Serverless Security Workflows - cyber talks - 19th nov 2019

•

3 likes•766 views

The document discusses how serverless technologies can help security teams scale their operations through automated workflows. It advocates that security teams adopt serverless approaches to build workflows that are event-driven and leverage services like AWS Lambda, Azure Functions, and Google Cloud Functions. By taking a serverless approach, security activities like incident response, threat modeling, and risk analysis can be automated and scaled more easily. The document also discusses using technologies like Jira, Slack, property graphs and Jupyter notebooks to capture security data and build automated workflows and dashboards.

@DinisCruz
Serverless
Security Workﬂows
Dinis Cruz
GlassWall VP Engineering and CISO
Nov 2019

@DinisCruz
Serverless
is a major paradigm shift

@DinisCruz
Serverless allow
Security activities to scale

@DinisCruz
Serverless allow
Security activities to have
‘enterprise scalability’

@DinisCruz
Key Concept:
Security as center of
Excellence and Innovation

@DinisCruz
Security teams
don’t run code in Production

@DinisCruz
Which means that Security
‘Should’ not have ‘Legacy’

@DinisCruz
Security ‘internally’
needs to be an
Leader of Innovation

@DinisCruz
It is your responsibility
To lead the automation of
Security

@DinisCruz
If you are running on
Spreadsheets
….
You are Legacy

@DinisCruz
Everybody in Security
needs to
‘Code’ and
‘Automate their workflows’

@DinisCruz
Serverless = reduced stack
https://www.slideshare.net/estelleinomniaparatus/icc-paas-vs-faas-v41

@DinisCruz
When you do it right, not that much
Serverless environments enable event-driven workﬂows that dramatically
change the scalability and cost of Security Operations

@DinisCruz
When you get it wrong
you will not save much

@DinisCruz
In GCP (Google Cloud Platform)

@DinisCruz
In Serverless
The Key benefits
are the side-effects

@DinisCruz
Using Wardley Maps to
understand Serverless

@DinisCruz
Commodities creates new opportunities

@DinisCruz
Key Pattern (for your team and business)
1. Create Platform
2. View what users are doing in your Platform
a. What they are moving from Genesis to Custom Build
3. Productize and Commoditize that
4. Rise and Repeat
● For example:
○ EC2 -> Lambda
○ EC2 -> Lambda -> API Gateway automations
○ EC2 -> MySQL as a Service -> Serverless MySQL
○ EC2 -> Elastic Container Service (ECS) -> Fargate
○ EC2 -> LightSail

@DinisCruz
Scaling Incident
event operations
Based on Serverless workflow

@DinisCruz
Workflow
Person
Credentials Application
uses
to access
conditions
generate
Alert
acknowledged in Slack by
entered in
action updates status of alert in

@DinisCruz
Slack as UI , Jira as Database

@DinisCruz
Serverless Automatic
Generation of Maps

@DinisCruz
‘Serverless’
Security Workflows
‘Serverless Security’
Workflows
! =

@DinisCruz
First let’s talk about
‘Serverless’
Security Workflows

@DinisCruz
I.e. the use of
Serverless technology
to scale
Security Workflows

@DinisCruz
https://www.plugandplaytechcenter.com/resources/serverless-security-everything-you-need-know-about-it/
We need to scale security actions

@DinisCruz
Enterprise Services all the way

@DinisCruz
OWASP Security Bot
https://github.com/owasp-sbot

@DinisCruz
Using Jira has a Graph Database

@DinisCruz
TechStack (with serverless workﬂow)

@DinisCruz
CLI (Command Line Interface) to your data

@DinisCruz
REPL (Read Evaluate Print Loop)

@DinisCruz
Graph project’s to outcomes and threats

@DinisCruz
Threat Models (in a scalable way)

@DinisCruz
Creating Slides/Powerpoint from Jira

@DinisCruz
Creating Global Dashboards (risks linked to vulns)

@DinisCruz
https://res.cloudinary.com/snyk/raw/upload/v1559295122/Cheat_Sheet-_10_Serverless_Security_Best_Practices.pdf
Lots to secure

@DinisCruz
It is your fault when it goes wrong

@DinisCruz
Managing state is one of the next major changes

@DinisCruz
Final Thought:
Security has an
Center of Excellence

The document discusses the benefits of collaboration between police and industry on security issues. It notes that organizations with a history of attacks have more budget and focus on security, while those without see it as more of a marketing exercise. The key areas of security, automation, data science, and cloud services are mapped. Building relationships and sharing knowledge is emphasized over buying or outsourcing. Thinking in graphs, APIs, data science, and transparency are presented as important modern approaches to security.

CISO Application presentation - Babylon health security

Dinis Cruz

Using Wardley Maps to Understand Security's Landscape and Strategy

Dinis Cruz

This document provides an overview of Wardley Maps, which are used to understand an organization's security landscape and strategy. It describes how to create Wardley Maps by starting with user needs, adding capabilities, and mapping evolution over time. Various examples are given of mapping security topics like threat landscapes, compliance, and cyber attacks. Community resources for collaborating and learning more about Wardley Mapping are also provided.

Making fact based decisions and 4 board decisions (Oct 2019)

Dinis Cruz

The document discusses using data science and visualization techniques to connect security data sources and policies to risks and vulnerabilities in a graph database. This allows creating fact-based security decisions and risk dashboards. Workflows can then automate security incident handling and scale the approach. The approach aims to prevent crises rather than just incidents and make organizations safe rather than just secure.

Dinis Cruz (CV) - CISO and Transformation Agent v1.2

Dinis Cruz

(OLD VERSION) Dinis Cruz (CV) - CISO and Transformation Agent v0.6

Dinis Cruz

Glasswall - Safety and Integrity Through Trusted Files

Dinis Cruz

The document discusses cybersecurity threats facing organizations and how traditional antivirus solutions are often unable to stop advanced malware. It introduces Glasswall's Content Disarm and Reconstruction (CDR) technology, which regenerates files to remove risks like malware while preserving file contents. CDR analyzes files at the visual, functional, and structural layers to sanitize them according to policy. This allows Glasswall to stay ahead of evolving threats unlike antivirus solutions.

This document discusses creating a graph-based security organization. It outlines security's objectives like allowing business operations while managing risk. Security is a driver of change and sits at the center of organizational data. The only effective way to manage and understand this relational data is as a graph. The presenter's organization refactored their risk workflow and JIRA implementation to represent data as a graph stored in a queryable database. They use tools like ELK, Slack bots, and plantUML diagrams to visualize and interact with the security graph. This empower's data-driven security decisions and risk management. The presenter provides examples of risk dashboards and encourages collaboration to further develop these graph-based approaches.

Using OWASP Security Bot (OSBot) to make Fact Based Security Decisions

Dinis Cruz

OSBot is a security bot that can help automate security tasks and decisions using data. It can generate graphs of data from tools like Jira to help understand security issues and their relationships. It uses a serverless architecture with components like Jira, Elastic, Slack, and Jupyter notebooks. The bot can create schemas to map real world data, generate workflows, and link together related information like policies, vulnerabilities, and risks for context-specific security projects. This allows for fact-based security decisions and global dashboards. Presentations and the code for OSBot are available to learn more.

Embracing the Millennial Tsunami

Forcepoint LLC

Security Insights for Mission-Critical Networks

Forcepoint LLC

Maintaining Visibility and Control as Workers and Apps Scatter

Forcepoint LLC

Balancing productivity and security has been an age old challenge for IT. Nowadays, tight budgets and a shortage of skilled security personnel are further complicating the security equation at a time when mobile workers and cloud applications require effective defenses beyond traditional perimeters. Fortunately, there are new perspectives and best practices to help Government IT security leaders secure systems and users everywhere, with the same level of mission-critical protection that Federal networks require.

Red Hat Forum Poland 2019 - 3 Pitfalls Everyone Ignores with Microservices

Eric D. Schabell

The document discusses 3 pitfalls of microservices that are often ignored: 1) Organizations may not be ready to transform to microservices if they have not addressed internal silos. 2) There is no clear definition of what constitutes a microservice. 3) Fast moving monoliths may be better than microservices. It also mentions a bonus pitfall around the challenges of distributed data with microservices.

Cloudy with a Chance of...Visibility, Accountability & Security

Forcepoint LLC

Cloud adoption is driving value into businesses like never before. Trying to manage security and compliance in the use of cloud platforms and applications can be challenging, with visibility being "cloudy" at best. That situation can drive stress and frustration into already overworked security teams. In this session Doug Copley will explain how the latest cloud security platforms can be the foglight to improve visibility and information risk management while enabling organizations to safely adopt those transformative technologies that will advance the mission of the organization.

SYN111: What's New and Exciting with XenMobile

Citrix

Discover - Evolving Your Data Center in a Cloud World

LaurenWendler

The document discusses evolving data centers in a hybrid cloud world. It recommends that organizations (1) lead with new shared services and user experiences, (2) accelerate new business models and capabilities using cognitive services, and (3) leverage hybrid cloud to operationalize for speed and flexibility. The data center is positioned as the connection point between on-premise and cloud infrastructure, with systems of record on-premise connecting to systems of engagement in the cloud. Recommendations are made to learn more about hybrid cloud strategies and whitepapers on the topic.

AxCrypt Pitch Deck - File Security Made Easy!

Zebastian Victorin

AxCrypt has over 15 years established itself as one of the strongest brands in the file encryption industry. With over 10 million users, we have proven that our service works and is appreciated. Since we launched our commercial version of AxCrypt May 2016 we already been appointed "The world's best encryption software" of the prestigious PC Magazine and received over 150 000 new users. Now we need to bring in capital to expand our team and build business solutions for B2B customers that we have many inquiries from.

The Distributed & Decentralized Cloud

Margaret Dawson

Colorado Cloud Security Alliance Fall Summit 2017

Dario Montelongo Jr.

What is Cloud Native, and why should I care?

Tomasz Tarczyński

This document discusses what cloud native is and why it is important. Cloud native refers to an approach to building and running applications that fully leverages the benefits of the cloud platform. It allows applications to take advantage of modern architecture patterns like microservices and containers to improve reliability, velocity, and efficiency. The document outlines key aspects of cloud native like containers, dynamic management, and using infrastructure and applications managed by software.

Mobile malware with application harderning techniques

Swapnil Deshmukh

This document summarizes a presentation about analyzing and hardening Android applications. It discusses why Android is an easy target for malware, common Android malware attacks in 2017, and techniques used to obfuscate and protect Android apps, such as obfuscators, packers, and protectors. It also provides examples of specific obfuscation and protection tools like ProGuard, DexProtector, Arxan EnsureIT, and packers like JMPJ2 and Secondhand. The presentation concludes by discussing developing an Android malware genome database and detection tools to analyze apps and scan application stores.

What is Cloud Native and why should I care

Tomasz Tarczyński

This document discusses the concepts of cloud native and why it is important. It defines cloud native as utilizing containers, dynamic management of infrastructure and applications, and building applications as microservices. The document provides examples of companies like the Financial Times and Gigaset that improved reliability, deployment velocity, and efficiency by moving to a cloud native approach using containers and microservices. It also discusses how cloud native relates to existing DevOps practices and the history and evolution of concepts like containers, orchestration, and microservices.

[INFOGRAPHIC] Accelerate Your Mobile Workforce with Citrix XenApp & XenDeskto...

Citrix

CIS13: IDaaS. The Now Big Thing

CloudIDSummit

Nishant Kaushik, Chief Architect, Identropy There is a misconception that IDaaS is simply a cloud-based, less featured, less secure version of traditional Identity Management products that get deployed on-prem. In this session, you will find out that far from being little brother, IDaaS is actually bigger, better and stronger than IDaaI (Identity-as-an-Install) across multiple dimensions, whether it be in capabilities, ability to evolve and most significantly, security and performance. IDaaS is Changing the IdM game right in front of us, and customers are winning.

MiCADO - Auto-scaling Framework for Docker Containers, orchestrated by Kubern...

Project COLA

Final cloud computing

Juber Mangure

This document provides an overview of Microsoft SkyDrive cloud storage. It discusses what SkyDrive is, how it works, its architecture, advantages and disadvantages. SkyDrive allows users to store and access files from any device with internet access. It provides benefits such as unlimited storage, easy sharing and collaboration, device independence, and remote access. However, it also requires a constant internet connection to work and stored data may not be fully secure.

Trend_Micro_Collateral_Australian_Transit

James T. Kulig

Grenda Transit is a transportation company in Melbourne, Australia that was merged with another transit company. They needed a security solution that could protect their IT environment consisting of both VMware and Citrix virtual systems. Trend Micro's Deep Security product was chosen because it provided comprehensive protection across their physical, virtual, and cloud systems from a single console and did not impact performance. Deep Security reduced their management requirements by up to 75% and stopped threats before they reached their IT environment.

TIAD : In a chocolate factory

The Incredible Automation Day

dinCloud q2 pr highlights

dinCloud Inc.

dinCloud had a successful Q2 2015, forming new partnerships and launching new services. Key highlights included: - A partnership with CDW to sell dinCloud's hosted virtual desktops and cloud services. - New specialized healthcare cloud services to meet the needs of healthcare providers. - The launch of dinDNS, an affordable and scalable cloud DNS service to combat DDoS attacks. - A customer case study about how Sierra Group transformed their business operations using dinCloud's hosted virtual servers.

What's hot

Creating a graph based security organisation - Apr 2019 (OWASP London chapter...

Dinis Cruz

Using OWASP Security Bot (OSBot) to make Fact Based Security Decisions

Dinis Cruz

Embracing the Millennial Tsunami

Forcepoint LLC

Security Insights for Mission-Critical Networks

Forcepoint LLC

Maintaining Visibility and Control as Workers and Apps Scatter

Forcepoint LLC

Red Hat Forum Poland 2019 - 3 Pitfalls Everyone Ignores with Microservices

Eric D. Schabell

Cloudy with a Chance of...Visibility, Accountability & Security

Forcepoint LLC

SYN111: What's New and Exciting with XenMobile

Citrix

Discover - Evolving Your Data Center in a Cloud World

LaurenWendler

AxCrypt Pitch Deck - File Security Made Easy!

Zebastian Victorin

The Distributed & Decentralized Cloud

Margaret Dawson

Colorado Cloud Security Alliance Fall Summit 2017

Dario Montelongo Jr.

What is Cloud Native, and why should I care?

Tomasz Tarczyński

Mobile malware with application harderning techniques

Swapnil Deshmukh

What is Cloud Native and why should I care

Tomasz Tarczyński

[INFOGRAPHIC] Accelerate Your Mobile Workforce with Citrix XenApp & XenDeskto...

Citrix

CIS13: IDaaS. The Now Big Thing

CloudIDSummit

MiCADO - Auto-scaling Framework for Docker Containers, orchestrated by Kubern...

Project COLA

Final cloud computing

Juber Mangure

Trend_Micro_Collateral_Australian_Transit

James T. Kulig

What's hot (20)

Creating a graph based security organisation - Apr 2019 (OWASP London chapter...

Using OWASP Security Bot (OSBot) to make Fact Based Security Decisions

Embracing the Millennial Tsunami

Security Insights for Mission-Critical Networks

Maintaining Visibility and Control as Workers and Apps Scatter

Red Hat Forum Poland 2019 - 3 Pitfalls Everyone Ignores with Microservices

Cloudy with a Chance of...Visibility, Accountability & Security

SYN111: What's New and Exciting with XenMobile

Discover - Evolving Your Data Center in a Cloud World

AxCrypt Pitch Deck - File Security Made Easy!

The Distributed & Decentralized Cloud

Colorado Cloud Security Alliance Fall Summit 2017

What is Cloud Native, and why should I care?

Mobile malware with application harderning techniques

What is Cloud Native and why should I care

[INFOGRAPHIC] Accelerate Your Mobile Workforce with Citrix XenApp & XenDeskto...

CIS13: IDaaS. The Now Big Thing

MiCADO - Auto-scaling Framework for Docker Containers, orchestrated by Kubern...

Final cloud computing

Trend_Micro_Collateral_Australian_Transit

Similar to Serverless Security Workflows - cyber talks - 19th nov 2019

TIAD : In a chocolate factory

The Incredible Automation Day

dinCloud q2 pr highlights

dinCloud Inc.

Serverless is FaaS-tastic - All Things Open Meet-up

Mark Hinkle

Serverless can be misleading as a descriptor. Serverless infrastructure actually runs on servers. However, the “server-less” reference comes from the fact that serverless abstracts the complexity of running servers away from the software developer which enables them to develop software without having to worry about the scaling, redundancy and overall infrastructure design. This is called Function-as-a-Service or Faas for short. For the purposes of this talk, we’ll discuss serverless technologies where someone else is providing serverless infrastructure. Popular serverless platforms include Amazon Web Services Lambda, Google Cloud Functions, and Microsoft Azure Functions. The presentation will also discuss the software that can be used to deliver Functions-as-a-Service (FaaS) that enables serverless, including serverless frameworks like Knative, Kubeless, OpenFaaS, and Oracle’s fn. Finally, we’ll cover what a cloud-native application might look like including the use cases and design patterns that serverless is geared towards providing.

Microservices + Events + Docker = A Perfect Trio (dockercon)

Chris Richardson

Microservices are an essential enabler of agility but developing and deploying them is a challenge. In order for microservices to be loosely coupled,each service must have its own datastore. This makes it difficult to maintain data consistency across services. Deploying microservices is also a complex problem since an application typically consists of 10s or 100s of services, written in a variety of languages and frameworks. In this presentation, you will learn how to solve these problems by using an event-driven architecture to maintain data consistency and by using Docker to simplify deployment.

Microservices + Events + Docker = A Perfect Trio by Docker Captain Chris Rich...

Docker, Inc.

The document discusses how microservices, events, and Docker form a perfect trio for developing and deploying applications. It covers how microservices can help accelerate development but also introduce complexity that events and Docker can help address. Events are proposed to maintain data consistency between microservices rather than distributed transactions. Docker is presented as a way to containerize microservices for improved isolation, manageability and efficient deployment and scaling. The overall presentation argues this combination of techniques can help build large, complex applications.

Unlocked Nov 2013: Cloud principles track

Rackspace Academy

The document discusses how cloud computing provides businesses with more agility through faster deployment of applications and infrastructure. It outlines some of the key benefits of cloud such as reducing delivery time and costs for IT while avoiding vendor lock-in. The document advocates for a hybrid cloud approach using public cloud for flexibility combined with private and dedicated servers for workloads that require more customization or higher performance. It also emphasizes the need for a cultural shift towards a DevOps model of collaboration between development and operations teams.

Windsor AWS UG - Introduction

Goran Karmisevic

The document discusses the formation of a Windsor AWS User Group to educate local IT professionals on Amazon Web Services (AWS) technologies and help address a skills gap. It provides an overview of AWS security capabilities and the need to transform IT workforces to work with cloud technologies. The user group aims to host technical sessions on topics like AWS security, networking, and continuous integration/delivery pipelines to help more people in the Windsor area learn AWS skills.

Cisco's MultiCloud Strategy

Maulik Shyani

This document summarizes Cisco's Partner Summit 2017, focusing on enabling a multicloud world. It introduces Cisco's new multicloud portfolio and offerings to help partners design, migrate, manage, and secure customer workloads across public and private clouds. Key speakers discuss opportunities in multicloud consulting, managed services, and software integration. Cisco and Google announce an open hybrid cloud solution integrating Google Cloud Platform with Cisco infrastructure software.

Cloud Security Essentials 2.0 at RSA

Shannon Lietz

Partner Briefing_January 25 (FINAL).pptx

Cloudera, Inc.

The document discusses using Cloudera DataFlow to address challenges with collecting, processing, and analyzing log data across many systems and devices. It provides an example use case of logging modernization to reduce costs and enable security solutions by filtering noise from logs. The presentation shows how DataFlow can extract relevant events from large volumes of raw log data and normalize the data to make security threats and anomalies easier to detect across many machines.

Serverless 2019 and Beyond

Mark Hinkle

"Is serverless another passing technology fad or the new standard for application deployment in cloud computing?” It’s a good question and the topic of this presentation. We will discuss the current state of serverless computing and the many considerations before investing time and resources in serverless infrastructure. For many, data center priorities have shifted from absolute uptime and performance to ”move fast and break things” as espoused by Silicon Valley, a great mantra for those with limited legacy systems and a greenfield of new products. Though the question for many enterprises though is "How does serverless integrate into their existing data center strategy?" The discussion will not only explain the state of today’s growing serverless landscape but how you can integrate your existing data center with a cloud-native serverless architecture.

(SEC202) Best Practices for Securely Leveraging the Cloud

Amazon Web Services

Cloud adoption is driving digital business growth and enabling companies to shift to processes and practices that make innovation continual. As with any paradigm shift, cloud computing requires different rules and a different way of thinking. This presentation will highlight best practices to build and secure scalable systems in the cloud and capitalize on the cloud with confidence and clarity. In this session we will cover: Key market drivers and advantages for leveraging cloud architectures. Foundational design principles to guide strategy for securely leveraging the cloud. The “Defense in Depth” approach to building secure services in the cloud, whether it’s private, public, or hybrid. Real-world customer insights from organizations who have successfully adopted the ""Defense in Depth"" approach. Session sponsored by Sumo Logic.

Apache Spark & Cassandra use case at Telefónica Cbs by Antonio Alcacer

Stratio

Justin Fox_NuData Security_A Master_Card_Company_June 9 2017_presentation

TriNimbus

A Throwaway Deck for Cloud Security Essentials 2.0 delivered at RSA 2016

Shannon Lietz

Cloud Computing Roadmap Public Vs Private Vs Hybrid And SaaS Vs PaaS Vs IaaS ...

SlideTeam

Incorporate How Project Quality Is Managed PowerPoint Presentation Slides to determine how quality will be managed throughout by handling processes and procedures. Analyze the quality-related concerns of the firm by using this effective PPT slideshow. Showcase the information regarding the quality standards that are defined in order to manage overall quality by taking the assistance of the project quality management PowerPoint slideshow. Provide detailed information about product development, design, and testing with the help of a quality management plan PPT slideshow. Showcase various quality-related initiatives, product quality assurance checklist, etc by incorporating this PowerPoint slide deck. Highlight detail about various quality control initiatives, product quality control checklist, quality assurance, etc. by using project management PPT themes. Explain control log, quality control, and assurance issues reporting plan. You can also present information on the project inspection checklist. Present testing techniques that are used to evaluate materials, components properties, in order to determine defects and discontinuities by taking the assistance of project quality assurance PowerPoint slides. The project quality PPT also allows you to present key quality management tools, weekly quality defect occurrence with check sheet, etc. https://bit.ly/3gpFPdy

Going MicroServices with Net

David Revoledo

This document discusses starting microservices with .NET. It begins with an introduction to microservices and the benefits of using them, such as improved scalability and resilience. It then covers common microservice patterns and technologies like API gateways, messaging, CQRS/DDD, and containers. Specific .NET tools are presented, including Ocelot for API gateways, RabbitMQ for messaging, MediatR for CQRS/events, and Docker for containers. The document emphasizes building microservices with failure in mind using techniques like retries, circuit breakers, and exponential backoff.

IoT: From Edge to Cloud

Sameh BEN FREDJ

This document discusses building a smart bar using cloud services. It describes a demo of a Raspberry Pi camera recognizing beer bottles and sending commands to the cloud to serve beer. It discusses challenges of IoT like security, privacy, and data volume that cloud solutions can address by managing thousands of devices, providing computation and storage, and deploying services quickly. The architecture shown uses edge devices like a Raspberry Pi for local processing and privacy, with data and insights sent to the cloud. Options for AWS and Azure cloud platforms are compared.

The Sysdig Secure DevOps Platform

Ashnikbiz

The document describes Sysdig Secure DevOps Platform, which provides unified visibility and security for production deployments of cloud-native applications. It converges security and monitoring to embed security, maximize availability, and validate compliance across the cloud-native lifecycle. The platform provides a single source of truth with context about containers, hosts, services and infrastructure. It leverages metadata to organize application and infrastructure views. The platform includes Sysdig Monitor for observability and reliability and Sysdig Secure for protection and assurance. It addresses security and operations needs for DevOps workflows across build, run and respond phases in a cloud-native environment.

CloudFest'24 [ GDSC || Assam down town University ]

AyanMasood1

Similar to Serverless Security Workflows - cyber talks - 19th nov 2019 (20)

TIAD : In a chocolate factory

dinCloud q2 pr highlights

Serverless is FaaS-tastic - All Things Open Meet-up

Microservices + Events + Docker = A Perfect Trio (dockercon)

Microservices + Events + Docker = A Perfect Trio by Docker Captain Chris Rich...

Unlocked Nov 2013: Cloud principles track

Windsor AWS UG - Introduction

Cisco's MultiCloud Strategy

Cloud Security Essentials 2.0 at RSA

Partner Briefing_January 25 (FINAL).pptx

Serverless 2019 and Beyond

(SEC202) Best Practices for Securely Leveraging the Cloud

Apache Spark & Cassandra use case at Telefónica Cbs by Antonio Alcacer

Justin Fox_NuData Security_A Master_Card_Company_June 9 2017_presentation

A Throwaway Deck for Cloud Security Essentials 2.0 delivered at RSA 2016

Cloud Computing Roadmap Public Vs Private Vs Hybrid And SaaS Vs PaaS Vs IaaS ...

Going MicroServices with Net

IoT: From Edge to Cloud

The Sysdig Secure DevOps Platform

CloudFest'24 [ GDSC || Assam down town University ]

More from Dinis Cruz

Map camp - Why context is your crown jewels (Wardley Maps and Threat Modeling)

Dinis Cruz

The document discusses using threat models and Wardley maps as a case study for the Glasswall Proxy product. It introduces the Glasswall workflow and architecture, then shifts to discussing threat models and improving an initial threat model diagram. The document suggests threat models are works of art and moves the example threat model to the PlantUML diagramming language. It explores if threat models are maps, refers to Simon Wardley's definition of maps, and how mapping can help decide what to build, buy, or outsource based on maturity and risk.

Glasswall - How to Prevent, Detect and React to Ransomware incidents

Dinis Cruz

The document provides guidance on how to prevent, detect, and react to ransomware incidents. For detection, it recommends techniques to gain advantage over malicious behavior during an attack, including reducing the blast radius through network segmentation, blocking propagation and detonation with endpoint protection, reducing payloads activated through user education, and preparing and rehearsing response with incident response playbooks. It also stresses the importance of incident response, situational awareness, and using incidents to improve security capabilities.

GSBot Commands (Slack Bot used to access Jira data)

Dinis Cruz

OSBot - Data transformation workflow (from GSheet to Jupyter)

Dinis Cruz

Jira schemas - Open Security Summit (Working Session 21th May 2019)

Dinis Cruz

Template for "Sharing anonymised risk theme dashboards v0.8"

Dinis Cruz

This document discusses sharing anonymized risk dashboards to visualize an organization's risk posture. It prompts the reader to anonymously share a risk dashboard for a past or current business by listing risk themes in six risk areas and scoring each area's risk level. Dashboards allow risk landscapes to be easily communicated over time and help understand the risk impact of decisions. The reader is instructed to anonymously provide industry, business size, revenue, and security team size details to populate an example dashboard.

Owasp and summits (may 2019)

Dinis Cruz

The document discusses the OWASP Open Security Summits, which are conferences that have been held since 2008. They provide a place for OWASP leaders to meet, collaborate, and build relationships. The summits feature working sessions on security topics and have resulted in the incubation of future OWASP leaders. In 2018, the name was changed to the Open Security Summit. The document requests that OWASP sponsor attendance at the 2019 summit by buying tickets for OWASP leaders, as they have done in previous years.

Open security summit 2019 owasp london 25th feb

Dinis Cruz

The document advertises the Open Security Summit 2019 conference happening in London from June 3-7. It will bring together security experts, developers, users, government agencies and vendors to collaborate on solving hard security problems. Participants will have the opportunity to engage in working sessions from 8am to 2am focused on 12 tracks, including outcomes from last year's summit. Individuals can purchase tickets, seek sponsorship, or have their company sponsor the event. The goal is to create a collaborative environment for maximum productivity and synergies between attendees.

Owasp summit 2019 - OWASP London 25th feb

Dinis Cruz

Evolving challenges for modern enterprise architectures in the age of APIs

Dinis Cruz

How to not fail at security data analytics (by CxOSidekick)

Dinis Cruz

1. The document discusses the challenges of obtaining security-related data from different sources and transporting it to a central platform for analysis. It addresses questions about data volume, collection methods, filtering and formatting. 2. Setting up a security data pipeline involves determining what data to collect from various host systems, networks, and applications. Data must then be forwarded from collectors to a central platform while managing bandwidth, latency, and failures. 3. Collecting the right security-related data is vital for detecting threats and being able to investigate incidents. The document argues for collecting most available data by default and filtering out exceptions, rather than only collecting predefined types of data.

Thinking in graphs v1.0

Dinis Cruz

Open Security Summit - April 2018

Dinis Cruz

Using security to drive chaos engineering - April 2018

Dinis Cruz

Using security to drive chaos engineering

Dinis Cruz

This document discusses chaos engineering and how it relates to security testing. Some key points: - Chaos engineering involves experimenting on systems by introducing variables like server crashes or network failures to test how systems respond to turbulent conditions. This helps build confidence in systems' availability. - Security testing can be viewed as a form of chaos engineering, as security tests intentionally introduce "changes" like vulnerabilities to verify systems' security and resilience. - To test systems effectively, experiments should be run continuously in production environments and introduce real-world events while minimizing impact. This helps validate that systems can withstand attacks and changes in production. - Properties of resilient, secure systems include availability, ability to handle failures, validating all

Scaling security in a cloud environment v0.5 (Sep 2017)

Dinis Cruz

This document summarizes a presentation on scaling security in cloud environments. The key points are: 1. Testing and automation are essential for scaling security in the cloud. All aspects of the cloud environment, from provisioning to deployment to scaling, need to be tested. 2. Performance tests should be run daily, including during high-volume periods, to test the behavior of the system under different loads. Quality assurance tests can serve as good performance tests when executed in random order. 3. Automated scaling is a powerful feature of the cloud but autoscaling rules and behaviors also need to be tested to ensure they work as expected under different conditions.

Improving the quality of Cyber Security Hires via Pre-Interview Challenges

Dinis Cruz

Creating a Graph Based Security Organisation - DevSecCon Keynote

Dinis Cruz

This document discusses graphs and how viewing problems, organizations, and other complex systems through a "graph lens" can provide insights. It provides examples of how many common applications and data structures can be modeled as graphs, such as threat models, source code, workflows, and social networks. It also discusses how the presenter's organization uses Jira and Confluence to map their security programs, projects, risks and tasks as a graph to help manage their work. Maintaining these "graph databases" through linking and structuring information is important for effectiveness.

Owasp Summit 2017 - Keynote

Dinis Cruz

Owasp summit slides day 2

Dinis Cruz

The document contains the schedule for today which includes 10 sessions from 10:00-09:30. It also includes details on several presentations including the title, presenter, and content. There is information on integrating security into a portfolio kanban process with 5 stages. Additionally, it discusses recruiting AppSec talent and includes a draft of the AppSec Joel test. It summarizes outcomes from discussions on defining agile security practices, the SAMM model, cloud security behaviors, and securing the CI pipeline.

More from Dinis Cruz (20)

Map camp - Why context is your crown jewels (Wardley Maps and Threat Modeling)

Glasswall - How to Prevent, Detect and React to Ransomware incidents

GSBot Commands (Slack Bot used to access Jira data)

OSBot - Data transformation workflow (from GSheet to Jupyter)

Jira schemas - Open Security Summit (Working Session 21th May 2019)

Template for "Sharing anonymised risk theme dashboards v0.8"

Owasp and summits (may 2019)

Open security summit 2019 owasp london 25th feb

Owasp summit 2019 - OWASP London 25th feb

Evolving challenges for modern enterprise architectures in the age of APIs

How to not fail at security data analytics (by CxOSidekick)

Thinking in graphs v1.0

Open Security Summit - April 2018

Using security to drive chaos engineering - April 2018

Using security to drive chaos engineering

Scaling security in a cloud environment v0.5 (Sep 2017)

Improving the quality of Cyber Security Hires via Pre-Interview Challenges

Creating a Graph Based Security Organisation - DevSecCon Keynote

Owasp Summit 2017 - Keynote

Owasp summit slides day 2

Recently uploaded

Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...

Jeffrey Haguewood

Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows. We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases. This video focuses on integration of Salesforce with Bonterra Impact Management. Interested in deploying an integration with Salesforce for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.

leewayhertz.com-AI in predictive maintenance Use cases technologies benefits ...

alexjohnson7307

Serial Arm Control in Real Time Presentation

tolgahangng

Nunit vs XUnit vs MSTest Differences Between These Unit Testing Frameworks.pdf

flufftailshop

When it comes to unit testing in the .NET ecosystem, developers have a wide range of options available. Among the most popular choices are NUnit, XUnit, and MSTest. These unit testing frameworks provide essential tools and features to help ensure the quality and reliability of code. However, understanding the differences between these frameworks is crucial for selecting the most suitable one for your projects.

Nordic Marketo Engage User Group_June 13_ 2024.pptx

MichaelKnudsen27

GraphRAG for Life Science to increase LLM accuracy

Tomaz Bratanic

Deep Dive: Getting Funded with Jason Jason Lemkin Founder & CEO @ SaaStr

saastr

5th LF Energy Power Grid Model Meet-up Slides

DanBrown980551

5th Power Grid Model Meet-up It is with great pleasure that we extend to you an invitation to the 5th Power Grid Model Meet-up, scheduled for 6th June 2024. This event will adopt a hybrid format, allowing participants to join us either through an online Mircosoft Teams session or in person at TU/e located at Den Dolech 2, Eindhoven, Netherlands. The meet-up will be hosted by Eindhoven University of Technology (TU/e), a research university specializing in engineering science & technology. Power Grid Model The global energy transition is placing new and unprecedented demands on Distribution System Operators (DSOs). Alongside upgrades to grid capacity, processes such as digitization, capacity optimization, and congestion management are becoming vital for delivering reliable services. Power Grid Model is an open source project from Linux Foundation Energy and provides a calculation engine that is increasingly essential for DSOs. It offers a standards-based foundation enabling real-time power systems analysis, simulations of electrical power grids, and sophisticated what-if analysis. In addition, it enables in-depth studies and analysis of the electrical power grid’s behavior and performance. This comprehensive model incorporates essential factors such as power generation capacity, electrical losses, voltage levels, power flows, and system stability. Power Grid Model is currently being applied in a wide variety of use cases, including grid planning, expansion, reliability, and congestion studies. It can also help in analyzing the impact of renewable energy integration, assessing the effects of disturbances or faults, and developing strategies for grid control and optimization. What to expect For the upcoming meetup we are organizing, we have an exciting lineup of activities planned: -Insightful presentations covering two practical applications of the Power Grid Model. -An update on the latest advancements in Power Grid -Model technology during the first and second quarters of 2024. -An interactive brainstorming session to discuss and propose new feature requests. -An opportunity to connect with fellow Power Grid Model enthusiasts and users.

Artificial Intelligence for XMLDevelopment

Octavian Nadolu

In the rapidly evolving landscape of technologies, XML continues to play a vital role in structuring, storing, and transporting data across diverse systems. The recent advancements in artificial intelligence (AI) present new methodologies for enhancing XML development workflows, introducing efficiency, automation, and intelligent capabilities. This presentation will outline the scope and perspective of utilizing AI in XML development. The potential benefits and the possible pitfalls will be highlighted, providing a balanced view of the subject. We will explore the capabilities of AI in understanding XML markup languages and autonomously creating structured XML content. Additionally, we will examine the capacity of AI to enrich plain text with appropriate XML markup. Practical examples and methodological guidelines will be provided to elucidate how AI can be effectively prompted to interpret and generate accurate XML markup. Further emphasis will be placed on the role of AI in developing XSLT, or schemas such as XSD and Schematron. We will address the techniques and strategies adopted to create prompts for generating code, explaining code, or refactoring the code, and the results achieved. The discussion will extend to how AI can be used to transform XML content. In particular, the focus will be on the use of AI XPath extension functions in XSLT, Schematron, Schematron Quick Fixes, or for XML content refactoring. The presentation aims to deliver a comprehensive overview of AI usage in XML development, providing attendees with the necessary knowledge to make informed decisions. Whether you’re at the early stages of adopting AI or considering integrating it in advanced XML development, this presentation will cover all levels of expertise. By highlighting the potential advantages and challenges of integrating AI with XML development tools and languages, the presentation seeks to inspire thoughtful conversation around the future of XML development. We’ll not only delve into the technical aspects of AI-powered XML development but also discuss practical implications and possible future directions.

Recommendation System using RAG Architecture

fredae14

Best 20 SEO Techniques To Improve Website Visibility In SERP

Pixlogix Infotech

Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack

shyamraj55

Skybuffer SAM4U tool for SAP license adoption

Tatiana Kojar

Manage and optimize your license adoption and consumption with SAM4U, an SAP free customer software asset management tool. SAM4U, an SAP complimentary software asset management tool for customers, delivers a detailed and well-structured overview of license inventory and usage with a user-friendly interface. We offer a hosted, cost-effective, and performance-optimized SAM4U setup in the Skybuffer Cloud environment. You retain ownership of the system and data, while we manage the ABAP 7.58 infrastructure, ensuring fixed Total Cost of Ownership (TCO) and exceptional services through the SAP Fiori interface.

HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU

panagenda

Webinar Recording: https://www.panagenda.com/webinars/hcl-notes-und-domino-lizenzkostenreduzierung-in-der-welt-von-dlau/ DLAU und die Lizenzen nach dem CCB- und CCX-Modell sind für viele in der HCL-Community seit letztem Jahr ein heißes Thema. Als Notes- oder Domino-Kunde haben Sie vielleicht mit unerwartet hohen Benutzerzahlen und Lizenzgebühren zu kämpfen. Sie fragen sich vielleicht, wie diese neue Art der Lizenzierung funktioniert und welchen Nutzen sie Ihnen bringt. Vor allem wollen Sie sicherlich Ihr Budget einhalten und Kosten sparen, wo immer möglich. Das verstehen wir und wir möchten Ihnen dabei helfen! Wir erklären Ihnen, wie Sie häufige Konfigurationsprobleme lösen können, die dazu führen können, dass mehr Benutzer gezählt werden als nötig, und wie Sie überflüssige oder ungenutzte Konten identifizieren und entfernen können, um Geld zu sparen. Es gibt auch einige Ansätze, die zu unnötigen Ausgaben führen können, z. B. wenn ein Personendokument anstelle eines Mail-Ins für geteilte Mailboxen verwendet wird. Wir zeigen Ihnen solche Fälle und deren Lösungen. Und natürlich erklären wir Ihnen das neue Lizenzmodell. Nehmen Sie an diesem Webinar teil, bei dem HCL-Ambassador Marc Thomas und Gastredner Franz Walder Ihnen diese neue Welt näherbringen. Es vermittelt Ihnen die Tools und das Know-how, um den Überblick zu bewahren. Sie werden in der Lage sein, Ihre Kosten durch eine optimierte Domino-Konfiguration zu reduzieren und auch in Zukunft gering zu halten. Diese Themen werden behandelt - Reduzierung der Lizenzkosten durch Auffinden und Beheben von Fehlkonfigurationen und überflüssigen Konten - Wie funktionieren CCB- und CCX-Lizenzen wirklich? - Verstehen des DLAU-Tools und wie man es am besten nutzt - Tipps für häufige Problembereiche, wie z. B. Team-Postfächer, Funktions-/Testbenutzer usw. - Praxisbeispiele und Best Practices zum sofortigen Umsetzen

Presentation of the OECD Artificial Intelligence Review of Germany

innovationoecd

Skybuffer AI: Advanced Conversational and Generative AI Solution on SAP Busin...

Tatiana Kojar

Skybuffer AI, built on the robust SAP Business Technology Platform (SAP BTP), is the latest and most advanced version of our AI development, reaffirming our commitment to delivering top-tier AI solutions. Skybuffer AI harnesses all the innovative capabilities of the SAP BTP in the AI domain, from Conversational AI to cutting-edge Generative AI and Retrieval-Augmented Generation (RAG). It also helps SAP customers safeguard their investments into SAP Conversational AI and ensure a seamless, one-click transition to SAP Business AI. With Skybuffer AI, various AI models can be integrated into a single communication channel such as Microsoft Teams. This integration empowers business users with insights drawn from SAP backend systems, enterprise documents, and the expansive knowledge of Generative AI. And the best part of it is that it is all managed through our intuitive no-code Action Server interface, requiring no extensive coding knowledge and making the advanced AI accessible to more users.

Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...

saastr

Columbus Data & Analytics Wednesdays - June 2024

Jason Packer

dbms calicut university B. sc Cs 4th sem.pdf

Shinana2

Main news related to the CCS TSI 2023 (2023/1695)

Jakub Marek

An English 🇬🇧 translation of a presentation to the speech I gave about the main changes brought by CCS TSI 2023 at the biggest Czech conference on Communications and signalling systems on Railways, which was held in Clarion Hotel Olomouc from 7th to 9th November 2023 (konferenceszt.cz). Attended by around 500 participants and 200 on-line followers. The original Czech 🇨🇿 version of the presentation can be found here: https://www.slideshare.net/slideshow/hlavni-novinky-souvisejici-s-ccs-tsi-2023-2023-1695/269688092 . The videorecording (in Czech) from the presentation is available here: https://youtu.be/WzjJWm4IyPk?si=SImb06tuXGb30BEH .

Recently uploaded (20)

Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...

leewayhertz.com-AI in predictive maintenance Use cases technologies benefits ...

Serial Arm Control in Real Time Presentation

Nunit vs XUnit vs MSTest Differences Between These Unit Testing Frameworks.pdf

Nordic Marketo Engage User Group_June 13_ 2024.pptx

GraphRAG for Life Science to increase LLM accuracy

Deep Dive: Getting Funded with Jason Jason Lemkin Founder & CEO @ SaaStr

5th LF Energy Power Grid Model Meet-up Slides

Artificial Intelligence for XMLDevelopment

Recommendation System using RAG Architecture

Best 20 SEO Techniques To Improve Website Visibility In SERP

Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack

Skybuffer SAM4U tool for SAP license adoption

HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU

Presentation of the OECD Artificial Intelligence Review of Germany

Skybuffer AI: Advanced Conversational and Generative AI Solution on SAP Busin...

Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...

Columbus Data & Analytics Wednesdays - June 2024

dbms calicut university B. sc Cs 4th sem.pdf

Main news related to the CCS TSI 2023 (2023/1695)

Serverless Security Workflows - cyber talks - 19th nov 2019

1. @DinisCruz Serverless Security Workﬂows Dinis Cruz GlassWall VP Engineering and CISO Nov 2019

2. @DinisCruz Serverless is a major paradigm shift

3. @DinisCruz Serverless allow Security activities to scale

4. @DinisCruz Serverless allow Security activities to have ‘enterprise scalability’

5. @DinisCruz Key Concept: Security as center of Excellence and Innovation

6. @DinisCruz Security teams don’t run code in Production

7. @DinisCruz Which means that Security ‘Should’ not have ‘Legacy’

8. @DinisCruz Security ‘internally’ needs to be an Leader of Innovation

9. @DinisCruz It is your responsibility To lead the automation of Security

10. @DinisCruz If you are running on Spreadsheets …. You are Legacy

11. @DinisCruz Everybody in Security needs to ‘Code’ and ‘Automate their workflows’

12. @DinisCruz Serverless History

13. @DinisCruz Serverless = reduced stack https://www.slideshare.net/estelleinomniaparatus/icc-paas-vs-faas-v41

14. @DinisCruz Serverless’ Cost

15. @DinisCruz When you do it right, not that much Serverless environments enable event-driven workﬂows that dramatically change the scalability and cost of Security Operations

16. @DinisCruz When you get it wrong you will not save much

17. @DinisCruz Serverless Today

18. @DinisCruz In Azure

19. @DinisCruz In AWS

20. @DinisCruz In GCP (Google Cloud Platform)

21. @DinisCruz It’s Micro-Micro Services

22. @DinisCruz In Serverless The Key benefits are the side-effects

23. @DinisCruz Using Wardley Maps to understand Serverless

24. @DinisCruz

25. @DinisCruz

26. @DinisCruz

27. @DinisCruz

28. @DinisCruz

29. @DinisCruz

30. @DinisCruz

31. @DinisCruz

32. @DinisCruz

33. @DinisCruz Amazon Strategy (in Maps)

34. @DinisCruz Commodities creates new opportunities

35. @DinisCruz Key Pattern (for your team and business) 1. Create Platform 2. View what users are doing in your Platform a. What they are moving from Genesis to Custom Build 3. Productize and Commoditize that 4. Rise and Repeat ● For example: ○ EC2 -> Lambda ○ EC2 -> Lambda -> API Gateway automations ○ EC2 -> MySQL as a Service -> Serverless MySQL ○ EC2 -> Elastic Container Service (ECS) -> Fargate ○ EC2 -> LightSail

36. @DinisCruz Scaling Incident event operations Based on Serverless workflow

37. @DinisCruz Workflow Person Credentials Application uses to access conditions generate Alert acknowledged in Slack by entered in action updates status of alert in

38. @DinisCruz Jira as (graph) database

39. @DinisCruz Slack as UI , Jira as Database

40. @DinisCruz Serverless Automatic Generation of Maps

41. @DinisCruz Slack Bot

42. @DinisCruz Jira and Jupyter Notebooks

43. @DinisCruz Using Jira to capture data

44. @DinisCruz ‘Serverless’ Security Workflows ‘Serverless Security’ Workflows ! =

45. @DinisCruz First let’s talk about ‘Serverless’ Security Workflows

46. @DinisCruz I.e. the use of Serverless technology to scale Security Workflows

47. @DinisCruz https://www.plugandplaytechcenter.com/resources/serverless-security-everything-you-need-know-about-it/ We need to scale security actions