This document discusses graph-based computing and traversal using Gremlin and Titan. It provides examples of querying a graph about relationships between characters in Greek mythology like Hercules. Traversal operations are demonstrated to find other characters Hercules may know or which actor played him in a movie. The value of graph analysis for insights and recommendations is also discussed.
Security vulnerabilities and secure coding is often talked about in the abstract by programmers, but rarely understood. In this talk we will walk through simple exploit attempts, and finally a simple stack buffer overflow exploit, how it’s developed and how it’s used. The goal is to try to get a feeling for the point of view of an "attacker", and to slowly start looking at exploitation as just another programming practice. We will mainly be looking at C and x86_64 assembly, so bring snacks.
The Anatomy of an Exploit (NDC TechTown 2019)Patricia Aas
Security vulnerabilities and secure coding is often talked about in the abstract by programmers, but rarely understood. In this talk we will walk through simple exploit attempts, and finally a simple stack buffer overflow exploit, how it’s developed and how it’s used.
The goal is to try to get a feeling for the point of view of an "attacker", and to slowly start looking at exploitation as just another programming practice. We will mainly be looking at C and x86_64 assembly, so bring snacks.
Security vulnerabilities and secure coding is often talked about in the abstract by programmers, but rarely understood. In this talk we will walk through a simple exploit, how it’s developed and how it’s used. The goal is to try to get a feeling for the point of view of an "attacker", and to slowly start looking at exploitation as another programming tool. We will mainly be looking at C and x86_64 assembly, so bring snacks.
Titan is an open source distributed graph database build on top of Cassandra that can power real-time applications with thousands of concurrent users over graphs with billions of edges. Graphs are a versatile data model for capturing and analyzing rich relational structures. Graphs are an increasingly popular way to represent data in a wide range of domains such as social networking, recommendation engines, advertisement optimization, knowledge representation, health care, education, and security.
This presentation discusses Titan's data model, query language, and novel techniques in edge compression, data layout, and vertex-centric indices which facilitate the representation and processing of Big Graph Data across a Cassandra cluster. We demonstrate Titan's performance on a large scale benchmark evaluation using Twitter data.
Presented at the Cassandra 2012 Summit.
A presentation of Apache TinkerPop's Gremlin language with running examples over the MovieLens dataset. Presented August 19, 2015 at NoSQL NOW in San Jose, California.
A graph is a data structure composed of vertices/dots and edges/lines. A graph database is a software system used to persist and process graphs. The common conception in today's database community is that there is a tradeoff between the scale of data and the complexity/interlinking of data. To challenge this understanding, Aurelius has developed Titan under the liberal Apache 2 license. Titan supports both the size of modern data and the modeling power of graphs to usher in the era of Big Graph Data. Novel techniques in edge compression, data layout, and vertex-centric indices that exploit significant orders are used to facilitate the representation and processing of a single atomic graph structure across a multi-machine cluster. To ensure ease of adoption by the graph community, Titan natively implements the TinkerPop 2 Blueprints API. This presentation will review the graph landscape, Titan's techniques for scale by distribution, and a collection of satellite graph technologies to be released by Aurelius in the coming summer months of 2012.
This talk argues that the future of data query/analytic languages will be all about embedding the language into the native programming language of the developer. As an example of this style, the Gremlin graph traversal language is presented. Gremlin can be represented in any programming language that supports function composition and function nesting. The language representation is then compiled to Gremlin bytecode to ultimately be executed by the/a Gremlin graph traversal machine. This enables both the Gremlin language and machine to be agnostic to the execution language.
Security vulnerabilities and secure coding is often talked about in the abstract by programmers, but rarely understood. In this talk we will walk through simple exploit attempts, and finally a simple stack buffer overflow exploit, how it’s developed and how it’s used. The goal is to try to get a feeling for the point of view of an "attacker", and to slowly start looking at exploitation as just another programming practice. We will mainly be looking at C and x86_64 assembly, so bring snacks.
The Anatomy of an Exploit (NDC TechTown 2019)Patricia Aas
Security vulnerabilities and secure coding is often talked about in the abstract by programmers, but rarely understood. In this talk we will walk through simple exploit attempts, and finally a simple stack buffer overflow exploit, how it’s developed and how it’s used.
The goal is to try to get a feeling for the point of view of an "attacker", and to slowly start looking at exploitation as just another programming practice. We will mainly be looking at C and x86_64 assembly, so bring snacks.
Security vulnerabilities and secure coding is often talked about in the abstract by programmers, but rarely understood. In this talk we will walk through a simple exploit, how it’s developed and how it’s used. The goal is to try to get a feeling for the point of view of an "attacker", and to slowly start looking at exploitation as another programming tool. We will mainly be looking at C and x86_64 assembly, so bring snacks.
Titan is an open source distributed graph database build on top of Cassandra that can power real-time applications with thousands of concurrent users over graphs with billions of edges. Graphs are a versatile data model for capturing and analyzing rich relational structures. Graphs are an increasingly popular way to represent data in a wide range of domains such as social networking, recommendation engines, advertisement optimization, knowledge representation, health care, education, and security.
This presentation discusses Titan's data model, query language, and novel techniques in edge compression, data layout, and vertex-centric indices which facilitate the representation and processing of Big Graph Data across a Cassandra cluster. We demonstrate Titan's performance on a large scale benchmark evaluation using Twitter data.
Presented at the Cassandra 2012 Summit.
A presentation of Apache TinkerPop's Gremlin language with running examples over the MovieLens dataset. Presented August 19, 2015 at NoSQL NOW in San Jose, California.
A graph is a data structure composed of vertices/dots and edges/lines. A graph database is a software system used to persist and process graphs. The common conception in today's database community is that there is a tradeoff between the scale of data and the complexity/interlinking of data. To challenge this understanding, Aurelius has developed Titan under the liberal Apache 2 license. Titan supports both the size of modern data and the modeling power of graphs to usher in the era of Big Graph Data. Novel techniques in edge compression, data layout, and vertex-centric indices that exploit significant orders are used to facilitate the representation and processing of a single atomic graph structure across a multi-machine cluster. To ensure ease of adoption by the graph community, Titan natively implements the TinkerPop 2 Blueprints API. This presentation will review the graph landscape, Titan's techniques for scale by distribution, and a collection of satellite graph technologies to be released by Aurelius in the coming summer months of 2012.
This talk argues that the future of data query/analytic languages will be all about embedding the language into the native programming language of the developer. As an example of this style, the Gremlin graph traversal language is presented. Gremlin can be represented in any programming language that supports function composition and function nesting. The language representation is then compiled to Gremlin bytecode to ultimately be executed by the/a Gremlin graph traversal machine. This enables both the Gremlin language and machine to be agnostic to the execution language.
Gremlin is a Turing-complete, graph-based programming language developed for key/value-pair multi-relational graphs called property graphs. Gremlin makes extensive use of XPath 1.0 to support complex graph traversals. Connectors exist to various graph databases and frameworks. This language has application in the areas of graph query, analysis, and manipulation.
Who am I and why do I feel that the world is not infinitely perfect? Which technologies should I use to rectify this situation? Enter the graph and the graph traversal.
This presentation was given on January 17, 2016 at the GraphDay conference in Austin, Texas. The slides demonstrate the use of wave dynamics in graph structures. Moreover, they demonstrate how to implement quantum processes on graph structures.
There is an associated article available at http://arxiv.org/abs/1511.06278 (Quantum Walks with Gremlin).
Titan is a scalable graph database that can distribute and query graph data across multiple machines. This presentation provides a general introduction to graph computing and Titan in particular. It also focuses on some recent development for Titan 0.9 and TinkerPop 3.
Problem-Solving using Graph Traversals: Searching, Scoring, Ranking, and Reco...Marko Rodriguez
A graph is a data structure that links a set of vertices by a set of edges. Modern graph databases support multi-relational graph structures, where there exist different types of vertices (e.g. people, places, items) and different types of edges (e.g. friend, lives at, purchased). By means of index-free adjacency, graph databases are optimized for graph traversals and are interacted with through a graph traversal engine. A graph traversal is defined as an abstract path whose instance is realized on a graph dataset. Graph databases and traversals can be used for searching, scoring, ranking, and in concert, recommendation. This presentation will explore graph structures, algorithms, traversal algebras, graph-related software suites, and a host of examples demonstrating how to solve real-world problems, in real-time, with graphs. This is a whirlwind tour of the theory and application of graphs.
ACM DBPL Keynote: The Graph Traversal Machine and LanguageMarko Rodriguez
Learn about Apache TinkerPop's Gremlin traversal machine and language. Presented as the keynote for ACM's Database Programming Languages conference in Pittsburgh Pennsylvania on October 27, 2015.
A visual tour of the corresponding GraphDay 2017 article -- https://doi.org/10.5281/zenodo.583293.
A propositional axiom is stated -- "everything is a graph." The entailments of this axiom are discussed and problems are presented that don't lend themselves to an easy representation as vertices and edges.
Abstract: The universal graph is a theoretical construct capturing the idea that every aspect of reality can be modeled as a graph composed of vertices and edges and, as such, reality is a graph. From the physical world of atoms, people, and galaxies to the mental planes of thoughts, words, and knowledge, there exists a universal graph hosting all such structures. While this idea is enticing, there are still strides to be made in coming to terms with a reality that is not composed of atoms bound by spacetime, but instead, a graph composed of vertices united by edges.
The Gremlin traversal machine is composed of three components: a graph, a traversal, and a set of traversers. Learn how these components interact to enable distributed, vendor-agnostic, OLTP/OLAP-based graph computing.
This talk was presented live at DataStax's Support Summit in Carmel, CA (April 2017) and Engineering Summit in Las Vegas, NV (May 2017).
Faunus is a graph analytics engine built atop the Hadoop distributed computing platform. The graph representation is a distributed adjacency list, whereby a vertex and its incident edges are co-located on the same machine. Querying a Faunus graph is possible with a MapReduce-variant of the Gremlin graph traversal language. A Gremlin expression compiles down to a series of MapReduce-steps that are sequence optimized and then executed by Hadoop. Results are stored as transformations to the input graph (graph derivations) or computational side-effects such as aggregates (graph statistics). Beyond querying, a collection of input/output formats are supported which enable Faunus to load/store graphs in the distributed graph database Titan, various graph formats stored in HDFS, and via arbitrary user-defined functions. This presentation will focus primarily on Faunus, but will also review the satellite technologies that enable it.
There is nothing more fascinating and utterly mind-bending than traversing a graph. Those who succumb to this data processing pattern euphorically suffer from graph pathology.
This is a case study of the Graph Addict.
Gremlin is a graph traversal language that connects to various graph databases/frameworks.
* Neo4j [http://neo4j.org]
* OrientDB [http://orientechnologies.com]
* DEX [http://www.sparsity-technologies.com/dex]
* OpenRDF Sail [http://openrdf.org]
* JUNG [http://jung.sourceforge.net]
This lecture addresses the state of Gremlin as of the 0.9 (April 16, 2011).
This tutorial/lecture addresses various aspects of the graph traversal language Gremlin. In particular, the presentation focuses on Gremlin 0.7 and its application to graph analysis and manipulation.
Relational databases are perhaps the most commonly used data management systems. In relational databases, data is modeled as a collection of disparate tables. In order to unify the data within these tables, a join operation is used. This operation is expensive as the amount of data grows. For information retrieval operations that do not make use of extensive joins, relational databases are an excellent tool. However, when an excessive amount of joins are required, the relational database model breaks down. In contrast, graph databases maintain one single data structure---a graph. A graph contains a set of vertices (i.e. nodes, dots) and a set of edges (i.e. links, lines). These elements make direct reference to one another, and as such, there is no notion of a join operation. The direct references between graph elements make the joining of data explicit within the structure of the graph. The benefit of this model is that traversing (i.e. moving between the elements of a graph in an intelligent, direct manner) is very efficient and yields a style of problem-solving called the graph traversal pattern. This session will discuss graph databases, the graph traversal programming pattern, and their use in solving real-world problems.
Gremlin is a Turing-complete, graph-based programming language developed for key/value-pair multi-relational graphs called property graphs. Gremlin makes extensive use of XPath 1.0 to support complex graph traversals. Connectors exist to various graph databases and frameworks. This language has application in the areas of graph query, analysis, and manipulation.
Who am I and why do I feel that the world is not infinitely perfect? Which technologies should I use to rectify this situation? Enter the graph and the graph traversal.
This presentation was given on January 17, 2016 at the GraphDay conference in Austin, Texas. The slides demonstrate the use of wave dynamics in graph structures. Moreover, they demonstrate how to implement quantum processes on graph structures.
There is an associated article available at http://arxiv.org/abs/1511.06278 (Quantum Walks with Gremlin).
Titan is a scalable graph database that can distribute and query graph data across multiple machines. This presentation provides a general introduction to graph computing and Titan in particular. It also focuses on some recent development for Titan 0.9 and TinkerPop 3.
Problem-Solving using Graph Traversals: Searching, Scoring, Ranking, and Reco...Marko Rodriguez
A graph is a data structure that links a set of vertices by a set of edges. Modern graph databases support multi-relational graph structures, where there exist different types of vertices (e.g. people, places, items) and different types of edges (e.g. friend, lives at, purchased). By means of index-free adjacency, graph databases are optimized for graph traversals and are interacted with through a graph traversal engine. A graph traversal is defined as an abstract path whose instance is realized on a graph dataset. Graph databases and traversals can be used for searching, scoring, ranking, and in concert, recommendation. This presentation will explore graph structures, algorithms, traversal algebras, graph-related software suites, and a host of examples demonstrating how to solve real-world problems, in real-time, with graphs. This is a whirlwind tour of the theory and application of graphs.
ACM DBPL Keynote: The Graph Traversal Machine and LanguageMarko Rodriguez
Learn about Apache TinkerPop's Gremlin traversal machine and language. Presented as the keynote for ACM's Database Programming Languages conference in Pittsburgh Pennsylvania on October 27, 2015.
A visual tour of the corresponding GraphDay 2017 article -- https://doi.org/10.5281/zenodo.583293.
A propositional axiom is stated -- "everything is a graph." The entailments of this axiom are discussed and problems are presented that don't lend themselves to an easy representation as vertices and edges.
Abstract: The universal graph is a theoretical construct capturing the idea that every aspect of reality can be modeled as a graph composed of vertices and edges and, as such, reality is a graph. From the physical world of atoms, people, and galaxies to the mental planes of thoughts, words, and knowledge, there exists a universal graph hosting all such structures. While this idea is enticing, there are still strides to be made in coming to terms with a reality that is not composed of atoms bound by spacetime, but instead, a graph composed of vertices united by edges.
The Gremlin traversal machine is composed of three components: a graph, a traversal, and a set of traversers. Learn how these components interact to enable distributed, vendor-agnostic, OLTP/OLAP-based graph computing.
This talk was presented live at DataStax's Support Summit in Carmel, CA (April 2017) and Engineering Summit in Las Vegas, NV (May 2017).
Faunus is a graph analytics engine built atop the Hadoop distributed computing platform. The graph representation is a distributed adjacency list, whereby a vertex and its incident edges are co-located on the same machine. Querying a Faunus graph is possible with a MapReduce-variant of the Gremlin graph traversal language. A Gremlin expression compiles down to a series of MapReduce-steps that are sequence optimized and then executed by Hadoop. Results are stored as transformations to the input graph (graph derivations) or computational side-effects such as aggregates (graph statistics). Beyond querying, a collection of input/output formats are supported which enable Faunus to load/store graphs in the distributed graph database Titan, various graph formats stored in HDFS, and via arbitrary user-defined functions. This presentation will focus primarily on Faunus, but will also review the satellite technologies that enable it.
There is nothing more fascinating and utterly mind-bending than traversing a graph. Those who succumb to this data processing pattern euphorically suffer from graph pathology.
This is a case study of the Graph Addict.
Gremlin is a graph traversal language that connects to various graph databases/frameworks.
* Neo4j [http://neo4j.org]
* OrientDB [http://orientechnologies.com]
* DEX [http://www.sparsity-technologies.com/dex]
* OpenRDF Sail [http://openrdf.org]
* JUNG [http://jung.sourceforge.net]
This lecture addresses the state of Gremlin as of the 0.9 (April 16, 2011).
This tutorial/lecture addresses various aspects of the graph traversal language Gremlin. In particular, the presentation focuses on Gremlin 0.7 and its application to graph analysis and manipulation.
Relational databases are perhaps the most commonly used data management systems. In relational databases, data is modeled as a collection of disparate tables. In order to unify the data within these tables, a join operation is used. This operation is expensive as the amount of data grows. For information retrieval operations that do not make use of extensive joins, relational databases are an excellent tool. However, when an excessive amount of joins are required, the relational database model breaks down. In contrast, graph databases maintain one single data structure---a graph. A graph contains a set of vertices (i.e. nodes, dots) and a set of edges (i.e. links, lines). These elements make direct reference to one another, and as such, there is no notion of a join operation. The direct references between graph elements make the joining of data explicit within the structure of the graph. The benefit of this model is that traversing (i.e. moving between the elements of a graph in an intelligent, direct manner) is very efficient and yields a style of problem-solving called the graph traversal pattern. This session will discuss graph databases, the graph traversal programming pattern, and their use in solving real-world problems.
A Perspective on Graph Theory and Network ScienceMarko Rodriguez
The graph/network domain has been driven by the creativity of numerous individuals from disparate areas of the academic and the commercial sector. Examples of contributing academic disciplines include mathematics, physics, sociology, and computer science. Given the interdisciplinary nature of the domain, it is difficult for any single individual to objectively realize and speak about the space as a whole. Any presentation of the ideas is ultimately biased by the formal training and expertise of the individual. For this reason, I will simply present on the domain from my perspective---from my personal experiences. More specifically, from my perspective biased by cognitive and computer science.
This is an autobiographical lecture on my life (so far) with graphs/networks.
A graph is a structure composed of a set of vertices (i.e.~nodes, dots) connected to one another by a set of edges (i.e.~links, lines). The concept of a graph has been around since the late 19th century, however, only in recent decades has there been a strong resurgence in the development of both graph theories and applications. In applied computing, since the late 1960s, the interlinked table structure of the relational database has been the predominant information storage and retrieval paradigm. With the growth of graph/network-based data and the need to efficiently process such data, new data management systems have been developed. In contrast to the index-intensive, set-theoretic operations of relational databases, graph databases make use of index-free traversals. This presentation will discuss the graph traversal programming pattern and its application to problem-solving with graph databases.
General-Purpose, Internet-Scale Distributed Computing with Linked ProcessMarko Rodriguez
There are many distributed computing protocols in existence today. Some serve as a solution for scientific computing, some as a middleware solution to large- scale systems engineering, and others as an “easy-to-use” service solution on the Web. What most of these protocols have in common is that they require a strong “handshake” between the machines utilizing each other’s resources. This coupling has rendered many distributed protocols to only be useful for a collection of machines owned and operated by a single organization (e.g. MPI/PVM computing) or for use by foreign machines with a very specific use case (e.g. RPC/Web Services computing). The former allows for general-purpose distributed computing and the latter allows for Internet-scale distributed computing. What if both types of functionality were to be merged? What does a general-purpose, Internet-scale distributed computing protocol look like? Linked Process [ http://linkedprocess.org ]
Collective Decision Making Systems: From the Ideal State to Human EudaimoniaMarko Rodriguez
Few scholastic disciplines have within them an explicit ideal beyond the production of knowledge. With computer science and engineering, the implicit ideal is to ensure better living through circuitry. Personally, my motivation is driven by the sense that social algorithms will lead to a greater human experience.
Distributed Graph Databases and the Emerging Web of DataMarko Rodriguez
The World Wide Web is the defacto medium for publicly exposing a corpus of interrelated documents. In its current form, the World Wide Web is the Web of Documents. The next generation of the World Wide Web will support the Web of Data. The Web of Data utilizes the same Uniform Resource Identifier (URI) address space as the Web of Documents, but instead of a exposing a graph of documents, the Web of Data exposes a graph of data. Given that the URI address space of the Web is distributed and infinite, the Web of Data provides a single unified space by which the worlds data can be publicly exposed and interrelated. The Web of Data is supported by both graph databases (which structure the data) and distributed computing mechanism (which process the data). This presentation will discuss the Web of Data, graph databases, and models of computing in this emerging space.
Graph Databases and the Future of Large-Scale Knowledge ManagementMarko Rodriguez
Modern day open source and commercial graph databases can store on the order of 1 billion relationships with some databases reaching the 10 billion mark. These developments are making the graph database practical for applications that require large-scale knowledge structures. Moreover, with the Web of Data standards set forth by the Linked Data community, it is possible to interlink graph databases across the web into a giant global knowledge structure. This talk will discuss graph databases, their underlying data model, their querying mechanisms, and the benefits of the graph data structure for modeling and analysis.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
24. RECOMMENDATION
People you may know.
Products you might like.
Movies you should watch and
the friends you should watch them with.
SOCIAL GRAPH
RATINGS GRAPH
SOCIAL+RATINGS
GRAPH
41. PATH FINDING
How is this person related to this film?
Which authors of this book also
wrote a New York Times bestseller?
Which movies are based on a book by a
New York Times bestseller?
MOVIE GRAPH
BOOK GRAPH
MOVIE+BOOK
GRAPH
42. WHO PLAYED HERCULES
IN WHAT MOVIE?
hercules
0
arnold
schwarzenegger
hasActor
jupiter
10 7
8
depictedIn
hercules in
new york
actor
role
9
hasActor
6
role
ernest
graves
actor
11
depictedIn
43. WHO PLAYED HERCULES
IN WHAT MOVIE?
hercules
0
arnold
schwarzenegger
hasActor
jupiter
10 7
8
depictedIn
hercules in
new york
gremlin> hercules.match('hercules',
actor
role
9
hasActor
6
role
ernest
graves
actor
11
depictedIn
44. WHO PLAYED HERCULES
IN WHAT MOVIE?
hercules
0
arnold
schwarzenegger
role
hasActor
jupiter
10 7
8
depictedIn
hercules in
new york
actor
gremlin> hercules.match('hercules',
g.of().as('hercules').out('depictedIn').as('movie'),
9
hasActor
6
role
ernest
graves
actor
11
depictedIn
45. WHO PLAYED HERCULES
IN WHAT MOVIE?
hercules
0
arnold
schwarzenegger
role
hasActor
jupiter
10 7
8
depictedIn
hercules in
new york
actor
gremlin> hercules.match('hercules',
g.of().as('hercules').out('depictedIn').as('movie'),
g.of().as('movie').out('hasActor').as('actor'),
9
hasActor
6
role
ernest
graves
actor
11
depictedIn
46. WHO PLAYED HERCULES
IN WHAT MOVIE?
hercules
0
arnold
schwarzenegger
role
hasActor
jupiter
10 7
8
depictedIn
hercules in
new york
actor
gremlin> hercules.match('hercules',
g.of().as('hercules').out('depictedIn').as('movie'),
g.of().as('movie').out('hasActor').as('actor'),
g.of().as('actor').out('role').as('hercules'),
9
hasActor
6
role
ernest
graves
actor
11
depictedIn
47. WHO PLAYED HERCULES
IN WHAT MOVIE?
hercules
0
arnold
schwarzenegger
role
hasActor
jupiter
10 7
8
depictedIn
hercules in
new york
actor
gremlin> hercules.match('hercules',
g.of().as('hercules').out('depictedIn').as('movie'),
g.of().as('movie').out('hasActor').as('actor'),
g.of().as('actor').out('role').as('hercules'),
g.of().as('actor').out('actor').as('star'))
9
hasActor
6
role
ernest
graves
actor
11
depictedIn
48. WHO PLAYED HERCULES
IN WHAT MOVIE?
hercules
0
arnold
schwarzenegger
role
hasActor
jupiter
10 7
8
depictedIn
hercules in
new york
actor
gremlin> hercules.match('hercules',
g.of().as('hercules').out('depictedIn').as('movie'),
g.of().as('movie').out('hasActor').as('actor'),
g.of().as('actor').out('role').as('hercules'),
g.of().as('actor').out('actor').as('star'))
.select(['movie','star'])
==>[movie:v[7], star:v[9]]
9
hasActor
6
role
ernest
graves
actor
11
depictedIn
49. WHO PLAYED HERCULES
IN WHAT MOVIE?
hercules
0
arnold
schwarzenegger
role
hasActor
jupiter
10 7
8
depictedIn
hercules in
new york
actor
gremlin> hercules.match('hercules',
g.of().as('hercules').out('depictedIn').as('movie')
g.of().as('movie').out('hasActor').as('actor')
g.of().as('actor').out('role').as('hercules')
g.of().as('actor').out('actor').as('star'))
.select(['movie','star']){it.name}
==>[movie:hercules in new york, star:arnold schwarzenegger]
9
hasActor
6
role
ernest
graves
actor
11
depictedIn
50. hercules
0
arnold
schwarzenegger
hasActor
jupiter
10 7
8
depictedIn
hercules in
new york
actor
role
9
hasActor
6
role
ernest
graves
actor
11
depictedIn
51. hercules
0
arnold
schwarzenegger
hasActor
jupiter
10 7
8
depictedIn
hercules in
new york
actor
role
9
hasActor
6
role
ernest
graves
actor
11
depictedIn
52. hercules
0
arnold
schwarzenegger
hasActor
jupiter
10 7
8
depictedIn
hercules in
new york
actor
role
9
hasActor
6
role
ernest
graves
actor
11
depictedIn
12 the arms of
hercules
depictedIn
53. hercules
0
arnold
schwarzenegger
hasActor
jupiter
10 7
8
depictedIn
hercules in
new york
actor
role
9
hasActor
6
role
ernest
graves
actor
11
depictedIn
12 the arms of
hercules
fred
saberhagen
13
depictedIn
writtenBy
54. albuquerque
hercules
0
arnold
schwarzenegger
hasActor
jupiter
10 7
8
depictedIn
hercules in
new york
actor
role
9
hasActor
6
role
ernest
graves
actor
11
depictedIn
12 the arms of
hercules
fred
saberhagen
13
depictedIn
writtenBy
14
livesIn
55. albuquerque
hercules
0
arnold
schwarzenegger
hasActor
jupiter
10 7
8
depictedIn
hercules in
new york
actor
role
9
hasActor
6
role
ernest
graves
actor
11
depictedIn
12 the arms of
hercules
fred
saberhagen
13
depictedIn
writtenBy
14
livesIn
15
25-North
santa fe
56. albuquerque
hercules
0
arnold
schwarzenegger
hasActor
jupiter
10 7
8
depictedIn
hercules in
new york
actor
role
9
hasActor
6
role
marko
rodriguez
ernest
graves
actor
11
depictedIn
12 the arms of
hercules
fred
saberhagen
13
depictedIn
writtenBy
14
livesIn
15
25-North
santa fe
16
livesIn
57. albuquerque
hercules
0
arnold
schwarzenegger
hasActor
jupiter
10 7
8
depictedIn
hercules in
new york
actor
role
9
hasActor
6
role
marko
rodriguez
ernest
graves
actor
11
depictedIn
12 the arms of
hercules
fred
saberhagen
13
depictedIn
writtenBy
14
livesIn
15
25-North
santa fe
16
livesIn
thinksHeIs
58. albuquerque
hercules
0
arnold
schwarzenegger
BOOK GRAPH
hasActor
jupiter
10 7
8
depictedIn
hercules in
new york
actor
role
9
hasActor
6
role
marko
rodriguez
ernest
graves
actor
11
depictedIn
12 the arms of
hercules
fred
saberhagen
13
depictedIn
writtenBy
14
livesIn
15
25-North
santa fe
16
livesIn
thinksHeIs
MOVIE GRAPH
TRANSPORTATION GRAPH
PROFILE
GRAPH
59. SOCIAL INFLUENCE
Who are the most influential people in
java, mathematics, art, surreal art, politics, ...?
Which region of the social graph will propagate this
advertisement this furthest?
Which 3 experts should review this submitted article?
Which people should I talk to at the upcoming
conference and what topics should
I talk to them about?
SOCIAL + COMMUNICATION + EXPERTISE + EVENT GRAPH
60. PATTERN IDENTIFICATION
This connectivity pattern is a sign of financial fraud.
When this motif is found, a red flag will be raised.
TRANSACTION GRAPH
Healthy discourse is typified by a discussion board
with a branch factor in this range and a concept
clique score in this range.
DISCUSSION GRAPH
61. KNOWLEDGE DISCOVERY
The terms "ice", "fans", "stanley cup,"
are classified as "sports"
Given that all identified birds fly,
it can be deduced that all birds fly.
If contrary evidence is provided,
then this "fact" can be retracted.
WIKIPEDIA GRAPH
EVIDENTIAL LOGIC GRAPH
67. WhY CREATE TITAN?
A number of Aurelius' clients...
...need to represent and process
graphs at the 100+ billion edge
scale w/ thousands of concurrent
transactions.
...need both local graph traversals
(OLTP) and batch graph
processing (OLAP).
...desire a free, open source
distributed graph database.
68. TITAN's KEY FEATURES
Titan provides...
..."infinite size" graphs and
"unlimited" users by means of a
distributed storage engine.
...real-time local traversals (OLTP)
and support for global batch
processing via Hadoop (OLAP).
...distribution via the liberal, free,
open source Apache2 license.
70. TITAN DISTRIBUTED
VIA CASSANDRA
titan$ bin/gremlin.sh
,,,/
(o o)
-----oOOo-(_)-oOOo-----
gremlin> conf = new BaseConfiguration();
==>org.apache.commons.configuration.BaseConfiguration@763861e6
gremlin> conf.setProperty("storage.backend","cassandra");
gremlin> conf.setProperty("storage.hostname","77.77.77.77");
gremlin> g = TitanFactory.open(conf);
==>titangraph[cassandra:77.77.77.77]
gremlin>
71. INHERITED FEATURES
Continuously available with no single point of failure.
No write bottlenecks to the graph as there is no master/slave architecture.
Built-in replication ensures data is available during machine failure.
Caching layer ensures that continuously accessed data is available in memory.
Elastic scalability allows for the introduction and removal of machines.
Cassandra available at http://cassandra.apache.org/
72. TITAN DISTRIBUTED
titan$ bin/gremlin.sh
,,,/
(o o)
VIA HBASE
-----oOOo-(_)-oOOo-----
gremlin> conf = new BaseConfiguration();
==>org.apache.commons.configuration.BaseConfiguration@763861e6
gremlin> conf.setProperty("storage.backend","hbase");
gremlin> conf.setProperty("storage.hostname","77.77.77.77");
gremlin> g = TitanFactory.open(conf);
==>titangraph[hbase:77.77.77.77]
gremlin>
73. INHERITED FEATURES
Strictly consistent reads and writes.
Linear scalability with the addition of machines.
Base classes for backing Hadoop MapReduce jobs with HBase tables.
HDFS-based data replication.
Generally good integration with the tools in the Hadoop ecosystem.
HBase available at http://hbase.apache.org/
76. Titan is all about numerous concurrent users...
high availability....
77. Titan is all about numerous concurrent users...
high availability....
dynamic scalability...
78. VERTEX-CENTRIC INDICES
THE SUPER NODE PROBLEM
Natural, real-world graphs contain
vertices of high degree.
Even if rare, their degree ensures that
they exist on many paths.
Traversing a high degree vertex
means touching numerous incident
edges and potentially touching most
of the graph in only a few steps.
79. VERTEX-CENTRIC INDICES
A SUPER NODE SOLUTION
A "super node" only exists from the
vantage point of classic "textbook
style" graphs.
In the world of property graphs,
intelligent disk-level filtering can
interpret a "super node" as a more
manageable low-degree vertex.
Vertex-centric querying utilizes sort
orders for speedy lookup of incident
edges with particular qualities.
88. THE TITAN OLAP STORY
0
1
2
3
A
B
A
C
a:b
c:d
e:f
g:h
i:j
4
5
6
7
vertex
id props
incoming edges outgoing edges
edge
id props label id
edge
id props label id
edge
id label id
edge
id label id
1 e:f 4 c:d A 2 5 B 0 6 g:h A 3 7 C 3
92. HADOOP
Hadoop is a distributed computing platform composed of two key components:
HDFS:
A distributed file system that stores arbitrarily large files within a cluster.
MapReduce:
A parallel functional computing model for key/value pair data.
http://hadoop.apache.org
93. FAUNUS AND HADOOP
0
1
2
3
4
5
6
7
8
9
10
11
Process
Structure
127.0.0.2 127.0.0.3 127.0.0.4
Faunus provides graph input/output formats (structure)
and a traversal language for graphs (process).
94. THE TITAN OLAP STORY
Serial Key/Value Data Structure Indexed Key/Indexed Value Data Structure
0
1
3
4
5
6
7
8
9
10
11
0
1
3
4
5
6
7
8
9
10
11
95. Adam Jacobs. 2009. The Pathologies of Big Data. Communications of the ACM 52, 8 (August 2009), 36-44.
doi:10.1145/1536616.1536632 http://doi.acm.org/10.1145/1536616.1536632
97. INTER-CLUSTER CONFIGURATION
Graph data is offloaded to another cluster.
Repeated analysis does not interfere with production graph database.
98. THE TITAN OLAP STORY
Titan currently provides a Hadoop OLAP engine
Titan-Hadoop (nicknamed Faunus)
Titan 1.0 will also provide an in-memory, off head, single-machine OLAP engine.
Titan-Memory (nicknamed Fulgora)
100. TINKERPOP3 FEATURES
A standard, vendor-agnostic graph query language.
Both OLTP and OLAP engines for evaluating queries.
A way for developers to create custom, domain specific variants.
A server system for pushing queries to the server for evaluation.
A vertex-centric computing framework for distributed graph algorithms.
109. g.V.has('name','titan').out.name
2
name=titan
…filter all vertices that don't have the name 'titan'…
The general functions are map(), flatMap(), filter(), sideEffect(), and branch().
112. THE GENERIC STEPS
?
S filter S S map E S
flatMap
sideEffect branch
A
E
E E
E
E
E
S S S
S
...
S
?
?
has()
retain()
except()
interval()
simplePath()
dedup()
timeLimit()
...
back()
fold()
valueMap()
match()
orderBy()
shuffle()
...
out()
outE()
inV()
both()
values()
unfold()
...
aggregate()
store()
groupCount()
groupBy()
tree()
count()
subgraph()
...
jump()
until()
choose()
union()
...
114. TINKERPOP'S OLAP STORY
Execute parallel, distributed Gremlin traversals.
Execute vertex-centric message passing algorithms.
traversers are the messages!
115. OLAP
1
1
1
1
2
2
2
3
1
2
3
OLTP
✓ Real-time queries.
✓ Touching a subset of the graph.
✓ Numerous concurrent queries.
✓ Good for local graph mutations.
✓ Long running queries.
✓ Touching the entire of the graph.
✓ Single user.
✓ Good for bulk loading/mutations.
116. g.compute()
GraphComputer
Vertex
Program
program
mapReduce
distributed
to all workers
MapReduce
MapReduce
MapReduce
worker 1
worker 2
worker 3
1. Logically distribute the vertex program to all the vertices in the graph.
2. The vertices execute the vertex program sending and receiving messages on each iteration.
3. Any number of MapReduce jobs can follow to aggregate the computed data in the graph.
117. gremlin> result = g.compute().program(PageRankVertexProgram).submit()
==>result[tinkergraph[vertices:6 edges:6],memory[size:0]]
gremlin> result.memory.iteration
==>30
gremlin> result.graph
==>tinkergraph[vertices:6 edges:6]
gremlin> result.graph.V.map{ [it.id,it.pageRank]}
==>[1, 0.15000000000000002]
==>[2, 0.19250000000000003]
==>[3, 0.4018125]
==>[4, 0.19250000000000003]
==>[5, 0.23181250000000003]
==>[6, 0.15000000000000002]
* Minor tweaks to example to make it fit nicely on a single line.
122. GREMLIN SERVER
gremlin> g = TitanFactory.open(conf)
==>titangraph[66.77.88.99]
gremlin> g.V.has('name','titan')
==>v[2]
localhost
123. GREMLIN SERVER
gremlin> g = TitanFactory.open(conf)
==>titangraph[66.77.88.99]
gremlin> g.V.has('name','titan')
==>v[2]
gremlin> g.V.has('name','titan').out
localhost
1. get the titan vertex
2. get titan's adjacents
124. GREMLIN SERVER
gremlin> g = TitanFactory.open(conf)
==>titangraph[66.77.88.99]
gremlin> g.V.has('name','titan')
==>v[2]
gremlin> g.V.has('name','titan').out
localhost
1. get the titan vertex
2. get titan's adjacents
CHATTY
Each step in the traversal is a round trip
129. GREMLIN SERVER
gremlin> :remote connect tinkerpop.server titan.yaml
==>connected - 66.77.88.99:8182,11.22.33.44:8182,...
gremlin> :> g.V.has('name','titan')
==>v[2]
gremlin> :> g.V.has('name','titan').out
localhost
g.V.has('name','titan').out
LESS CHATTY
1. Gremlin Server client knows the hash function
to query the machine with the Titan vertex
2. Push the traversal to the server and
get a WebSockets iterator back
130. GREMLIN SERVER
Allows non-JVM languages to interact with a remote graph.
Supports stored procedures -- MyAlgorithms.class
Supports WebSockets, REST, and various serialization mechanisms.
131. CREDITS
PRESENTED BY
MARKO A. RODRIGUEZ
MANY THANKS TO
MATTHIAS BRöCHELER
STEPHEN MALLETTE
DAN LAROCQUE
DANIEL KUPPITZ
BOB BRIODY
BRYN COOKE
JOSH SHINAVIER
PAVEL YASKEVICH
AURELIUS COMMUNITY
TINKERPOP COMMUNITY
KETRINA YIM