The document discusses security best practices for end user computing on AWS. It provides an overview of the CloudHesive professional services for security assessments, strategies, and implementations. It then discusses topics like ransomware response, security controls, and the NIST Cybersecurity Framework. Specific AWS services are mapped to the framework for identifying assets and risks, protecting systems and data, detecting incidents, and responding to and recovering from incidents. Best practices are outlined for areas like workstation security, CIS benchmarks, workload lifecycles, and organizational frameworks.
IBM & HCL partnership on Informix. Informix 12.10.xC9 and xC8 feature highlights. Slides from "Jump Start with the enhanced Informix" webcast on 13 July, 2017
Session Sponsored by Trend Micro: 3 Secrets to Becoming a Cloud Security Supe...Amazon Web Services
While security is a top concern in every organization these days, it often gets a bad rap. In many minds, security has the reputation of the bothersome villain who attempts to hinder performance or restrain agility. In this session we will outline three strategies to protect your valuable workloads, without falling into traditional security traps. We will walk through three stories of EC2 security superheroes who saved the day by overcoming compliance and design challenges, using a (not so) secret arsenal of AWS and Trend Micro security tools.
Key takeaways from this session include how to:
- Design a workload-centric security architecture
- Improve visibility of AWS-only or hybrid environments
- Stop patching live instances but still prevent exploits
Speaker: Sasha Pavlovic, Director, Cloud & Datacentre Security, Asia Pacific, Trend Micro
During the session we will describe common methods used to create a Hybrid Cloud with AWS. We step through successful operational models, how to get started, and tools to simplify operations. We will explore topics such as networking, directories, DNS, and security. Importantly, we will cover ongoing operational and management practices.
Speaker: Phil Barlow, Solutions Architect, Amazon Web Services
Featured Customer - AMP
With the upswell of cloud adoption, many traditional infrastructure paradigms are shifting. Security is no different. The cloud service provider industry is discovering new ways to tackle security, including automation, bottomless logging, scalable analysis clusters, and pluggable security tools. This session presents a case study in extending a traditional infrastructure operation into AWS. We provide a practical look into the technical challenges and benefits of operating in this new paradigm, explore incident response automation (Alexa integration), and provide various examples of shifting an on-premises security operation to a scalable, hybrid model. Through lessons learned and analysis, we show why your data is safer in the cloud than in that rack you can touch in your data center.
Speaker: Alastair Cousins, Solutions Architect, Amazon Web Services
This session is recommended for anyone considering using the AWS cloud to augment their current capabilities. Adoption of cloud computing provides access to the benefits of new deployment models with significant cost and agility benefits. But how can the cloud benefit existing government organizations that have invested large amounts of resources in existing on-premises technologies? This session outlines several key factors to consider from the point of view of the large-scale IT shop stakeholder. Because each organization has its unique set of challenges in cloud adoption, this session compares some of the opportunities and risks of several hybrid cloud use-case models and then helps customers understand the cloud-native and third-party vendor options available that bridge the gap to the cloud for large-scale government environments.
Speaker: Craig Roach, Solutions Architect, Amazon Web Services
This document explains about the Monitoring on Amazon AWS cloud.
8KMiles provides Cloud Computing Consulting services in following AWS technologies like Amazon EC2 , Elastic Cloud compute , Simple Storage Service , S3 , Simple Queue service , SQS, Simple DB, AutoScaling , Elastic Load Balancing , ELB, Amazon CloudWatch, Amazon CloudFront, Amazon MapReduce and SNS.
Visit us at www.8kmiles.com/cloud
Hybrid IT Approach and Technologies with the AWS Cloud | AWS Public Sector Su...Amazon Web Services
This session is recommended for anyone considering using the AWS cloud to augment their current capabilities. Adoption of cloud computing provides access to the benefits of new deployment models with significant cost and agility benefits. But how can the cloud benefit existing government organizations that have invested large amounts of resources in existing on-premises technologies? This session outlines several key factors to consider from the point of view of the large-scale IT shop stakeholder. Because each organization has its unique set of challenges in cloud adoption, this session compares some of the opportunities and risks of several hybrid cloud use-case models and then helps customers understand the cloud-native and third-party vendor options available that bridge the gap to the cloud for large-scale government environments.
IBM & HCL partnership on Informix. Informix 12.10.xC9 and xC8 feature highlights. Slides from "Jump Start with the enhanced Informix" webcast on 13 July, 2017
Session Sponsored by Trend Micro: 3 Secrets to Becoming a Cloud Security Supe...Amazon Web Services
While security is a top concern in every organization these days, it often gets a bad rap. In many minds, security has the reputation of the bothersome villain who attempts to hinder performance or restrain agility. In this session we will outline three strategies to protect your valuable workloads, without falling into traditional security traps. We will walk through three stories of EC2 security superheroes who saved the day by overcoming compliance and design challenges, using a (not so) secret arsenal of AWS and Trend Micro security tools.
Key takeaways from this session include how to:
- Design a workload-centric security architecture
- Improve visibility of AWS-only or hybrid environments
- Stop patching live instances but still prevent exploits
Speaker: Sasha Pavlovic, Director, Cloud & Datacentre Security, Asia Pacific, Trend Micro
During the session we will describe common methods used to create a Hybrid Cloud with AWS. We step through successful operational models, how to get started, and tools to simplify operations. We will explore topics such as networking, directories, DNS, and security. Importantly, we will cover ongoing operational and management practices.
Speaker: Phil Barlow, Solutions Architect, Amazon Web Services
Featured Customer - AMP
With the upswell of cloud adoption, many traditional infrastructure paradigms are shifting. Security is no different. The cloud service provider industry is discovering new ways to tackle security, including automation, bottomless logging, scalable analysis clusters, and pluggable security tools. This session presents a case study in extending a traditional infrastructure operation into AWS. We provide a practical look into the technical challenges and benefits of operating in this new paradigm, explore incident response automation (Alexa integration), and provide various examples of shifting an on-premises security operation to a scalable, hybrid model. Through lessons learned and analysis, we show why your data is safer in the cloud than in that rack you can touch in your data center.
Speaker: Alastair Cousins, Solutions Architect, Amazon Web Services
This session is recommended for anyone considering using the AWS cloud to augment their current capabilities. Adoption of cloud computing provides access to the benefits of new deployment models with significant cost and agility benefits. But how can the cloud benefit existing government organizations that have invested large amounts of resources in existing on-premises technologies? This session outlines several key factors to consider from the point of view of the large-scale IT shop stakeholder. Because each organization has its unique set of challenges in cloud adoption, this session compares some of the opportunities and risks of several hybrid cloud use-case models and then helps customers understand the cloud-native and third-party vendor options available that bridge the gap to the cloud for large-scale government environments.
Speaker: Craig Roach, Solutions Architect, Amazon Web Services
This document explains about the Monitoring on Amazon AWS cloud.
8KMiles provides Cloud Computing Consulting services in following AWS technologies like Amazon EC2 , Elastic Cloud compute , Simple Storage Service , S3 , Simple Queue service , SQS, Simple DB, AutoScaling , Elastic Load Balancing , ELB, Amazon CloudWatch, Amazon CloudFront, Amazon MapReduce and SNS.
Visit us at www.8kmiles.com/cloud
Hybrid IT Approach and Technologies with the AWS Cloud | AWS Public Sector Su...Amazon Web Services
This session is recommended for anyone considering using the AWS cloud to augment their current capabilities. Adoption of cloud computing provides access to the benefits of new deployment models with significant cost and agility benefits. But how can the cloud benefit existing government organizations that have invested large amounts of resources in existing on-premises technologies? This session outlines several key factors to consider from the point of view of the large-scale IT shop stakeholder. Because each organization has its unique set of challenges in cloud adoption, this session compares some of the opportunities and risks of several hybrid cloud use-case models and then helps customers understand the cloud-native and third-party vendor options available that bridge the gap to the cloud for large-scale government environments.
At our winter East Midlands Cyber Security Forum event, Dave Walker gave a presentation looking at Amazon’s security approach for their web services, outlining the key tools that are available to ensure a secure deployment.
http://qonex.com/east-midlands-cyber-security-forum/
CJIS Evidence Management in the Cloud using AWS GovCloud (US) | AWS Public Se...Amazon Web Services
Most law enforcement agencies today manage, store, process, analyze, and report on digital forensics using on-premises data centers for computing. Digital forensics is a spiky workload that requires ever increasing storage. Workloads for digital evidence are increasing as it becomes routine to collect laptops, thumb drives, phones, and media (video, images, etc.) during criminal investigations. With oscillating workloads and a need for large amounts of storage, digital forensics is prime workload for the AWS Cloud. This session explores the use of AWS in the tracking and evolution of digital forensics. Learn how to tackle CJIS evidence management in the cloud using AWS GovCloud (US). Learn More: https://aws.amazon.com/government-education/
Are you deploying Windows on AWS? Are you interested in taking advantage of existing investments when running Windows workloads on AWS? In this session we will discuss real world customer examples including as SharePoint, Exchange, SQL Server, and Remote Desktop Services with licensing options. We will explore deployment options and provide an overview of the AWS created QuickStarts and QuickLaunches to help with speed of deployment. This session will also include migration options for customer running End of Extended support products such as Windows Server2003 and SQL2005.
AWS Canberra WWPS Summit 2013 - AWS Governance and Security OverviewAmazon Web Services
As you look to go beyond your cloud and how you will manage governance for it, there are things you need to consider as you build your strategy. Come to this session to understand data protection policies, your relevant control areas, what shared responsibility means and what you need to do to put the right components together for your organisation's Cloud governance strategy.
Shared Responsibility and Setting Up Secure Account StructuresAmazon Web Services
In addition to discussing the AWS Shared Responsibility Model in detail for Infrastructure, Container and Abstract Services, we present a reference architecture for a secure, multi-account enterprise structure, including Mandatory Access Control for logging and separation assurance for different groups and functions within an organisation.
We will guide you through the best practices associated with Microsoft products and services on AWS. You will discover how to address the questions (technical, licensing, pricing) associated with migrating existing platforms (such as Exchange or Sharepoint) and satisfy your core the requirements (AD authentication, monitoring, patching). From hybrid architectures, where the AWS cloud as an extension of your data center, to innovative DevOps centric approaches, we will cover the main use cases seen by our customers.
VMWare Cloud for the AWS Cloud | AWS Public Sector Summit 2017Amazon Web Services
VMware Cloud on AWS brings VMware's enterprise class Software-Defined Data Center software to Amazon's public cloud. VMware is delivered as an on-demand, elastically scalable, and cloud-based and is a sold, operated and supported service for any application. Its software is optimized for next-generation, elastic, bare metal AWS infrastructure. This solution enables customers to use a common set of software and tools to manage both their AWS-based and on-premises vSphere resources consistently. Further virtual machines in this environment have seamless access to the broad range of AWS services. This session will introduce this new service and examine some of the use cases, benefits, and go-to market approaches of the service. We will also include an overview of the underlying AWS architecture, key enabling services, and the feature roadmap. Learn More: https://aws.amazon.com/government-education/
AWS Public Sector Symposium 2014 Canberra | Compliance and Governance on the ...Amazon Web Services
Cloud computing on AWS provides central IT organizations with the ability to control their applications, data and security. This session will detail the processes and controls that CIO organizations can put in place to maintain control while helping their customers to realize the many benefits of cloud computing.
This session will start with an overview of the AWS security & compliance programs that enable financial services institutions to create secure workloads as they move to the cloud. We will dive into Financial Services Institutions (FSI) specific security considerations and regional regulations that may need to be considered.
Deploy a DoD Secure Cloud Computing Architecture Environment in AWS | AWS Pub...Amazon Web Services
The Department of Defense's Secure Cloud Computing Architecture (SCCA) guidance provides DoD mission owners the security requirements for building a DoD compliant and secure application environment in the cloud. This session will review the DoD Cloud Security Requirements Guide and the DoD SCCA pillars and how they apply to AWS services. We will demonstrate how to build a DoD SCCA environment through automation and configuration management tools as well as discuss how to document security controls implementations. We will answer common questions, such as: how do we connect to a DoD Cloud Access Point? How do we implement a least privilege access control model? And how do we automate security event notifications and remediate issues? This session is designed for both technical and information assurance professionals that want to understand the process to move DoD systems into AWS, secure them, and get them accredited. Learn More: https://aws.amazon.com/government-education/
(SEC320) Leveraging the Power of AWS to Automate Security & ComplianceAmazon Web Services
"You’ve made the move to AWS and are now reaping the benefits of decreased costs and increased business agility. How can you reap those same benefits for your cloud security and compliance operations? As building cloud-native applications requires different skill sets, architectures, integrations, and processes, implementing effective, scalable, and robust security for the cloud requires rethinking everything from your security tools to your team culture.
Attend this session to learn how to start down the path toward security and compliance automation and hear how DevSecOps leaders such as Intuit and Capital One are using AWS, DevOps, and automation to transform their security operations.
Session sponsored by evident.io"
This presentation from the AWS Lab at Cloud Expo Europe 2014 explores the solutions, support options and software licensing approaches that you can use if you chose to run your enterprise workloads on Amazon Web Services.
AWS re:Invent 2016: [JK REPEAT] The Enterprise Fast Lane - What Your Competit...Amazon Web Services
Fed up with stop and go in your data center? Shift into overdrive and pull into the fast lane!
Learn how AutoScout24, the largest online car marketplace Europe-wide, are building their Autobahn in the Cloud.
The secret ingredient? Culture! Because “Cloud” is only one half of the digital transformation story: The other half is how your organization deals with cultural change as you transition from the old world of IT into building microservices on AWS with agile DevOps teams in a true „you build it you run it“ fashion.
Listen to stories from the trenches, powered by Amazon Kinesis, Amazon DynamoDB, AWS Lambda, Amazon ECS, Amazon API Gateway and much more, backed by AWS Partners, AWS Professional Services, and AWS Enterprise Support.
Key takeaways: How to become Cloud native, evolve your architecture step by step, drive cultural change across your teams, and manage your company’s transformation for the future.
Datensicherheit mit AWS - AWS Security Web DayAWS Germany
Vortrag "Datensicherheit mit AWS" von Bertram Dorn beim AWS Security Web Day 2016. Alle Videos und Präsentationen finden Sie hier: http://amzn.to/1NFtR5P
Dieser Vortrag bietet Ihnen eine Übersicht über mögliche Leistungsmerkmale und Optionen von Amazon Web Services, mit denen Ihre Daten gesichert werden können. Die AWS Dienste folgen spezifischen Bauplänen auf Basis von Regionen und Verfügbarkeitszonen. Das Verstehen dieser Baupläne ermöglicht es Ihnen, die richtige Wahl zu treffen, um erfolgreich Anwendungen auf AWS laufen zu lassen. Auch existieren verschiedenste Optionen welche von AWS zur Sicherung der Anwendungen empfohlen werden. Der Vortrag wird einen Überblick über diese Optionen geben und einige bewährte Verfahren im Bereich Verschlüsselung und AWS-Konto-Verwaltung beschreiben.
At our winter East Midlands Cyber Security Forum event, Dave Walker gave a presentation looking at Amazon’s security approach for their web services, outlining the key tools that are available to ensure a secure deployment.
http://qonex.com/east-midlands-cyber-security-forum/
CJIS Evidence Management in the Cloud using AWS GovCloud (US) | AWS Public Se...Amazon Web Services
Most law enforcement agencies today manage, store, process, analyze, and report on digital forensics using on-premises data centers for computing. Digital forensics is a spiky workload that requires ever increasing storage. Workloads for digital evidence are increasing as it becomes routine to collect laptops, thumb drives, phones, and media (video, images, etc.) during criminal investigations. With oscillating workloads and a need for large amounts of storage, digital forensics is prime workload for the AWS Cloud. This session explores the use of AWS in the tracking and evolution of digital forensics. Learn how to tackle CJIS evidence management in the cloud using AWS GovCloud (US). Learn More: https://aws.amazon.com/government-education/
Are you deploying Windows on AWS? Are you interested in taking advantage of existing investments when running Windows workloads on AWS? In this session we will discuss real world customer examples including as SharePoint, Exchange, SQL Server, and Remote Desktop Services with licensing options. We will explore deployment options and provide an overview of the AWS created QuickStarts and QuickLaunches to help with speed of deployment. This session will also include migration options for customer running End of Extended support products such as Windows Server2003 and SQL2005.
AWS Canberra WWPS Summit 2013 - AWS Governance and Security OverviewAmazon Web Services
As you look to go beyond your cloud and how you will manage governance for it, there are things you need to consider as you build your strategy. Come to this session to understand data protection policies, your relevant control areas, what shared responsibility means and what you need to do to put the right components together for your organisation's Cloud governance strategy.
Shared Responsibility and Setting Up Secure Account StructuresAmazon Web Services
In addition to discussing the AWS Shared Responsibility Model in detail for Infrastructure, Container and Abstract Services, we present a reference architecture for a secure, multi-account enterprise structure, including Mandatory Access Control for logging and separation assurance for different groups and functions within an organisation.
We will guide you through the best practices associated with Microsoft products and services on AWS. You will discover how to address the questions (technical, licensing, pricing) associated with migrating existing platforms (such as Exchange or Sharepoint) and satisfy your core the requirements (AD authentication, monitoring, patching). From hybrid architectures, where the AWS cloud as an extension of your data center, to innovative DevOps centric approaches, we will cover the main use cases seen by our customers.
VMWare Cloud for the AWS Cloud | AWS Public Sector Summit 2017Amazon Web Services
VMware Cloud on AWS brings VMware's enterprise class Software-Defined Data Center software to Amazon's public cloud. VMware is delivered as an on-demand, elastically scalable, and cloud-based and is a sold, operated and supported service for any application. Its software is optimized for next-generation, elastic, bare metal AWS infrastructure. This solution enables customers to use a common set of software and tools to manage both their AWS-based and on-premises vSphere resources consistently. Further virtual machines in this environment have seamless access to the broad range of AWS services. This session will introduce this new service and examine some of the use cases, benefits, and go-to market approaches of the service. We will also include an overview of the underlying AWS architecture, key enabling services, and the feature roadmap. Learn More: https://aws.amazon.com/government-education/
AWS Public Sector Symposium 2014 Canberra | Compliance and Governance on the ...Amazon Web Services
Cloud computing on AWS provides central IT organizations with the ability to control their applications, data and security. This session will detail the processes and controls that CIO organizations can put in place to maintain control while helping their customers to realize the many benefits of cloud computing.
This session will start with an overview of the AWS security & compliance programs that enable financial services institutions to create secure workloads as they move to the cloud. We will dive into Financial Services Institutions (FSI) specific security considerations and regional regulations that may need to be considered.
Deploy a DoD Secure Cloud Computing Architecture Environment in AWS | AWS Pub...Amazon Web Services
The Department of Defense's Secure Cloud Computing Architecture (SCCA) guidance provides DoD mission owners the security requirements for building a DoD compliant and secure application environment in the cloud. This session will review the DoD Cloud Security Requirements Guide and the DoD SCCA pillars and how they apply to AWS services. We will demonstrate how to build a DoD SCCA environment through automation and configuration management tools as well as discuss how to document security controls implementations. We will answer common questions, such as: how do we connect to a DoD Cloud Access Point? How do we implement a least privilege access control model? And how do we automate security event notifications and remediate issues? This session is designed for both technical and information assurance professionals that want to understand the process to move DoD systems into AWS, secure them, and get them accredited. Learn More: https://aws.amazon.com/government-education/
(SEC320) Leveraging the Power of AWS to Automate Security & ComplianceAmazon Web Services
"You’ve made the move to AWS and are now reaping the benefits of decreased costs and increased business agility. How can you reap those same benefits for your cloud security and compliance operations? As building cloud-native applications requires different skill sets, architectures, integrations, and processes, implementing effective, scalable, and robust security for the cloud requires rethinking everything from your security tools to your team culture.
Attend this session to learn how to start down the path toward security and compliance automation and hear how DevSecOps leaders such as Intuit and Capital One are using AWS, DevOps, and automation to transform their security operations.
Session sponsored by evident.io"
This presentation from the AWS Lab at Cloud Expo Europe 2014 explores the solutions, support options and software licensing approaches that you can use if you chose to run your enterprise workloads on Amazon Web Services.
AWS re:Invent 2016: [JK REPEAT] The Enterprise Fast Lane - What Your Competit...Amazon Web Services
Fed up with stop and go in your data center? Shift into overdrive and pull into the fast lane!
Learn how AutoScout24, the largest online car marketplace Europe-wide, are building their Autobahn in the Cloud.
The secret ingredient? Culture! Because “Cloud” is only one half of the digital transformation story: The other half is how your organization deals with cultural change as you transition from the old world of IT into building microservices on AWS with agile DevOps teams in a true „you build it you run it“ fashion.
Listen to stories from the trenches, powered by Amazon Kinesis, Amazon DynamoDB, AWS Lambda, Amazon ECS, Amazon API Gateway and much more, backed by AWS Partners, AWS Professional Services, and AWS Enterprise Support.
Key takeaways: How to become Cloud native, evolve your architecture step by step, drive cultural change across your teams, and manage your company’s transformation for the future.
Datensicherheit mit AWS - AWS Security Web DayAWS Germany
Vortrag "Datensicherheit mit AWS" von Bertram Dorn beim AWS Security Web Day 2016. Alle Videos und Präsentationen finden Sie hier: http://amzn.to/1NFtR5P
Dieser Vortrag bietet Ihnen eine Übersicht über mögliche Leistungsmerkmale und Optionen von Amazon Web Services, mit denen Ihre Daten gesichert werden können. Die AWS Dienste folgen spezifischen Bauplänen auf Basis von Regionen und Verfügbarkeitszonen. Das Verstehen dieser Baupläne ermöglicht es Ihnen, die richtige Wahl zu treffen, um erfolgreich Anwendungen auf AWS laufen zu lassen. Auch existieren verschiedenste Optionen welche von AWS zur Sicherung der Anwendungen empfohlen werden. Der Vortrag wird einen Überblick über diese Optionen geben und einige bewährte Verfahren im Bereich Verschlüsselung und AWS-Konto-Verwaltung beschreiben.
Dutch Oracle Architects Platform - Reviewing Oracle OpenWorld 2017 and New Tr...Lucas Jellema
Not since the rise of Service Oriented Architecture (and the supporting Fusion Middleware technology) over a decade ago have we seen so much rapid change in terms of application and infrastructure architecture. Cloud, Microservices and DevOps are perhaps the most explicit examples – but many other developments in technology, architecture and even the industry at large have an impact on how enterprises consider and employ IT – such as machine learning, IoT, blockchain.
In this session for (infrastructure, solution, application, enterprise, security, data) architects – we will present the main stories, roadmaps and technologies from Oracle OpenWorld 2017 (and JavaOne) that influence, shape and enable architecture. We will brainstorm together on the consequences of the new directions outlined by Oracle – and coming our way from other quarters. We are seeing a a lot of change. New opportunities arise – that may become challenges or threats if we fail to recognize and embrace the change in time. This session will help us all to get a better handle on the winds in enterprise IT in general and in Oracle land in particular.
Among the topics we will present and discuss are:
- The Only Way is Up – the inevitable and imminent move from on premises to the cloud, and upwards in the stack – from IaaS to SaaS
- Security and Ops in a hybrid landscape (multiple clouds & on premises, multiple technologies & interaction channels)
- Autonomous Database – what, when, how
- Oracle’s cloud strategy, High PaaS and Low PaaS, Open [source] technology (star of the show: Apache Kafka) and the commodization of the traditional Oracle platform
- Container and Cloud Native at Oracle Cloud (Docker, Kubernetes Container Platform, Wercker, Istio Service Mesh, CNCF)
- Serverless
- Java Reborn – for microservices and cloud, modularized (highlights from the JavaOne conference)
- Disruptive: Blockchain, IoT, Machine Learning
Highlights the services in Azure that provide microservices, including App Service, Logic Apps, Functions, Azure SQL Database, Service Bus, containers, Traffic Manager, etc.
This is the slide deck for the DFW Azure User Group meetup of 18 July 2017, presented by Doug Vanderweide and discussing Azure's services that support a microservices architecture.
Azure 101: Shared responsibility in the Azure CloudPaulo Renato
Whether you’re working exclusively on Azure or with multiple cloud environments, there are certain things you should consider when moving assets to the public cloud. As with any cloud deployment, security is a top priority, and moving your workloads to the Azure cloud doesn’t mean you’re not responsible for the security of your operating system, applications, and data.
Building on the security of the Azure infrastructure, this shared security responsibility starts with making sure your environment is secure. In this session, we will discuss step-by-step what you need to do to secure access at the administrative, application and network layers.
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
2. Who is CloudHesive?
• Professional Services
• Assessment (Current environment,
datacenter or cloud)
• Strategy (Getting to the future state)
• LandingZone (Pre-Migration)
• Migration (Environment-to-cloud,
Datacenter-to-cloud)
• Implementation (Point solutions)
• Support (Break/fix and ongoing
enhancement)
• DevOps Services
• Assessment
• Strategy
• Implementation (Point solutions)
• Management (Supporting infrastructure,
solutions or ongoing enhancement)
• Support (Break/fix and ongoing
enhancement)
• Managed Security Services (SecOps)
• Encryption as a Service (EaaS) –
encryption at rest/in flight
• End Point Security as a Service
• Threat Management
• SOC IIType 2Validated
• Next Generation Managed Services
(MSP)
• Leveraging our Professional, DevOps
and Managed Security Services
• Single payer billing
• Intelligent operations and
automation
• AWS Audited
• Cost Management
3. Topics
• Introduction
• End User Computing
• Ransomware Incident Response
• End User Computing Security Best Practices
• Modernizing Security Controls
• NIST Cybersecurity Framework
4. Data Breach Discovery/ContainmentTime has DecreasedYoY
Verizon 2020 Data Breach Investigations Report
https://enterprise.verizon.com/resources/reports/2020-data-breach-investigations-report.pdf
6. CustomerWorkload Personas
• Migrated
• Server Based
• Migrated & Optimized
• Blends of Server and Service Based
• Serverless/Native
• Service Based
• Orchestrated
• ECS, EKS, K8s
• Inherited
• Wildcard!
• Hybrid
• Wildcard!
7. Service Categories
• Analytics
• Application Integration
• AR &VR
• AWS Cost Management
• Blockchain
• Business Applications
• Compute
• Customer Engagement
• Database
• Developer Tools
• End User Computing
• GameTech
• Internet ofThings
• Machine Learning
• Management & Governance
• Media Services
• Migration &Transfer
• Mobile
• Networking & Content Delivery
• QuantumTechnologies
• Robotics
• Satellite
• Security, Identity, & Compliance
• Storage
11. What’s missing?
• Ingress Security Group toWorkspace
• Egress Security Group fromWorkspace to (Internet)
• Security Groups to/from other Services (AWS and On Premises)
• Security of the Workspace Environment
• Security of supporting servers (Active Directory)
• Security of other network-accessible resources (Web Servers)
• User Permissions (Non-Local Admin, Local Admin, Global Admin)
• Access of the Workspace (PKI Cert, PKI PIV, Network, MFA)
• The rest of the AWSAccount?The rest of the AWSAccount! (Services, APIs)
13. What could go wrong?
• Ingress Security Group toWorkspace
• Egress Security Group fromWorkspace to (Internet)
• Security Groups to/from other Services (AWS and On Premises)
• Security of the Workspace Environment
• Security of supporting servers (Active Directory)
• Security of other network-accessible resources (Web Servers)
• User Permissions (Non-Local Admin, Local Admin, Global Admin)
• Access of the Workspace (PKI Cert, PKI PIV, Network, MFA)
• The rest of the AWSAccount?The rest of the AWSAccount! (Services, APIs)
15. Overview
• Through the lens of the NIST Cybersecurity Framework we will look at frameworks developed
by, and services available onAWS.
• AWS services can either/both play a supporting role in your security posture, supporting both
non-AWS resources andAWS resources alike but secure configuration ofAWS resources can also
play a role in supporting your security posture.
• The NIST Cybersecurity Framework provides a policy framework of computer security guidance
for how private sector organizations in the United States can assess and improve their ability to
prevent, detect, and respond to cyber attacks.
16. NIST Cybersecurity Framework
• Identify
• Develop an organizational understanding to manage cybersecurity risk to systems, people, assets,
data, and capabilities.
• Protect
• Develop and implement appropriate safeguards to ensure delivery of critical services.
• Detect
• Develop and implement appropriate activities to identify the occurrence of a cybersecurity event.
• Respond
• Develop and implement appropriate activities to take action regarding a detected cybersecurity
incident.
• Recover
• Develop and implement appropriate activities to maintain plans for resilience and to restore any
capabilities or services that were impaired due to a cybersecurity incident.
17. CIS Controls & Benchmarks
• Controls
• Prescriptive Controls
• Benchmarks
• Prescriptive steps to apply controls to specific technologies
• AWS
• Workspaces
• Windows/Linux
• Other Services
29. WAF – Lenses
• Financial Services Industry
• Analytics
• Machine Learning
• Internet ofThings (IOT)
• Serverless
• High Performance Computing (HPC)
30. WAF – General Design Principals
• Stop guessing your capacity needs
• Test systems at production scale
• Automate to make architectural experimentation easier
• Allow for evolutionary architectures
• Drive architectures using data
• Improve through game days
31. WAF – Game Days
• Prepare
• Is the process/are the processes to be tested during the game day well defined? Is access in place? Has
training been performed?
• Define
• Workload, Personnel, Scenario, Environment, Schedule
• Execute
• Start, Middle, End
• Analyze
• Debrief, Examine, Document, Root Cause Analysis (RCA), Correction of Error (CoE)
32. WAF – Security Pillar
• Design Principles
• Implement a strong identity foundation
• Enable traceability
• Apply security at all layers
• Automate security best practices
• Protect data in transit and at rest
• Keep people away from data
• Prepare for security events
• Best Practices
• Identity and Access Management
• Detection
• Infrastructure Protection
• Data Protection
• Incident Response
33. Identify
• Audit Manager
• Cost Management Services (Individual Services)
• Certificate Manager (Public + Private)
• Firewall Manager (WAF + Security Groups)
• Directory Service + Identity and Access Management (+ Services with their own Policies)
• AccessAdvisor,Access Analyzer,Organization Activity
• Inspector
• Key Management Service + Secrets Manager
• Macie
• Premium Support +Trusted Advisor + Personal Health Dashboard
• Systems Manager
• Security Hub + Config + Config Rules
• Tags
34. Identify – Organizations
• Tag policies
• Artifact
• Backup
• CloudFormation StackSets
• CloudTrail
• Config
• Directory Service
• Firewall Manager
• Resource Access Manager
• Service Catalog
• Single Sign-On
• Systems Manager
39. Detect
• Guard Duty
• Config: Point in time snapshots of configuration items, Exportable as JSON to
idempotent storage
• VPC: Flow Logs (NetFlow) + Port Mirroring
• CloudWatch Logs: OS and above log management
• CloudTrail: AuditTrail, Exportable as JSON to idempotent storage
• Cloudfront, ALB andWAF: All log (CloudFront and ALB in S3,WAF in Kinesis)
• S3/Glacier: File based storage with AAA, versioning, secure delete + policy based
retention + dedicated account
41. Respond
• Detective
• Disk Snapshots
• Don’t forget to remove from retention policy
• Automated withThreatResponse,GRR
• Memory Snapshots
• Automated withThreatResponse,GRR,Volatility, Rekall
• Logs
• Don’t forget to remove from retention policy
• Query and Correlate with Athena
• Measure
42. Recover
• Block Access
• Revert to Known Good State
• Identify/Correct Root Cause
• Rotate Credentials (people and things)
• Measure
43. Conclusion
• Iterate introduction of your security controls – some in the short term is better than none in the
long term.
• Detective Controls are just as important as Preventative Controls, they play a significant
response in incident detection and response.
• Whether your workload is onAWS or not,AWS services can be used to supplement your controls.
• There is no lack of frameworks – pick and choose from them to make a framework that works
best for your organization’s needs.
