Analytics in Search
Many companies including Lucidworks have embraced the Kibana open source code to add visualization and analytics to enhance search management. Ravi Krishnamurthy , VP of Professional Services at Lucidworks, will show Silk, Lucid's implementation of Kibana, which provides all the capabilities of the open source code but adds enterprise-critical capabilities like authentication and security to protect restricted content.
Journey in Country of Data Access Governance - Data works summit 2019 BarcelonaMagnus Runesson
The importance data access governance is continuously growing due to new regulations, such as GDPR, and industry policies. In this talk, we will share learnings at Svenska Spel from implementing and supporting this growing demand. Our journey started a year ago implementing Atlas and Ranger in our Hortonworks Data Platform solution. From start we wanted to implement a process and solution that had:
Minimal impact on ETL-developers and analysts
Privacy and security by design
Low maintenance burden using automatization
To be able to manage our policies and metadata we developed and open sourced cobra-policytool. Cobra-policytool integrates into our deployment pipeline and simplifies the way we express our policies. Thanks to the tool we can use Git as our truth of source for our policies and metadata information, along with the source code. It is close to seamless for our ETL-developers and with trust deploy the right policies.
Throughout the course of our journey, we learned the importance of having company policies and technology walk in tandem. Single source of truth, open platforms, and automatization are key to success. Data governance and metadata management are complex areas requiring high attention and are nothing you can duct tape in the end or solve buying a new power tool. With the right approach, it can be rewarding and make new requirements easy to implement and audit.
O365Con19 - What Do You Mean 90 days Isn't Enough - Paul HuntNCCOMMS
The document discusses auditing logs in Microsoft 365 and Azure environments. It notes that out of the box, Office 365 only retains audit logs for 90 days, which may not be enough for security investigations. It outlines some options for extending log retention and access, including using the Management Activity API directly, integrating with Azure Log Analytics and Azure Sentinel, or using third-party solutions. All options come with different configuration efforts, costs, and retention periods that must be considered based on an organization's auditing needs. Extending retention beyond 90 days requires configuring additional solutions.
This document provides tips and strategies for optimizing Google Analytics setups and configurations. It discusses the importance of auditing existing analytics implementations, as most have issues that degrade data quality. Common problems found in audits include tag firing issues and incorrect tagging of key events. The document also advocates for performing "walkthroughs" to understand how user interactions on a site map to collected analytics data. Additional tips include setting up early warning systems to detect problems or anomalies, and utilizing tools that can help automate audits and tag debugging.
Dev Dives: Mastering AI-powered Document UnderstandingUiPathCommunity
Are you looking to take your Document Understanding projects to the next level? Watch a deep-dive into the world of mastering AI-powered Document Understanding. Explore the best practices and see how to identify essential success metrics.
📕 It’s a great opportunity to learn:
- How to implement AI & automation for document processing effectively
- How to evaluate business outcomes and measure success metrics with UiPath Insights
- Best practices and lessons learned from the customer deployments
- Latest product enhancements and roadmap.
This session is designed for automation developers seeking to enhance their skills and knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Our speakers:
👨💻 Daniel Lerner, AI/ML Solution Architect at UiPath
👨🏫 Lahiru Fernando, Country Director (Sri Lanka) / RPA Lead (Asia Pacific) at Boundaryless Group, UiPath MVP
🔽 Explore the collection of UiPath Document Understanding Accelerators: https://bit.ly/3RBg1xG
Register for our upcoming Dev Dives October session:
Explore UiPath Solutions, Management for seamless packaging, deployment and maintenance
👉 EMEA&APJ: http://bit.ly/Dev_Dives_10_EMEA
👉 AMER: http://bit.ly/Dev_Dives_10_AMER
This session was streamed live on September 28, 2023.
Check out all our upcoming Dev Dives 2023 sessions at
👉 http://bit.ly/Dev-Dives_2023
Empowering red and blue teams with osint c0c0n 2017reconvillage
This talk will discuss Open Source Intelligence (OSINT) gathering tools and techniques that are highly useful and effective for both Blue teams and Red teams.
12 Things to do Before Your Company Dies : Conversion Conference London - Oct...Craig Sullivan
A roundup of all the things to help you maintain a competitive edge in experience design and conversion optimisation. With examples of companies putting this stuff together, the tools they are using and their project management approaches, this presentation delves deeper into the cultural aspects of CRO.
This document summarizes a presentation on auditing in SharePoint and Office 365. It discusses:
1. Configuring auditing at the SharePoint site collection level, including limitations of a 90 day retention period.
2. The Office 365 unified audit log which covers multiple workloads but also has a 90 day retention period. Methods for extracting the unified audit log using the Management API are presented.
3. Storing and reporting on extracted audit data from the unified audit log using Azure SQL for long term retention beyond 90 days.
Analytics in Search
Many companies including Lucidworks have embraced the Kibana open source code to add visualization and analytics to enhance search management. Ravi Krishnamurthy , VP of Professional Services at Lucidworks, will show Silk, Lucid's implementation of Kibana, which provides all the capabilities of the open source code but adds enterprise-critical capabilities like authentication and security to protect restricted content.
Journey in Country of Data Access Governance - Data works summit 2019 BarcelonaMagnus Runesson
The importance data access governance is continuously growing due to new regulations, such as GDPR, and industry policies. In this talk, we will share learnings at Svenska Spel from implementing and supporting this growing demand. Our journey started a year ago implementing Atlas and Ranger in our Hortonworks Data Platform solution. From start we wanted to implement a process and solution that had:
Minimal impact on ETL-developers and analysts
Privacy and security by design
Low maintenance burden using automatization
To be able to manage our policies and metadata we developed and open sourced cobra-policytool. Cobra-policytool integrates into our deployment pipeline and simplifies the way we express our policies. Thanks to the tool we can use Git as our truth of source for our policies and metadata information, along with the source code. It is close to seamless for our ETL-developers and with trust deploy the right policies.
Throughout the course of our journey, we learned the importance of having company policies and technology walk in tandem. Single source of truth, open platforms, and automatization are key to success. Data governance and metadata management are complex areas requiring high attention and are nothing you can duct tape in the end or solve buying a new power tool. With the right approach, it can be rewarding and make new requirements easy to implement and audit.
O365Con19 - What Do You Mean 90 days Isn't Enough - Paul HuntNCCOMMS
The document discusses auditing logs in Microsoft 365 and Azure environments. It notes that out of the box, Office 365 only retains audit logs for 90 days, which may not be enough for security investigations. It outlines some options for extending log retention and access, including using the Management Activity API directly, integrating with Azure Log Analytics and Azure Sentinel, or using third-party solutions. All options come with different configuration efforts, costs, and retention periods that must be considered based on an organization's auditing needs. Extending retention beyond 90 days requires configuring additional solutions.
This document provides tips and strategies for optimizing Google Analytics setups and configurations. It discusses the importance of auditing existing analytics implementations, as most have issues that degrade data quality. Common problems found in audits include tag firing issues and incorrect tagging of key events. The document also advocates for performing "walkthroughs" to understand how user interactions on a site map to collected analytics data. Additional tips include setting up early warning systems to detect problems or anomalies, and utilizing tools that can help automate audits and tag debugging.
Dev Dives: Mastering AI-powered Document UnderstandingUiPathCommunity
Are you looking to take your Document Understanding projects to the next level? Watch a deep-dive into the world of mastering AI-powered Document Understanding. Explore the best practices and see how to identify essential success metrics.
📕 It’s a great opportunity to learn:
- How to implement AI & automation for document processing effectively
- How to evaluate business outcomes and measure success metrics with UiPath Insights
- Best practices and lessons learned from the customer deployments
- Latest product enhancements and roadmap.
This session is designed for automation developers seeking to enhance their skills and knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Our speakers:
👨💻 Daniel Lerner, AI/ML Solution Architect at UiPath
👨🏫 Lahiru Fernando, Country Director (Sri Lanka) / RPA Lead (Asia Pacific) at Boundaryless Group, UiPath MVP
🔽 Explore the collection of UiPath Document Understanding Accelerators: https://bit.ly/3RBg1xG
Register for our upcoming Dev Dives October session:
Explore UiPath Solutions, Management for seamless packaging, deployment and maintenance
👉 EMEA&APJ: http://bit.ly/Dev_Dives_10_EMEA
👉 AMER: http://bit.ly/Dev_Dives_10_AMER
This session was streamed live on September 28, 2023.
Check out all our upcoming Dev Dives 2023 sessions at
👉 http://bit.ly/Dev-Dives_2023
Empowering red and blue teams with osint c0c0n 2017reconvillage
This talk will discuss Open Source Intelligence (OSINT) gathering tools and techniques that are highly useful and effective for both Blue teams and Red teams.
12 Things to do Before Your Company Dies : Conversion Conference London - Oct...Craig Sullivan
A roundup of all the things to help you maintain a competitive edge in experience design and conversion optimisation. With examples of companies putting this stuff together, the tools they are using and their project management approaches, this presentation delves deeper into the cultural aspects of CRO.
This document summarizes a presentation on auditing in SharePoint and Office 365. It discusses:
1. Configuring auditing at the SharePoint site collection level, including limitations of a 90 day retention period.
2. The Office 365 unified audit log which covers multiple workloads but also has a 90 day retention period. Methods for extracting the unified audit log using the Management API are presented.
3. Storing and reporting on extracted audit data from the unified audit log using Azure SQL for long term retention beyond 90 days.
The “Other” 5 Things You Need to Care About in Active DirectoryScriptLogic
The chances are that you spend your days working with just one aspect of Active Directory. There are another five areas that need your attention so that you can ensure that your Active Directory is working perfectly. Join us to learn about the other 5 areas of Active Directory management that you really should care about.
In this webinar, we will cover 6 areas of Active Directory management:
1. Auditing
2. Security
3. GPO's
4. Accounts
5. Recovery
6. Health
Join Concentrated Technology’s Greg Shields and ScriptLogic’s Nick Cavalancia as they compare free tips and tools for managing Active Directory to ScriptLogic’s Active Administrator solution.
Building a Data Driven Culture and AI Revolution With Gregory Little | Curren...HostedbyConfluent
Building a Data Driven Culture and AI Revolution With Gregory Little | Current 2022
Transforming business or mission through AI/ML doesn't start with technology but with culture…and an audit. At least as much is true for the US Department of Defense (DoD), which presents significant modernization challenges because of its mission scope, expansive global footprint, and massive size - with over 2.8 million people, it is the largest employer in the world. Greg Little discusses how establishing the DoD’s annual audit became a surprising accelerator for the department’s data and analytics journey. It revealed the foundational needs for data management to run a $3 trillion in assets enterprise, and its successful implementation required breaking through deeply entrenched cultural and organizational resistance across DoD.
In this session, Greg will discuss what it will take to guide the evolution of technology and culture in parallel: leadership, technology that enables rapid scale and a complete & reliable data flow, and a data driven culture.
The Business Benefits of a Data-Driven, Self-Service BI OrganizationLooker
The document discusses the benefits of self-service business intelligence (BI) and data-driven organizations. It notes that self-service BI allows users to access and analyze data with less dependence on IT, which streamlines processes, makes business and IT more productive, opens analytics to more users, and helps organizations become more data-driven. The document also uses Twilio as a case study, explaining that Twilio provides a communications API and has evolved its data use from engineers writing custom queries to using a modeling layer to reuse logic on underlying data.
Cross Device Optimisation - Google Analytics ShortcutsCraig Sullivan
In this session, we explain how to mine GA for broken device experiences, flows, funnel blocks and more... Using a new grid tool we've developed, you can pull multi-dimensional segmented funnel and metric data from Google Analytics - we explain how it works, why you need it and what problems it solves. Find where your site is leaking money through data
Automation of document management paul fenton webinarMontrium
In the life sciences, most of the documents we create end up as records. Now, as we move towards a paperless era in today’s GxP environment and leverage digital content management technology, we are also starting to change the way that we author, collaborate, manage, exchange, and archive our documents.
The very nature of document management is transforming as more and more data becomes part of the document management landscape. In this webinar, we explore how technology is transforming our GxP records management environments and what the future may hold for automating processes
Society Consulting CEO Chad Richeson provides a synopsis of why analytics matters to customer experience, and how to make a greater impact on your business with a disciplined analytics process.
Webinar Metalogix "Auf der Zielgeraden zur DSGVO!"Ragnar Heil
This document discusses the General Data Protection Regulation (GDPR) which takes effect in May 2018. It provides an overview of key GDPR concepts, compliance requirements, and potential penalties for non-compliance. The document also demonstrates Microsoft and Metalogix software solutions that can help organizations discover personal data, manage its use, protect it, and report on GDPR compliance activities to meet new regulations. Attendees were encouraged to ask questions about GDPR compliance.
Splunk provides an operational intelligence platform that allows organizations to:
1. Ingest data from various sources in real-time for searching, visualizing, and analyzing.
2. Establish a culture of continuous improvement through continuous delivery, continuous insights, and fast feedback to move at market speed.
3. Build a strong IT foundation with hybrid cloud, continuous delivery of applications, and continuous insights from proactive monitoring to enable business agility.
Craig Sullivan - Keynote speaker summary & final thoughts - Conversion Hotel ...Webanalisten .nl
Slides of the keynote by Craig Sullivan (UK) at Conversion Hotel 2015, Texel, the Netherlands (#CH2015): "You already listened to 10 keynotes – number 11 will refresh your memory, make you laugh and will leave you with some final thoughts for the trip home." http://conversionhotel.com
The document discusses UiPath's Document Understanding capabilities. It provides an overview of document understanding, the different types of documents that can be processed, and the approaches to document processing including rule-based and model-based. It describes the key components of UiPath's Document Understanding framework including loading taxonomy, document classification, data extraction, validation, and GenAI capabilities. It also includes a case study example of using document understanding to process 7000 invoices per month.
Introduction to Competitive Intelligence PortalsComintelli
The number of companies that are successfully deploying various kinds of Competitive Intelligence (CI) portal solutions are constantly growing. The phrases CI portals, Intelligence systems, CI tools, MI portals are heard everywhere, but what do they really mean? And why should you really care?
Data analytics and analysis trends in 2015 - WebinarAli Zeeshan
This document provides an overview of data analytics trends for 2015-2016 presented by James Graham, a principal consultant. It discusses the differences between big data and small data, as well as tools used for analyzing each. For big data, descriptive, predictive, and prescriptive analytics tools are covered. Five trends for 2015-2016 involving smart systems, deeper customer insights, data democratization, sensor-driven data growth, and HR analytics are also summarized. For small data, Pareto analysis, sensitivity analysis, and linear programming tools are briefly described. The presentation concludes with time for questions.
How to setup Big Data Company in India or data analytics Companystartupscratch
This document provides guidance on starting a big data startup. It outlines the large and growing global market for big data technologies. Some key points include:
- The worldwide big data market is projected to grow from $42B in 2018 to $103B in 2027, a compound annual growth rate of 10.48%.
- Indian big data market offers many opportunities for startups.
- Legal registrations like GST, MSME, ISO licenses are required to formally establish a big data company in India.
- Popular areas to focus on include healthcare analytics, financial technology, AI, and more.
- Example big data startups that have found success include Looker and DataRobot.
1.0 how to empower audit through data analytics for icai kolkataeirc_icai
Hidden truth in data and the power of data analytics •
How does Data Analytics Impact Audit process?
• How to use Data Analytics for various types of Audit?
• Practical examples of data analytics in audit – walk-through • How to build competencies and skill set for using data analytics?
• Case studies of using Data Analytics for providing better assurance
Office 365 Best Practices That You Are Not Thinking AboutQuest
This document discusses best practices for managing security and compliance in Office 365. It covers what security and compliance means for Office 365, considerations for different data types like locations and archives, and 5 best practices. The best practices include working with legal to understand applicable regulations, implementing modern security technologies like MFA and AIP, educating users, categorizing data, and being mindful of PST files during migration. The document also lists tools from Microsoft and third parties that can help with security, compliance, eDiscovery and migration.
This document discusses key considerations for managing AI products. It begins with an overview of intelligent systems and the OODA loop model of decision making. It then covers the different areas of AI including machine learning, deep learning, and supervised vs unsupervised learning. The rest of the document provides guidance on strategic areas for AI product management such as corporate and data strategy, analyzing use cases, building minimal viable products, and influencing other teams to deliver AI capabilities. It emphasizes the importance of data acquisition, network effects, and focusing on practical applications that create business value.
This document discusses analyzing customer usage data trends using Gainsight. It provides an overview of the types of analyses that can be done with Gainsight data, including cause and effect, correlation, and metrics analyses. Examples of questions that can be answered include determining which features successful customers adopt and how implementation methods impact usage. The document reviews steps for building an effective analysis, including starting with an actionable question, determining required data, and choosing a reporting format. Report Builder and dashboards are demonstrated as tools for visualizing analyses in Gainsight.
Utilizing OSINT in Threat Analytics and Incident ResponseChristopher Beiring
Validating potential incidents or indicators of compromise (IOCs) in today’s fast paced environment can be somewhat overwhelming and difficult. Sometimes a team does not believe they have all of the tools and resources to quickly and accurately identify, verify, and rectify a potential indicator in their environment in time. Sometimes these investigations are performed yet may leave out valuable key pieces of data that would benefit the prevention or hardening against future similar attacks. Everyone wants the expensive and shiny tool that vendors offer, but sometimes budgets do not always allow teams access to the latest and greatest, and honestly, not all tools are equal. Relying on one piece of data for IOC validation is a bad idea, even if that resource is the best in the industry. The approach is to use not only the tools you have, but to augment them with existing open source tools that will enrich your investigation, provide accuracy, and supplement your ability to quickly and accurately respond to valid threats in order to increase your security team’s effectiveness. The purpose of this presentation will be to walk users through the value of Open Source Intel and how to use the tools available effectively to help research and identify potential issues during an incident response engagement.
Exploring conditional access to content stored in Office 365 - SPS HelsinkiPaul Hunt
The slides from my session on Conditional Access, presented at SPS Helsinki. This deck includes slides around entitlement packages and terms of use that old decks don't have.
Exploring conditional access to content stored in office 365 spscePaul Hunt
This document summarizes a presentation about exploring conditional access to content in Office 365. It discusses authentication versus authorization, and what conditional access means. It outlines the different access layers in Microsoft 365 including encryption, role-based access control, conditional access, and Azure AD privileged identity management. It compares the capabilities of privileged identity management and privileged access management. Finally, it provides information on configuring privileged access management in Office 365.
The “Other” 5 Things You Need to Care About in Active DirectoryScriptLogic
The chances are that you spend your days working with just one aspect of Active Directory. There are another five areas that need your attention so that you can ensure that your Active Directory is working perfectly. Join us to learn about the other 5 areas of Active Directory management that you really should care about.
In this webinar, we will cover 6 areas of Active Directory management:
1. Auditing
2. Security
3. GPO's
4. Accounts
5. Recovery
6. Health
Join Concentrated Technology’s Greg Shields and ScriptLogic’s Nick Cavalancia as they compare free tips and tools for managing Active Directory to ScriptLogic’s Active Administrator solution.
Building a Data Driven Culture and AI Revolution With Gregory Little | Curren...HostedbyConfluent
Building a Data Driven Culture and AI Revolution With Gregory Little | Current 2022
Transforming business or mission through AI/ML doesn't start with technology but with culture…and an audit. At least as much is true for the US Department of Defense (DoD), which presents significant modernization challenges because of its mission scope, expansive global footprint, and massive size - with over 2.8 million people, it is the largest employer in the world. Greg Little discusses how establishing the DoD’s annual audit became a surprising accelerator for the department’s data and analytics journey. It revealed the foundational needs for data management to run a $3 trillion in assets enterprise, and its successful implementation required breaking through deeply entrenched cultural and organizational resistance across DoD.
In this session, Greg will discuss what it will take to guide the evolution of technology and culture in parallel: leadership, technology that enables rapid scale and a complete & reliable data flow, and a data driven culture.
The Business Benefits of a Data-Driven, Self-Service BI OrganizationLooker
The document discusses the benefits of self-service business intelligence (BI) and data-driven organizations. It notes that self-service BI allows users to access and analyze data with less dependence on IT, which streamlines processes, makes business and IT more productive, opens analytics to more users, and helps organizations become more data-driven. The document also uses Twilio as a case study, explaining that Twilio provides a communications API and has evolved its data use from engineers writing custom queries to using a modeling layer to reuse logic on underlying data.
Cross Device Optimisation - Google Analytics ShortcutsCraig Sullivan
In this session, we explain how to mine GA for broken device experiences, flows, funnel blocks and more... Using a new grid tool we've developed, you can pull multi-dimensional segmented funnel and metric data from Google Analytics - we explain how it works, why you need it and what problems it solves. Find where your site is leaking money through data
Automation of document management paul fenton webinarMontrium
In the life sciences, most of the documents we create end up as records. Now, as we move towards a paperless era in today’s GxP environment and leverage digital content management technology, we are also starting to change the way that we author, collaborate, manage, exchange, and archive our documents.
The very nature of document management is transforming as more and more data becomes part of the document management landscape. In this webinar, we explore how technology is transforming our GxP records management environments and what the future may hold for automating processes
Society Consulting CEO Chad Richeson provides a synopsis of why analytics matters to customer experience, and how to make a greater impact on your business with a disciplined analytics process.
Webinar Metalogix "Auf der Zielgeraden zur DSGVO!"Ragnar Heil
This document discusses the General Data Protection Regulation (GDPR) which takes effect in May 2018. It provides an overview of key GDPR concepts, compliance requirements, and potential penalties for non-compliance. The document also demonstrates Microsoft and Metalogix software solutions that can help organizations discover personal data, manage its use, protect it, and report on GDPR compliance activities to meet new regulations. Attendees were encouraged to ask questions about GDPR compliance.
Splunk provides an operational intelligence platform that allows organizations to:
1. Ingest data from various sources in real-time for searching, visualizing, and analyzing.
2. Establish a culture of continuous improvement through continuous delivery, continuous insights, and fast feedback to move at market speed.
3. Build a strong IT foundation with hybrid cloud, continuous delivery of applications, and continuous insights from proactive monitoring to enable business agility.
Craig Sullivan - Keynote speaker summary & final thoughts - Conversion Hotel ...Webanalisten .nl
Slides of the keynote by Craig Sullivan (UK) at Conversion Hotel 2015, Texel, the Netherlands (#CH2015): "You already listened to 10 keynotes – number 11 will refresh your memory, make you laugh and will leave you with some final thoughts for the trip home." http://conversionhotel.com
The document discusses UiPath's Document Understanding capabilities. It provides an overview of document understanding, the different types of documents that can be processed, and the approaches to document processing including rule-based and model-based. It describes the key components of UiPath's Document Understanding framework including loading taxonomy, document classification, data extraction, validation, and GenAI capabilities. It also includes a case study example of using document understanding to process 7000 invoices per month.
Introduction to Competitive Intelligence PortalsComintelli
The number of companies that are successfully deploying various kinds of Competitive Intelligence (CI) portal solutions are constantly growing. The phrases CI portals, Intelligence systems, CI tools, MI portals are heard everywhere, but what do they really mean? And why should you really care?
Data analytics and analysis trends in 2015 - WebinarAli Zeeshan
This document provides an overview of data analytics trends for 2015-2016 presented by James Graham, a principal consultant. It discusses the differences between big data and small data, as well as tools used for analyzing each. For big data, descriptive, predictive, and prescriptive analytics tools are covered. Five trends for 2015-2016 involving smart systems, deeper customer insights, data democratization, sensor-driven data growth, and HR analytics are also summarized. For small data, Pareto analysis, sensitivity analysis, and linear programming tools are briefly described. The presentation concludes with time for questions.
How to setup Big Data Company in India or data analytics Companystartupscratch
This document provides guidance on starting a big data startup. It outlines the large and growing global market for big data technologies. Some key points include:
- The worldwide big data market is projected to grow from $42B in 2018 to $103B in 2027, a compound annual growth rate of 10.48%.
- Indian big data market offers many opportunities for startups.
- Legal registrations like GST, MSME, ISO licenses are required to formally establish a big data company in India.
- Popular areas to focus on include healthcare analytics, financial technology, AI, and more.
- Example big data startups that have found success include Looker and DataRobot.
1.0 how to empower audit through data analytics for icai kolkataeirc_icai
Hidden truth in data and the power of data analytics •
How does Data Analytics Impact Audit process?
• How to use Data Analytics for various types of Audit?
• Practical examples of data analytics in audit – walk-through • How to build competencies and skill set for using data analytics?
• Case studies of using Data Analytics for providing better assurance
Office 365 Best Practices That You Are Not Thinking AboutQuest
This document discusses best practices for managing security and compliance in Office 365. It covers what security and compliance means for Office 365, considerations for different data types like locations and archives, and 5 best practices. The best practices include working with legal to understand applicable regulations, implementing modern security technologies like MFA and AIP, educating users, categorizing data, and being mindful of PST files during migration. The document also lists tools from Microsoft and third parties that can help with security, compliance, eDiscovery and migration.
This document discusses key considerations for managing AI products. It begins with an overview of intelligent systems and the OODA loop model of decision making. It then covers the different areas of AI including machine learning, deep learning, and supervised vs unsupervised learning. The rest of the document provides guidance on strategic areas for AI product management such as corporate and data strategy, analyzing use cases, building minimal viable products, and influencing other teams to deliver AI capabilities. It emphasizes the importance of data acquisition, network effects, and focusing on practical applications that create business value.
This document discusses analyzing customer usage data trends using Gainsight. It provides an overview of the types of analyses that can be done with Gainsight data, including cause and effect, correlation, and metrics analyses. Examples of questions that can be answered include determining which features successful customers adopt and how implementation methods impact usage. The document reviews steps for building an effective analysis, including starting with an actionable question, determining required data, and choosing a reporting format. Report Builder and dashboards are demonstrated as tools for visualizing analyses in Gainsight.
Utilizing OSINT in Threat Analytics and Incident ResponseChristopher Beiring
Validating potential incidents or indicators of compromise (IOCs) in today’s fast paced environment can be somewhat overwhelming and difficult. Sometimes a team does not believe they have all of the tools and resources to quickly and accurately identify, verify, and rectify a potential indicator in their environment in time. Sometimes these investigations are performed yet may leave out valuable key pieces of data that would benefit the prevention or hardening against future similar attacks. Everyone wants the expensive and shiny tool that vendors offer, but sometimes budgets do not always allow teams access to the latest and greatest, and honestly, not all tools are equal. Relying on one piece of data for IOC validation is a bad idea, even if that resource is the best in the industry. The approach is to use not only the tools you have, but to augment them with existing open source tools that will enrich your investigation, provide accuracy, and supplement your ability to quickly and accurately respond to valid threats in order to increase your security team’s effectiveness. The purpose of this presentation will be to walk users through the value of Open Source Intel and how to use the tools available effectively to help research and identify potential issues during an incident response engagement.
Similar to What do you mean 90 days isnt enough (20)
Exploring conditional access to content stored in Office 365 - SPS HelsinkiPaul Hunt
The slides from my session on Conditional Access, presented at SPS Helsinki. This deck includes slides around entitlement packages and terms of use that old decks don't have.
Exploring conditional access to content stored in office 365 spscePaul Hunt
This document summarizes a presentation about exploring conditional access to content in Office 365. It discusses authentication versus authorization, and what conditional access means. It outlines the different access layers in Microsoft 365 including encryption, role-based access control, conditional access, and Azure AD privileged identity management. It compares the capabilities of privileged identity management and privileged access management. Finally, it provides information on configuring privileged access management in Office 365.
Exploring conditional access to content stored in Office 365Paul Hunt
This document discusses conditional access in Microsoft 365 and explores various access control options. It covers role-based access control (RBAC), conditional access policies, Azure Active Directory Privileged Identity Management (PIM), and Privileged Access Management (PAM) in Office 365. The document compares PIM and PAM capabilities and provides configuration examples for setting up PAM in Office 365 to govern legitimate access and prevent unauthorized access.
Spunite exploring identity management options in office 365Paul Hunt
These are the slides from my Exploring Officer 365 Identity Management session at SPUnite 2017. A most excellent event that I heartily recommend people attend when it returns!
#SPSLondon - Session 2 JSLink for IT ProsPaul Hunt
These are the slides from my second session at SPSLondon, there's a little cross over between the two sessions if you went to both!
This one covers an introduction to Display Templates for IT Pros, show the what, why and how of Display Templates in List View Web Parts with an IT Pro focus.
#SPSLondon - Session 1 - Building an faq for end usersPaul Hunt
These are the slides to accompany my first session on building an FAQ in SharePoint. It follows the evolution of the idea from a basic single site/list implementation through to an enterprise focussed application.
This document outlines an agenda for building a basic, intermediate, and advanced FAQ for end users in SharePoint. The basic FAQ involves setting up site columns, content types, and configuring a custom list. The intermediate configuration integrates search by adding a content by search web part. The advanced configuration enhances the user experience through list view and search display templates, adding people search to connect FAQ items to subject matter experts, and configuring the search center. Demos are provided for the basic, intermediate, and advanced configurations.
Creating an FAQ for end users, An evolution of an idea - SharePoint Saturday ...Paul Hunt
These are the slides of my second session at SharePoint Saturday Jersey in which I look at evolving the creation of an FAQ from the basic list, through to a fully search integrated enterprise offering.
SUGUK Cambridge - Display Templates & JSLink for IT ProsPaul Hunt
This is another evolution of my Display Templates session. A few of the slides have been updated. The key differences between each session however is the demos.
These slides do contain the links called out during the session however.
These are the slides from my #SPSBE session #SPSBE23 on Display Templates and JSLink for IT Pros. This is a slightly amended version of the session that I've uploaded for SPSUK and SPSSTHLM as a result of feedback from those earlier sessions.
As a result of conversations from this session and a twitter jam during the journey home, I'll announcing some great news about a community effort to make Display Template samples from many great speakers around the world available in one location.
Watch twitter using hashtag #SPCSR for more info as we announce it.
SPSSTHLM - Using JSLink and Display Templates for ITProsPaul Hunt
This document discusses using JavaScript and display templates with list view web parts in SharePoint. It begins with an introduction and overview of the presenter. It then discusses how list views used to be customized using SharePoint Designer and XSLT, and why the focus has shifted to client-side rendering using JavaScript, HTML and CSS. The rest of the document explains what JavaScript display templates are, provides examples of the anatomy and usage of list view and field display templates, and discusses techniques for troubleshooting templates.
My session slides from SharePoint Saturday UK IT Pro track. See my blog for more details and the demonstration videos. http://www.myfatblog.co.uk/index.php/2013/11/sharepoint-saturday-uk-wrap-up/
Iw411 migrating content by search from 2010 into 2013 - minifiedPaul Hunt
IW411 This is my slide deck from the SharePoint Evolutions 2013 Conference where I looked at content by search in 2010, then migrating and building from scratch in 2013.
Honeypots Unveiled: Proactive Defense Tactics for Cyber Security, Phoenix Sum...APNIC
Adli Wahid, Senior Internet Security Specialist at APNIC, delivered a presentation titled 'Honeypots Unveiled: Proactive Defense Tactics for Cyber Security' at the Phoenix Summit held in Dhaka, Bangladesh from 23 to 24 May 2024.
Securing BGP: Operational Strategies and Best Practices for Network Defenders...APNIC
Md. Zobair Khan,
Network Analyst and Technical Trainer at APNIC, presented 'Securing BGP: Operational Strategies and Best Practices for Network Defenders' at the Phoenix Summit held in Dhaka, Bangladesh from 23 to 24 May 2024.
Decentralized Justice in Gaming and EsportsFederico Ast
Discover how Kleros is transforming the landscape of dispute resolution in the gaming and eSports industry through the power of decentralized justice.
This presentation, delivered by Federico Ast, CEO of Kleros, explores the innovative application of blockchain technology, crowdsourcing, and incentivized mechanisms to create fair and efficient arbitration processes.
Key Highlights:
- Introduction to Decentralized Justice: Learn about the foundational principles of Kleros and how it combines blockchain with crowdsourcing to develop a novel justice system.
- Challenges in Traditional Arbitration: Understand the limitations of conventional arbitration methods, such as high costs and long resolution times, particularly for small claims in the gaming sector.
- How Kleros Works: A step-by-step guide on the functioning of Kleros, from the initiation of a smart contract to the final decision by a jury of peers.
- Case Studies in eSports: Explore real-world scenarios where Kleros has been applied to resolve disputes in eSports, including issues like cheating, governance, player behavior, and contractual disagreements.
- Practical Implementation: Detailed walkthroughs of how disputes are handled in eSports tournaments, emphasizing speed, cost-efficiency, and fairness.
- Enhanced Transparency: The role of blockchain in providing an immutable and transparent record of proceedings, ensuring trust in the resolution process.
- Future Prospects: The potential expansion of decentralized justice mechanisms across various sectors within the gaming industry.
For more information, visit kleros.io or follow Federico Ast and Kleros on social media:
• Twitter: @federicoast
• Twitter: @kleros_io
6. Agenda
• Why do we need Audit?
• What do we get out of the box?
• What can I do with the Microsoft Stack?
• What can I build myself?
• What Third parties can do this for me?
7. What’s the point of auditing?
“If I were to run, I’d run as a
republican. They’re the
dumbest group of voters in the
country. They believe anything
on Fox News. I could lie and
they’d still eat it up. I bet my
numbers would be terrific”
Donald Trump – People
Magazine 1988
8. What’s the point of auditing?
•People magazine keep every copy
of every magazine that has been
printed.
•There was no record of a 1998
interview.
•No article printed in the 80s or 90s
contain mention of the Republican
party in articles about Donald
Trump.
9. What’s the point of auditing?
When King Leonidas and the
300 Spartans took on the
Persian army at the battle of
Thermopylae, they believed
that they could hold their
ground due to the mountain’s
impenetrable walls.
10. What’s the point of auditing?
They forgot about the goat paths!
The Persian army snuck in behind their
defences and surrounded them, defeating
the Spartans.
11. What’s the point of auditing?
Employee behaviours and needs
are potentially your goat paths.
• Demand for agility
• Lack of awareness
• Phishing e-mails
• Unsecured networks
• Poor storage of sensitive data
• Malicious attack
12. But we can help to protect against a lot of this!
21. What’s wrong with Office 365 auditing?
• 90 days retention isn’t enough
• The search interface isn’t brilliant
(and it’s now hidden away (in some
tenants!)!).
23. • Doing nothing – Out of the box audit
• D.I.Y – using the Management Activity API
• Azure Log Analytics
• Additional services MCAS & Sentinel
• Third Party Options
What are the options?
25. DIY – Extracting data using APIs
Office 365 Management Activity API
Supports:
Audit.AzureActiveDirectory
Audit.Exchange
Audit.SharePoint
Audit.General
DLP.ALL
http://bit.ly/O365ManagementAPI
26. DIY – Extracting data using APIs
Pull ModelPush Model
• Requires subscription
• On demand, request a list of available
blobs.
• Process blobs to extract data.
• Save data somewhere
• Can run as a timer job or Azure Runbook.
• Requires subscription
• Requires Webhook & Validation
• On Notification, a list of available blobs is
downloaded
• Process blobs to extract data
• Save data somewhere
27. DIY – Considerations
• Webhooks – Must be responsive
• Manage throttling
• Where to put the data? Azure SQL, On-prem?
• How to consume the data?
• Can monitoring be automated?
• Cost of development on top of storage.
• Option to apply business logic to reduce
storage need.
• Limited to the O365 APIs.
29. Microsoft Azure Options
•Everything begins with Log Analytics (Used to be OMS)
• Once a Log Analytics workspace has been created
• Add Office 365 Management Solution
• Configure App Permissions
• Run some PowerShell to subscribe****
http://bit.ly/Office365ManagementSolution
•But easier to configure in Azure Sentinel!
• One click..ish
• And free ingestion of Office 365 data!
31. Azure – Considerations
• No real control over what is stored, only
ingestion/retention period.
• Confusing number of options & price plans
(Log Analytics, CAS, Sentinel) & limited to
730 days.
• Powerful query capability.
• Additional sources (Azure AD, Azure Identity
Protection).
• Automated alerting.
• Potential for Case Management and
intelligent SIEM.
32. Third Party Options
• A number of available providers of Audit & SIEM systems exist.
33. Vendor O365 Audit Log
(via API)
Azure events via
Event Hub
On-prem /
Cloud
Third Party Options
37. Third Party – Considerations
• May be limited to what is available
through the Office 365 Rest APIs.
• Some SIEM systems allow additional
export from Azure using Eventhubs.
• Variety of cost/licensing options.
• Variety of retention options and costs.
• Potential to extract alert data from MCAS
to SIEM systems.
We can build out mountain walls, but we also need to pay attention to the goat paths.
Look at DLP and AIP to protect the data rather than the perimeter.
Look at MCAS/ATP and other automated monitoring systems
But to be properly protected, we need to take an Assume Breach mindset.
When not If.
For this session, we’re not looking too deeply at Threat Investigation.
But we do need to understand how retention affects your abilities to detect and investigate.
Stats from UK Gov – Cyber Security Breaches Survey 2018
Stats from UK Gov – Cyber Security Breaches Survey 2018
Coming into preview shortly will be 365 days retention for M365 and O365-E5 subscriptions. (Currently Private Preview only!)
Also with the Advanced Compliance Add-on license (in conjunction with E3 or EXO P1.
https://techcommunity.microsoft.com/t5/Security-Privacy-and-Compliance/Updates-to-Advanced-Data-Governance-Unified-labeling-analytics/ba-p/261876
https://docs.microsoft.com/en-gb/office365/securitycompliance/search-the-audit-log-in-security-and-compliance – For sign up link to Private Preview
Exactly what can we audit in Office 365?
Note: Exchange Mailbox Auditing should now be defaulted to on Unless previously configured or disabled Tenant wide.
The search interface doesn’t include all actions (E.g. List item actions)
Not even sure 365 days is enough?
At what cost? If we’ve suffered a breach, how do we investigate. If a breach is discovered, is being able to audit up to 90 days enough to protect your reputation?
A client of mine who suffered a breach was unable to identify who was affected, so they had to inform ALL of their client base.
Searching the Log – “Audit Test C”
Setting up an Audit Alert
Searching Docs – Audit Text C – Credit
License Changes – Group Based Versus Direct
Can’t search for list item updates (but they appear when nothing is selected)
Webhooks have a minimum time to respond. Especially during setup
Costs of storage
How to consume.. Audit is no good if it isn’t viewed.
Used to be part of operations Management Suite but was split out.
****Needs an AppId configuration - https://docs.microsoft.com/en-us/azure/azure-monitor/insights/solution-office-365
There’s a bug in the script to Subscribe… read the closed issues as the first one has the updated script.
Log analytics
SIEM = Security Information and Event Management
Transvault – SaaS on Transvault storage
Syskit – On-prem or Azure – Your storage
Hubstore – SaaS on theirs or your own Azure instance.
IBM (Qradar) – On-prem/SaaS options
Splunk – On-prem/SaaS options
Webhooks have a minimum time to respond. Especially during setup
Costs of storage
How to consume.. Audit is no good if it isn’t viewed.
Close out..back to 123!
Stats from UK Gov – Cyber Security Breaches Survey 2018
*Office 365 E5 users will go to 365 days later this year.
**Assumes AD Premium (else 7 days)
Option to auto export Azure AD to Azure Storage
*** Ingestion and retention charges will apply beyond basic included coverage.
Note Azure Sentinel is in preview and costs are not fully known.
**** Transvault are considering higher limits.