Managing Security in Agile Culture by Rendra Perdana, CISSP - Head IT Infrastructure & Security at mataharimall.com
@SARCCOM MEETUP
http://sarccom.org
https://www.meetup.com/Software-Architect-Indonesia
Training Webinar: Fitting OutSystems applications into Enterprise ArchitectureOutSystems
Want to become an expert architect in 60 minutes?
We're having a quick hands-on session to show how to design evergreen applications that will grow with your company strategy - from initial design to keeping the blueprint of your applications healthy as you need to adapt to new business demands
In this session you will learn:
- The 4 Layer Canvas concepts - the OutSystems architecture framework
- How to use the the Canvas to design a new solution
- How to use Discovery (tool available in the Forge) to keep track of your architecture and extract useful recommendations to fix architecture issues
Free Online training: https://www.outsystems.com/learn/courses/
Follow us on Twitter http://www.twitter.com/OutSystemsDev
Like us on Facebook http://www.Facebook.com/OutSystemsDev
Life After Microservices – Shifting the BoundariesNordic APIs
So, here we are: Microservices, and everything they bring with them, like Spring Cloud, Kubernetes, Docker, ELK, you name it. We learnt and worked hard to master all of it. And now, finally, we feel prepared for the next years to come.
Hmm, but what about Digitization? So what! Dissolving market boundaries? You couldn’t care less! Changing user expectations? Not your turf! And yet those and other non-IT topics may question your laboriously acquired skills very soon.
In this session we will first examine, how those non-IT topics create new forces on software engineering. Based on that we will try to understand the drivers of future IT solutions and how that is going to affect your work – including unraveling the mysteries behind hypes like cloud-native, serverless, APIs, platforms and more.
Finally, we will derive what you as a software engineer can do to sustain or even increase your market value in a shifting market, based on a well-balanced combination of new and timeless skills.
After the session, besides getting an idea how looking outside-the-box can help you making better decisions inside-the-box you will have a much better idea how to stay ahead of the curve.
Managing Security in Agile Culture by Rendra Perdana, CISSP - Head IT Infrastructure & Security at mataharimall.com
@SARCCOM MEETUP
http://sarccom.org
https://www.meetup.com/Software-Architect-Indonesia
Training Webinar: Fitting OutSystems applications into Enterprise ArchitectureOutSystems
Want to become an expert architect in 60 minutes?
We're having a quick hands-on session to show how to design evergreen applications that will grow with your company strategy - from initial design to keeping the blueprint of your applications healthy as you need to adapt to new business demands
In this session you will learn:
- The 4 Layer Canvas concepts - the OutSystems architecture framework
- How to use the the Canvas to design a new solution
- How to use Discovery (tool available in the Forge) to keep track of your architecture and extract useful recommendations to fix architecture issues
Free Online training: https://www.outsystems.com/learn/courses/
Follow us on Twitter http://www.twitter.com/OutSystemsDev
Like us on Facebook http://www.Facebook.com/OutSystemsDev
Life After Microservices – Shifting the BoundariesNordic APIs
So, here we are: Microservices, and everything they bring with them, like Spring Cloud, Kubernetes, Docker, ELK, you name it. We learnt and worked hard to master all of it. And now, finally, we feel prepared for the next years to come.
Hmm, but what about Digitization? So what! Dissolving market boundaries? You couldn’t care less! Changing user expectations? Not your turf! And yet those and other non-IT topics may question your laboriously acquired skills very soon.
In this session we will first examine, how those non-IT topics create new forces on software engineering. Based on that we will try to understand the drivers of future IT solutions and how that is going to affect your work – including unraveling the mysteries behind hypes like cloud-native, serverless, APIs, platforms and more.
Finally, we will derive what you as a software engineer can do to sustain or even increase your market value in a shifting market, based on a well-balanced combination of new and timeless skills.
After the session, besides getting an idea how looking outside-the-box can help you making better decisions inside-the-box you will have a much better idea how to stay ahead of the curve.
[WSO2Con EU 2017] IAM: Catalyst for Digital TransformationWSO2
As enterprises launch their digital transformation strategies, it is essential to implement secure, compliant, appropriate, yet convenient identity and access management (IAM). IAM ensures that the right individuals access the right resources at the right times, and for the right reasons. This slide deck covers why IAM is crucial in digital transformation.
[WSO2 API Day Chicago 2019] Sustainable Competitive Advantage WSO2
Sustainable competitive advantage, while once a necessary part of any strategy, is now increasingly obsolete for most firms. The new path to winning means capturing opportunities quickly and exploiting them decisively. It's all about learning to thrive in a transient advantage economy. Transient advantage is the central thesis of Rita McGrath's recent book on competitive advantage. These principles are especially relevant for agile companies that pursue digital-first business models. Quinnox has adopted this philosophy for its clients and its own business where we believe enterprise integration driven by API's is the bridge to digital transformation, speed to market, and frequency to market.
The differing ways to monitor and instrumentJonah Kowall
FullStack London July 15th, 2016
Monitoring is complicated, and in most organizations consists of far too many tools owned by many teams. These tools consist of monitoring tools each looking at a component myopically. These tools metrics and logs from devices and software emitting them. Increasingly modern companies are creating their own instrumentation, but there is a large base of generic instrumentation of software. Fixing monitoring issues requires people, process, and technology. In this talk we will cover many common issues seen in the real world. For example decisions on what should be monitored or collected from a technology and a business perspective. This requires process and coordination.
We will investigate what instrumentation is most scalable and effective across languages this includes the commonly used APIs and possibilities to capture data from common languages like Java, .NET and PHP, but we’ll also go into methods which work with Python, Node.js, and golang. We will cover browser and mobile instrumentation techniques. How these are done? which APIs are being used? What open source tools and frameworks can be leveraged? Most importantly how to coordinate and communicate requirements across your organization.
Attendees of this session will walk away with a clear understanding of:
What is instrumentation, and what do I instrument, collect, and store?
The understanding of overhead and how this can be accomplished on common software stacks?
How to work with application owners to collect business data.
How correlation works in custom open source or packaged monitoring tools.
Webinar: OPC UA Clients on Linux Systems with InduSoft Web Studio-OPC Foundat...AVEVA
InduSoft Web Studio recently added the capability to run the OPC UA client on Linux machines using the platform-agnostic IoTView. Join us for this month’s webinar featuring Thomas Burke, President of the OPC Foundation. He’ll discuss the benefits of an open communication standard like OPC UA and explain how using the OPC UA server on Linux machines can open up new possibilities for communication.
Simon Phipps, President, Open Source Initiative
Open source is not about free stuff. It's a way of granting permission in advance so that innovation can happen without obstruction and so loose-knit communities can collaborate freely. As such, it's more important than ever in an age of APIs, devices and distributed web infrastructure.
This session will:
Explain the dynamics of open source licensing
Consider the relative merits of licensing "strengths" for IoT
Discuss the challenges of software patents to APIs and open collaboration.
UNIFIED ENDPOINT MANAGEMENT. WHAT IT IS AND WHY IT’S IMPORTANTMicro Focus
Enterprises spend more than $5 billion every year
on endpoint security solutions but continue to lose
ground to advanced attackers.
Make management of desktops and mobiles a
reality with ZENworks 2017 as a serviced offering. #MFSummit2017
[WSO2Con EU 2017] Resilience Patterns with BallerinaWSO2
Today almost all systems are distributed and have complex interactions between each other to provide useful functionality. In a software system, resilience is the ability to recover to a working condition after being affected by a serious incident. Ballerina has inbuilt functionality to make programs resilient for network failures. This slide deck explores how to build resilience patterns with Ballerina.
Micro Focus Software Delivery and Testing Jan De Coster Presentation on the Journey to DevOps in the recent Micro Focus #DevDay Copenhagen.
Micro Focus enables enterprise software organizations to build innovative software and accelerate application delivery to meet the needs of the business. Whatever the challenges and infrastructures, our core principle—of reusing what already works to minimize business risk while supporting modern software practices—has positioned our customers to be better prepared to support the digital transformation of the business.
Build, test and deliver innovative software faster with less risk.
April 2017.
Unlike other mobile file access and collaborative file sharing solutions, Micro Focus Filr (formerly Novell Filr) has been designed with the enterprise in mind, resulting in less administration, better security, and more productive users.
apidays LIVE New York 2021 - Supercharge microservices with Service Mesh by S...apidays
apidays LIVE New York 2021 - API-driven Regulations for Finance, Insurance, and Healthcare
July 28 & 29, 2021
Supercharge microservices with Service Mesh
Shane O'Donnell, Team Lead at Solo.io
Decision Matrix for IoT Product DevelopmentAlexey Pyshkin
At first sight, the development of "hardware" products hardly differs from that of IoT devices. Here you can see the methodology of IoT product development based on an IoT framework by Daniel Elizalde. It’s a convenient and simple model that estimates expenses and potential income, evaluates the technological complexity and at the same time is easily understood by the client.
Made by notAnotherOne
SRE Topics with Charity Majors and Liz Fong-Jones of HoneycombDaniel Zivkovic
Charity's words make you think while Liz's words make you act, so when you combine them, you get one of the best meetups on Elite DevOps Performance, SRE and Observability topics – ever!
Google Meet recording stopped working, so this *noisy* DIY-copy is the best we got: https://youtu.be/geqoOg4WXcQ. Still, the video is worth your time because you will see how empathy, and simple focus shift
1) from Dev and Ops to your Users,
2) from APM tools to Observability,
can make your workdays more productive, enjoyable and meaningful.
To learn how to define your first SLO, go to Honeycomb's 3-part SRE Crash Course https://go.hny.co/serverlessToronto.
Telco Applications are category of applications that are integrated directly with APP CORE, a secure environment within the mobile telecommunication Operator’s Core Network, which provides services to the subscriber that only the telecommunication Operator can provide.
amaysim - The Telco of the Future - MVNO World Congress 2016amaysim
Find out how Aussie MVNO, amaysim, disrupted the telecommunications market to grow the mobile phone company of the future.
Check out the presentation amaysim CEO Julian Ogrin delivered to delegates at the 2016 MVNO World Congress in Amsterdam.
For more information, head to the amaysim website: www.amaysim.com.au
[WSO2Con EU 2017] IAM: Catalyst for Digital TransformationWSO2
As enterprises launch their digital transformation strategies, it is essential to implement secure, compliant, appropriate, yet convenient identity and access management (IAM). IAM ensures that the right individuals access the right resources at the right times, and for the right reasons. This slide deck covers why IAM is crucial in digital transformation.
[WSO2 API Day Chicago 2019] Sustainable Competitive Advantage WSO2
Sustainable competitive advantage, while once a necessary part of any strategy, is now increasingly obsolete for most firms. The new path to winning means capturing opportunities quickly and exploiting them decisively. It's all about learning to thrive in a transient advantage economy. Transient advantage is the central thesis of Rita McGrath's recent book on competitive advantage. These principles are especially relevant for agile companies that pursue digital-first business models. Quinnox has adopted this philosophy for its clients and its own business where we believe enterprise integration driven by API's is the bridge to digital transformation, speed to market, and frequency to market.
The differing ways to monitor and instrumentJonah Kowall
FullStack London July 15th, 2016
Monitoring is complicated, and in most organizations consists of far too many tools owned by many teams. These tools consist of monitoring tools each looking at a component myopically. These tools metrics and logs from devices and software emitting them. Increasingly modern companies are creating their own instrumentation, but there is a large base of generic instrumentation of software. Fixing monitoring issues requires people, process, and technology. In this talk we will cover many common issues seen in the real world. For example decisions on what should be monitored or collected from a technology and a business perspective. This requires process and coordination.
We will investigate what instrumentation is most scalable and effective across languages this includes the commonly used APIs and possibilities to capture data from common languages like Java, .NET and PHP, but we’ll also go into methods which work with Python, Node.js, and golang. We will cover browser and mobile instrumentation techniques. How these are done? which APIs are being used? What open source tools and frameworks can be leveraged? Most importantly how to coordinate and communicate requirements across your organization.
Attendees of this session will walk away with a clear understanding of:
What is instrumentation, and what do I instrument, collect, and store?
The understanding of overhead and how this can be accomplished on common software stacks?
How to work with application owners to collect business data.
How correlation works in custom open source or packaged monitoring tools.
Webinar: OPC UA Clients on Linux Systems with InduSoft Web Studio-OPC Foundat...AVEVA
InduSoft Web Studio recently added the capability to run the OPC UA client on Linux machines using the platform-agnostic IoTView. Join us for this month’s webinar featuring Thomas Burke, President of the OPC Foundation. He’ll discuss the benefits of an open communication standard like OPC UA and explain how using the OPC UA server on Linux machines can open up new possibilities for communication.
Simon Phipps, President, Open Source Initiative
Open source is not about free stuff. It's a way of granting permission in advance so that innovation can happen without obstruction and so loose-knit communities can collaborate freely. As such, it's more important than ever in an age of APIs, devices and distributed web infrastructure.
This session will:
Explain the dynamics of open source licensing
Consider the relative merits of licensing "strengths" for IoT
Discuss the challenges of software patents to APIs and open collaboration.
UNIFIED ENDPOINT MANAGEMENT. WHAT IT IS AND WHY IT’S IMPORTANTMicro Focus
Enterprises spend more than $5 billion every year
on endpoint security solutions but continue to lose
ground to advanced attackers.
Make management of desktops and mobiles a
reality with ZENworks 2017 as a serviced offering. #MFSummit2017
[WSO2Con EU 2017] Resilience Patterns with BallerinaWSO2
Today almost all systems are distributed and have complex interactions between each other to provide useful functionality. In a software system, resilience is the ability to recover to a working condition after being affected by a serious incident. Ballerina has inbuilt functionality to make programs resilient for network failures. This slide deck explores how to build resilience patterns with Ballerina.
Micro Focus Software Delivery and Testing Jan De Coster Presentation on the Journey to DevOps in the recent Micro Focus #DevDay Copenhagen.
Micro Focus enables enterprise software organizations to build innovative software and accelerate application delivery to meet the needs of the business. Whatever the challenges and infrastructures, our core principle—of reusing what already works to minimize business risk while supporting modern software practices—has positioned our customers to be better prepared to support the digital transformation of the business.
Build, test and deliver innovative software faster with less risk.
April 2017.
Unlike other mobile file access and collaborative file sharing solutions, Micro Focus Filr (formerly Novell Filr) has been designed with the enterprise in mind, resulting in less administration, better security, and more productive users.
apidays LIVE New York 2021 - Supercharge microservices with Service Mesh by S...apidays
apidays LIVE New York 2021 - API-driven Regulations for Finance, Insurance, and Healthcare
July 28 & 29, 2021
Supercharge microservices with Service Mesh
Shane O'Donnell, Team Lead at Solo.io
Decision Matrix for IoT Product DevelopmentAlexey Pyshkin
At first sight, the development of "hardware" products hardly differs from that of IoT devices. Here you can see the methodology of IoT product development based on an IoT framework by Daniel Elizalde. It’s a convenient and simple model that estimates expenses and potential income, evaluates the technological complexity and at the same time is easily understood by the client.
Made by notAnotherOne
SRE Topics with Charity Majors and Liz Fong-Jones of HoneycombDaniel Zivkovic
Charity's words make you think while Liz's words make you act, so when you combine them, you get one of the best meetups on Elite DevOps Performance, SRE and Observability topics – ever!
Google Meet recording stopped working, so this *noisy* DIY-copy is the best we got: https://youtu.be/geqoOg4WXcQ. Still, the video is worth your time because you will see how empathy, and simple focus shift
1) from Dev and Ops to your Users,
2) from APM tools to Observability,
can make your workdays more productive, enjoyable and meaningful.
To learn how to define your first SLO, go to Honeycomb's 3-part SRE Crash Course https://go.hny.co/serverlessToronto.
Telco Applications are category of applications that are integrated directly with APP CORE, a secure environment within the mobile telecommunication Operator’s Core Network, which provides services to the subscriber that only the telecommunication Operator can provide.
amaysim - The Telco of the Future - MVNO World Congress 2016amaysim
Find out how Aussie MVNO, amaysim, disrupted the telecommunications market to grow the mobile phone company of the future.
Check out the presentation amaysim CEO Julian Ogrin delivered to delegates at the 2016 MVNO World Congress in Amsterdam.
For more information, head to the amaysim website: www.amaysim.com.au
2015 Global Telco Innovation Targets from TC3 2014 Telecom Council
What types of companies are the world’s top telcos looking to partner with? This year’s TC3 service provider keynote presenters told the 400+ executive attendees more about their external innovation focuses for 2015 – they highlighted their innovation programs throughout the ecosystem, opened the door to discuss opportunities for their larger vendor partners, and met entrepreneurs and developers who had potential value to contribute to their networks.
The Telco Innovation Toolbox: Economic Models for Managing Disruption and Rei...Ericsson Russia
Как операторам справится со стремительно меняющимся рынком и усиливающимся влиянием OTT игроков?
В отчете: составляющие успешной экосистемы; асиметричная конкуренция с OTT; во что обойдется ожидание развития событий; методы планирования работы в условиях неопределенности; API как канал дистрибуции; API как способ построения экосистемы вокруг традиционных операторских сервисов;
/Подготовлено Vision Mobile совместно с Ericsson/
The talk was given at Troopers 2016.
(https://www.troopers.de/events/troopers16/654_the_known_unknowns_of_ss7_and_beyond/)
Abstract:
2014 turned out to be "the year of SS7 vulnerabilities" as the Telco researchers showcased several successful attacks using the Signaling System No 7 (SS7) interconnection network such as subscriber profile modification, eavesdropping, tracking of users, SMS spoofing and call/SMS redirect. These attacks are serious because SS7 and its IP version SIGTRAN, despite its age, remains a key signaling protocol in the mobile networks and will still long be required for interoperability and background compatibility in international roaming. Understandably, telecommunications industry is taking countermeasures against the vulnerabilities that were exposed through the aforementioned attacks.
Are all risks now mitigated?
Definitely not!
Complexity of network layers and diversity of underlying protocols in SS7 makes it more difficult to find all loopholes in the systems. There exist a lot of 'known functionalities' which are indeed the 'unknown vulnerabilities'. In this talk, we first begin with one of such vulnerabilities in detail, where we discuss how to exploit the relationship between IMEI and IMSI to unblock stolen mobile devices. Here, we also discuss about the existing attacks on modification of subscriber profile using SS7 to recap about the contents of subscriber profile. Secondly, we will outline extending the previously known SS7 based attacks to Diameter/LTE. Furthermore, we will also present with an intuitive attack vector to emphasize the fact that the telecommunication systems are being misused for surveillance.
In General What's the personality matrix, what personality and what type of works and what type of works and maybe one case studies by VHR consultancy Malaysia
Practical Aspects of the Implementation of OSS TransformationTTI Telecom
OSS transformation presents significant opportunities for CSPs. However, the complexity and investments involved in such projects obliges CSPs to consider an entire range of aspects.
This presentation highlights the benefits operators can achieve from OSS transformation, defines the building blocks of a practical transformation process and emphasizes the effect of the integrated NOC on customer satisfaction.
Platform governance, gestire un ecosistema di microservizi a livello enterpriseGiulio Roggero
A livello enterprise, le moderne architetture distribuite coinvolgono molti team differenti, centinaia di sviluppatori e operations e migliaia microservizi ed API in produzione. Come si può gestire questa
e o
un'esplosione di costi e preservando il time-to-market?
OCS LIA. The intergration of the Enterasys NAC Solution and Siemens Enterprise Networking - Totally Intergrated Security Architecture
The first technical intergration that provides a truely unique proposition when combining an Enterasys NAC solution with a SEC UC solution
Developing Interoperable Components for an Open IoT Foundation Eurotech
In this presentation Eurotech and Red Hat present Kapua, a modular cloud platform that provides management for Internet of Things (IoT) gateways and smart edge devices. It represents a key milestone towards the development of a truly open, end-to-end foundation for IoT and its ecosystem of partners and solutions. Kapua provides a core integration framework with services for device registry, data and device management, message routing, and applications.
apidays LIVE Paris 2021 - Synchronous Communication Patterns by Sébastien Ber...apidays
apidays LIVE Paris 2021 - APIs and the Future of Software
December 7, 8 & 9, 2021
Synchronous Communication Patterns: A journey from ESB to APIs & Service Mesh
Sébastien Bergougnoux, CEO at Devoteam I nexDigital
IBM ConnectED SPOT104: Lightning-Fast Development of Native Mobile Apps for I...darwinodb
This is the presentation that John Tripp & Phil Riand made at IBMConnectED introducing Darwino, a new full-stack enterprise development platform for social and mobile cloud enabled applications that work natively on mobile devices - even offline.
By Yunita Anggraeni - Co-Founder & COO Geekhunter | Topic: The secret of Most Wanted Geek
Presented in SARCCOM Meetup
With theme "Defining Your Future In Tech"
In 29 February 2020
At Block71 Bandung
By Adam Widi - Data Engineer at WarungPintar | Topic: Data Warehousing Tools On Data Ecosystem
Presented in SARCCOM Meetup
With theme "Defining Your Future In Tech"
In 29 February 2020
At Block71 Bandung
By Adam Widi - Data Engineer at WarungPintar | Topic: Data Warehousing Tools On Data Ecosystem
Presented in SARCCOM Meetup
With theme "Defining Your Future In Tech"
In 29 February 2020
At Block71 Bandung
Startup Engineering Culture
by Ifnu Bima, Head of Product at BBM
Engineering Excellence!
22-Jan-2019 18:00-21:00
@ PRASMUL University Prasetiya Mulya University, Campus Cilandak Cilandak Barat, RT.14/RW.6, Jl. R.A.Kartini, RT.14/RW.6, Cilandak
Organizer by Software Architect Indonesia Community (SARCCOM)
https://sarccom.org
SARCCOM https://sarccom.org
Requirement is specifications that should be implemented on development. It is the main object of Business Analysis job. IT Business Analysis working around requirement engineering to ensure the delivery of a good piece of software. When talking or gathering requirements, please keep this quote in mind:
Well defined requirements drive well designed architecture
Good architecture is a beginning of a good software.
How To Rearchitecting Legacy System
Meetup By Software Architect Indonesia Community https://www.meetup.com/Software-Architect-Indonesia/events/246479075/?_cookie-check=DrXW508tQr2LKtBD
Speaker: Moch Nasrullah Rahmani
BBM Engineer
Take care of the people, the products,
and the profits: in that order.
Architecting for Huper Growth and Great Engineering CultureSARCCOM
Architecting for Huper Growth and Great Engineering Culture
by Ifnu Bima
@SARCCOM MEETUP
http://sarccom.org
https://www.meetup.com/Software-Architect-Indonesia
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
In his public lecture, Christian Timmerer provides insights into the fascinating history of video streaming, starting from its humble beginnings before YouTube to the groundbreaking technologies that now dominate platforms like Netflix and ORF ON. Timmerer also presents provocative contributions of his own that have significantly influenced the industry. He concludes by looking at future challenges and invites the audience to join in a discussion.
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024Neo4j
Neha Bajwa, Vice President of Product Marketing, Neo4j
Join us as we explore breakthrough innovations enabled by interconnected data and AI. Discover firsthand how organizations use relationships in data to uncover contextual insights and solve our most pressing challenges – from optimizing supply chains, detecting fraud, and improving customer experiences to accelerating drug discoveries.
How to Get CNIC Information System with Paksim Ga.pptxdanishmna97
Pakdata Cf is a groundbreaking system designed to streamline and facilitate access to CNIC information. This innovative platform leverages advanced technology to provide users with efficient and secure access to their CNIC details.
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionAggregage
Join Maher Hanafi, VP of Engineering at Betterworks, in this new session where he'll share a practical framework to transform Gen AI prototypes into impactful products! He'll delve into the complexities of data collection and management, model selection and optimization, and ensuring security, scalability, and responsible use.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
Removing Uninteresting Bytes in Software FuzzingAftab Hussain
Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process.
In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds.
- These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.
In the rapidly evolving landscape of technologies, XML continues to play a vital role in structuring, storing, and transporting data across diverse systems. The recent advancements in artificial intelligence (AI) present new methodologies for enhancing XML development workflows, introducing efficiency, automation, and intelligent capabilities. This presentation will outline the scope and perspective of utilizing AI in XML development. The potential benefits and the possible pitfalls will be highlighted, providing a balanced view of the subject.
We will explore the capabilities of AI in understanding XML markup languages and autonomously creating structured XML content. Additionally, we will examine the capacity of AI to enrich plain text with appropriate XML markup. Practical examples and methodological guidelines will be provided to elucidate how AI can be effectively prompted to interpret and generate accurate XML markup.
Further emphasis will be placed on the role of AI in developing XSLT, or schemas such as XSD and Schematron. We will address the techniques and strategies adopted to create prompts for generating code, explaining code, or refactoring the code, and the results achieved.
The discussion will extend to how AI can be used to transform XML content. In particular, the focus will be on the use of AI XPath extension functions in XSLT, Schematron, Schematron Quick Fixes, or for XML content refactoring.
The presentation aims to deliver a comprehensive overview of AI usage in XML development, providing attendees with the necessary knowledge to make informed decisions. Whether you’re at the early stages of adopting AI or considering integrating it in advanced XML development, this presentation will cover all levels of expertise.
By highlighting the potential advantages and challenges of integrating AI with XML development tools and languages, the presentation seeks to inspire thoughtful conversation around the future of XML development. We’ll not only delve into the technical aspects of AI-powered XML development but also discuss practical implications and possible future directions.
Essentials of Automations: The Art of Triggers and Actions in FMESafe Software
In this second installment of our Essentials of Automations webinar series, we’ll explore the landscape of triggers and actions, guiding you through the nuances of authoring and adapting workspaces for seamless automations. Gain an understanding of the full spectrum of triggers and actions available in FME, empowering you to enhance your workspaces for efficient automation.
We’ll kick things off by showcasing the most commonly used event-based triggers, introducing you to various automation workflows like manual triggers, schedules, directory watchers, and more. Plus, see how these elements play out in real scenarios.
Whether you’re tweaking your current setup or building from the ground up, this session will arm you with the tools and insights needed to transform your FME usage into a powerhouse of productivity. Join us to discover effective strategies that simplify complex processes, enhancing your productivity and transforming your data management practices with FME. Let’s turn complexity into clarity and make your workspaces work wonders!
Climate Impact of Software Testing at Nordic Testing DaysKari Kakkonen
My slides at Nordic Testing Days 6.6.2024
Climate impact / sustainability of software testing discussed on the talk. ICT and testing must carry their part of global responsibility to help with the climat warming. We can minimize the carbon footprint but we can also have a carbon handprint, a positive impact on the climate. Quality characteristics can be added with sustainability, and then measured continuously. Test environments can be used less, and in smaller scale and on demand. Test techniques can be used in optimizing or minimizing number of tests. Test automation can be used to speed up testing.
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!SOFTTECHHUB
As the digital landscape continually evolves, operating systems play a critical role in shaping user experiences and productivity. The launch of Nitrux Linux 3.5.0 marks a significant milestone, offering a robust alternative to traditional systems such as Windows 11. This article delves into the essence of Nitrux Linux 3.5.0, exploring its unique features, advantages, and how it stands as a compelling choice for both casual users and tech enthusiasts.
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex ProofsAlex Pruden
This paper presents Reef, a system for generating publicly verifiable succinct non-interactive zero-knowledge proofs that a committed document matches or does not match a regular expression. We describe applications such as proving the strength of passwords, the provenance of email despite redactions, the validity of oblivious DNS queries, and the existence of mutations in DNA. Reef supports the Perl Compatible Regular Expression syntax, including wildcards, alternation, ranges, capture groups, Kleene star, negations, and lookarounds. Reef introduces a new type of automata, Skipping Alternating Finite Automata (SAFA), that skips irrelevant parts of a document when producing proofs without undermining soundness, and instantiates SAFA with a lookup argument. Our experimental evaluation confirms that Reef can generate proofs for documents with 32M characters; the proofs are small and cheap to verify (under a second).
Paper: https://eprint.iacr.org/2023/1886
GridMate - End to end testing is a critical piece to ensure quality and avoid...ThomasParaiso2
End to end testing is a critical piece to ensure quality and avoid regressions. In this session, we share our journey building an E2E testing pipeline for GridMate components (LWC and Aura) using Cypress, JSForce, FakerJS…
2. @arydewo
.
2
.
Harry Prasetyo K
Experienced IT & Telco OSS / BSS, Solution Architect,
Software Development
in https://id.linkedin.com/in/arydewo
Education : Master Degree, Information Technology, Binus University
Bachelor Degree, Informatics Engineering, ITS Surabaya
Working Experience :
Deputy Director, IT Solution Expert
Senior Manager, Research and Development
Head of OSS/BSS, Sr Manager
2014 - Now
2012 - 2014
2008 - 2012
2007 - 2008 Solutions Consultant
2001 - 2007
Senior Consultant
Programmer
Lecturer Assistant on Programming
Programmer
11. @arydewo
Business Demands to Technology
.
11
Availability
System should be available 24x7x365
Reliability
System performance should be stable during traffic peak and
spike
Fast Time To Market
System should support dynamic market changes, launch
product as soon as possible.
Cost Effective
Budget for spending is no longer luxurious due to the
competition and market changes
12. @arydewo
Telco High Level
Data Access Architecture
•
12
BSC/
RAN
SGSN
AAA HLR
GGSN
OCS PCRF
Internet
Fiber
Fiber
Fiber
Radio Network
BSS
2-8 E1
STM1
STM4
13. @arydewo
Telco User Access Experience
13
Network Coverage
- Out Of Coverage : too far from
BTS signal reach
- Low Signal : in building, far from
BTS
- Interference : conflicting
frequency
Network Congestion
- Missmatch Demand vs Capacity
1x E1 bandwidth = 2 Mbps
Full HD Access require
1.4 Mbps to 3.4 Mbps
8x E1 max 16 Mbps
Only able to handle 4 to 11 User
concurrently
BSC/
RAN
Typical Bad User Experience
14. @arydewo
Telco High Level System Architecture
(Focused on IT-BSS)
14
CRMSAP
(HR, FI, MM)
Card
Mgmt
Mobile
Apps
SMS
GW
Middleware
(SOA & MFT)
Portal
Provisioning
Card
Mgmt
Loyalty
System
Mediation
ODS &
DWH
BI
OCS PCRF RBT HLR AAA
Interconnect
Billing
SMSC
UMB
USSD
GW
Prepaid
Reg
E-Mail
Server
15. @arydewo
My Responsibility In AXIS
15
CRMSAP
(HR, FI, MM)
Card
Mgmt
Mobile
Apps
SMS
GW
Middleware
(SOA & MFT)
Portal
Provisioning
Card
Mgmt
Loyalty
System
Mediation
ODS &
DWH
BI
OCS PCRF RBT HLR AAA
Interconnect
Billing
SMSC
UMB
USSD
GW
Prepaid
Reg
E-Mail
Server
16. @arydewo
Technology Provider & Partner Map
16
System
Tech Provider /
Partner
Middleware - SOA SoftwareAG
Middleware - MFT Axway
Provisioning Comptel
Mediation Comptel
Interconnect Billing Intec (CSG), Huawei
System
Tech Provider /
Partner
Loyalty System
Business Logic
Systems
CRM Oracle - Siebel
Mobile Apps
Custom :
LINKIT 360
SMS Gateway
Custom :
LINKIT 360
Virtualization VMWare
Server HP, IBM Database Oracle
Security & Load
Balancer
Bluecoat, F5
18. @arydewo
Telco High Level Architecture Strategy :
Middleware As Key
18
Avoid Spaghetti Environment
It’s delicious when in form of food, but not within IT System
Cost Saving
Changes on every single system is costly in terms of money
and time
Best Practice & Standardization
Follow Industry Best Practice (TMF, TOGAF), Minimize code
fraction thus easier to manage
19. @arydewo
Software Architecture :
Front End Technology Stacks
.
19
nginx
css3
html5
php
MySQL
Redis
Beanstalkd
Mobile Apps
(Native)
Web Browser
ODP Server
php
Beanstalkd
SMSGW
MySQL
kannelnginx
Bearer
Box
SMS
Box
SMS
(MO & MT)
F5
ODP Server and SMSGW
- Leverage Open Source Technology
- Lightweight, minimize business logic
F5
- Carrier Grade FW & Load Balancer Appliance
- Perform Header Enrichment (inject MSISDN)
20. @arydewo
Software Architecture :
Middleware Technology Stacks
20
Middleware APP
SoftwareAG
Integration Server
(ESB)
Cache
Server
Middleware MQ
Broker
Server
SoftwareAG
Database
Oracle
Oracle
DB
Timesten
VMWare
Middleware
- Utilize SoftwareAG proprietary
- True RAD, focus on App Design & Logic
- Stable, High Performance
Database
- Utilize Oracle proprietary
- Oracle DB for persistent data, Timesten for
In Memory Data
Virtualization
- Utilize VMWare eSXi
21. @arydewo
Middleware Journey In AXIS
21
2 App Server, 2 DB Server
Monolithic Architecture
Only serve Siebel CRM for
Inquiry
2 App Server, 2 DB Server
Modular Architecture v1
Start to serve Direct Subscriber
Transaction for FCA, RBT, and
Subscription
Daily Transaction 20K, Peak 20 tps
2008 2009
2 Server, 2 DB Server
Modular Architecture v2
Increase Subscription Traffic
Daily Transaction 400K, Peak 100
tps
8 Virtualized Server
Modular Architecture v4
Main Revenue Generator
Daily Transaction 1.8 Mio, Peak
>1000 tps, Adopting
Virtualization, In Memory DB
2010 2011 2012
4 App Server, 2 DB Server
Modular Architecture v4
Key Revenue Generator
Daily Transaction 1 Mio, Peak
>500 tps
Introduce Cache Technology
22. @arydewo
Middleware Architecture Version 1 :
Monolithic
22
Server #1 Server #2
MQ 1 MQ 2
DB 1 DB 2
App B
App A
App B
App A
SAN Storage
• High Availability
• Active-Active Cluster for ESB
• Active-Passive Cluster for
MQ and DB
• Monolithic App
• End To End handled within 1
App Module
• No Caching mechanism
• Direct Access from App
Module to DB & Backend
25. @arydewo
Middleware Architecture Version 4 :
Data Store Principles
25
LargeMedium
Cache In Memory
DB
Regular
DB
FastestSpeed
SmallSize
HighestPrice
RAMInfrastructure
Faster
Higher
SSD/SAS
Relatively Slower
Lowest
SATA/SAS Midline
Technology
Purpose
Store : Configuration &
Selected Data
Update : Fewer, non
existence data
Store : Transaction Data
Update : Upon New
Transaction and Modified
Transaction State
Store : All persistent
Configuration & Transaction Data
Update : based on transaction
logic
26. @arydewo
Middleware Architecture Version 4 :
Data Design Principles
• Consideration :
– Performance Oriented
– Auditable Process
26
Inbound Request Trx
Inbound Request
History
Queue Trx
Queue History
Outbound Resp Trx
Outbound Resp
History
Queue Item Trx
Queue History
In Memory
DB
Oracle
DB
Partitioned Data on Data Model and DB Table Config
27. @arydewo
Middleware Architecture Version 4 :
Data Access Strategy
27
Online
(Realtime)
Reporting
&
Dashboard
In Memory DB
OLTP DB
ODS &
Datawarehouse (OLAP)
Flat File Export Import
From OLTP DB
thru MFT