an experience report (codemotion milan)Yan Cui
AWS Lambda has changed the way we deploy and run software, but the serverless paradigm has created new challenges to old problems: How do you test a cloud-hosted function locally? How do you monitor them? What about logging and config management? And how do we start migrating from existing architectures?
Yan Cui shares solutions to these challenges, drawing on his experience running Lambda in production and migrating from an existing monolithic architecture.
TurboCharge Your Continuous Delivery Pipeline with Containers - Pop-up LoftAmazon Web Services
It worked on my machine!" How many times have you heard (or even said) this sentence? Keeping consistent environments across your development, test, and production systems can be a complex task. Enter containers! Containers offer a way to develop and test your application in the same environment in which it runs in production. Developers can use tools such as Docker Compose for local testing of complex applications; Jenkins and AWS CodePipeline for building and orchestration; and Amazon ECS to manage and scale their containers. Come to this session to learn how to build containers into your continuous deployment workflow, accelerating the testing and building phases and leading to more frequent software releases. Attendees will learn to use Docker containers to develop their applications and test locally with Docker Compose (or Amazon ECS local), integrate containers in building, deploy complex applications on Amazon ECS, and orchestrate continuous development workflows with CodePipeline.
Continuous Integration and Deployment Best Practices on AWS (ARC307) | AWS re...Amazon Web Services
With AWS, companies now have the ability to develop and run their applications with speed and flexibility like never before. Working with an infrastructure that can be 100 percent API driven enables businesses to use lean methodologies and realize these benefits. This in turn leads to greater success for those who make use of these practices. In this session, we talk about some key concepts and design patterns for continuous deployment and continuous integration, two elements of lean development of applications and infrastructures.
Docker containers are an excellent solution to many problems: they can greatly simplify your deployment process, they provide an alternative approach to configuration management, and they offer excellent consistency and portability. However, running production environments on Docker containers can be challenging and requires careful consideration of various aspects such as high availability, scalability, storage persistence and more. In this webinar we will address some of the prominent issues you might encounter when designing Docker-based production environments on AWS, and present possible solutions to these issues.
AWS December 2015 Webinar Series - Continuous Delivery to Amazon EC2 Containe...Amazon Web Services
Keeping consistent environments across your development, test, and production systems can be a complex task. Docker containers offer a way to develop and test your application in the same environment in which it runs in production. You can use tools such as Docker Compose for local testing of applications; Jenkins and AWS CodePipeline for building and workflow orchestration; and Amazon EC2 Container Service to manage and scale containers.
In this session, you will learn how to build containers into your continuous deployment workflow and orchestrate container deployments using Amazon ECS.
Learning Objectives:
Learn to use the Amazon ECS CLI to test applications locally
Orchestrate continuous delivery workflows using AWS CodePipeline
Schedule containers on production clusters using Amazon ECS
Who Should Attend:
Developers, DevOps Engineers
Serverless technologies like AWS Lambda has drastically simplified the task of building reactive systems - drop a file into S3 and a Lambda function would be triggered to process it, push an event into a Kinesis stream and magically it'll be processed by a Lambda function in real-time, you can even use Lambda to automate the process of auditing and securing your account by automatically reacting to rule violations to your security policy.
Join us in this talk to see some architectural design patterns that have emerged with Lambda, and how to pick the right event source based on the tradeoffs you want. Here are a few patterns that we'll cover in the talk: pub-sub, cron, push-pull, saga and decoupled invocation.
Stockholm Serverless Meetup - Serverless Challengesİbrahim Gürses
Challenges in serverless computing, can we finally focus on just business logic?
The promise of every new tech in the software industry is to make developers focus on the business logic without dealing with the underlying platform. Serverless technologies are no exception.
In this talk, I will talk about my experiences as a developer while my development stack moves towards serverless technologies. I will talk about the pain points of AWS Lambda and how changing the mindset of old enterprise web development to developing for stateless event-driven systems helped me to reduce these pain points.
When serverless architecture gets bigger and more complex, troubleshooting when something unexpected goes wrong becomes the biggest challenge. I will talk about the difference between traditional monitoring solutions and serverless monitoring solutions and show a demo of our monitoring solution Thundra.
If you are like most CFML developers the application you work on has been around for a few years. The task of securing your legacy application code from vulnerabilities can be an overwhelming and time consuming task. Many developers don't know where to start, and never do.
This session will arm you with an approach slaying the legacy security vulnerabilities in your CFML code.
AWS has taken over the responsibilities of patching the OS and securing the underlying physical infrastructure that runs your serverless application, so what's left for you to secure? Quite a bit it turns out.
AWS has taken over the responsibilities of patching the OS and securing the underlying physical infrastructure that runs your serverless application, so what’s left for you to secure? Quite a bit it turns out.
The OWASP top 10 is as relevant to you as ever; DOS attacks are still a threat even if you can probably brute force your way through it as AWS auto-scales Lambda functions automatically; and did you know attackers can easily steal your AWS credentials via your application dependencies?
In addition to the traditional threats, serverless applications have more granular deployment units and therefore there are more things to configure and secure, and the tools and practices are still catching up with this fast changing world.
Serverless security: defence against the dark artsYan Cui
AWS has taken over the responsibilities of patching the OS and securing the underlying physical infrastructure that runs your serverless application, so what’s left for you to secure? Quite a bit it turns out.
The OWASP top 10 is as relevant to you as ever; DOS attacks are still a threat even if you can probably brute force your way through it as AWS auto-scales Lambda functions automatically; and did you know attackers can easily steal your AWS credentials via your application dependencies?
In addition to the traditional threats, serverless applications have more granular deployment units and therefore there are more things to configure and secure, and the tools and practices are still catching up with this fast-changing world.
In 2011, Thomas Thwaites spent 9 months and £1187.54 and built his own toaster.
In his own words, he described the toaster as a partial success because "for about five seconds, the toaster toasted, but then unfortunately, the elements kind of melted itself". He is right in the sense that his audacious attempt won him fame and attention, and his TED talk was viewed more than 1M times. But judging his creation on its own and it's an abject failure that was 300 time more expensive than a commercial toaster, took too long to build and was utterly unfit for purpose.
As a business that is competing in an increasingly competitive world enabled by advancements in technology, the questions we should be asking ourselves are: "what are the business value, cost and risk in building our own infrastructure vs using a managed service?". In this talk, let's take an objective look at the ongoing debate of containers vs serverless and look at the arguments of control vs responsibility, vendor lock-in and more!
In this talk we debunk common myths and misconceptions about serverless - how cold starts works, serverless is not just about saving operational cost, think about control with responsibility, and think about vendor lock-in with the reward.
Open stack ocata summit enabling aws lambda-like functionality with openstac...Shaun Murakami
Presentation delivered at the OpenStack summit Barcelona 2016.
https://www.openstack.org/videos/video/enabling-aws-s3-lambda-like-functionality-with-openstack-swift-and-openwhisk
Does the concept of server-less architecture intrigue you? OpenWhisk (https://git.io/vKeu3) accelerates innovation through creative chaining of microservices into highly scalable applications. By abstracting away infrastructure, OpenWhisk frees small teams to rapidly work on independent pieces of code simultaneously, keeping development focused solely on creating essential business logic. OpenWhisk allows you to create rules to connect events with actions and compose microservices that get executed independently and in parallel.
With a bit of code, you can have OpenWhisk process events from your Swift Object Storage; similar to what you can do with Lambda functions and AWS S3 storage. As an example, we will demonstrate how you can create an OpenWhisk action to transform an image into a thumbnail whenever a new (larger) image is uploaded into a Swift Container.
Find out how to configure and package clustered Payara Micro with load balancing, automatic scaling and dedicated storage for building cloud-native microservices. Then with the help of cloud scripting and triggering, automate CI/CD for the deployed application and emulate the load to check the scaling and performance results.
A presentation covering three new services from Amazon Web Services: the new Application Load Balancer (ALB), recent updates to the EC2 Container Service (ECS), and the new Kinesis Analytics.
Lucio Grenzi - Building serverless applications on the Apache OpenWhisk platf...Codemotion
Apache OpenWhisk provides a powerful and flexible environment for deploying cloud-native applications driven by data, message, and API call events. We will show how and why we integrated Apache OpenWhisk and GitHub to make deployment as easy and transparent as `git push`. We will also discuss the benefit of using an open source cloud platform and explain how serverless allows developers to focus on writing value-adding code.
Serverless in production, an experience report (codemotion milan)Yan Cui
AWS Lambda has changed the way we deploy and run software, but the serverless paradigm has created new challenges to old problems: How do you test a cloud-hosted function locally? How do you monitor them? What about logging and config management? And how do we start migrating from existing architectures?
Yan Cui shares solutions to these challenges, drawing on his experience running Lambda in production and migrating from an existing monolithic architecture.
TurboCharge Your Continuous Delivery Pipeline with Containers - Pop-up LoftAmazon Web Services
It worked on my machine!" How many times have you heard (or even said) this sentence? Keeping consistent environments across your development, test, and production systems can be a complex task. Enter containers! Containers offer a way to develop and test your application in the same environment in which it runs in production. Developers can use tools such as Docker Compose for local testing of complex applications; Jenkins and AWS CodePipeline for building and orchestration; and Amazon ECS to manage and scale their containers. Come to this session to learn how to build containers into your continuous deployment workflow, accelerating the testing and building phases and leading to more frequent software releases. Attendees will learn to use Docker containers to develop their applications and test locally with Docker Compose (or Amazon ECS local), integrate containers in building, deploy complex applications on Amazon ECS, and orchestrate continuous development workflows with CodePipeline.
Continuous Integration and Deployment Best Practices on AWS (ARC307) | AWS re...Amazon Web Services
With AWS, companies now have the ability to develop and run their applications with speed and flexibility like never before. Working with an infrastructure that can be 100 percent API driven enables businesses to use lean methodologies and realize these benefits. This in turn leads to greater success for those who make use of these practices. In this session, we talk about some key concepts and design patterns for continuous deployment and continuous integration, two elements of lean development of applications and infrastructures.
Docker containers are an excellent solution to many problems: they can greatly simplify your deployment process, they provide an alternative approach to configuration management, and they offer excellent consistency and portability. However, running production environments on Docker containers can be challenging and requires careful consideration of various aspects such as high availability, scalability, storage persistence and more. In this webinar we will address some of the prominent issues you might encounter when designing Docker-based production environments on AWS, and present possible solutions to these issues.
AWS December 2015 Webinar Series - Continuous Delivery to Amazon EC2 Containe...Amazon Web Services
Keeping consistent environments across your development, test, and production systems can be a complex task. Docker containers offer a way to develop and test your application in the same environment in which it runs in production. You can use tools such as Docker Compose for local testing of applications; Jenkins and AWS CodePipeline for building and workflow orchestration; and Amazon EC2 Container Service to manage and scale containers.
In this session, you will learn how to build containers into your continuous deployment workflow and orchestrate container deployments using Amazon ECS.
Learning Objectives:
Learn to use the Amazon ECS CLI to test applications locally
Orchestrate continuous delivery workflows using AWS CodePipeline
Schedule containers on production clusters using Amazon ECS
Who Should Attend:
Developers, DevOps Engineers
Serverless technologies like AWS Lambda has drastically simplified the task of building reactive systems - drop a file into S3 and a Lambda function would be triggered to process it, push an event into a Kinesis stream and magically it'll be processed by a Lambda function in real-time, you can even use Lambda to automate the process of auditing and securing your account by automatically reacting to rule violations to your security policy.
Join us in this talk to see some architectural design patterns that have emerged with Lambda, and how to pick the right event source based on the tradeoffs you want. Here are a few patterns that we'll cover in the talk: pub-sub, cron, push-pull, saga and decoupled invocation.
Stockholm Serverless Meetup - Serverless Challengesİbrahim Gürses
Challenges in serverless computing, can we finally focus on just business logic?
The promise of every new tech in the software industry is to make developers focus on the business logic without dealing with the underlying platform. Serverless technologies are no exception.
In this talk, I will talk about my experiences as a developer while my development stack moves towards serverless technologies. I will talk about the pain points of AWS Lambda and how changing the mindset of old enterprise web development to developing for stateless event-driven systems helped me to reduce these pain points.
When serverless architecture gets bigger and more complex, troubleshooting when something unexpected goes wrong becomes the biggest challenge. I will talk about the difference between traditional monitoring solutions and serverless monitoring solutions and show a demo of our monitoring solution Thundra.
If you are like most CFML developers the application you work on has been around for a few years. The task of securing your legacy application code from vulnerabilities can be an overwhelming and time consuming task. Many developers don't know where to start, and never do.
This session will arm you with an approach slaying the legacy security vulnerabilities in your CFML code.
AWS has taken over the responsibilities of patching the OS and securing the underlying physical infrastructure that runs your serverless application, so what's left for you to secure? Quite a bit it turns out.
AWS has taken over the responsibilities of patching the OS and securing the underlying physical infrastructure that runs your serverless application, so what’s left for you to secure? Quite a bit it turns out.
The OWASP top 10 is as relevant to you as ever; DOS attacks are still a threat even if you can probably brute force your way through it as AWS auto-scales Lambda functions automatically; and did you know attackers can easily steal your AWS credentials via your application dependencies?
In addition to the traditional threats, serverless applications have more granular deployment units and therefore there are more things to configure and secure, and the tools and practices are still catching up with this fast changing world.
DevSecCon London 2018: Security in the serverless worldDevSecCon
YAN CUI
AWS has taken over the responsibilities of patching the OS and securing the underlying physical infrastructure that runs your serverless application, so what’s left for you to secure? Quite a bit it turns out.
The OWASP top 10 is as relevant to you as ever; DOS attacks are still a threat even if you can probably brute force your way through it as AWS auto-scales Lambda functions automatically; and did you know attackers can easily steal your AWS credentials via your application dependencies?
In addition to the traditional threats, serverless applications have more granular deployment units and therefore there are more things to configure and secure, and the tools and practices are still catching up with this fast changing world.
Join us in this talk to learn more about the security threats that will affect your serverless application and some leading practices that help you combat these threats.
Serverless security: defense against the dark artsYan Cui
AWS has taken over the responsibilities of patching the OS and securing the underlying physical infrastructure that runs your serverless application, so what’s left for you to secure? Quite a bit it turns out.
The OWASP top 10 is as relevant to you as ever; DOS attacks are still a threat even if you can probably brute force your way through it as AWS auto-scales Lambda functions automatically; and did you know attackers can easily steal your AWS credentials via your application dependencies?
In addition to the traditional threats, serverless applications have more granular deployment units and therefore there are more things to configure and secure, and the tools and practices are still catching up with this fast-changing world.
AWS has taken over the responsibilities of patching the OS and securing the underlying physical infrastructure that runs your serverless application, so what’s left for you to secure? Quite a bit it turns out.
The OWASP top 10 is as relevant to you as ever; DOS attacks are still a threat even if you can probably brute force your way through it as AWS auto-scales Lambda functions automatically; and did you know attackers can easily steal your AWS credentials via your application dependencies?
In addition to the traditional threats, serverless applications have more granular deployment units and therefore there are more things to configure and secure, and the tools and practices are still catching up with this fast changing world.
Serverless Security: Defence Against the Dark ArtsYan Cui
Recording: https://www.youtube.com/watch?v=bnXp29kQIwU
Real-world serverless podcast: https://realworldserverless.com
Learn Lambda best practices: https://lambdabestpractice.com
Blog: https://theburningmonk.com
Consulting services: https://theburningmonk.com/hire-me
Production-Ready Serverless workshop: https://productionreadyserverless.com
AWS has taken over the responsibilities of patching the OS and securing the underlying physical infrastructure that runs your serverless application, so what’s left for you to secure? Quite a bit it turns out.
The OWASP top 10 is as relevant to you as ever; DOS attacks are still a threat even if you can probably brute force your way through it as AWS auto-scales Lambda functions automatically; and did you know attackers can easily steal your AWS credentials via your application dependencies?
In addition to the traditional threats, serverless applications have more granular deployment units and therefore there are more things to configure and secure, and the tools and practices are still catching up with this fast-changing world.
Do any VM's contain a particular indicator of compromise? E.g. Run a YARA signature over all executables on my virtual machines and tell me which ones match.
Continuous Security: From tins to containers - now what!Michael Man
Information Security departments often view containers as challenging to manage (code moves too fast for risk analysis, thousands of containers with limited visibility or control). Government organizations such as NIST have come out with guidelines for Application Container Security, while serverless technologies such as Azure Container Instances or AWS Fargate create additional challenges regarding how security risks are managed.
There is No Server: Immutable Infrastructure and Serverless ArchitectureSonatype
Erlend Oftedal, Blank
Immutable infrastructure and serverless architectures have very interesting security properties. This talk will give an introduction to immutable infrastructure and serverless architecture and try to highlight some of the properties of such architectures. Next we will look at the positive effects this can have on the security of our systems, but also highlight some of the negative aspects and potential problems.
At the conclusion of this sessions, we hope to have shed some light on the positive and negative security effects of such architectures.
Private Apps in the Public Cloud - DevConTLV March 2016Issac Goldstand
In the current technical world, SaaS providers have plenty to help them out: from public clouds, to containers. From microservices architectures, to limitless scaling potential. But when you need to deploy multiple singe-tenant applications that use these, how do you manage to share resources while keeping sensitive data apart? In this presentation I'll talk about how we did it at ironSource.
The lies we tell our code, LinuxCon/CloudOpen 2015-08-18Casey Bisson
As presented at LinuxCon/CloudOpen 2015: http://sched.co/3Y3v
We tell our code lies from development to deploy. The most common of these lies start with the simple act of launching a virtual machine. These lies are critical to our applications. Some of them protect applications from themselves and each other, some even improve performance. Some, however, decrease performance, and others create barriers to simply getting things done.
We lie about the systems, networks, storage, RAM, CPU and other resources our applications use, but how we tell those lies is critical to how the applications that depend on them perform. Joyent's Casey Bisson will explore the lies we tell our code and demonstrate examples of how they sometimes help and hurt us.
"Automating cloud security operations takes a little more than slapping together a quick lambda to fix an open S3 bucket (but that isn't a bad start). In this workshop we will cover the major categories of security automations and present practical implementation techniques. Come prepared to build your own (or use our starter scripts) as we:
Review the three major categories of automations- guardrails, workflows, and orchestrations.
Build demo versions of each (in AWS, bring your own account), incorporating techniques including assessments, event-driven guardrails, and an incident response workflow.
See demonstrations of cross-product orchestrations that integrate commercial tools.
Learn the tricks of the trade, based on 10 years of hands-on research and implementation (for realz, check the intertubes if you don't believe us).
See what it takes to implement automations at global scale."
Containerizing your Security Operations CenterJimmy Mesta
AppSec USA 2016 talk on using containers and Kubernetes to manage a variety of security tools. Includes best practices for securing Kubernetes implementations.
What is the Secure Supply Chain and the Current State of the PHP Ecosystemsparkfabrik
In this talk I’ll present the current state of the software supply chain, the big global recent events (SolarWinds, log4shell, codecov, packagist) and the state of the PHP and Drupal ecosystem, the threats and the mitigations that can be applied using tools like Sigstore, Syft, and Grype for digital signatures, SBOM generation, and automatic vulnerability scanning and how to use them for real-world projects to gain unprecedented levels of knowledge of your digital artifacts.
There will be also a demo of the mentioned tools in action to implement a secure supply chain pipeline for your Drupal projects.
Delivered at the Serverless Summit 2022. Learn how to design serverless systems and tip the balance of trade-offs in your favour.
To learn how to build production-grade serverless applications, check out my upcoming workshops at productionreadyserverless.com and get 15% off with the code "serverlesssummit22".
At the heart of every event-driven architecture is a conduit for messages to flow through. AWS offers many services that can act as such conduit - EventBridge, SNS, SQS, Kinesis, DynamoDB streams, MSK, IOT Core and Amazon MQ just to name a few! These services have different characteristics and trade-offs around performance, scalability and cost. Picking the right service for your workload is not always easy. In this talk, let’s talk about how to pick the right messaging service to use in your event-driven architecture and play the game of trade-offs to your advantage.
How to choose the right messaging service for your workloadYan Cui
At the heart of every event-driven architecture is a conduit for messages to flow through. AWS offers many services that can act as such conduit - EventBridge, SNS, SQS, Kinesis, DynamoDB streams, MSK, IOT Core and Amazon MQ just to name a few! These services have different characteristics and trade-offs around performance, scalability and cost. Picking the right service for your workload is not always easy. In this talk, let’s talk about how to pick the right messaging service to use in your event-driven architecture and play the game of trade-offs to your advantage.
Patterns and practices for building resilient serverless applications.pdfYan Cui
Lambda gives you multi-AZ out-of-the-box, but still, things can go wrong in production. There are region-wide outages, and performance degradation in services your function depends on can cause it to time out or error. And what if you're dealing with downstream systems that just aren't as scalable and can't handle the load you put on them? The bottom line is many things can go wrong and they often do at the worst of times. The goal of building resilient systems is not to prevent failures, but to build systems that can withstand these failures. In this talk, we will look at a number of practices and architectural patterns that can help you build more resilient serverless applications. Such as multi-region, active-active, employing DLQs and surge queues. We'll also see how we can use chaos experiments to help us identify failure modes before they manifest in production.
Serverless observability - a hero's perspectiveYan Cui
Yan Cui, an AWS Serverless Hero, will talk about the learnings from using serverless at scale.
He will cover the challenges for observability in serverless asynchronous workloads and the patterns to address those challenges, like using centralized logging, correlation IDs, tracing, lambda extensions.
How to ship customer value faster with step functionsYan Cui
Learn all about AWS Step Functions and how to use them to model business workflows and ship customer values quickly. In this session, we will talk about what is Step Functions, how to model business workflows as state machines, real-world case studies, and design patterns. By the end of this webinar, you should have a good idea of where Step Functions fit into your application and why you should use them (and why not!) to model workflows instead of building a custom solution yourself.
One of the key characteristics of serverless components is the pay-per-use pricing model. For example, with AWS Lambda, you don’t pay for the uptime of the underlying infrastructure but for the no. of invocations and how long your code actually runs for.
This important characteristic removes the need for many premature micro-optimizations as your cost is always tightly linked to usage and minimizes waste. As a result, many applications would run at a fraction of the cost if they were moved to serverless.
The pay-per-use pricing model also enables more accurate cost prediction and monitoring based on your application’s throughput. This gives rise to the notion of FinDev, where finance and development can intersect and allows optimization to be targeted to give the optimal return-on-invest on the engineering efforts.
And by building your application on serverless components, you can also leverage it as a business advantage and offer a more competitive, usage-based pricing to your customers. Which is going to be crucial at a time when businesses all around the world are affected by COVID and are looking for better efficiencies.
In this webinar, we will cover topics such as:
- How does the cost of serverless differ from serverful applications?
- How to predict and monitor cost in serverless applications?
- When should you optimize for cost?
- How can you leverage usage-based pricing as a business advantage?
Why your next serverless project should use AWS AppSyncYan Cui
In this webinar, Yan Cui and Lumigo Software Engineer Guy Moses will discuss some of the power of GraphQL and AppSync and why AppSync + Lambda + DynamoDB should be your stack of choice in 2021 and beyond!
Serverless technologies drastically simplify the task of building modern, scalable APIs in the cloud, and GraphQL makes it easy for frontend teams to consume these APIs and to iterate quickly on your product idea. Together, they are a perfect combination for a product-focused, full-stack team to deliver customer values quickly.
In this talk, see how we built a new social network mobile app in under 4 weeks using Lambda, AppSync, DynamoDB and Algolia. How we approached CI/CD, testing, authentication and lessons we learnt along the way.
Real-world serverless podcast: https://realworldserverless.com
Learn Lambda best practices: https://lambdabestpractice.com
Blog: https://theburningmonk.com
Consulting services: https://theburningmonk.com/hire-me
Production-Ready Serverless workshop: https://productionreadyserverless.com
Patterns and practices for building resilient serverless applicationsYan Cui
Lambda gives you multi-AZ out-of-the-box, but still, things can go wrong in production. There are region-wide outages, and performance degradation in services your function depends on can cause it to time out or error. And what if you're dealing with downstream systems that just aren't as scalable and can't handle the load you put on them? The bottom line is many things can go wrong and they often do at the worst of times. The goal of building resilient systems is not to prevent failures, but to build systems that can withstand these failures. In this talk, we will look at a number of practices and architectural patterns that can help you build more resilient serverless applications. Such as multi-region, active-active, employing DLQs and surge queues. We'll also see how we can use chaos experiments to help us identify failure modes before they manifest in production
How to bring chaos engineering to serverlessYan Cui
You might have heard about chaos engineering in the context of Netflix and Amazon, and how they kill EC2 servers in production at random to verify that their systems can stay up in the face of infrastructure failures. But did you know that the same ideas can be applied to serverless applications? Yes, despite not having access to the underlying servers, we can still apply principles of chaos engineering to uncover failure modes in our system (and there are plenty!) so we can build a defence against them and make our serverless applications more robust and more resilient!
Migrating existing monolith to serverless in 8 stepsYan Cui
Refactoring a monolith to serverless can be intimidating, but there are discrete steps that you can take to simplify the process. In this talk, AWS Serverless Hero Yan Cui outlines 8 steps to successfully refactor your monolith and highlight key decision points such as language and tooling choices.
Building a social network in under 4 weeks with Serverless and GraphQLYan Cui
Serverless technologies drastically simplify the task of building modern, scalable APIs in the cloud, and GraphQL makes it easy for frontend teams to consume these APIs and to iterate quickly on your product idea. Together, they are a perfect combination for a product-focused, full-stack team to deliver customer values quickly.
In this talk, see how we built a new social network mobile app in under 4 weeks using Lambda, AppSync, DynamoDB and Algolia. How we approached CI/CD, testing, authentication and lessons we learnt along the way.
Real-world serverless podcast: https://realworldserverless.com
Learn Lambda best practices: https://lambdabestpractice.com
Blog: https://theburningmonk.com
Consulting services: https://theburningmonk.com/hire-me
Production-Ready Serverless workshop: https://productionreadyserverless.com
FinDev as a business advantage in the post covid19 economyYan Cui
The impact COVID19 has had on consumer economy, ripples out to other service providers - analytics tools, etc because everyone is going to be squeezed. And the variable-cost (or pay-as-you-use) pricing model will be more appealing as companies tighten up their budgets for non-essential services/tools.
AWS has improved Lambda cold starts by leaps and bounds in the last year. But for performance-sensitive applications such as user-facing APIs, Lambda cold starts are still a thorn in one’s side, especially when working with languages such as Java and .Net Core.
In this webinar, we will dive into strategies for improving cold start latency and how to mitigate them altogether with Provisioned Concurrency, and how Lumigo helps you optimize your use of Provisioned Concurrency.
In this session, we will look at 10 common use cases for AWS Lambda such as REST APIs, WebSockets, IoT and building event-driven systems. We will also touch on some of the latest platform features such as Provisioned Concurrency, EFS integration and Lambda Destinations and when and where we should use them.
A chaos experiment a day, keeping the outage awayYan Cui
Presented at ServerlessDays Warsaw
Recording: https://youtu.be/21HprKZQczs
You might have heard about chaos engineering in the context of Netflix and Amazon, and how they kill EC2 servers in production at random to verify that their systems can stay up in the face of infrastructure failures. But did you know that the same ideas can be applied to serverless applications? Yes, despite not having access to the underlying servers, we can still apply principles of chaos engineering to uncover failure modes in our system (and there are plenty!) so we can build defence against them and make our serverless applications more robust and more resilient!
One of the most common performance issues in serverless architectures is elevated latencies from external services, such as DynamoDB, ElasticSearch or Stripe.
In this webinar, we will show you how to quickly identify and debug these problems, and some best practices for dealing with poor performing 3rd party services.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
Generating a custom Ruby SDK for your web service or Rails API using Smithyg2nightmarescribd
Have you ever wanted a Ruby client API to communicate with your web service? Smithy is a protocol-agnostic language for defining services and SDKs. Smithy Ruby is an implementation of Smithy that generates a Ruby SDK using a Smithy model. In this talk, we will explore Smithy and Smithy Ruby to learn how to generate custom feature-rich SDKs that can communicate with any web service, such as a Rails JSON API.
68. NPM default - get latest
“compatible” version, ie. 1.X.X
69. clean install (eg. on CI server) will
download the latest, compromised
package without any code change…
NPM default - get latest
“compatible” version, ie. 1.X.X
86. AWS Lambda
docs
Write your Lambda function
code in a stateless style, and
ensure there is no affinity
between your code and the
underlying compute
infrastructure.
http://amzn.to/2jzLmkb
108. AWS Shield Advanced also gives you access to the AWS
DDoS Response Team (DRT) and protection against DDoS
related spikes in your ELB, CloudFront or Route 53 charges.
148. no server*
no OS attacks
no long lived compromised servers
* I know I know, there’s still a server somewhere, but it’s managed and secured by AWS engineers who can do a much better
job of it than most of us can; and the servers are ephemeral and short-lived