This document provides an overview of crafting secure and composable Sitecore SaaS-based applications. It discusses increasing attack surfaces with SaaS and microservices architectures. It then covers security topics like the layered security model, zero trust architecture, securing Docker and Kubernetes, infrastructure as code, automated security testing, and a reference security solution architecture. The presentation emphasizes security by design, automation, and people/process through concepts like DevSecOps. It aims to educate on building security into applications from the start through frameworks, best practices and automation.
SUGCON: The Agile Nirvana of DevSecOps and ContainerizationVasiliy Fomichev
Sitecore deployments are traditionally relatively expensive due to the technological and architectural limitations. The introduction of a containerized hosting model is a game-changer in the Sitecore DevOps story. It allows DevOps teams to enable delivery security features, and reduce deployment cycles through automation, by activating DevSecOps strategies. This flexibility or cost-efficiency of containerized deployments allows DevOps and engineering teams to focus on and align around business value, rather than being handicapped by the legacy technology and systems. In this session we will walk the attendees through the benefits of a DevSecOps pipeline to IT, development teams, and their business leadership and show what it takes to migrate to the AKS-hosted infrastructure from an on-premise setup. We will present a reference design for an automated DevSecOps pipeline that focuses on security, quality, and speed. The session will cover the learnings from a major healthcare technology and research company that has gone through this shift and highlight the impact they experienced on the infrastructure, solution architecture, DevOps pipeline, processes and internal resources - Infrastructure: we will provide a feature overview of Azure vs AWS as it relates to a containerized Sitecore implementation, covering risks, cons, and pros associated with each and the cost estimation process for AKS. Sitecore Topology: we will cover the steps for changing Sitecore default AKS topology for maximum cost efficiency, and flexibility. DevOps pipeline: we will cover the automation that is required to move towards DevSecOps with environment creation via Infrastructure as Code, disaster recovery, and zero-downtime fully automated deployments to production. Processes and team changes: We will present how the new DevSecOps pipeline will affect internal processes and what internal support team changes are required to continue managing the new infrastructure and release pipeline.
Starting with the API documentation, use Postman to query the APIs, then generate python code from
Postman, to showing how to python class and methods can be developed and tested in an IDE, and how to
incorporate that into a simple Ansible module which is used to create a VLAN programmatically.
Cisco Virtualized Multi-tenant Data Center solution (VMDC) is an architectural approach to IT which delivers a Cloud Ready Infrastructure. The architecture encompasses multiple systems and functions defining a standard framework for an IT organization. Standardization allows the organization to achieve operational efficiencies, reduce risk and achieve cost reductions while offering a consistent platform for business.
A presentation on the Netflix Cloud Architecture and NetflixOSS open source. For the All Things Open 2015 conference in Raleigh 2015/10/19. #ATO2015 #NetflixOSS
Azure 101: Shared responsibility in the Azure CloudPaulo Renato
Whether you’re working exclusively on Azure or with multiple cloud environments, there are certain things you should consider when moving assets to the public cloud. As with any cloud deployment, security is a top priority, and moving your workloads to the Azure cloud doesn’t mean you’re not responsible for the security of your operating system, applications, and data.
Building on the security of the Azure infrastructure, this shared security responsibility starts with making sure your environment is secure. In this session, we will discuss step-by-step what you need to do to secure access at the administrative, application and network layers.
Cisco’s Cloud Strategy, including our acquisition of CliQr Cisco Canada
At Partner Summit we made a series of exciting announcements in our Cloud portfolio, including our acquisition of CliQr. Join us to learn about these new announcements and an understanding of Cisco’s Cloud Strategy.
- How does CliQr fit into our existing Cloud portfolio (Metapod, APIC, Enterprise Cloud Suite, Cloud Consumption-as-a-Service)?
- How does our Cloud portfolio today meet the needs of our customers? What problems are we solving?
- How does our portfolio today position us for the world of Containers and Microservices?
Join us for a presentation of how these announcements fit into our current environment and what they mean to your longer-term strategy.
Security Architecture Consulting - Hiren ShahNSConclave
In modern age it has become crucial to perform secure architecture review along with regular pentest practice. Application architecture review can be defined as reviewing the current security controls in the application architecture. This helps a user to identify potential security flaws at an early stage and mitigate them before starting the development stage.
SUGCON: The Agile Nirvana of DevSecOps and ContainerizationVasiliy Fomichev
Sitecore deployments are traditionally relatively expensive due to the technological and architectural limitations. The introduction of a containerized hosting model is a game-changer in the Sitecore DevOps story. It allows DevOps teams to enable delivery security features, and reduce deployment cycles through automation, by activating DevSecOps strategies. This flexibility or cost-efficiency of containerized deployments allows DevOps and engineering teams to focus on and align around business value, rather than being handicapped by the legacy technology and systems. In this session we will walk the attendees through the benefits of a DevSecOps pipeline to IT, development teams, and their business leadership and show what it takes to migrate to the AKS-hosted infrastructure from an on-premise setup. We will present a reference design for an automated DevSecOps pipeline that focuses on security, quality, and speed. The session will cover the learnings from a major healthcare technology and research company that has gone through this shift and highlight the impact they experienced on the infrastructure, solution architecture, DevOps pipeline, processes and internal resources - Infrastructure: we will provide a feature overview of Azure vs AWS as it relates to a containerized Sitecore implementation, covering risks, cons, and pros associated with each and the cost estimation process for AKS. Sitecore Topology: we will cover the steps for changing Sitecore default AKS topology for maximum cost efficiency, and flexibility. DevOps pipeline: we will cover the automation that is required to move towards DevSecOps with environment creation via Infrastructure as Code, disaster recovery, and zero-downtime fully automated deployments to production. Processes and team changes: We will present how the new DevSecOps pipeline will affect internal processes and what internal support team changes are required to continue managing the new infrastructure and release pipeline.
Starting with the API documentation, use Postman to query the APIs, then generate python code from
Postman, to showing how to python class and methods can be developed and tested in an IDE, and how to
incorporate that into a simple Ansible module which is used to create a VLAN programmatically.
Cisco Virtualized Multi-tenant Data Center solution (VMDC) is an architectural approach to IT which delivers a Cloud Ready Infrastructure. The architecture encompasses multiple systems and functions defining a standard framework for an IT organization. Standardization allows the organization to achieve operational efficiencies, reduce risk and achieve cost reductions while offering a consistent platform for business.
A presentation on the Netflix Cloud Architecture and NetflixOSS open source. For the All Things Open 2015 conference in Raleigh 2015/10/19. #ATO2015 #NetflixOSS
Azure 101: Shared responsibility in the Azure CloudPaulo Renato
Whether you’re working exclusively on Azure or with multiple cloud environments, there are certain things you should consider when moving assets to the public cloud. As with any cloud deployment, security is a top priority, and moving your workloads to the Azure cloud doesn’t mean you’re not responsible for the security of your operating system, applications, and data.
Building on the security of the Azure infrastructure, this shared security responsibility starts with making sure your environment is secure. In this session, we will discuss step-by-step what you need to do to secure access at the administrative, application and network layers.
Cisco’s Cloud Strategy, including our acquisition of CliQr Cisco Canada
At Partner Summit we made a series of exciting announcements in our Cloud portfolio, including our acquisition of CliQr. Join us to learn about these new announcements and an understanding of Cisco’s Cloud Strategy.
- How does CliQr fit into our existing Cloud portfolio (Metapod, APIC, Enterprise Cloud Suite, Cloud Consumption-as-a-Service)?
- How does our Cloud portfolio today meet the needs of our customers? What problems are we solving?
- How does our portfolio today position us for the world of Containers and Microservices?
Join us for a presentation of how these announcements fit into our current environment and what they mean to your longer-term strategy.
Security Architecture Consulting - Hiren ShahNSConclave
In modern age it has become crucial to perform secure architecture review along with regular pentest practice. Application architecture review can be defined as reviewing the current security controls in the application architecture. This helps a user to identify potential security flaws at an early stage and mitigate them before starting the development stage.
Stay productive while slicing up the monolithMarkus Eisele
Microservices-based architectures are in vogue. Over the last couple of years, we have learned how thought leaders implement them, and it seems like every other week we hear about how containers and platform-as-a-service offerings make them ultimately happen.
Tech Talent Night Copenhagen 11/22/17
https://greenticket.dk/techtalentnightcph
"Lesson learns from Japan cloud trend" explains the followings
- CloudStack Mascot History
- Japan SP / Academic cloud use cases
- Japan CloudStack Community
Romuald Zdebskiy, Games Lead for CEE, Microsoft
There are a lot of buzz on cloud for game development. At the same time there are scenarios which benefit more from cloud as well as those that benefit less. The very goal of this session is to walk you through more than 10 gamedev scenarios where cloud works best or not so best. We will use Microsoft Cloud – Azure – as an example.
Are you securing your microservice architectures by hiding them behind a firewall? That works, but there are better ways to do it. This presentation recommends 11 patterns to secure microservice architectures.
1. Be Secure by Design
2. Scan Dependencies
3. Use HTTPS Everywhere
4. Use Access and Identity Tokens
5. Encrypt and Protect Secrets
6. Verify Security with Delivery Pipelines
7. Slow Down Attackers
8. Use Docker Rootless Mode
9. Use Time-Based Security
10. Scan Docker and Kubernetes Configuration for Vulnerabilities
11. Know Your Cloud and Cluster Security
Blog post: https://developer.okta.com/blog/2020/03/23/microservice-security-patterns
Application Centric Microservices from Redhat Summit 2015Ken Owens
When Cisco started envisioning the future of its application development platforms, the ability to create applications that are cloud-native with elastic services, network-aware application policies, and micro-services was strategic to the company. When the decision to build and operate a Cisco cloud service delivery platform for collaboration, video, and Internet of Things (IoT) application development was made, OpenStack and micro-services became central to our application architectures and strategic to our vision as a company. This presentation will look at the journey Cisco developers took to transform to an application-centric OpenStack platform for application development in a secure, network-centric, and completely open source manner. The importance of the platform being Red Hat Enterprise Linux OpenStack Platform and using OpenShift by Red Hat and the contribution to the community will be described. The micro-services architecture and service-oriented DevOps lessons learned for enabling massive scalable and continuous delivery of software will be presented and demoed.
Security Patterns for Microservice Architectures - SpringOne 2020Matt Raible
Are you securing your microservice architectures by hiding them behind a firewall? That works, but there are better ways to do it. This presentation recommends 11 patterns to secure microservice architectures.
1. Be Secure by Design
2. Scan Dependencies
3. Use HTTPS Everywhere
4. Use Access and Identity Tokens
5. Encrypt and Protect Secrets
6. Verify Security with Delivery Pipelines
7. Slow Down Attackers
8. Use Docker Rootless Mode
9. Use Time-Based Security
10. Scan Docker and Kubernetes Configuration for Vulnerabilities
11. Know Your Cloud and Cluster Security
Blog post: https://developer.okta.com/blog/2020/03/23/microservice-security-patterns
Security Patterns for Microservice Architectures - London Java Community 2020Matt Raible
Are you securing your microservice architectures by hiding them behind a firewall? That works, but there are better ways to do it. This presentation recommends 11 patterns to secure microservice architectures.
1. Be Secure by Design
2. Scan Dependencies
3. Use HTTPS Everywhere
4. Use Access and Identity Tokens
5. Encrypt and Protect Secrets
6. Verify Security with Delivery Pipelines
7. Slow Down Attackers
8. Use Docker Rootless Mode
9. Use Time-Based Security
10. Scan Docker and Kubernetes Configuration for Vulnerabilities
11. Know Your Cloud and Cluster Security
Blog post: https://developer.okta.com/blog/2020/03/23/microservice-security-patterns
Security Patterns for Microservice Architectures - Oktane20Matt Raible
Are you securing your microservice architectures by hiding them behind a firewall? That works, but there are better ways to do it. This presentation recommends 11 patterns to secure microservice architectures.
1. Be Secure by Design
2. Scan Dependencies
3. Use HTTPS Everywhere
4. Use Access and Identity Tokens
5. Encrypt and Protect Secrets
6. Verify Security with Delivery Pipelines
7. Slow Down Attackers
8. Use Docker Rootless Mode
9. Use Time-Based Security
10. Scan Docker and Kubernetes Configuration for Vulnerabilities
11. Know Your Cloud and Cluster Security
Blog post: https://developer.okta.com/blog/2020/03/23/microservice-security-patterns
NYC MTC - Generative AI Solutions with Sitecore and Micrososft.pptxVasiliy Fomichev
Generative AI continues to be a focus in the Digital Experience community. At Sitecore, we are transforming how digital content is created, managed, and experienced. AI-enhanced tools help Digital Experience leaders to streamline operations, unleash creativity, and drive innovation.
Sitecore, Microsoft and Altudo welcome you along with other New York Metro Area industry leaders to come discuss GenAI and hear about different ways in which you can embed it into your overall content strategy.
Marketing teams are racing to learn more about generative AI models. Sitecore is at the forefront of integrating these groundbreaking new technologies into everyday content marketing operations. Conversational LLM transformers can be used today to create marketing copy, imagery, and personalized advertising.
Stay productive while slicing up the monolithMarkus Eisele
Microservices-based architectures are in vogue. Over the last couple of years, we have learned how thought leaders implement them, and it seems like every other week we hear about how containers and platform-as-a-service offerings make them ultimately happen.
Tech Talent Night Copenhagen 11/22/17
https://greenticket.dk/techtalentnightcph
"Lesson learns from Japan cloud trend" explains the followings
- CloudStack Mascot History
- Japan SP / Academic cloud use cases
- Japan CloudStack Community
Romuald Zdebskiy, Games Lead for CEE, Microsoft
There are a lot of buzz on cloud for game development. At the same time there are scenarios which benefit more from cloud as well as those that benefit less. The very goal of this session is to walk you through more than 10 gamedev scenarios where cloud works best or not so best. We will use Microsoft Cloud – Azure – as an example.
Are you securing your microservice architectures by hiding them behind a firewall? That works, but there are better ways to do it. This presentation recommends 11 patterns to secure microservice architectures.
1. Be Secure by Design
2. Scan Dependencies
3. Use HTTPS Everywhere
4. Use Access and Identity Tokens
5. Encrypt and Protect Secrets
6. Verify Security with Delivery Pipelines
7. Slow Down Attackers
8. Use Docker Rootless Mode
9. Use Time-Based Security
10. Scan Docker and Kubernetes Configuration for Vulnerabilities
11. Know Your Cloud and Cluster Security
Blog post: https://developer.okta.com/blog/2020/03/23/microservice-security-patterns
Application Centric Microservices from Redhat Summit 2015Ken Owens
When Cisco started envisioning the future of its application development platforms, the ability to create applications that are cloud-native with elastic services, network-aware application policies, and micro-services was strategic to the company. When the decision to build and operate a Cisco cloud service delivery platform for collaboration, video, and Internet of Things (IoT) application development was made, OpenStack and micro-services became central to our application architectures and strategic to our vision as a company. This presentation will look at the journey Cisco developers took to transform to an application-centric OpenStack platform for application development in a secure, network-centric, and completely open source manner. The importance of the platform being Red Hat Enterprise Linux OpenStack Platform and using OpenShift by Red Hat and the contribution to the community will be described. The micro-services architecture and service-oriented DevOps lessons learned for enabling massive scalable and continuous delivery of software will be presented and demoed.
Security Patterns for Microservice Architectures - SpringOne 2020Matt Raible
Are you securing your microservice architectures by hiding them behind a firewall? That works, but there are better ways to do it. This presentation recommends 11 patterns to secure microservice architectures.
1. Be Secure by Design
2. Scan Dependencies
3. Use HTTPS Everywhere
4. Use Access and Identity Tokens
5. Encrypt and Protect Secrets
6. Verify Security with Delivery Pipelines
7. Slow Down Attackers
8. Use Docker Rootless Mode
9. Use Time-Based Security
10. Scan Docker and Kubernetes Configuration for Vulnerabilities
11. Know Your Cloud and Cluster Security
Blog post: https://developer.okta.com/blog/2020/03/23/microservice-security-patterns
Security Patterns for Microservice Architectures - London Java Community 2020Matt Raible
Are you securing your microservice architectures by hiding them behind a firewall? That works, but there are better ways to do it. This presentation recommends 11 patterns to secure microservice architectures.
1. Be Secure by Design
2. Scan Dependencies
3. Use HTTPS Everywhere
4. Use Access and Identity Tokens
5. Encrypt and Protect Secrets
6. Verify Security with Delivery Pipelines
7. Slow Down Attackers
8. Use Docker Rootless Mode
9. Use Time-Based Security
10. Scan Docker and Kubernetes Configuration for Vulnerabilities
11. Know Your Cloud and Cluster Security
Blog post: https://developer.okta.com/blog/2020/03/23/microservice-security-patterns
Security Patterns for Microservice Architectures - Oktane20Matt Raible
Are you securing your microservice architectures by hiding them behind a firewall? That works, but there are better ways to do it. This presentation recommends 11 patterns to secure microservice architectures.
1. Be Secure by Design
2. Scan Dependencies
3. Use HTTPS Everywhere
4. Use Access and Identity Tokens
5. Encrypt and Protect Secrets
6. Verify Security with Delivery Pipelines
7. Slow Down Attackers
8. Use Docker Rootless Mode
9. Use Time-Based Security
10. Scan Docker and Kubernetes Configuration for Vulnerabilities
11. Know Your Cloud and Cluster Security
Blog post: https://developer.okta.com/blog/2020/03/23/microservice-security-patterns
NYC MTC - Generative AI Solutions with Sitecore and Micrososft.pptxVasiliy Fomichev
Generative AI continues to be a focus in the Digital Experience community. At Sitecore, we are transforming how digital content is created, managed, and experienced. AI-enhanced tools help Digital Experience leaders to streamline operations, unleash creativity, and drive innovation.
Sitecore, Microsoft and Altudo welcome you along with other New York Metro Area industry leaders to come discuss GenAI and hear about different ways in which you can embed it into your overall content strategy.
Marketing teams are racing to learn more about generative AI models. Sitecore is at the forefront of integrating these groundbreaking new technologies into everyday content marketing operations. Conversational LLM transformers can be used today to create marketing copy, imagery, and personalized advertising.
SUGCON NA 2023 - Crafting Lightning Fast Composable Experiences.pptxVasiliy Fomichev
Website performance has become a cornerstone of user experience and brands that incorporate that into all aspects of digital gain a long-term strategic advantage. Join this session to learn about the fascinating realm of how performance optimization can significantly influence your business strategy and user satisfaction. Drawing from real world experience, we will explore the concrete connection between website performance, SEO, loyalty, digital engagement, conversion rates, and revenue. As we trace the evolution of performance, we'll discuss the growing convergence of technology and strategy in the optimization process. Our focus will then shift to the heart of composable architecture, where you will learn invaluable tips on how to implement the experience management tools with personalization and experimentation without sacrificing performance and user experience. We'll provide practical technology recommendations to be aware of as you implement or look to optimize your digital experience using the new Sitecore composable tools. Harness the power of the new modern MarTech to turn performance into a strategic advantage.
Sitecore Symposium 2018 session on the advancements in the e-commerce space. The presentation covered the existing functionality in Sitecore Commerce, as well as modules and plugins that may help achieve similar features and functionality to Amazon.com, as well as take it beyond with the use of voice commerce, blogging, chat bots, and blockchain. The source code for the Ethereum plugins, Xamarin mobile app, and the Chrome browser extension built for the presentation can be found at https://github.com/vasiliyfomichev
LASUG Online: Introduction to Docker and Docker ToolsVasiliy Fomichev
Docker is the fastest growing technology! Attendees
will be introduced to Docker containers and learn how to setup complex scaled xDB and Solr setups in
seconds. Docker is becoming more and more popular – Microsoft has already integrated containers into
Windows servers, and the release of a Windows OS kernel supporting containers is not far away. Join this session to learn how Docker can help in Sitecore development and system administration.
Introduction to Docker for Sitecore developers, sys admins, and managers. Docker history, use cases, use of Docker with Sitecore. Overview of Mongo and Solr on Docker with Sitecore. Shipping Sitecore code using Docker, Continuous Integration, and Immutable Infrastructure in today's CMS development. Docker makes DevOps a reality!
Dr. Sean Tan, Head of Data Science, Changi Airport Group
Discover how Changi Airport Group (CAG) leverages graph technologies and generative AI to revolutionize their search capabilities. This session delves into the unique search needs of CAG’s diverse passengers and customers, showcasing how graph data structures enhance the accuracy and relevance of AI-generated search results, mitigating the risk of “hallucinations” and improving the overall customer journey.
Climate Impact of Software Testing at Nordic Testing DaysKari Kakkonen
My slides at Nordic Testing Days 6.6.2024
Climate impact / sustainability of software testing discussed on the talk. ICT and testing must carry their part of global responsibility to help with the climat warming. We can minimize the carbon footprint but we can also have a carbon handprint, a positive impact on the climate. Quality characteristics can be added with sustainability, and then measured continuously. Test environments can be used less, and in smaller scale and on demand. Test techniques can be used in optimizing or minimizing number of tests. Test automation can be used to speed up testing.
Communications Mining Series - Zero to Hero - Session 1DianaGray10
This session provides introduction to UiPath Communication Mining, importance and platform overview. You will acquire a good understand of the phases in Communication Mining as we go over the platform with you. Topics covered:
• Communication Mining Overview
• Why is it important?
• How can it help today’s business and the benefits
• Phases in Communication Mining
• Demo on Platform overview
• Q/A
In his public lecture, Christian Timmerer provides insights into the fascinating history of video streaming, starting from its humble beginnings before YouTube to the groundbreaking technologies that now dominate platforms like Netflix and ORF ON. Timmerer also presents provocative contributions of his own that have significantly influenced the industry. He concludes by looking at future challenges and invites the audience to join in a discussion.
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...Neo4j
Leonard Jayamohan, Partner & Generative AI Lead, Deloitte
This keynote will reveal how Deloitte leverages Neo4j’s graph power for groundbreaking digital twin solutions, achieving a staggering 100x performance boost. Discover the essential role knowledge graphs play in successful generative AI implementations. Plus, get an exclusive look at an innovative Neo4j + Generative AI solution Deloitte is developing in-house.
Sudheer Mechineni, Head of Application Frameworks, Standard Chartered Bank
Discover how Standard Chartered Bank harnessed the power of Neo4j to transform complex data access challenges into a dynamic, scalable graph database solution. This keynote will cover their journey from initial adoption to deploying a fully automated, enterprise-grade causal cluster, highlighting key strategies for modelling organisational changes and ensuring robust disaster recovery. Learn how these innovations have not only enhanced Standard Chartered Bank’s data infrastructure but also positioned them as pioneers in the banking sector’s adoption of graph technology.
Essentials of Automations: The Art of Triggers and Actions in FMESafe Software
In this second installment of our Essentials of Automations webinar series, we’ll explore the landscape of triggers and actions, guiding you through the nuances of authoring and adapting workspaces for seamless automations. Gain an understanding of the full spectrum of triggers and actions available in FME, empowering you to enhance your workspaces for efficient automation.
We’ll kick things off by showcasing the most commonly used event-based triggers, introducing you to various automation workflows like manual triggers, schedules, directory watchers, and more. Plus, see how these elements play out in real scenarios.
Whether you’re tweaking your current setup or building from the ground up, this session will arm you with the tools and insights needed to transform your FME usage into a powerhouse of productivity. Join us to discover effective strategies that simplify complex processes, enhancing your productivity and transforming your data management practices with FME. Let’s turn complexity into clarity and make your workspaces work wonders!
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdfPeter Spielvogel
Building better applications for business users with SAP Fiori.
• What is SAP Fiori and why it matters to you
• How a better user experience drives measurable business benefits
• How to get started with SAP Fiori today
• How SAP Fiori elements accelerates application development
• How SAP Build Code includes SAP Fiori tools and other generative artificial intelligence capabilities
• How SAP Fiori paves the way for using AI in SAP apps
GridMate - End to end testing is a critical piece to ensure quality and avoid...ThomasParaiso2
End to end testing is a critical piece to ensure quality and avoid regressions. In this session, we share our journey building an E2E testing pipeline for GridMate components (LWC and Aura) using Cypress, JSForce, FakerJS…
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Pushing the limits of ePRTC: 100ns holdover for 100 daysAdtran
At WSTS 2024, Alon Stern explored the topic of parametric holdover and explained how recent research findings can be implemented in real-world PNT networks to achieve 100 nanoseconds of accuracy for up to 100 days.
31. I am a proud community member!
Please contact me on the following handles:
sitecorechat.slack.com twitter
32. • Layer 1 – port protection of your laptop and
hardware; access to systems, login expiration
• Layer 2 - VLANS
• Layer 3 – Front Door
• Layer 4 – Front Door
• Layer 5 – Front Door
• Layer 6 – Front Door
• Layer 7 – Front Door (bot protection,
https://learn.microsoft.com/en-us/azure/web-application-firewall/afds/afds-overview
https://learn.microsoft.com/en-us/azure/frontdoor/web-application-firewall
https://learn.microsoft.com/en-us/azure/frontdoor/front-door-ddos
https://learn.microsoft.com/en-us/azure/frontdoor/front-door-ddos
https://learn.microsoft.com/en-us/azure/frontdoor/origin-security?tabs=app-service-
functions&pivots=front-door-standard-premium
33. DevSecOps Sitecore pipeline
33
Pull Image
Developers
Image
Repository
Container
Registry
System
Admins
DevOps
Engineers
Commit
Listen
Manage
Manage
Store image
DEV SVT PRD
DEV Deployment SVT Deployment PRD Deployment
Container Image Pull
Gitlab CI
Gitlab CD
Gitlab DAST
Selenium UI
Tests
Unit Tests
Quality and SAST
Scans
Upload
Run
Run
Upload Run
Page Speed
Tests
Load Tests
Run Run
35. ” –
Quote somebody on their
brilliance as everybody in our
community deserves a best
friend!
Akshay Sura
36. • Proin magna enim, hendrerit nec justo non, gravida
efficitur leo. Phasellus pharetra gravida turpis, sed
laoreet dui efficitur nec. Nulla auctor mi et ligula
dignissim, ac consectetur ligula rutrum.
• Sed accumsan mollis consectetur. In et sem eget orci
placerat condimentum. Nunc tortor sapien, pellentesque
eu aliquet vel, gravida eu lorem.
• These are actually valid points.
At some point, add proper content too!
37. Each presentation must end with the following three
slides. As the conference is a from-the-community-for-the-
community event we find it important that you share your
social channels you feel comfortable with, mainly the Slack
channel and Twitter.
Also, we couldn’t organize this event without our
community sponsors. Please leave them at the end of your
slide deck.
Please don’t change the following 3 slides
40. Team changes and upskilling
QA
Quality Assurance
and testing
Developer
Front and backend
development.
DevOps Engineer
Release processes
and automation
DevOps Security
Champion
Security automation
Monitoring
Notifications
Development Security
Champion
Code Scanning & Reviews
QA Security Champion
Dynamic application
testing
Security Bridge Team
Specialized Security
Personnel
Software, DevOps,
Forensic Analysis,
etc.
CISO
Security program
development.
Security Team
Development Team