Talk presented by Ernest Mueller at LASCON 2010 on cloud computing security and why it's likely that the cloud is more secure than what you're doing right now.
An overview of cloud security
- Quick Context of Security in the cloud
- General Best Practices
- Networking Services
- Security and Identity Services
- Management Tools
This Cloud Security tutorial shall first address the question whether Cloud Security is really a concern among companies which are making a move to the cloud. The tutorial also discusses the process of troubleshooting a problem in the cloud. This tutorial is ideal for people who are planning to make a career shift in the cloud industry. Below are the topics covered in this tutorial:
1. Why and What of Cloud Security?
2. Private, Public or Hybrid
3. Is Cloud Security really a concern?
4. How secure should you make your application?
5. Troubleshooting a threat in the Cloud
6. Cloud Security in AWS
am going to introduce you to Azure Bastion in Microsoft Azure and teach you how to create your first Azure bastion host, connect to a virtual machine and work a virtual machine session.
Watch on YouTube
------------------------
https://youtu.be/8-_JPzdWe1I
In this presentation, you learn
---------------------------------------
- What is Azure Bastion and what is trying to achieve?
- How to create an Azure Bastion host.
- How to connect to a VM using Azure Bastion
- How to work with a virtual machine Session
View the full blog post here with all scripts
https://blog.ahasayen.com/introducing-azure-bastion/
Connect with me
----------------------------
About me: https://me.ahasayen.com
Blog: https://blog.ahasayen.com
Twitter: https://twitter.com/ammarhasayen
LinkedIn: https://www.linkedin.com/in/ammarhasayen
Instagram: https://www.instagram.com/ammarhasayen
SlideShare: https://www.slideshare.net/ammarhasayen
View my Pluralsight course : Implementing Azure AD Privileged Identity Management
https://www.pluralsight.com/courses/microsoft-azure-privileged-identity-management-implementing
An overview of cloud security
- Quick Context of Security in the cloud
- General Best Practices
- Networking Services
- Security and Identity Services
- Management Tools
This Cloud Security tutorial shall first address the question whether Cloud Security is really a concern among companies which are making a move to the cloud. The tutorial also discusses the process of troubleshooting a problem in the cloud. This tutorial is ideal for people who are planning to make a career shift in the cloud industry. Below are the topics covered in this tutorial:
1. Why and What of Cloud Security?
2. Private, Public or Hybrid
3. Is Cloud Security really a concern?
4. How secure should you make your application?
5. Troubleshooting a threat in the Cloud
6. Cloud Security in AWS
am going to introduce you to Azure Bastion in Microsoft Azure and teach you how to create your first Azure bastion host, connect to a virtual machine and work a virtual machine session.
Watch on YouTube
------------------------
https://youtu.be/8-_JPzdWe1I
In this presentation, you learn
---------------------------------------
- What is Azure Bastion and what is trying to achieve?
- How to create an Azure Bastion host.
- How to connect to a VM using Azure Bastion
- How to work with a virtual machine Session
View the full blog post here with all scripts
https://blog.ahasayen.com/introducing-azure-bastion/
Connect with me
----------------------------
About me: https://me.ahasayen.com
Blog: https://blog.ahasayen.com
Twitter: https://twitter.com/ammarhasayen
LinkedIn: https://www.linkedin.com/in/ammarhasayen
Instagram: https://www.instagram.com/ammarhasayen
SlideShare: https://www.slideshare.net/ammarhasayen
View my Pluralsight course : Implementing Azure AD Privileged Identity Management
https://www.pluralsight.com/courses/microsoft-azure-privileged-identity-management-implementing
SCUGBE_Lowlands_Unite_2017_Rest azured microsoft cloud demystifiedKenny Buntinx
There is a lot of misconceptions about Microsoft’s public cloud offering Azure, especially for IT infrastructure administrators but also for it’s consumers. In this session, Kenneth van Surksum will demystify some of the most common questions when talking about public cloud, like:
· Will moving our on-premise infrastructure to the cloud solve many of the problems we are facing today?
· Can developers just consume Azure, or should they align the IT infrastructure department before starting to develop, and if so why?
· Is Cloud computing a next generation virtualization platform?
· Will we once we move all of our infrastructure to Azure be relieved migration headaches?
· And much more….
Kenneth will share his experiences from implementing Azure solutions at customers with the audience. The goal of this session is to make people, who want to start working with Azure aware of the caveats so that they don’t make the obvious mistakes.
Microsoft Azure is an ever-expanding set of cloud services to help your organization meet your business challenges. It’s the freedom to build, manage, and deploy applications on a massive, global network using your favorite tools and frameworks.
Productive
Reduce time to market, by delivering features faster with over 100 end-to-end services.
Hybrid
Develop and deploy where you want, with the only consistent hybrid cloud on the market. Extend Azure on-premises with Azure Stack.
Intelligent
Create intelligent apps using powerful data and artificial intelligence services.
Trusted
Join startups, governments, and 90 percent of Fortune 500 businesses who run on the Microsoft Cloud today.
We have discussed about the azure VMs Inventory management,Change management,tracking and update management. Discussed on Azure VMs. scaling on demand and how to increase the same. Disk addition and deletion as well.
The Cloud Needs An Operating System – Philip J. WindleyPhil Wolff
Because it allows you to act as a peer, a CloudOS orchestrates and coordinates online interactions, enables cooperating networks of products and services, supports intention-driven automation.
Azure Networking, Azure Storage, Enterprise Azure Active Directory, Daemon or Server application authentication workflow, Worker processes, Daemon, Daemon application to Web API, Azure Active Directory in old azure portal, ASM, Azure active directory and Mutl-tenant applications, Sharding, Federation, Shared singe, RBAC, Differences between AAD and AD DS, Azure AD Subscription models, Azure Domain Names, Manage Users, Groups,Co-Admin Role, Default Azure Active Directory, Adding access to another azure subscription. Contributor, Owner , Roles in Azure Subscriptions, Roles, MFA, Multi-Factor Authentication, How does MFA works, Scenarios for Azure MFA, Setting up MFA in Azure AD, Setting MFA, Azure Authenticator, Hybrid AD solutions, AD DS, Federated Trust, Domain Controller, AD, AAD Connecter, AD FS, AAD, Active Directory Password synchronization, Benefits of Active Directory, Active Directory Replication, vulnerabilities with multiple Domain Controller, Azure AD features, Synchronization with AD Connect, Write-back policies, Azure AD Health COnnect, Installing Azure AD COnnect Health,Integrating Azure AD and SaaS Applications, Benefits of using SaaS Solutions with your products, Benefits of SaaS Solutions, Azure Marketplace, DropBox Integrations with AAD, New Relic Integrations, New Relic, Dropbox, Azure AD Enterprise Application, VSTS integration for Automated Builds, Federation Overview, Claims, Single Sign On, Federated Trusts, Claim based authentications, Federated trusts, Claims Processing, Web Application Proxy, ADFS Proxy, ADFS 2.0 Proxy, How does ADFS proxy works for internal users, How does ADFS proxy works for internal users,Azure AD B2C Directory, B2C applications, Business 2 Customers application, 3rd Party Authentication, Bearer Token, OAuth, 3rd Party Identity Provider, OAuth server, Azure AD B2C Authentication & Authorization, Implementing Azure AD B2C Directory, Setting up Single Sign On with Facebook, Google, Microsoft. Linkedin, SignUP Policies, SignIN Policies, Email SignUp, SignUpSignIN PolicyID, Configuring Application with Azure Application ID,Modern Applications, Requirements for Modern Apps, API, Logic Applications, Mobile App, Web App, Function App, Go To Market, Microsoft Application Platform, App Service Plan, App Service Environment - Private Infrastructure, Why use App Service, App service Features & Capabilities, Azure App Service, Virtual Machine, Service Fabric & Cloud Services Comparison, Creating a Mobile App, Swagger UI, API Apps, API management, API APPS & API Management, Implementing API APP via Visual Studio,
Security in the cloud Workshop HSTC 2014Akash Mahajan
A broad overview of what it takes to be secure. This is more of an introduction where we introduce the basic terms around Cloud Computing and how do we go about securing our information assets(Data, Applications and Infrastructure)
The workshop was fun because all the slides were paired with real world examples of security breaches and attacks.
Virtual Data Center VDC - Azure Cloud Reference Architecture CRAAmmar Hasayen
The Virtual Data Center VDC is part of any Cloud Reference Architecture CRA and promotes for a balance between governance and developer agility, separation of duties and more. In this blog, you learn why to architect your data center in Azure with best practices and recommendation from Cloud Security Alliance CSA.
How Symantec Cloud Workload Protection Secures LifeLock on AWS PPTAmazon Web Services
When LifeLock decided to migrate their workloads to Amazon Web Services (AWS) from their on-premises data center, they were concerned that traditional security technology and processes would not transfer to the cloud. They turned to Symantec and deployed Cloud Workload Protection (CWP) to secure both their corporate and customer data, as well as their intellectual property, in part because CWP’s cloud-native design enabled seamless integration with their DevOps workflows and AWS infrastructure.
This session will introduce best practices for IoT security in the cloud and the access control mechanisms used by AWS IoT. These mechanisms can be used to not only securely build and provision devices, but also to integrate devices with other AWS services. As a result, you are able to scale and innovate, while maintaining a secure environment.
Introduction to Microsoft Azure. Covers the change to a cloud development paradigm. Motivations for the change, Pricing structures, and an exercise in IT portfolio evaluation.
SCUGBE_Lowlands_Unite_2017_Rest azured microsoft cloud demystifiedKenny Buntinx
There is a lot of misconceptions about Microsoft’s public cloud offering Azure, especially for IT infrastructure administrators but also for it’s consumers. In this session, Kenneth van Surksum will demystify some of the most common questions when talking about public cloud, like:
· Will moving our on-premise infrastructure to the cloud solve many of the problems we are facing today?
· Can developers just consume Azure, or should they align the IT infrastructure department before starting to develop, and if so why?
· Is Cloud computing a next generation virtualization platform?
· Will we once we move all of our infrastructure to Azure be relieved migration headaches?
· And much more….
Kenneth will share his experiences from implementing Azure solutions at customers with the audience. The goal of this session is to make people, who want to start working with Azure aware of the caveats so that they don’t make the obvious mistakes.
Microsoft Azure is an ever-expanding set of cloud services to help your organization meet your business challenges. It’s the freedom to build, manage, and deploy applications on a massive, global network using your favorite tools and frameworks.
Productive
Reduce time to market, by delivering features faster with over 100 end-to-end services.
Hybrid
Develop and deploy where you want, with the only consistent hybrid cloud on the market. Extend Azure on-premises with Azure Stack.
Intelligent
Create intelligent apps using powerful data and artificial intelligence services.
Trusted
Join startups, governments, and 90 percent of Fortune 500 businesses who run on the Microsoft Cloud today.
We have discussed about the azure VMs Inventory management,Change management,tracking and update management. Discussed on Azure VMs. scaling on demand and how to increase the same. Disk addition and deletion as well.
The Cloud Needs An Operating System – Philip J. WindleyPhil Wolff
Because it allows you to act as a peer, a CloudOS orchestrates and coordinates online interactions, enables cooperating networks of products and services, supports intention-driven automation.
Azure Networking, Azure Storage, Enterprise Azure Active Directory, Daemon or Server application authentication workflow, Worker processes, Daemon, Daemon application to Web API, Azure Active Directory in old azure portal, ASM, Azure active directory and Mutl-tenant applications, Sharding, Federation, Shared singe, RBAC, Differences between AAD and AD DS, Azure AD Subscription models, Azure Domain Names, Manage Users, Groups,Co-Admin Role, Default Azure Active Directory, Adding access to another azure subscription. Contributor, Owner , Roles in Azure Subscriptions, Roles, MFA, Multi-Factor Authentication, How does MFA works, Scenarios for Azure MFA, Setting up MFA in Azure AD, Setting MFA, Azure Authenticator, Hybrid AD solutions, AD DS, Federated Trust, Domain Controller, AD, AAD Connecter, AD FS, AAD, Active Directory Password synchronization, Benefits of Active Directory, Active Directory Replication, vulnerabilities with multiple Domain Controller, Azure AD features, Synchronization with AD Connect, Write-back policies, Azure AD Health COnnect, Installing Azure AD COnnect Health,Integrating Azure AD and SaaS Applications, Benefits of using SaaS Solutions with your products, Benefits of SaaS Solutions, Azure Marketplace, DropBox Integrations with AAD, New Relic Integrations, New Relic, Dropbox, Azure AD Enterprise Application, VSTS integration for Automated Builds, Federation Overview, Claims, Single Sign On, Federated Trusts, Claim based authentications, Federated trusts, Claims Processing, Web Application Proxy, ADFS Proxy, ADFS 2.0 Proxy, How does ADFS proxy works for internal users, How does ADFS proxy works for internal users,Azure AD B2C Directory, B2C applications, Business 2 Customers application, 3rd Party Authentication, Bearer Token, OAuth, 3rd Party Identity Provider, OAuth server, Azure AD B2C Authentication & Authorization, Implementing Azure AD B2C Directory, Setting up Single Sign On with Facebook, Google, Microsoft. Linkedin, SignUP Policies, SignIN Policies, Email SignUp, SignUpSignIN PolicyID, Configuring Application with Azure Application ID,Modern Applications, Requirements for Modern Apps, API, Logic Applications, Mobile App, Web App, Function App, Go To Market, Microsoft Application Platform, App Service Plan, App Service Environment - Private Infrastructure, Why use App Service, App service Features & Capabilities, Azure App Service, Virtual Machine, Service Fabric & Cloud Services Comparison, Creating a Mobile App, Swagger UI, API Apps, API management, API APPS & API Management, Implementing API APP via Visual Studio,
Security in the cloud Workshop HSTC 2014Akash Mahajan
A broad overview of what it takes to be secure. This is more of an introduction where we introduce the basic terms around Cloud Computing and how do we go about securing our information assets(Data, Applications and Infrastructure)
The workshop was fun because all the slides were paired with real world examples of security breaches and attacks.
Virtual Data Center VDC - Azure Cloud Reference Architecture CRAAmmar Hasayen
The Virtual Data Center VDC is part of any Cloud Reference Architecture CRA and promotes for a balance between governance and developer agility, separation of duties and more. In this blog, you learn why to architect your data center in Azure with best practices and recommendation from Cloud Security Alliance CSA.
How Symantec Cloud Workload Protection Secures LifeLock on AWS PPTAmazon Web Services
When LifeLock decided to migrate their workloads to Amazon Web Services (AWS) from their on-premises data center, they were concerned that traditional security technology and processes would not transfer to the cloud. They turned to Symantec and deployed Cloud Workload Protection (CWP) to secure both their corporate and customer data, as well as their intellectual property, in part because CWP’s cloud-native design enabled seamless integration with their DevOps workflows and AWS infrastructure.
This session will introduce best practices for IoT security in the cloud and the access control mechanisms used by AWS IoT. These mechanisms can be used to not only securely build and provision devices, but also to integrate devices with other AWS services. As a result, you are able to scale and innovate, while maintaining a secure environment.
Introduction to Microsoft Azure. Covers the change to a cloud development paradigm. Motivations for the change, Pricing structures, and an exercise in IT portfolio evaluation.
AWS Cloud Security From the Point of View of the ComplianceYury Chemerkin
Clouds are finding increased use in core enterprise systems, which mean auditing is the cornerstone expectation. Cloud vendors announce new cloud services, offer new security solutions and refer to the global security standards among of them the requirements look like quite similar. This is series of articles about AWS Cloud Security from the point of view of the compliance to highlight technical requirements of the top Worldwide and Russian security standards for key AWS services, describe how technically prepare to audit and configure AWS services.
http://pentestmag.com/pentest-webapp-1212/
You automated your deployment, elasticized your workloads, and dynamically provisioned your fleet. What do you do next?
Tackle automating your security needs using the latest capabilities in the cloud! There’s no single path to building an automated and continuous security architecture that works for every organization, but certain key principles and techniques are used by the early adopter cloud elite that give them distinct advantages.
It's time to re-think your organization’s processes and behaviors to demonstrate the latest efficiencies in your security operations.
In this webinar, learn how Intuit implements cloud security automation with Evident.io and other innovative cloud technologies.
This slide deck covers:
- How security will be integrated into the overall processes of development and deployment.
- How to tie security acceptance tests, a subset of your key security controls, right into the end of your functional testing process to promote builds with confidence at greater speed.
- How to be successful with API-enabled, continuous security tools in the cloud.
- How to operationalize security alarms, enabling world-class incident response and remediation capabilities.
You automated your deployment, elasticized your workloads, and dynamically provisioned your fleet. What do you do next?
Tackle automating your security needs using the latest capabilities in the cloud! There’s no single path to building an automated and continuous security architecture that works for every organization, but certain key principles and techniques are used by the early adopter cloud elite that give them distinct advantages. It's time to re-think your organization’s processes and behaviors to demonstrate the latest efficiencies in your security operations. In this webinar, learn how Intuit implements cloud security automation with Evident.io and other innovative cloud technologies.
Join us to learn:
• How security will be integrated into the overall processes of development and deployment.
• How to tie security acceptance tests, a subset of your key security controls, right into the end of your functional testing process to promote builds with confidence at greater speed.
• How to be successful with API-enabled, continuous security tools in the cloud.
• How to operationalize security alarms, enabling world-class incident response and remediation capabilities.
AWS re:Invent 2016: Life Without SSH: Immutable Infrastructure in Production ...Amazon Web Services
This session covers what a real-world production deployment of a fully automated deployment pipeline looks like with instances that are deployed without SSH keys. By leveraging AWS CloudFormation along with Docker and AWS CodeDeploy, we show how we achieved semi-immutable and fully immutable infrastructures, and what the challenges and remediations were.
The presentation starts with a blank slate for those who have no idea of what cloud and virtualization world is to gradually building up till handling security issues.If any one wants the soft copy,please ask for it at anupam@blumail.org
Learn how employing a combination of automation, integration, and thoughtful system design can allow you to achieve a level of security with cloud-based services that is higher than most legacy in-house services currently provide.
Many security professionals are skeptical about cloud-based services and infrastructure. But it's a skepticism we've seen before, when a new computing paradigm encounters a suspicious--if not downright hostile--mindset (data-center-centric) and installed base. In this paper, we will discuss some of the general philosophies and perspectives that will assist anyone who wants to securely leverage the benefits the cloud by using its strengths to overcome issues that have traditionally been labeled as weaknesses.
Moving "Something Simple" To The Cloud - What It Really TakesCloverDX
On-Demand Webinar slides
We'll examine the difference between deploying on-premise, the "VM way" and the fully-cloud way. Take a behind-the-scenes look at a real-life case, where a requirement from several business units triggered a hasty implementation at first, then raised some fundamental questions, and eventually lead to a cascade of decisions and an AWS cloud solution that works (but no one anticipated).
Watch the webinar here: https://www.cloverdx.com/gc/lp/webinar/moving-something-simple-to-cloud-from-on-premise
Why integration is key in IoT solutions? (Sam Vanhoutte @Integrate2017)Codit
While working on several Internet of Things projects with different customers in Europe, it became clear that Integration matters more than ever. Building an overall IoT solution requires many different technologies and skills. The Architect role is crucial to combining different services into one solid solution. Integration skills are extremely important in building robust and scalable IoT solutions. Every phase of the IoT value chain requires integration, since IoT solutions are distributed and decoupled by nature. Retro-fitting existing devices? Routing of telemetry data? Or even exposing analytics results through secured APIs? All these challenges require integration skills. Skills that are very familiar to specialists in the Integration business. This presentation will explain why these are great times to be an Integration expert and how we can help tackling current challenges.
Presentation to IASA Atlanta about cloud computing topics and advice for architects on how to incorporate these new technologies and approaches into their systems
AWS Serverless Community Day Keynote and Vendia Launch 6-26-2020Tim Wagner
Hear Tim Wagner, CEO and co-founder of Vendia and "Father of Serverless" talk about the evolution of Serverless over the years and how Vendia is taking it into a cross-cloud future.
The DevOps Panel - Innotech Austin CD SummitErnest Mueller
The Agile Admins - Ernest Mueller, James Wickett, Karthik Gaekwad, and Peco Karayanev - share some thoughts and answer panel questions on the state of DevOps at the CD Summit happening at Innotech Austin 2016.
A talk on how to apply Lean Software principles to information security. Also delivered at RSA 2015 and OWASP Austin. Converted to ppt from Keynote so sorry about the fonts.
Applying Lean principles from Agile and DevOps to InfoSec work!
Presented by Ernest Mueller at the May 2016 OWASP Austin meeting.
Sorry about the formatting, it's autoconverted to PPT from Keynote.
Presented by Ernest Mueller and James Wickett at RSA 2016
Moving fast is a business imperative that you can’t afford to be in opposition to. Lean, DevOps and Continuous Delivery philosophies hinge on the ability to move fast through collaboration, automation, and aligning with the flow of the organization. Security needs to be able to make the same transformation.
As a concrete example of applying these approaches to security, we will show how an Attack Driven approach to devops increases transparency and visibility throughout the organization and pairs with the high-throughput philosophies of DevOps and Continuous Delivery. We will engage in defensive systems thinking to change the attack landscape in our favor, while working with the way the business functions and not against it.
From this session, you will:
- Understand the Lean, Agile, and DevOps techniques emerging in organizations today
- Be armed with organizational strategies for bridging devops and security
- Take a defensive systems thinking approach to operations (and development)
- Apply the right detection and monitoring with real-world examples
Ernest Mueller, Karthik Gaekwad, and James Wickett, the Agile Admins (http://theagileadmin.com) delivered this presentation on what's hot in DevOps in 2015 for the BrightTALK Summit. The video is online at https://www.brighttalk.com/webcast/5742/154715
Metrics Driven Development and DevOps - Agile 2014Ernest Mueller
Karthik and I explore the use of metrics in development and DevOps in the form of three Epic Rap Battles of History - Dev vs Ops, Small vs Large Org, and Scrum vs Kanban. With special appearance by Dr. Evil who explains how to use metrics for evil. Presented at Agile 2014.
Lightning talk for DevOpsDays Austin 2013 on taking releases from a 10 week to 1 week cadence. Sorry about the format, had to go from Keynote to PDF and since it was a lightning talk all the actual content's in the notes.
My presentation at the October Agile Austin DevOps SIG about how we implemented DevOps on my team at National Instruments - techniques we used and lessons learned.
A Web architect who doesn't usually use Microsoft technologies explains Microsoft's cloud offering, Azure, in terms that hopefully other UNIX/open source people will understand.
Climate Impact of Software Testing at Nordic Testing DaysKari Kakkonen
My slides at Nordic Testing Days 6.6.2024
Climate impact / sustainability of software testing discussed on the talk. ICT and testing must carry their part of global responsibility to help with the climat warming. We can minimize the carbon footprint but we can also have a carbon handprint, a positive impact on the climate. Quality characteristics can be added with sustainability, and then measured continuously. Test environments can be used less, and in smaller scale and on demand. Test techniques can be used in optimizing or minimizing number of tests. Test automation can be used to speed up testing.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Sudheer Mechineni, Head of Application Frameworks, Standard Chartered Bank
Discover how Standard Chartered Bank harnessed the power of Neo4j to transform complex data access challenges into a dynamic, scalable graph database solution. This keynote will cover their journey from initial adoption to deploying a fully automated, enterprise-grade causal cluster, highlighting key strategies for modelling organisational changes and ensuring robust disaster recovery. Learn how these innovations have not only enhanced Standard Chartered Bank’s data infrastructure but also positioned them as pioneers in the banking sector’s adoption of graph technology.
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex ProofsAlex Pruden
This paper presents Reef, a system for generating publicly verifiable succinct non-interactive zero-knowledge proofs that a committed document matches or does not match a regular expression. We describe applications such as proving the strength of passwords, the provenance of email despite redactions, the validity of oblivious DNS queries, and the existence of mutations in DNA. Reef supports the Perl Compatible Regular Expression syntax, including wildcards, alternation, ranges, capture groups, Kleene star, negations, and lookarounds. Reef introduces a new type of automata, Skipping Alternating Finite Automata (SAFA), that skips irrelevant parts of a document when producing proofs without undermining soundness, and instantiates SAFA with a lookup argument. Our experimental evaluation confirms that Reef can generate proofs for documents with 32M characters; the proofs are small and cheap to verify (under a second).
Paper: https://eprint.iacr.org/2023/1886
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...Neo4j
Leonard Jayamohan, Partner & Generative AI Lead, Deloitte
This keynote will reveal how Deloitte leverages Neo4j’s graph power for groundbreaking digital twin solutions, achieving a staggering 100x performance boost. Discover the essential role knowledge graphs play in successful generative AI implementations. Plus, get an exclusive look at an innovative Neo4j + Generative AI solution Deloitte is developing in-house.
Threats to mobile devices are more prevalent and increasing in scope and complexity. Users of mobile devices desire to take full advantage of the features
available on those devices, but many of the features provide convenience and capability but sacrifice security. This best practices guide outlines steps the users can take to better protect personal devices and information.
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AIVladimir Iglovikov, Ph.D.
Presented by Vladimir Iglovikov:
- https://www.linkedin.com/in/iglovikov/
- https://x.com/viglovikov
- https://www.instagram.com/ternaus/
This presentation delves into the journey of Albumentations.ai, a highly successful open-source library for data augmentation.
Created out of a necessity for superior performance in Kaggle competitions, Albumentations has grown to become a widely used tool among data scientists and machine learning practitioners.
This case study covers various aspects, including:
People: The contributors and community that have supported Albumentations.
Metrics: The success indicators such as downloads, daily active users, GitHub stars, and financial contributions.
Challenges: The hurdles in monetizing open-source projects and measuring user engagement.
Development Practices: Best practices for creating, maintaining, and scaling open-source libraries, including code hygiene, CI/CD, and fast iteration.
Community Building: Strategies for making adoption easy, iterating quickly, and fostering a vibrant, engaged community.
Marketing: Both online and offline marketing tactics, focusing on real, impactful interactions and collaborations.
Mental Health: Maintaining balance and not feeling pressured by user demands.
Key insights include the importance of automation, making the adoption process seamless, and leveraging offline interactions for marketing. The presentation also emphasizes the need for continuous small improvements and building a friendly, inclusive community that contributes to the project's growth.
Vladimir Iglovikov brings his extensive experience as a Kaggle Grandmaster, ex-Staff ML Engineer at Lyft, sharing valuable lessons and practical advice for anyone looking to enhance the adoption of their open-source projects.
Explore more about Albumentations and join the community at:
GitHub: https://github.com/albumentations-team/albumentations
Website: https://albumentations.ai/
LinkedIn: https://www.linkedin.com/company/100504475
Twitter: https://x.com/albumentations
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionAggregage
Join Maher Hanafi, VP of Engineering at Betterworks, in this new session where he'll share a practical framework to transform Gen AI prototypes into impactful products! He'll delve into the complexities of data collection and management, model selection and optimization, and ensuring security, scalability, and responsible use.
GridMate - End to end testing is a critical piece to ensure quality and avoid...ThomasParaiso2
End to end testing is a critical piece to ensure quality and avoid regressions. In this session, we share our journey building an E2E testing pipeline for GridMate components (LWC and Aura) using Cypress, JSForce, FakerJS…
In his public lecture, Christian Timmerer provides insights into the fascinating history of video streaming, starting from its humble beginnings before YouTube to the groundbreaking technologies that now dominate platforms like Netflix and ORF ON. Timmerer also presents provocative contributions of his own that have significantly influenced the industry. He concludes by looking at future challenges and invites the audience to join in a discussion.
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...SOFTTECHHUB
The choice of an operating system plays a pivotal role in shaping our computing experience. For decades, Microsoft's Windows has dominated the market, offering a familiar and widely adopted platform for personal and professional use. However, as technological advancements continue to push the boundaries of innovation, alternative operating systems have emerged, challenging the status quo and offering users a fresh perspective on computing.
One such alternative that has garnered significant attention and acclaim is Nitrux Linux 3.5.0, a sleek, powerful, and user-friendly Linux distribution that promises to redefine the way we interact with our devices. With its focus on performance, security, and customization, Nitrux Linux presents a compelling case for those seeking to break free from the constraints of proprietary software and embrace the freedom and flexibility of open-source computing.
Pushing the limits of ePRTC: 100ns holdover for 100 daysAdtran
At WSTS 2024, Alon Stern explored the topic of parametric holdover and explained how recent research findings can be implemented in real-world PNT networks to achieve 100 nanoseconds of accuracy for up to 100 days.
In the rapidly evolving landscape of technologies, XML continues to play a vital role in structuring, storing, and transporting data across diverse systems. The recent advancements in artificial intelligence (AI) present new methodologies for enhancing XML development workflows, introducing efficiency, automation, and intelligent capabilities. This presentation will outline the scope and perspective of utilizing AI in XML development. The potential benefits and the possible pitfalls will be highlighted, providing a balanced view of the subject.
We will explore the capabilities of AI in understanding XML markup languages and autonomously creating structured XML content. Additionally, we will examine the capacity of AI to enrich plain text with appropriate XML markup. Practical examples and methodological guidelines will be provided to elucidate how AI can be effectively prompted to interpret and generate accurate XML markup.
Further emphasis will be placed on the role of AI in developing XSLT, or schemas such as XSD and Schematron. We will address the techniques and strategies adopted to create prompts for generating code, explaining code, or refactoring the code, and the results achieved.
The discussion will extend to how AI can be used to transform XML content. In particular, the focus will be on the use of AI XPath extension functions in XSLT, Schematron, Schematron Quick Fixes, or for XML content refactoring.
The presentation aims to deliver a comprehensive overview of AI usage in XML development, providing attendees with the necessary knowledge to make informed decisions. Whether you’re at the early stages of adopting AI or considering integrating it in advanced XML development, this presentation will cover all levels of expertise.
By highlighting the potential advantages and challenges of integrating AI with XML development tools and languages, the presentation seeks to inspire thoughtful conversation around the future of XML development. We’ll not only delve into the technical aspects of AI-powered XML development but also discuss practical implications and possible future directions.
4. Amazon EC2, Rackspace, VMWare,
Verizon, Terremark, IBM, everyone else
with a data center
Move infrastructure off premise, focus on
value added operations
Usually multitenant virtualized hosting,
REST API driven near-instant
provisioning to scale, utility billing
5. Salesforce.com, Google Apps, Zoho,
MobileMe, everyone else with some
developers
Bringing the convenience of consumer
apps to the world of business apps
You’ve been doing this forever
(ADT/Paychex, credit card processors)
6. force.com, Microsoft Azure, Google App
Engine, Heroku, Code2Cloud
Develop apps without needing to mess
with the plumbing
The most newfangled
7. Private Cloud
Virtual Private Cloud
Hybrid Cloud/Cloudbursting
This Cloud, That Cloud
cloud + mobile + social + agile = EaaS?
8. “Cloud? I’ve been doing
that since 1988. It’s just
the same old thing with a
new name."
- Technohipster
9. Pretty new:
multitenant
massively scalable
elastic self provisioning
pay as you go
Resulting benefits:
agility
economy of scale
low initial investment
scalable cost/opex
resilience
easy delivery
Not new:
virtualization
outsourcing
integration
interwebz
10. Centralization ->
Delegation, Federation
• "I own it all and control it all" is a myth
• Auditable standards, open protocols
• SLAs are worthless when it matters
• “Cloud computing is about gracefully losing control
while maintaining accountability” -CSA
Outsourcing is Scary!
• Not Hosted Here
Syndrome
• SLAs/contracts vs.
"firing someone"
• Enemy ninjas
• Legal discovery
11. “I'd rather trust someone
I've never met than the
guys in IT.”
- Developer
13. Too bad!
Gartner reports that 39% of respondents worldwide are budgeting
money to spend on cloud
Cloud computing is already 10% of total IT services budgets
Cloud is the future of computing
If you make it into security “versus” business outcome – you lose!
Luckily, it doesn’t have to be that way
Sure, there’s security stuff to manage around the cloud, just like
anything
But here’s why the cloud can improve your security posture, and
how it can help you do your job!
14. Globally distributed data centers with
multiple availability zones per region
Data centers: unmarked separate
buildings, biometrics, access logging.
SAS 70 Type II, ISO 27001 in progress
S3 Storage: highly redundant storage,
control over global distribution
Disks are zeroed out post-use
EC2 Instances: image based VMs
15. Security Groups – like a software
firewall integrated down to the
hypervisor
Amazon ops staff can’t see within
your VM or memory
VPC for private only instances
Key crypto for machine access
Multifactor auth available
“Bring your own key”
16. Employee vetting procedures
Big security department
Other products - RDS, SNS, SimpleDB,
SQS, monitoring, CDN, etc.
Via a console or API, you instantiate
instances from images, provision
storage and network, set access keys,
make copies, terminate assets
17. Highly Dynamic - IP addresses,
number of servers, etc. change at will
Key Management
Image Management
Encryption of stored data (“Do it”)
Identity Management
Poindextery Cross-VM Attacks
People Who Don’t Get It Yet
Enthusiasm + Immature Vendors
19. You have to ask – “More secure than
what?”
It’s less secure than your mental
model of the perfectly secure system
Which does not exist really – you
need to compare it to the real
security you have going in your
current shop as it stands and see if
it’s better or worse.
In many cases it’s better.
20.
21. the proof is in the pudding
mmm… pudding
let’s see how the cloud and
one large IT shop compare
22. in IT, our online
catalog 30 day
availability: 98.59%
in the cloud, 30 day
availability: 100.0%
23. in IT, our internal DMZ
implementation – 5
years and counting
in the cloud – a defined
DMZ around every
single server role
24. in IT, our DR plan is “Pray”
in the cloud, the time to
have our entire system
built from scratch in
another region is 2 hours
25. in IT, our transport
security can be described
by “telnet’s secure, right?”
and “HTTPS? Not in our
version of Oracle!”
in the cloud, SSL is
everywhere, all logins are
certed
26. in IT, we have to “scan”
to “discover” our assets
and their OS levels
in the cloud, we create
our systems from a
defined model
programmatically
27. in the cloud, we alert if
anyone logs into a
server, it’s so rare
in the cloud, if a box is
suspect we crumple it
up and throw it away
(you can make a copy)
28.
29. is this an unfair comparison?
what is “fair?”
the only meaningful
question is “with my new
app, where objectively is it
better off?”
30. the cloud gives superpowers
to the little guy
intense resilience
cloud backup
near automatic DR
open standards
APIs and scale drive self service
31. many cloud providers have more
security staff than you do
you benefit from the security
requirements of all their other
customers
managed security service integration
is a compelling product
security is a differentiator in the
space and suppliers are chasing it
32. better architecture –
“sharing is the devil”
utility billing drives
sunsetting of old apps/systems
security SaaS products make
enterprise level security accessible
acknowledges reality – devices,
networks, data are everywhere
36. how can you be cloud friendly?
automation
self service
collaboration
fix the tools
extend your reach
make encryption easy
focus on outcomes
37. Remember “port knocking?”
With model driven automation
(“infrastructure as code”) you can
create firewall holes, provision user
accounts, etc. in real time and remove
them once they’re done being used
If it’s self service, it’s more auditable
than “ask a network admin”
38. Increased trend driven by agile
development towards tight
collaboration between developers and
operations staff
Be the “security buddy”
Embed with projects, don’t be a
seagull
By understanding, be understood
How secure are things usually when
people and teams all work separately?
39. Dynamic nature of cloud poses
challenges for old tools
Encryption is still stupid hard – check
out grendel, and maybe homomorphic
encryption will rescue us
Note all the “Security as a Service”
offerings springing up- was spam
filtering and scanning, now it’s code
analysis (Veracode, Fortify), IAM
(PingIdentity), virus scan (McAfee), etc.
40. Focus on real security
Naturally it’ll take time for compliance
standards to get with the times – but
don’t assume it can’t be compliant –
some of your auditors have actually
heard of VMs and know what to do
FUD doesn’t benefit anyone – figuring
out how to “make it happen” –
securely – benefits everyone.