This presentation will throw a spotlight onto the single most common,
and most serious, reason why Content Management projects fail. In a
nutshell, too many projects become so focused on the technology they
want to deploy that they forget about what matters most - the content
and the people who use it. Real-life case studies will be used to
illustrate this problem. The optimism of the audience will be rebuilt
by introducing a proven solution to this issue with this being a call
to move the focus of CM project towards Content Oriented Architectures.
The most common mistake found in content management projects is rather
surprising. The reason most CM projects falter is that the project
team, and frequently its stakeholders, become unduly enamored with
some piece of technology and assume, or hope, that one or two
applications will erase all of the challenges surrounding the
creation, management, reuse and delivery of content. When a particular
collection of applications fail to deliver on the expectations, the
usual response is to insert even more applications. With each new
application that is introduced, a number of connectors and patches are
also added so that one tool can work with the others that are already
in place. This continues until, with seeming inevitability, these
projects crumble under the weight of growing system complexity. These
projects fail, in short, because, in becoming fixated on technology,
they essentially forget about their content.
This presentation will use a number of project cases studies, some
older and some exceedingly current, to illustrate the downward path
that most CM projects follow. While this might sound ominous, this
journey will actually arrive at a hopeful conclusion. If CM projects
place content at the center of their solution designs, adopting in
effect a Content Oriented Architecture (COA), it becomes possible for
projects to use technology, even exploit it, in ways that emphasize
helping authors, publishers and content users. Under this model, the
quality and usefulness of the content assets becomes the overriding
focus and where automation is introduced it is to either further
improve the quality of the content or to reduce the cost and effort
needed to achieve the desired results. Examples of successful projects
will be used to prove that Content Oriented Architectures are not
really new and that they do deliver results that endure over time.
Accelerate Microsoft Lync Deployments with Session Border ControllersAcmePacket
Presentation given at an event in New York City about accelerating your Lync deployments with session border controllers from Acme Packet, the leader in session border controllers.
La produttivita nella gestione documentale secondo MicrosoftDOCFLOW
Intervento di Silvio Filippi, Product Manager SharePoint Microsoft Italia, durante l'evento organizzato da DocFlow e Microsoft dal titolo " GESTIONE DOCUMENTALE E CONSERVAZIONE SOSTITUTIVA: NORMATIVA E SOLUZIONI TECNOLOGICHE"
Accelerate Microsoft Lync Deployments with Session Border ControllersAcmePacket
Presentation given at an event in New York City about accelerating your Lync deployments with session border controllers from Acme Packet, the leader in session border controllers.
La produttivita nella gestione documentale secondo MicrosoftDOCFLOW
Intervento di Silvio Filippi, Product Manager SharePoint Microsoft Italia, durante l'evento organizzato da DocFlow e Microsoft dal titolo " GESTIONE DOCUMENTALE E CONSERVAZIONE SOSTITUTIVA: NORMATIVA E SOLUZIONI TECNOLOGICHE"
Solidarity between survivor and trade union activists: organising for democratic alliances by Mick McKeown - a presentation from the symposium on social movements and their contributions to sociological knowledge on mental health at the University of Wolverhampton. Held on 13 June 2014.
Food and Climate Change presentation by Jessica Paddock at the BSA Climate Change Study Group Conference on 17 January 2011 at the British Library Conference Centre, London, UK.
This presentation delves perhaps a little too deeply into the question "what is content?" It also addresses ideas about "content solutions" that the presenter has been developing for well over 10 years and that seem to find repeated value in guiding content management projects.
Modern Enterprise Software Systems entail many
challenges such as rapidly changing business scenario,
increase in complexity, and shorter time to market and
providing business agility without compromising on the
quality. Ensuring productivity, quality, consistency, cost
effective, reduced cycle time have become a mandate for the
teams dealing with modern enterprise software systems.
Fluent Interfaces is a powerful technique, which help in
taming the programming complexities, reducing boilerplate
code, increasing the quality and thereby improving the
productivity and cycle time. In this paper we will describe
some of our explorations in Fluent Interfaces and why we feel
the notion of Fluent Interfaces is a useful technique for
enterprise software system. We are currently focusing on two
things – a technique for determining fluency of an API and
secondly a methodology for designing a fluent interface. We
will also share some of the benefits and limitations that we
observed during our experimentation. We conclude this paper
with a note on the current work that we are doing and the
future directions.
Steve Abrams reviews Open Services for Lifecycle collaboration - objectives, technical and community approach, process, and progress. Originally presented at Rational Software Conference in June, 2009
Differentiating between web APIs, SOA, & integration…and why it mattersKim Clark
At a high level, both SOA and web APIs seem to solve the same problem – expose business function in real-time and in a reusable way. This tutorial looks at how these initiatives are different and how they align into an evolving integration architecture. It discusses how API Management differs from the integration architectures that came before it, such as SOA and EAI.
A talk I presented at vNext Orange County, 25th of February 2013 about the importance of delivering business value and how you as a developer can much easier meet the requirements of the end user by applying practices like DDD and utilizing things like CQRS and MVVM to help decouple your software and focus better.
A talk I presented at Southern California Team System, 26th of February 2013 about the importance of delivering business value and how you as a developer can much easier meet the requirements of the end user by applying practices like DDD and utilizing things like CQRS and MVVM to help decouple your software and focus better.
This presentation addresses how some of the challenges that have historically confronted implementers of markup technologies (SGML and XML) and how DITA, together with some of the usability innovations associated with Web 2.0, can be used to address them. Presented at Content Convergence and Integration in Vancouver (12 March 2008).
Speaker: Igor Pavleković;
Products included in Office 365 are due to be released to the market with new version number. In this session participants will be introduced into new features and highlights included in new versions of Exchange, Lync and Sharepoint bundled into Microsoft’s cloud environment named Office 365.
Cloud initiatives are beginning to dominate enterprise IT roadmaps. Successful adoption of Cloud and the subsequent governance challenges warrant a Cloud reference architecture that is applied consistently across the enterprise. This presentation will answer questions such as what exactly a Cloud is, why you need it, what changes it will bring to the enterprise, and what the key capabilities of a Cloud infrastructure are - using Oracle's Cloud Reference Architecture, which is part of the IT Strategies from Oracle (ITSO) Cloud Enterprise Technology Strategy (ETS).
Solidarity between survivor and trade union activists: organising for democratic alliances by Mick McKeown - a presentation from the symposium on social movements and their contributions to sociological knowledge on mental health at the University of Wolverhampton. Held on 13 June 2014.
Food and Climate Change presentation by Jessica Paddock at the BSA Climate Change Study Group Conference on 17 January 2011 at the British Library Conference Centre, London, UK.
This presentation delves perhaps a little too deeply into the question "what is content?" It also addresses ideas about "content solutions" that the presenter has been developing for well over 10 years and that seem to find repeated value in guiding content management projects.
Modern Enterprise Software Systems entail many
challenges such as rapidly changing business scenario,
increase in complexity, and shorter time to market and
providing business agility without compromising on the
quality. Ensuring productivity, quality, consistency, cost
effective, reduced cycle time have become a mandate for the
teams dealing with modern enterprise software systems.
Fluent Interfaces is a powerful technique, which help in
taming the programming complexities, reducing boilerplate
code, increasing the quality and thereby improving the
productivity and cycle time. In this paper we will describe
some of our explorations in Fluent Interfaces and why we feel
the notion of Fluent Interfaces is a useful technique for
enterprise software system. We are currently focusing on two
things – a technique for determining fluency of an API and
secondly a methodology for designing a fluent interface. We
will also share some of the benefits and limitations that we
observed during our experimentation. We conclude this paper
with a note on the current work that we are doing and the
future directions.
Steve Abrams reviews Open Services for Lifecycle collaboration - objectives, technical and community approach, process, and progress. Originally presented at Rational Software Conference in June, 2009
Differentiating between web APIs, SOA, & integration…and why it mattersKim Clark
At a high level, both SOA and web APIs seem to solve the same problem – expose business function in real-time and in a reusable way. This tutorial looks at how these initiatives are different and how they align into an evolving integration architecture. It discusses how API Management differs from the integration architectures that came before it, such as SOA and EAI.
A talk I presented at vNext Orange County, 25th of February 2013 about the importance of delivering business value and how you as a developer can much easier meet the requirements of the end user by applying practices like DDD and utilizing things like CQRS and MVVM to help decouple your software and focus better.
A talk I presented at Southern California Team System, 26th of February 2013 about the importance of delivering business value and how you as a developer can much easier meet the requirements of the end user by applying practices like DDD and utilizing things like CQRS and MVVM to help decouple your software and focus better.
This presentation addresses how some of the challenges that have historically confronted implementers of markup technologies (SGML and XML) and how DITA, together with some of the usability innovations associated with Web 2.0, can be used to address them. Presented at Content Convergence and Integration in Vancouver (12 March 2008).
Speaker: Igor Pavleković;
Products included in Office 365 are due to be released to the market with new version number. In this session participants will be introduced into new features and highlights included in new versions of Exchange, Lync and Sharepoint bundled into Microsoft’s cloud environment named Office 365.
Cloud initiatives are beginning to dominate enterprise IT roadmaps. Successful adoption of Cloud and the subsequent governance challenges warrant a Cloud reference architecture that is applied consistently across the enterprise. This presentation will answer questions such as what exactly a Cloud is, why you need it, what changes it will bring to the enterprise, and what the key capabilities of a Cloud infrastructure are - using Oracle's Cloud Reference Architecture, which is part of the IT Strategies from Oracle (ITSO) Cloud Enterprise Technology Strategy (ETS).
Docker Adoption comes with a set of problems for productions operations. Tools simply do not exist for the problems a Not Pets, Not Cattle but Ants application topology comes with.
StackEngine demos its Beta release in the context of each of these problems and how it proposes to address them.
A talk I presented at Grenland Web, 24th of January 2013 about the importance of delivering business value and how you as a developer can much easier meet the requirements of the end user by applying practices like DDD and utilizing things like CQRS and MVVM to help decouple your software and focus better.
Sergiy Dudkovskyy, Product manager, Fujitsu Technology Solutions (Armenia, Azerbaijan, Belarus, Georgia, Moldova, Ukraine) – Building up cloud infrastructure? It is easy!
Similar to The Truth about Content: Learning from the Past in order to Succeed in the Future (20)
Social media guru and technical communication expert Scott Abel, The Content Wrangler, explores how content technologies, content standards, social networks, location awareness, user-generated content, mobile communication, augmented reality, information visualization, and advanced communication techniques can help technical communicators better serve their customers, identify failure points, and spot opportunities for growth.
Move Over Text: Video Documentation Meets DITAScott Abel
Technical communicators have been recombining small chunks of text to create multiple deliverables for years. But, as consumer expectations shift away from text-only content and toward video training and documentation, shouldn\'t we be creating and delivering multiple video deliverables? And, if video documentation is the wave of the future, can we use our existing content standards to make it happen? The answer is "Yes!" Attend this presentation to learn how one organization is creating and repurposing small video segments to create multiple video documentation sets using the Darwin Information Typing Architecture (DITA).
Twitter Who Cares What You\'re Doing Right Now, AnywayScott Abel
Twitter. It\'s everywhere. Newscasters mention it. Political analysts point to its influence. Marketers use it to get messages out. Journalists and bloggers use it for research. Regular folks use it to keep up with their friends, family, and co-workers. And, people of all types use it for entertainment, research, and education. But, Twitter is more than all of these things combined. It\'s a revolution in content publishing and its changing forever -- or at least for now -- how we communicate what\'s important to us to those who want to know.
Intelligent content. It sounds so futuristic, and yet, it\'s not. This session will showcase examples of intelligent content found both on the world wide web and in private and government organizations today. Discover several innovative and useful examples that leverage the power of content to provide improved service, lower transaction costs, and reduce effort.
Presented in Palm Springs, CA at Intelligent Content 2009: http://www.intelligentcontent2009.com
The Changing Face of TechComm and the Society for Technical CommunicationScott Abel
The technical communication landscape is changing rapidly. New tools,
techniques, expectations and opportunities are making it necessary to
expand the definition of what a technical communicator does and the
Society for Technical Communication is at the forefront of
communicating these changes to government and industry. Susan Burton,
Executive Director of the Society of Technical Communication (STC)
will discuss efforts to broaden the definition used by the U.S.
government Bureau of Labor Statistics to describe technical
communicators and the work they do. She
Content Oriented Architectures: Putting Content at the Center of CM ProjectsScott Abel
Presented by Joe Gollner at Documentation and Training East, October
The most common mistake found in content management projects is rather
surprising. The reason most CM projects falter is that the project
team, and frequently its stakeholders, become unduly enamored with
some piece of technology and assume, or hope, that one or two
applications will erase all of the challenges surrounding the
creation, management, reuse and delivery of content. When a particular
collection of applications fail to deliver on the expectations, the
usual response is to insert even more applications. With each new
application that is introduced, a number of connectors and patches are
also added so that one tool can work with the others that are already
in place. This continues until, with seeming inevitability, these
projects crumble under the weight of growing system complexity. These
projects fail, in short, because, in becoming fixated on technology,
they essentially forget about their content.
This presentation will use a number of project cases studies, some
older and some exceedingly current, to illustrate the downward path
that most CM projects follow. While this might sound ominous, this
journey will actually arrive at a hopeful conclusion. If CM projects
place content at the center of their solution designs, adopting in
effect a Content Oriented Architecture (COA), it becomes possible for
projects to use technology, even exploit it, in ways that emphasize
helping authors, publishers and content users. Under this model, the
quality and usefulness of the content assets becomes the overriding
focus and where automation is introduced it is to either further
improve the quality of the content or to reduce the cost and effort
needed to achieve the desired results. Examples of successful projects
will be used to prove that Content Oriented Architectures are not
really new and that they do deliver results that endure over time.
Modular Content Projects: One Size DOES NOT Fit AllScott Abel
Presented by Steve Manning at Documentation and Training East, October
29-November 1 in Burlington, MA.
Modular Content Projects: One Size DOES NOT Fit All
Making the move to modular content involves more than repeatedly
chanting
Navigating the Vendor Maze: Understanding XML Authoring Tools and Content Man...Scott Abel
Presented by Steve Manning at Documentation and Training East, October
29-November 1, 2008 in Burlington, MA.
It can be tough to work through the volumes of software vendor
marketing and know exactly what products offer. What are the product
strengths? What are the weaknesses? They say the tools
Presented by Andrew Bredenkamp at Documentation and Training East,
October 29-November 1, 2008.
Do you have Standards for Information Quality? Do you monitor,
measure, and track conformance to your Information Quality Standards?
Are your Information Quality metrics collected consistently and
objectively? Are your Information Quality metrics collected
automatically on every information product that you deliver? Are your
Information Quality metrics presented in a meaningful, actionable
manner? Can you conclusively demonstrate Information Quality
improvements? Can you tie cost and time-to-market reductions directly
to Information Quality improvements?
If you answered yes to all of these questions, you are applying well-
known Quality Management principles to your Information development,
localization, and production processes. And you know that in addition
to quality improvements, you have generated substantial cost and time
savings. You also know that your company is among the elite minority
that knows their own IQ, and continually improves it.
The rest of you likely answered no to most of the questions, either
because you thought it was too hard, or too expensive, or too time
consuming. Or not possible at all
[Case Study] - Nuclear Power, DITA and FrameMaker: The How's and Why'sScott Abel
Presented by Thomas Aldous at Documentation and Training East 2008,
October 29-November 1 in Burlington, MA.
This session is for anyone that is interested in learning how to
manage a transition to Specialized DITA including Content Management
Systems, Editors and Publishing Server issues and resolutions. As a
added bonus, we will also convert an Word Document To Specialized DITA
and edit the content is FrameMaker 8. There will be a question and
answer period at the end of the session for both technical and project
management issues.
We Eat Our Own Dog Food: Three Companies in the World of Localization Technol...Scott Abel
Presented by Richard Sikes at Documentation and Training East 2008 in
Burlington, MA - October 29-November 1, 2008.
Translation and Localization are intrinsically pragmatic endeavours.
They also require a good deal of human effort that can be aided by
technology. Numerous companies have developed solutions to help
themselves, then realized that they were onto a good thing, so they
have productized their proprietary solutions for more generalized
usage. Well-known localization expert Richard Sikes will paint the
background and evolution of three such stories, featuring products for
visual software localization, translation workflow, and translation
business management, and showing how they are used today.
PASSOLO is a leading software technology for visual software
localization. Used worldwide to create software products in many
languages, PASSOLO is itself available in several languages. Pass
Engineering, a wholly owned subsidiary of SDL International, has
automated PASSOLO so as to use itself recursively to build alternate
language versions.
At Nero, the manufacturer of popular media creation software that is
available in many languages, the localization management team sought,
and failed to find, a workflow system to connect Nero
Sustainable XML for Publishing Applications: DITA Makes It PossibleScott Abel
Presented by Eliot Kimber at Documentation and Training East 2008,
October 29-November 1, 2008 in Burlington, MA.
XML applications for publishers have largely failed to realize the
full potential inherent in the technology. While larger publishers
could make the investment necessary to realize significant return on
the use of XML technology, smaller enterprises simply could not, for a
number of reasons, but fundamentally because the startup costs and
ongoing costs of ownership were simply too high. The DITA standard
fundamentally changes the equation, bringing several unique features
that, together, serve to lower both the startup cost and ongoing
costs, making the use of XML for publishers much more affordable than
it ever has before. At the same time, advances in supporting
technologies important to Publishers, such as improved support for XML
in Adobe Creative Suite and Microsoft Office, powerful new XML search
and retrieval systems such as MarkLogic, and a new generation of lower-
cost XML editors, as serve to make the use of XML for Publishing
applications more attractive than it ever has been before.
Essentials of Automations: The Art of Triggers and Actions in FMESafe Software
In this second installment of our Essentials of Automations webinar series, we’ll explore the landscape of triggers and actions, guiding you through the nuances of authoring and adapting workspaces for seamless automations. Gain an understanding of the full spectrum of triggers and actions available in FME, empowering you to enhance your workspaces for efficient automation.
We’ll kick things off by showcasing the most commonly used event-based triggers, introducing you to various automation workflows like manual triggers, schedules, directory watchers, and more. Plus, see how these elements play out in real scenarios.
Whether you’re tweaking your current setup or building from the ground up, this session will arm you with the tools and insights needed to transform your FME usage into a powerhouse of productivity. Join us to discover effective strategies that simplify complex processes, enhancing your productivity and transforming your data management practices with FME. Let’s turn complexity into clarity and make your workspaces work wonders!
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...SOFTTECHHUB
The choice of an operating system plays a pivotal role in shaping our computing experience. For decades, Microsoft's Windows has dominated the market, offering a familiar and widely adopted platform for personal and professional use. However, as technological advancements continue to push the boundaries of innovation, alternative operating systems have emerged, challenging the status quo and offering users a fresh perspective on computing.
One such alternative that has garnered significant attention and acclaim is Nitrux Linux 3.5.0, a sleek, powerful, and user-friendly Linux distribution that promises to redefine the way we interact with our devices. With its focus on performance, security, and customization, Nitrux Linux presents a compelling case for those seeking to break free from the constraints of proprietary software and embrace the freedom and flexibility of open-source computing.
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
Pushing the limits of ePRTC: 100ns holdover for 100 daysAdtran
At WSTS 2024, Alon Stern explored the topic of parametric holdover and explained how recent research findings can be implemented in real-world PNT networks to achieve 100 nanoseconds of accuracy for up to 100 days.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Dr. Sean Tan, Head of Data Science, Changi Airport Group
Discover how Changi Airport Group (CAG) leverages graph technologies and generative AI to revolutionize their search capabilities. This session delves into the unique search needs of CAG’s diverse passengers and customers, showcasing how graph data structures enhance the accuracy and relevance of AI-generated search results, mitigating the risk of “hallucinations” and improving the overall customer journey.
Removing Uninteresting Bytes in Software FuzzingAftab Hussain
Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process.
In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds.
- These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionAggregage
Join Maher Hanafi, VP of Engineering at Betterworks, in this new session where he'll share a practical framework to transform Gen AI prototypes into impactful products! He'll delve into the complexities of data collection and management, model selection and optimization, and ensuring security, scalability, and responsible use.
Climate Impact of Software Testing at Nordic Testing DaysKari Kakkonen
My slides at Nordic Testing Days 6.6.2024
Climate impact / sustainability of software testing discussed on the talk. ICT and testing must carry their part of global responsibility to help with the climat warming. We can minimize the carbon footprint but we can also have a carbon handprint, a positive impact on the climate. Quality characteristics can be added with sustainability, and then measured continuously. Test environments can be used less, and in smaller scale and on demand. Test techniques can be used in optimizing or minimizing number of tests. Test automation can be used to speed up testing.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Threats to mobile devices are more prevalent and increasing in scope and complexity. Users of mobile devices desire to take full advantage of the features
available on those devices, but many of the features provide convenience and capability but sacrifice security. This best practices guide outlines steps the users can take to better protect personal devices and information.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
The Truth about Content: Learning from the Past in order to Succeed in the Future
1. The Truth about Content
Learning from the Past in order to
Succeed in the Future
Joe Gollner
jgollner@stilo.com / www.stilo.com
Vice President Enterprise Solutions
Stilo International
2. Mommy, where do airplanes come from?
2
1 3 Most
common
answer
but
4 wrong!
3. The Real Content Lifecycle behind Airplanes
A Library of Engineering Standards is the starting point
Each step in the process
Reuses & references this source documentation
Introduces new content & initiates changes in preceding content
5. The Complex Content Interrelationships
Engineering Standards
Provide content controls, inputs & references for the design process
Become an integral part of all subsequent content
Derive their authority from their status as documents
6. Changing the Way We Think About Content
An Integrated View of Content
Controls Controls
Sources (Inputs)
Outputs
References (Mechanisms)
Sources Outputs
Content Object
Notable Considerations
References include revisions
Controls govern validation
Outputs cover the full spectrum References
8. The Nature of Content Services
Content Services
break down into:
Design Document Document Services
Guidelines Services Delivery of formatted
documents that
facilitate business
Process Data
transactions
Specifications Services Data Services
Provide highly precise
inputs to applications
Part Logic Logic Services
Standards Services
Provide highly precise
sequencing guidance
to people, processes &
applications
9. The Four Dimensions of Content
Long TEMPORAL REPRESENTATIONAL Complex
Content in the
world exists
over time, takes
on specific
Short Simple
formats, is
related to other
content, and is Few Informal
used to execute
business of
varying degrees
of formality
Many RELATIONAL TRANSACTIONAL Formal
10. Simple Documents: Email
Long TEMPORAL REPRESENTATIONAL Complex
Emails makes
up a huge
percentage of
created & stored
content as email
is how people Short Simple
communicate
information
quickly & in Few Informal
specific contexts. Email
A favourite target
during legal
e-Discovery…
Many RELATIONAL TRANSACTIONAL Formal
11. Formal Documents: EDI Messages
Long TEMPORAL REPRESENTATIONAL Complex
EDI messages
exhibit more
structure & EDI Message
significantly more
Short Simple
formality then
emails but they
are similar acts Few Informal
of context-specific
communication
Many RELATIONAL TRANSACTIONAL Formal
12. The Most Common: Business Documents
Long TEMPORAL REPRESENTATIONAL Complex
These are the
documents we Business
create everyday. Document
The memos,
presentations, Short Simple
spreadsheets,
reports, plans,
proposals… Few Informal
These have more
complexity &
value than is
usually thought.
Many RELATIONAL TRANSACTIONAL Formal
13. Complex Documents: Equipment Manuals
Long TEMPORAL REPRESENTATIONAL Complex
Aircraft Manual
Technical
documentation
exhibits notable
depth in all four
Short Simple
dimensions.
This explains Few Informal
why we are
talking about
DITA & content
technologies.
Many RELATIONAL TRANSACTIONAL Formal
14. Implications of this Dimensional Perspective
Long TEMPORAL REPRESENTATIONAL Complex
Aircraft Manual
Although there
are differences, Business
Document
the four
documents EDI Message
examples
Short Simple
illustrate that all
content shares
these four Few Informal
dimensions & in
Email
each example we
can assess how
well our tools
reflect this
fact
Many RELATIONAL TRANSACTIONAL Formal
15. Actor
Content (Owner)
Models Process
Collect Relate
(Enrich)
Actor Actor
Must reflect the (Author) (Designer)
three critical
Process Content Process
entities: (Acquire) Object (Deliver)
- Objects
- Processes Convert Refactor Resolve Compile
- Actors Validate Render
Should enable
a better Content
Identification
understanding Object
of all three Content
Object
entities in Content
Content
parallel Object
Title Shortdesc Metadata
A variation on Para List Table Special
Link
the Object Process
Media
Methodology Text
XRef Include
16. The Context of Content
Content is created by
& the responsibility of
people & it is subject to
a set of content processes
- Acquire
- Enrich
- Deliver
Content modeling
is most commonly
limited by the failure
to understand the
participating entities
fully:
- Objects
- Processes
- Actors
17. The Composition of Content
The physical &
logical composition
of content falls into
a familiar high-level
pattern
18. The True Nature of Content
Content is the persistent physical form of human communication.
It is highly complex because it covers everything from how we
represent experience (data), through how we communicate with
others (information), to how we record and evolve our
understanding of the world (knowledge).
21. Business Applications
The primary challenge
in designing, building &
maintaining business
applications is
sustaining the
connection to the
knowledge
resources
that should
govern their
operation
22. Knowledge Management
The primary challenge
that has faced KM is
that many strategies
have been unable
to effectively
engage
technology
to assist
in the
creation,
management,
& exploitation
of knowledge
23. Content Management
The primary challenge
confronting the
content management
market is the poor
business return
typically provided by
CMS deployments
that exhibit
high costs,
major impacts
& benefits that
often do not
address critical
business drivers