To view recording of this webinar please use below URL:
http://wso2.com/library/webinars/2015/08/using-a-third-party-key-management-system-with-wso2-api-manager/
This webinar will demonstrate the WSO2 API Manager plugged into a third party key management system (MITREid Connect) in compliance with OpenID connect 2.0 specification. During this demonstration we will discuss
Configuration changes that need to be done in WSO2 API Manager
Java interfaces that need to be extended when writing your own implementation
Feeding in custom attributes required to create and manage clients created at third-party authorization servers using Jaggery REST APIs
A sample implementation with the third party key management system
Extended Security with WSO2 API Management PlatformWSO2
To view recording of the webinar please use the below URL:
http://wso2.com/library/webinars/2015/04/extended-security-with-wso2-api-management-platform/
In this webinar we will take a look at how the WSO2 API Management platform addresses those needs. Uvindra Jayasinha, senior software engineer at WSO2 will discuss the following:
Best practices when requesting OAuth2.0 Access Tokens (including understanding the available grant types)
Adding SAML based Single Sign On (SSO) capabilities to API management and leveraging SAML2 Bearer Tokens to request OAuth2.0 Access Tokens
Federated identity: How to use a third-party identity provider with API Manager
How to enforce fine-grained entitlement policies at the API management layer
Allow external systems to take decisions based on API user's attributes
APIStrat Conference Workshop: WSO2 - Best Practices for API ManagementIsabelle Mauny
Workshop given at the APIStrat conference in Amsterdam on March 26th. Gathers in one place many of the lessons learned for API Management, both at a technical and not so technical level.
Extended Security with WSO2 API Management PlatformWSO2
To view recording of the webinar please use the below URL:
http://wso2.com/library/webinars/2015/04/extended-security-with-wso2-api-management-platform/
In this webinar we will take a look at how the WSO2 API Management platform addresses those needs. Uvindra Jayasinha, senior software engineer at WSO2 will discuss the following:
Best practices when requesting OAuth2.0 Access Tokens (including understanding the available grant types)
Adding SAML based Single Sign On (SSO) capabilities to API management and leveraging SAML2 Bearer Tokens to request OAuth2.0 Access Tokens
Federated identity: How to use a third-party identity provider with API Manager
How to enforce fine-grained entitlement policies at the API management layer
Allow external systems to take decisions based on API user's attributes
APIStrat Conference Workshop: WSO2 - Best Practices for API ManagementIsabelle Mauny
Workshop given at the APIStrat conference in Amsterdam on March 26th. Gathers in one place many of the lessons learned for API Management, both at a technical and not so technical level.
In this community call, we will discuss the highlights of WSO2 API Manager 4.0 including
- Why we moved from WSO2 API Manager 3.2.0 to 4.0.0.
- New architectural changes
- Overview of the new features with a demo
- Improvements to the existing features and deprecated features
Recording: https://youtu.be/_ks4zEeRFdk
Sign up to get notified of future calls: https://bit.ly/373f4ae
WSO2 API Manager Community Channels:
- Slack: https://apim-slack.wso2.com
- Twitter: https://twitter.com/wso2apimanager
Api management best practices with wso2 api managerChanaka Fernando
API Management best practices with WSO2 API Manager discusses the common best practices of API management and how those can be applied with WSO2 API Manager
How APIs Can Be Secured in Mobile EnvironmentsWSO2
To view recording of this webinar please use below URL:
http://wso2.com/library/webinars/2015/08/how-apis-can-be-secured-in-mobile-environments/
In this session, Shan, director of mobile architecture at WSO2 will discuss:
What makes mobile API authentication different from traditional API authentication
Best practices for implementing mobile API security
What WSO2 API Manager provides for mobile developers
The API Economy is exploding, and this presentation explains how to extend your brand, accelerate new channel adoption and operate with API best practices.
View on-demand: https://wso2.com/library/webinars/api-security-best-practices-and-guidelines/
Modern enterprises are increasingly adopting APIs, exceeding all predictions. With more businesses investing in microservices and the increased consumption of cloud APIs, you need to secure beyond just a handful of well-known APIs. You will need to secure a higher number of internal and external endpoints.
At the same time, security itself is a broad area and vendors implement a number of seemingly similar standards and patterns, making it very difficult for consumers to settle on the best option for securing APIs. The sheer number of options can be very confusing.
There is much to learn about API security, regardless of whether you are a novice or expert and it’s extremely important that you do because security is an integral part of any development project, including API ecosystems.
This webinar will deep-dive into the importance of API security, API security patterns, and how identity and access management (IAM) fit in the ecosystem.
DURING THE WEBINAR, WE WILL COVER:
Managed APIs
OAuth 2.0 and API security patterns
Introduction to WSO2 Identity Server
How we align with OWASP API security guidelines
Polling-based APIs or the RESTful APIs were the main building blocks of traditional integration stories. But with the need to respond to events in real-time, integration architecture has shifted from being polling-based to event-driven. With the emergence of reactive event-driven architecture, the asynchronous APIs were able to hold their distinct position in modern-day integrations.
Even though the event-driven APIs provide their own advantages such as high resiliency, high responsiveness, and more, management of asynchronous APIs continues to be a challenge to the organizations.
The AsyncAPI specification plays a major role in the event-driven world by providing a specification to describe and document the asynchronous APIs. These slides will explore the entire flow from creating an asynchronous API to exposing it as a managed API by adhering to the AsyncAPI specification.
Lessons from the Trenches: Building an API-Centric ArchitectureWSO2
To view recording of this webinar please use the below URL:
http://wso2.com/library/webinars/2015/05/lessons-from-the-trenches-building-an-api-centric-architecture/
APIs are the tip of the iceberg of enterprise integration. In this webinar, we will look at some of our customers’ enterprise deployments and share best practices/recommendations to take into account when you build an API-centric architecture, especially for security, monitoring, and performance.
To view the recording of this webinar please use the below URL:
http://wso2.com/library/webinars/2015/03/wso2-product-release-webinar-wso2-app-factory-2.1.0/
In this webinar, Manjula Rathnayaka, associate technical lead, and Kasun De Silva, software engineer at WSO2, will present the following new features and improvements to App Factory 2.1:
Adding new application types by including an archive
Ability to add runtime externally
Puppet scripts for App Factory deployments
WSO2 BAM integration for user activity
Custom URL improvements
Migrate to the Latest WSO2 Micro Integrator to Unlock All-new FeaturesWSO2
Learn from product developers about the benefits of using or migrating to WSO2 Micro Integrator 1.2.0, and what features it brings in to cater to both centralized and microservices-based deployments.
Watch the on-demand webinar here - https://wso2.com/library/webinars/migrate-to-the-latest-wso2-micro-integrator/
In this community call, we will discuss the highlights of WSO2 API Manager 4.0 including
- Why we moved from WSO2 API Manager 3.2.0 to 4.0.0.
- New architectural changes
- Overview of the new features with a demo
- Improvements to the existing features and deprecated features
Recording: https://youtu.be/_ks4zEeRFdk
Sign up to get notified of future calls: https://bit.ly/373f4ae
WSO2 API Manager Community Channels:
- Slack: https://apim-slack.wso2.com
- Twitter: https://twitter.com/wso2apimanager
Api management best practices with wso2 api managerChanaka Fernando
API Management best practices with WSO2 API Manager discusses the common best practices of API management and how those can be applied with WSO2 API Manager
How APIs Can Be Secured in Mobile EnvironmentsWSO2
To view recording of this webinar please use below URL:
http://wso2.com/library/webinars/2015/08/how-apis-can-be-secured-in-mobile-environments/
In this session, Shan, director of mobile architecture at WSO2 will discuss:
What makes mobile API authentication different from traditional API authentication
Best practices for implementing mobile API security
What WSO2 API Manager provides for mobile developers
The API Economy is exploding, and this presentation explains how to extend your brand, accelerate new channel adoption and operate with API best practices.
View on-demand: https://wso2.com/library/webinars/api-security-best-practices-and-guidelines/
Modern enterprises are increasingly adopting APIs, exceeding all predictions. With more businesses investing in microservices and the increased consumption of cloud APIs, you need to secure beyond just a handful of well-known APIs. You will need to secure a higher number of internal and external endpoints.
At the same time, security itself is a broad area and vendors implement a number of seemingly similar standards and patterns, making it very difficult for consumers to settle on the best option for securing APIs. The sheer number of options can be very confusing.
There is much to learn about API security, regardless of whether you are a novice or expert and it’s extremely important that you do because security is an integral part of any development project, including API ecosystems.
This webinar will deep-dive into the importance of API security, API security patterns, and how identity and access management (IAM) fit in the ecosystem.
DURING THE WEBINAR, WE WILL COVER:
Managed APIs
OAuth 2.0 and API security patterns
Introduction to WSO2 Identity Server
How we align with OWASP API security guidelines
Polling-based APIs or the RESTful APIs were the main building blocks of traditional integration stories. But with the need to respond to events in real-time, integration architecture has shifted from being polling-based to event-driven. With the emergence of reactive event-driven architecture, the asynchronous APIs were able to hold their distinct position in modern-day integrations.
Even though the event-driven APIs provide their own advantages such as high resiliency, high responsiveness, and more, management of asynchronous APIs continues to be a challenge to the organizations.
The AsyncAPI specification plays a major role in the event-driven world by providing a specification to describe and document the asynchronous APIs. These slides will explore the entire flow from creating an asynchronous API to exposing it as a managed API by adhering to the AsyncAPI specification.
Lessons from the Trenches: Building an API-Centric ArchitectureWSO2
To view recording of this webinar please use the below URL:
http://wso2.com/library/webinars/2015/05/lessons-from-the-trenches-building-an-api-centric-architecture/
APIs are the tip of the iceberg of enterprise integration. In this webinar, we will look at some of our customers’ enterprise deployments and share best practices/recommendations to take into account when you build an API-centric architecture, especially for security, monitoring, and performance.
To view the recording of this webinar please use the below URL:
http://wso2.com/library/webinars/2015/03/wso2-product-release-webinar-wso2-app-factory-2.1.0/
In this webinar, Manjula Rathnayaka, associate technical lead, and Kasun De Silva, software engineer at WSO2, will present the following new features and improvements to App Factory 2.1:
Adding new application types by including an archive
Ability to add runtime externally
Puppet scripts for App Factory deployments
WSO2 BAM integration for user activity
Custom URL improvements
Migrate to the Latest WSO2 Micro Integrator to Unlock All-new FeaturesWSO2
Learn from product developers about the benefits of using or migrating to WSO2 Micro Integrator 1.2.0, and what features it brings in to cater to both centralized and microservices-based deployments.
Watch the on-demand webinar here - https://wso2.com/library/webinars/migrate-to-the-latest-wso2-micro-integrator/
An insight into the E-Passport, aka Biometric Passport, the need for biometrics in travel documents, the ICAO regulations governing the information contained in the electronic chip, RFID technique, Privacy threats in the current design.
Bold Predictions for the 2016 API EconomyNeha Sampat
From APIDays Paris December 9, 2015 | Description: From citizen integrators to CEOs, the API economy will have an impact on every role in any business. Join Built.io CEO Neha Sampat, as she shares her forward-thinking perspectives on the “democratization of integration” and top predictions for 2016 in the API space.
The slides provide a quick overview of the API Economy trend. The slides provide summary information, a list of trends to watch and links to additional resources
WSO2 API Manager y ESB la plataforma perfecta para evolucionar los serviciosWSO2
To view recording of this webinar please use the below URL:
http://wso2.com/library/webinars/2015/04/wso2-api-manager-y-esb-la-plataforma-perfecta-para-evolucionar-los-servicios/
En nuestra presentación vamos realizar una breve introducción a estas herramientas y abordar temas relacionados con lo mencionado anteriormente, realizando ejemplos y comentando buenas prácticas. Algunos de los tópicos que mostraremos son:
Exponiendo Servicios Complejos del ESB en un API Rest
Veremos un ejemplo y hablaremos del patrón de fachada API
OAuth 2.0, su implementación en API Manager
Veremos su implementación y hablaremos de seguridad API
Los 5 secretos mejor guardados del API Manager y que deberías conocer
Relacionaremos 5 peculiaridades muy interesantes y poco conocidas
Velocidad y escalamiento / alta disponibilidad
Realizaremos alguna prueba en directo de velocidad y mostraremos diferentes patrones de clusterización
En el webinar aprenderemos como exponer servicios del ESB desde el API Manager, cual es seguridad que subyace en esta exposición, varias formas de sacar mejor partido de la herramienta y sus posibilidades de crecimiento.
Variations in glacier retreat in the American West, implications for water resources. Presented by Andrew Fountain at the "Perth II: Global Change and the World's Mountains" conference in Perth, Scotland in September 2010.
[apidays LIVE HONK KONG] - OAS to Managed API in SecondsWSO2
A robust and effective API-driven business requires a smoothly running CI/CD pipeline for business APIs. WSO2 API Manager delivers the tools you need to make this a reality and bring your APIs into production as quickly as feasible. In this workshop, These slides will go over how to set up a Git-based CI/CD pipeline for deploying your OAS as a Managed API in production with ease.
[APIdays Paris 2019] From Microservices to APIs: The API operator in KubernetesWSO2
Nuwan discusses how you can expose microservices as managed APIs in Kubernetes with the API Operator, so that you can create an end-to-end solution for your entire business functionality from microservices and APIs, to end-user applications.
You can watch the on-demand webinar "Cloud Native APIs: The API Operator for Kubernetes" here: https://wso2.com/library/webinars/2019/11/cloud-native-apis-the-api-operator-for-kubernetes/
OAuth2 Goa library for Apps Script tutorial including how to use the Google Developer console dashboard. Handles Google and other providers as well as Service accounts.
Tutorial 2: Mirror API
The Glass Class at HIT Lab NZ
Learn how to program and develop for Google Glass.
https://www.youtube.com/watch?v=nml8qE6SF9k&list=PLsIGb72j1WOlLFoJqkhyugDv-juTEAtas
http://arforglass.org
http://www.hitlabnz.org
oVirt UI Plugin Infrastructure and the oVirt-Foreman pluginOved Ourfali
In this presentation I show how one can use the new oVirt-Engine UI-Plugin infrastructure,
to add a new oVirt UI plugins, and show an example of a Foreman-UI-plugin, that allows querying Foreman information on oVirt entities.
[WSO2Con EU 2017] Building Smart, Connected Products with WSO2 IoT PlatformWSO2
WSO2 IoT Platform is one of the most adaptive Apache licensed open source IoT platforms available today. This slide deck discusses best of breed technologies WSO2 IoT Platform offers for device manufacturers to develop connected products as well as rich integration and smart analytics capabilities for system integrators to adopt devices into systems they build.
This work is part of the open source testbed setup for Cloud interoperability & portability. Cloud Security Workgroup will further review and generate complete working set as we move along. This is part I of the effort.
The New oVirt Extension API: Taking AAA (Authentication Authorization Account...Martin Peřina
Prior to oVirt 3.5, authentication and authorization was implemented as monolithic module, logic and schema was hard-coded, Kerberos was used for authentication to LDAP server. It was very hard to support and it didn't contain requested features like SSO or proper multi-domain setup.
In this session we will take a look at new extension API introduced in oVirt 3.5.
This API is designed to be stable (easy to extend without breaking backward compatibility), simple (it's invoke based) and yet flexible (it allows extension to extension communication and allows to write extensions in other languages than Java like Javascript or JPython).
We will also take a look at the AAA (authentication, authorization, accounting) extensions which uses this API. Those extensions included in oVirt 3.5 allow to use generic LDAP or database for authentication and authorization or allow SSO for UI and API part of oVirt.
AllTheTalks.Online 2020: "Basics of OAuth 2.0 and OpenID Connect"Andreas Falk
Microservice architectures bring many benefits to software applications. But at the same time, new challenges of distributed systems have also been introduced. One of these challenges is how to implement a flexible, secure and efficient authentication and authorization scheme in such architectures.
The common solution for this is to use stateless token-based authentication and authorization by adopting standard protocols like OAuth 2.0 and OpenID Connect (OIDC).
In this talk, you will get a concise introduction into OAuth 2.0 and OIDC.
We will look at OAuth 2.0 and OIDC grant flows and discuss the differences between OAuth 2.0 and OpenID Connect. Finally, you will be introduced to the current best practices currently evolved by the working group.
So If you finally want to understand the base concepts of OAuth 2.0 and OIDC in a short time then this is the talk you should go for.
APIs for API Management: Consume and Develop AppsWSO2
To view recording of this webinar please use below URL:
http://wso2.com/library/webinars/2016/03/apis-for-api-management-consume-and-develop-apps/
Organizations are now moving towards API-driven business models. They seek complete solutions that allow them to design and publish APIs, explore and consume those APIs and create and manage a developer community. They specifically look for a service that provides them with the capability to develop their own applications that fit their API management requirements.
WSO2 API Manager is a complete API management solution that allows you to do just this. It exposes a REST API which allows application developers to consume it and build their own portals. This webinar will discuss the following topics:
REST APIs available for API management
Dynamic client registration for consuming APIs
How to leverage OAuth scopes for role based authorization
How to obtain an access token and invoke APIs
Demonstration on how to develop apps by consuming store and publisher APIs
Accelerate Enterprise Software Engineering with PlatformlessWSO2
Key takeaways:
Challenges of building platforms and the benefits of platformless.
Key principles of platformless, including API-first, cloud-native middleware, platform engineering, and developer experience.
How Choreo enables the platformless experience.
How key concepts like application architecture, domain-driven design, zero trust, and cell-based architecture are inherently a part of Choreo.
Demo of an end-to-end app built and deployed on Choreo.
Less Is More: Utilizing Ballerina to Architect a Cloud Data PlatformWSO2
At its core, the challenge of managing Human Resources data is an integration challenge: estimates range from 2-3 HR systems in use at a typical SMB, up to a few dozen systems implemented amongst enterprise HR departments, and these systems seldom integrate seamlessly between themselves. Providing a multi-tenant, cloud-native solution to integrate these hundreds of HR-related systems, normalize their disparate data models and then render that consolidated information for stakeholder decision making has been a substantial undertaking, but one significantly eased by leveraging Ballerina. In this session, we’ll cover:
The overall software architecture for VHR’s Cloud Data Platform
Critical decision points leading to adoption of Ballerina for the CDP
Ballerina’s role in multiple evolutionary steps to the current architecture
Roadmap for the CDP architecture and plans for Ballerina
WSO2’s partnership in bringing continual success for the CD
The integration landscape is changing rapidly with the introduction of technologies like GraphQL, gRPC, stream processing, iPaaS, and platformless. However, not all existing applications and industries can keep up with these new technologies. Certain industries, like manufacturing, logistics, and finance, still rely on well-established EDI-based message formats. Some applications use XML or CSV with file-based communications, while others have strict on premises deployment requirements. This talk focuses on how Ballerina's built-in integration capabilities can bridge the gap between "old" and "new" technologies, modernizing enterprise applications without disrupting business operations.
Platformless Horizons for Digital AdaptabilityWSO2
In this keynote, Asanka Abeysinghe, CTO,WSO2 will explore the shift towards platformless technology ecosystems and their importance in driving digital adaptability and innovation. We will discuss strategies for leveraging decentralized architectures and integrating diverse technologies, with a focus on building resilient, flexible, and future-ready IT infrastructures. We will also highlight WSO2's roadmap, emphasizing our commitment to supporting this transformative journey with our evolving product suite.
Quantum computers are rapidly evolving and are promising significant advantages in domains like machine learning or optimization, to name but a few areas. In this keynote we sketch the underpinnings of quantum computing, show some of the inherent advantages, highlight some application areas, and show how quantum applications are built.
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
"Impact of front-end architecture on development cost", Viktor TurskyiFwdays
I have heard many times that architecture is not important for the front-end. Also, many times I have seen how developers implement features on the front-end just following the standard rules for a framework and think that this is enough to successfully launch the project, and then the project fails. How to prevent this and what approach to choose? I have launched dozens of complex projects and during the talk we will analyze which approaches have worked for me and which have not.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
3. ● WSO2 API Manager is a complete open-source solution for creating and
publishing APIs and managing all aspects of their lifecycle.
● Using WSO2 APIM, you can
-- Create and publish APIs
-- Advertise APIs in the storefront
-- Version APIs
-- Manage the lifecycle
-- Monitor and Analyze API Usage
-- Implement governance and security
-- Facilitate community engagement
-- Provide extension points
https://docs.wso2.com/display/AM190/Introducing+the+API+Manager
18. <APIKeyValidator>
<!--
Specifies the implementation to be used for KeyValidationHandler. Steps for validating a token
can be controlled by plugging in a custom KeyValidation Handler
--> <KeyValidationHandlerClassName>org.wso2.carbon.apimgt.keymgt.handlers.
DefaultKeyValidationHandler</KeyValidationHandlerClassName>
</APIKeyValidator>
19. ● Implement KeyManager interface when you are writing your own implementation.
<KeyManagerClientImpl>org.wso2.carbon.mit.OpenIDClientImpl</KeyManagerClientImpl>
-- createApplication() -Create a new OAuth application in the Authorization Server
-- updateApplication()-Update an OAuth application
-- retrieveApplication()- Retrieve an Oauth application
-- getNewApplicationAccessToken()-Store calls this method to get a new Application Access Token.
-- getTokenMetaData()-Get details about an access token
-- getKeyManagerConfiguration()- Get Key manager implementation from a json file
-- buildAccessTokenRequestFromJSON()
-- mapOAuthApplication()-Use when to create a OAuth application in semi-manual mode
-- buildAccessTokenRequestFromOAuthApp()
https://github.com/wso2/carbon-apimgt/blob/release-1.9.1/components/apimgt/org.wso2.carbon.
21. ● Implement KeyValidationHandler interface when you are writing your own implementation.
<KeyValidationHandlerClassName>org.wso2.carbon.apimgt.keymgt.handlers.
DefaultKeyValidationHandler</KeyValidationHandlerClassName>
-- validateToken()
-- validateSubscription()
-- validateScopes()
-- generateConsumeToken()- JWT token this will use to default implementation
https://github.com/wso2/carbon-apimgt/blob/release-1.9.1/components/apimgt/org.wso2.carbon.
apimgt.keymgt/src/main/java/org/wso2/carbon/apimgt/keymgt/handlers/KeyValidationHandler.java
22. Create OAuth client at key manager
curl -k -X POST -b cookies https://localhost:9443/store/site/blocks/subscription/subscription-
add/ajax/subscription-add.jag -d
'action=generateApplicationKey&application=NewApp1&keytype=PRODUCTION&authorizedDo
mains=ALL&callbackUrl=&validityTime=3600&tokenScope=&jsonParams={"paramname":"
paramvalue"}'
Sample jsonParams for MITred-Connect implementation
{"allowDomains":"ALL","callback_url":["dfsds"],"client_name":"jh_sandbox","contact":[],"
grant_types":[],"response_types":[],"scope":["phone","openid","offline_access","address","
email","profile"],"token_endpoint_auth_method":null}
https://docs.wso2.com/display/AM190/Store+APIs
23. Update OAuth client
curl -k -X POST -b cookies https://localhost:9443/store/site/blocks/subscription/subscription-
add/ajax/subscription-add.jag -d
'action=updateClientApplication&application=NewApp1&keytype=PRODUCTION&authorizedDo
mains=ALL&callbackUrl=&validityTime=3600&tokenScope=&jsonParams={"paramname":"
paramvalue"}'
Sample jsonParams for MITred-Connect implementation
{"allowDomains":"ALL","callback_url":["dfsds"],"client_name":"jh_sandbox","contact":[],"
grant_types":[],"response_types":[],"scope":["phone","openid","offline_access","address","
email","profile"],"token_endpoint_auth_method":null}
24. Retrieve an OAuth application data
curl -b cookies 'http://localhost:
9763/store/site/blocks/subscription/subscription-list/ajax/subscription-list.
jag?action=getAllSubscriptions&selectedApp=NewApp1'
25. Delete an oAuth application
curl -k -X POST -b cookies http://localhost:
9763/store/site/blocks/subscription/subscription-add/ajax/subscription-add.
jag -d
'action=deleteAuthApplication&consumerKey=4lHddsxCtpFa2zJE1EbBp
Jy_NIQa'