Cryptography is the invisible layer protecting everything around us. As software engineers, we are required to have some understanding of cryptography. Most of us only have a cursory understanding. Let’s dive deep into algorithms and modes for encryption, digital signatures, hashing, and key derivation. To get the most from this presentation, it is expected that you have a basic understanding of cryptography.
Dutch PHP 2018 - Cryptography for BeginnersAdam Englander
Cryptography is a complex and confusing subject. In this talk you will learn about the core components of cryptography used in software development: securing data with encryption, ensuring data integrity with hashes and digital signatures, and protecting passwords with key derivation functions. While learning how to use these components, you will also learn the best practices that drive strong cryptography. This talk won’t make you a cryptography expert but it will give you the knowledge necessary to use cryptography properly. No prior knowledge of cryptography is required for this presentation.
0 to 31337 Real Quick: Lessons Learned by Reversing the Flare-On ChallengeBlaine Stancill
Malware reverse engineering challenges are a great way to keep reversing skills sharp and learn new techniques. The Flare-On Challenge is one of the most difficult and respected ones out there. Participants must complete ten unique challenges of increasing sophistication over a six-week period. Only 17 people in the US successfully completed this year's challenge, including the two of us. In this presentation, we'll familiarize reversers and non-reversers alike with how to approach challenge problems, and arm them with tools and tricks to successfully solve the types of problems they regularly see. These techniques not only helped solve this year's Flare-On problems, but more importantly, have real-world applicability. Many of the tools and techniques needed to complete the Flare-On challenge are key to understanding and reversing actual sophisticated malware, such as those used by APTs. We'll walk through how we solved several of the most relevant and creative challenges, providing the audience unique reversing insights that can help both experienced reversers and non-reversers augment their skill sets.
Gain a practical understanding of how to integrate AI capabilities into your PHP projects with examples from the leading sources of hosted AI: OpenAI and Hugging Face. Armed with this knowledge, you can unlock new possibilities for intelligent, dynamic, and user-centric PHP applications that leverage the power of Artificial Intelligence.
So, join us for this transformative journey as we bridge the gap between PHP and AI, opening the door to a world of smarter and more innovative web applications.
Dutch PHP 2018 - Cryptography for BeginnersAdam Englander
Cryptography is a complex and confusing subject. In this talk you will learn about the core components of cryptography used in software development: securing data with encryption, ensuring data integrity with hashes and digital signatures, and protecting passwords with key derivation functions. While learning how to use these components, you will also learn the best practices that drive strong cryptography. This talk won’t make you a cryptography expert but it will give you the knowledge necessary to use cryptography properly. No prior knowledge of cryptography is required for this presentation.
0 to 31337 Real Quick: Lessons Learned by Reversing the Flare-On ChallengeBlaine Stancill
Malware reverse engineering challenges are a great way to keep reversing skills sharp and learn new techniques. The Flare-On Challenge is one of the most difficult and respected ones out there. Participants must complete ten unique challenges of increasing sophistication over a six-week period. Only 17 people in the US successfully completed this year's challenge, including the two of us. In this presentation, we'll familiarize reversers and non-reversers alike with how to approach challenge problems, and arm them with tools and tricks to successfully solve the types of problems they regularly see. These techniques not only helped solve this year's Flare-On problems, but more importantly, have real-world applicability. Many of the tools and techniques needed to complete the Flare-On challenge are key to understanding and reversing actual sophisticated malware, such as those used by APTs. We'll walk through how we solved several of the most relevant and creative challenges, providing the audience unique reversing insights that can help both experienced reversers and non-reversers augment their skill sets.
Gain a practical understanding of how to integrate AI capabilities into your PHP projects with examples from the leading sources of hosted AI: OpenAI and Hugging Face. Armed with this knowledge, you can unlock new possibilities for intelligent, dynamic, and user-centric PHP applications that leverage the power of Artificial Intelligence.
So, join us for this transformative journey as we bridge the gap between PHP and AI, opening the door to a world of smarter and more innovative web applications.
With the dominance of Mobile Apps, Single Page Apps for the Web, and Micro-Services, we are all building more APIs than ever before. Like many other developers, I had struggled with finding the right mix of security and simplicity for securing APIs. Some standards from the IETF have made it possible to accomplish both. Let me show you how to utilize existing libraries to lock down you API without writing a ton of code.
In this tutorial, you will learn how to write a secure API with future proof security utilizing JOSE. JOSE is a collection of complimentary standards: JWT, JWE, JWS, JWA, and JWK. JOSE is used by OAuth, OpenID, and others to secure communications between APIs and consumers. Now you can use it to secure your API.
Threat Modeling for Dummies - Cascadia PHP 2018Adam Englander
No developer wants to be responsible for a major data breach. Unfortunately, when it comes to application security, most developers have more questions than answers. How do I get started? Who should I be protecting against? How much security is enough? Is there a best practice to follow? In less than an hour, I will give you the tools you need to begin integrating threat modeling into your existing application lifecycle. Start building secure applications today.
php[tek] 2108 - Cryptography Advances in PHP 7.2Adam Englander
There were some pretty substantial cryptography advances in PHP 7.2. Most of these changes were made to make advanced cryptography easier to use. That’s a good thing for developers and end users alike. The addition of libsodium is a game changer. It makes synchronous and asynchronous cryptography a no-brainer and adds better hashing than we've ever had. Argon2i for passwords is pretty substantial as well. We’ll go over the changes and have some practical examples of each. Developers need to know about these advances and just how awesome they are.
php[tek] 2018 - Biometrics, fantastic failure point of the futureAdam Englander
This presentation attempts to prepare developers for the coming storm of biometric authentication. It is coming; for many, it is already here. Unfortunately, few of us have been prepared to select tools for utilizing biometric authentication properly. In this presentation, Adam Englander will express the special dangers of biometrics with regards to lifespan and storage. Due to the user's inability to change a biomteric, it is much more valuable to bad actors as the lifespan will undoubtedly exceed the lifespan of the cryptography. Any biometric database stolen today will likely be able to be cracked by the average computer in 20 years. This creates a unique problem many of us have not had to tackle before. We need a different mindset when thinking about biometrics. This presentation will try and give that much-needed perspective.
Biometric identification might be more secure than passwords, but it’s still vulnerable to hacking. Why not hold up a photograph of the phone owner to fool the new facial recognition system? In this presentation, Adam Englander will walk through the risks and dangers of leveraging biometrics for user authentication, and why we all should be thinking twice about it.
With the dominance of Mobile Apps, Single Page Apps for the Web, and Micro-Services, we are all building more APIs than ever before. Like many other developers, I had struggled with finding the right mix of security and simplicity for securing APIs. Some standards from the IETF have made it possible to accomplish both. Let me show you how to utilize existing libraries to lock down you API without writing a ton of code.
In this tutorial, you will learn how to write a secure API with future proof security utilizing JOSE. JOSE is a collection of complimentary standards: JWT, JWE, JWS, JWA, and JWK. JOSE is used by OAuth, OpenID, and others to secure communications between APIs and consumers. Now you can use it to secure your API.
With the dominance of Mobile Apps, Single Page Apps for the Web, and Micro-Services, we are all building more APIs than ever before. Like many other developers, I had struggled with finding the right mix of security and simplicity for securing APIs. Some standards from the IETF have made it possible to accomplish both. Let me show you how to utilize existing libraries to lock down you API without writing a ton of code.
Cryptography for Beginners - Midwest PHP 2018Adam Englander
Cryptography is a complex and confusing subject. In this talk you will learn about the core components of cryptography used in software development: securing data with encryption, ensuring data integrity with hashes and digital signatures, and protecting passwords with key derivation functions. While learning how to use these components, you will also learn the best practices that drive strong cryptography. This talk won’t make you a cryptography expert but it will give you the knowledge necessary to use cryptography properly. No prior knowledge of cryptography is required for this presentation.
Cryptography for Beginners - Sunshine PHP 2018Adam Englander
Cryptography is a complex and confusing subject. In this talk you will learn about the core components of cryptography used in software development: securing data with encryption, ensuring data integrity with hashes and digital signatures, and protecting passwords with key derivation functions. While learning how to use these components, you will also learn the best practices that drive strong cryptography . This talk won’t make you a cryptography expert but it will give you the knowledge necessary to use cryptography properly. No prior knowledge of cryptography is required for this presentation.
ConFoo Vancouver 2017 - Biometrics: Fantastic Failure Point of the FutureAdam Englander
Biometrics is all the rage. It has been touted as the best of all possible authentication methods. Very soon, your customers and standards boards will require you to implement some sort of biometric factor for authentication. Before you head down that road, you need to know the pitfalls to avoid before becoming the next big breach in the news. Learn a few tricks to help safely secure biometrics to protect your users.
Con Foo 2017 - Don't Loose Sleep - Secure Your RESTAdam Englander
Are you worried that your REST API may be the next victim of an attack by ruthless hackers? Don't fret. Utilizing the same standards implemented by OAuth 2.0 and OpenID Connect, you can secure your REST API. JSON Object Signing and Encryption (JOSE) is the core of a truly secure standards-based REST API. Let me show you how to ensure the data sent too and received from your API is as safe and secure as is reasonably possible.
Cryptography is a complex and confusing subject. In this session we'll distill PHP encryption down to its essential drivers. You'll learn what makes cryptography weak and strong. You'll learn the important questions to ask when making decisions regarding modules and libraries. This session won’t make you a cryptography expert but it will give you the knowledge necessary to protect your software from attack. No prior knowledge of cryptography is required for this session.
The Red Team, hackers, criminal organizations, and nation states, are a constant threat. The systems we build are the targets. We need to understand the human collateral that hangs in the balance. We embrace methodologies to write better code and make our lives better. They do nothing for the rest of humanity that is directly affected by security vulnerabilities we introduce. In this session we'll put a human face on the users of our software. It will challenge you to think in terms of flesh and blood rather than ones and zeros. We are all the Blue Team. We protect the rest of humanity. Join us in the fight. The Red Team is coming!
Asynchronous software development is rapidly moving from the niche to the mainstream. That mainstream now includes PHP. This workshop will give you hands on instruction in building an asynchronous application in PHP. We'll build a Twitter Bot utilizing the Amp concurrency framework for PHP and the Twitter Streaming API. During this time you'll learn the basics regarding the Amp event loop, generators and co-routines, and writing non-blocking code. Get ready for the future of PHP today.
Symfony Live San Franciso 2017 - BDD API Development with Symfony and BehatAdam Englander
BDD API Development with Symfony and Behat You may have built an API in Symfony before. You may have even written some browser tests in Beta. Did you ever consider using Behat to write integration tests for your API? If not, you definitely should. The portability and reusability of Behat steps make it the perfect platform for API integration tests. The Symfony kernel integration for Behat and absence of JavaScript in an API makes this match made in heaven. Pull up a cloud and let me show you the pure awesomeness that is BDD API Development with Symfony and Behat.
Coder Cruise 2017 - The Red Team Is ComingAdam Englander
The Red Team, hackers, criminal organizations, and nation states, are a constant threat. The systems we build are the targets. We need to understand the human collateral that hangs in the balance. We embrace methodologies to write better code and make our lives better. They do nothing for the rest of humanity that is directly affected by security vulnerabilities we introduce. In this presentation, I will put a human face on the users of our software. I will challenge you to think in terms of flesh and blood rather than ones and zeros. We are all the Blue Team. We protect the rest of humanity. Join me in the fight. The Red Team is coming!
Many developers struggle with how to properly secure REST APIs. If you are like me, you followed a process from a trusted provider like Amazon, Google, etc. What if I told you there was a better way? It’s JOSE, a collection of open standards from the IETF that has strong library support. It’s also the basis of OAuth 2.0 and OpenID Connect. Let me show you how to make a highly secure API for today and well into the future built on the framework of JOSE.
Build a bot workshop async primer - php[tek]Adam Englander
Asynchronous software development is rapidly moving from the niche to the mainstream. That mainstream now includes PHP. This workshop will give you hands-on instruction in building an asynchronous application in PHP. We will build a Twitter bot utilizing the Amp concurrency framework for PHP and the Twitter Streaming API. During this time you will learn the basics regarding the Amp event loop, generators and co-routines, and writing non-blocking code. Get ready for the future of PHP today.
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...Neo4j
Leonard Jayamohan, Partner & Generative AI Lead, Deloitte
This keynote will reveal how Deloitte leverages Neo4j’s graph power for groundbreaking digital twin solutions, achieving a staggering 100x performance boost. Discover the essential role knowledge graphs play in successful generative AI implementations. Plus, get an exclusive look at an innovative Neo4j + Generative AI solution Deloitte is developing in-house.
With the dominance of Mobile Apps, Single Page Apps for the Web, and Micro-Services, we are all building more APIs than ever before. Like many other developers, I had struggled with finding the right mix of security and simplicity for securing APIs. Some standards from the IETF have made it possible to accomplish both. Let me show you how to utilize existing libraries to lock down you API without writing a ton of code.
In this tutorial, you will learn how to write a secure API with future proof security utilizing JOSE. JOSE is a collection of complimentary standards: JWT, JWE, JWS, JWA, and JWK. JOSE is used by OAuth, OpenID, and others to secure communications between APIs and consumers. Now you can use it to secure your API.
Threat Modeling for Dummies - Cascadia PHP 2018Adam Englander
No developer wants to be responsible for a major data breach. Unfortunately, when it comes to application security, most developers have more questions than answers. How do I get started? Who should I be protecting against? How much security is enough? Is there a best practice to follow? In less than an hour, I will give you the tools you need to begin integrating threat modeling into your existing application lifecycle. Start building secure applications today.
php[tek] 2108 - Cryptography Advances in PHP 7.2Adam Englander
There were some pretty substantial cryptography advances in PHP 7.2. Most of these changes were made to make advanced cryptography easier to use. That’s a good thing for developers and end users alike. The addition of libsodium is a game changer. It makes synchronous and asynchronous cryptography a no-brainer and adds better hashing than we've ever had. Argon2i for passwords is pretty substantial as well. We’ll go over the changes and have some practical examples of each. Developers need to know about these advances and just how awesome they are.
php[tek] 2018 - Biometrics, fantastic failure point of the futureAdam Englander
This presentation attempts to prepare developers for the coming storm of biometric authentication. It is coming; for many, it is already here. Unfortunately, few of us have been prepared to select tools for utilizing biometric authentication properly. In this presentation, Adam Englander will express the special dangers of biometrics with regards to lifespan and storage. Due to the user's inability to change a biomteric, it is much more valuable to bad actors as the lifespan will undoubtedly exceed the lifespan of the cryptography. Any biometric database stolen today will likely be able to be cracked by the average computer in 20 years. This creates a unique problem many of us have not had to tackle before. We need a different mindset when thinking about biometrics. This presentation will try and give that much-needed perspective.
Biometric identification might be more secure than passwords, but it’s still vulnerable to hacking. Why not hold up a photograph of the phone owner to fool the new facial recognition system? In this presentation, Adam Englander will walk through the risks and dangers of leveraging biometrics for user authentication, and why we all should be thinking twice about it.
With the dominance of Mobile Apps, Single Page Apps for the Web, and Micro-Services, we are all building more APIs than ever before. Like many other developers, I had struggled with finding the right mix of security and simplicity for securing APIs. Some standards from the IETF have made it possible to accomplish both. Let me show you how to utilize existing libraries to lock down you API without writing a ton of code.
In this tutorial, you will learn how to write a secure API with future proof security utilizing JOSE. JOSE is a collection of complimentary standards: JWT, JWE, JWS, JWA, and JWK. JOSE is used by OAuth, OpenID, and others to secure communications between APIs and consumers. Now you can use it to secure your API.
With the dominance of Mobile Apps, Single Page Apps for the Web, and Micro-Services, we are all building more APIs than ever before. Like many other developers, I had struggled with finding the right mix of security and simplicity for securing APIs. Some standards from the IETF have made it possible to accomplish both. Let me show you how to utilize existing libraries to lock down you API without writing a ton of code.
Cryptography for Beginners - Midwest PHP 2018Adam Englander
Cryptography is a complex and confusing subject. In this talk you will learn about the core components of cryptography used in software development: securing data with encryption, ensuring data integrity with hashes and digital signatures, and protecting passwords with key derivation functions. While learning how to use these components, you will also learn the best practices that drive strong cryptography. This talk won’t make you a cryptography expert but it will give you the knowledge necessary to use cryptography properly. No prior knowledge of cryptography is required for this presentation.
Cryptography for Beginners - Sunshine PHP 2018Adam Englander
Cryptography is a complex and confusing subject. In this talk you will learn about the core components of cryptography used in software development: securing data with encryption, ensuring data integrity with hashes and digital signatures, and protecting passwords with key derivation functions. While learning how to use these components, you will also learn the best practices that drive strong cryptography . This talk won’t make you a cryptography expert but it will give you the knowledge necessary to use cryptography properly. No prior knowledge of cryptography is required for this presentation.
ConFoo Vancouver 2017 - Biometrics: Fantastic Failure Point of the FutureAdam Englander
Biometrics is all the rage. It has been touted as the best of all possible authentication methods. Very soon, your customers and standards boards will require you to implement some sort of biometric factor for authentication. Before you head down that road, you need to know the pitfalls to avoid before becoming the next big breach in the news. Learn a few tricks to help safely secure biometrics to protect your users.
Con Foo 2017 - Don't Loose Sleep - Secure Your RESTAdam Englander
Are you worried that your REST API may be the next victim of an attack by ruthless hackers? Don't fret. Utilizing the same standards implemented by OAuth 2.0 and OpenID Connect, you can secure your REST API. JSON Object Signing and Encryption (JOSE) is the core of a truly secure standards-based REST API. Let me show you how to ensure the data sent too and received from your API is as safe and secure as is reasonably possible.
Cryptography is a complex and confusing subject. In this session we'll distill PHP encryption down to its essential drivers. You'll learn what makes cryptography weak and strong. You'll learn the important questions to ask when making decisions regarding modules and libraries. This session won’t make you a cryptography expert but it will give you the knowledge necessary to protect your software from attack. No prior knowledge of cryptography is required for this session.
The Red Team, hackers, criminal organizations, and nation states, are a constant threat. The systems we build are the targets. We need to understand the human collateral that hangs in the balance. We embrace methodologies to write better code and make our lives better. They do nothing for the rest of humanity that is directly affected by security vulnerabilities we introduce. In this session we'll put a human face on the users of our software. It will challenge you to think in terms of flesh and blood rather than ones and zeros. We are all the Blue Team. We protect the rest of humanity. Join us in the fight. The Red Team is coming!
Asynchronous software development is rapidly moving from the niche to the mainstream. That mainstream now includes PHP. This workshop will give you hands on instruction in building an asynchronous application in PHP. We'll build a Twitter Bot utilizing the Amp concurrency framework for PHP and the Twitter Streaming API. During this time you'll learn the basics regarding the Amp event loop, generators and co-routines, and writing non-blocking code. Get ready for the future of PHP today.
Symfony Live San Franciso 2017 - BDD API Development with Symfony and BehatAdam Englander
BDD API Development with Symfony and Behat You may have built an API in Symfony before. You may have even written some browser tests in Beta. Did you ever consider using Behat to write integration tests for your API? If not, you definitely should. The portability and reusability of Behat steps make it the perfect platform for API integration tests. The Symfony kernel integration for Behat and absence of JavaScript in an API makes this match made in heaven. Pull up a cloud and let me show you the pure awesomeness that is BDD API Development with Symfony and Behat.
Coder Cruise 2017 - The Red Team Is ComingAdam Englander
The Red Team, hackers, criminal organizations, and nation states, are a constant threat. The systems we build are the targets. We need to understand the human collateral that hangs in the balance. We embrace methodologies to write better code and make our lives better. They do nothing for the rest of humanity that is directly affected by security vulnerabilities we introduce. In this presentation, I will put a human face on the users of our software. I will challenge you to think in terms of flesh and blood rather than ones and zeros. We are all the Blue Team. We protect the rest of humanity. Join me in the fight. The Red Team is coming!
Many developers struggle with how to properly secure REST APIs. If you are like me, you followed a process from a trusted provider like Amazon, Google, etc. What if I told you there was a better way? It’s JOSE, a collection of open standards from the IETF that has strong library support. It’s also the basis of OAuth 2.0 and OpenID Connect. Let me show you how to make a highly secure API for today and well into the future built on the framework of JOSE.
Build a bot workshop async primer - php[tek]Adam Englander
Asynchronous software development is rapidly moving from the niche to the mainstream. That mainstream now includes PHP. This workshop will give you hands-on instruction in building an asynchronous application in PHP. We will build a Twitter bot utilizing the Amp concurrency framework for PHP and the Twitter Streaming API. During this time you will learn the basics regarding the Amp event loop, generators and co-routines, and writing non-blocking code. Get ready for the future of PHP today.
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...Neo4j
Leonard Jayamohan, Partner & Generative AI Lead, Deloitte
This keynote will reveal how Deloitte leverages Neo4j’s graph power for groundbreaking digital twin solutions, achieving a staggering 100x performance boost. Discover the essential role knowledge graphs play in successful generative AI implementations. Plus, get an exclusive look at an innovative Neo4j + Generative AI solution Deloitte is developing in-house.
UiPath Test Automation using UiPath Test Suite series, part 6DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 6. In this session, we will cover Test Automation with generative AI and Open AI.
UiPath Test Automation with generative AI and Open AI webinar offers an in-depth exploration of leveraging cutting-edge technologies for test automation within the UiPath platform. Attendees will delve into the integration of generative AI, a test automation solution, with Open AI advanced natural language processing capabilities.
Throughout the session, participants will discover how this synergy empowers testers to automate repetitive tasks, enhance testing accuracy, and expedite the software testing life cycle. Topics covered include the seamless integration process, practical use cases, and the benefits of harnessing AI-driven automation for UiPath testing initiatives. By attending this webinar, testers, and automation professionals can gain valuable insights into harnessing the power of AI to optimize their test automation workflows within the UiPath ecosystem, ultimately driving efficiency and quality in software development processes.
What will you get from this session?
1. Insights into integrating generative AI.
2. Understanding how this integration enhances test automation within the UiPath platform
3. Practical demonstrations
4. Exploration of real-world use cases illustrating the benefits of AI-driven test automation for UiPath
Topics covered:
What is generative AI
Test Automation with generative AI and Open AI.
UiPath integration with generative AI
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Removing Uninteresting Bytes in Software FuzzingAftab Hussain
Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process.
In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds.
- These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.
Sudheer Mechineni, Head of Application Frameworks, Standard Chartered Bank
Discover how Standard Chartered Bank harnessed the power of Neo4j to transform complex data access challenges into a dynamic, scalable graph database solution. This keynote will cover their journey from initial adoption to deploying a fully automated, enterprise-grade causal cluster, highlighting key strategies for modelling organisational changes and ensuring robust disaster recovery. Learn how these innovations have not only enhanced Standard Chartered Bank’s data infrastructure but also positioned them as pioneers in the banking sector’s adoption of graph technology.
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AIVladimir Iglovikov, Ph.D.
Presented by Vladimir Iglovikov:
- https://www.linkedin.com/in/iglovikov/
- https://x.com/viglovikov
- https://www.instagram.com/ternaus/
This presentation delves into the journey of Albumentations.ai, a highly successful open-source library for data augmentation.
Created out of a necessity for superior performance in Kaggle competitions, Albumentations has grown to become a widely used tool among data scientists and machine learning practitioners.
This case study covers various aspects, including:
People: The contributors and community that have supported Albumentations.
Metrics: The success indicators such as downloads, daily active users, GitHub stars, and financial contributions.
Challenges: The hurdles in monetizing open-source projects and measuring user engagement.
Development Practices: Best practices for creating, maintaining, and scaling open-source libraries, including code hygiene, CI/CD, and fast iteration.
Community Building: Strategies for making adoption easy, iterating quickly, and fostering a vibrant, engaged community.
Marketing: Both online and offline marketing tactics, focusing on real, impactful interactions and collaborations.
Mental Health: Maintaining balance and not feeling pressured by user demands.
Key insights include the importance of automation, making the adoption process seamless, and leveraging offline interactions for marketing. The presentation also emphasizes the need for continuous small improvements and building a friendly, inclusive community that contributes to the project's growth.
Vladimir Iglovikov brings his extensive experience as a Kaggle Grandmaster, ex-Staff ML Engineer at Lyft, sharing valuable lessons and practical advice for anyone looking to enhance the adoption of their open-source projects.
Explore more about Albumentations and join the community at:
GitHub: https://github.com/albumentations-team/albumentations
Website: https://albumentations.ai/
LinkedIn: https://www.linkedin.com/company/100504475
Twitter: https://x.com/albumentations
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!SOFTTECHHUB
As the digital landscape continually evolves, operating systems play a critical role in shaping user experiences and productivity. The launch of Nitrux Linux 3.5.0 marks a significant milestone, offering a robust alternative to traditional systems such as Windows 11. This article delves into the essence of Nitrux Linux 3.5.0, exploring its unique features, advantages, and how it stands as a compelling choice for both casual users and tech enthusiasts.
GridMate - End to end testing is a critical piece to ensure quality and avoid...ThomasParaiso2
End to end testing is a critical piece to ensure quality and avoid regressions. In this session, we share our journey building an E2E testing pipeline for GridMate components (LWC and Aura) using Cypress, JSForce, FakerJS…
Communications Mining Series - Zero to Hero - Session 1DianaGray10
This session provides introduction to UiPath Communication Mining, importance and platform overview. You will acquire a good understand of the phases in Communication Mining as we go over the platform with you. Topics covered:
• Communication Mining Overview
• Why is it important?
• How can it help today’s business and the benefits
• Phases in Communication Mining
• Demo on Platform overview
• Q/A
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
A tale of scale & speed: How the US Navy is enabling software delivery from l...sonjaschweigert1
Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved:
- Reduction in onboarding time from 5 weeks to 1 day
- Improved developer experience and productivity through actionable findings and reduction of false positives
- Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO)
Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production.
We will cover:
- How to remove silos in DevSecOps
- How to build efficient development pipeline roles and component templates
- How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence)
- How to streamline operations with automated policy checks on container images
Threats to mobile devices are more prevalent and increasing in scope and complexity. Users of mobile devices desire to take full advantage of the features
available on those devices, but many of the features provide convenience and capability but sacrifice security. This best practices guide outlines steps the users can take to better protect personal devices and information.
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionAggregage
Join Maher Hanafi, VP of Engineering at Betterworks, in this new session where he'll share a practical framework to transform Gen AI prototypes into impactful products! He'll delve into the complexities of data collection and management, model selection and optimization, and ensuring security, scalability, and responsible use.
167. @adam_englander
Msg
block 1
Msg
block 2
Msg
block n
XForm
block 1
XForm
block 2
XForm
block n
Static
IV
Compr
Result
Compr
Result
Compr
Result
Hash
Compression
Transformation
F
I
N
Merkle–Damgård
MD5/SHA1/SHA2
168. @adam_englander
Msg
block 1
Msg
block 2
Msg
block n
XForm
block 1
XForm
block 2
XForm
block n
Static
IV
Compr
Result
Compr
Result
Compr
Result
Hash
Compression
Transformation
F
I
N
Merkle–Damgård
MD5/SHA1/SHA2
169. @adam_englander
Msg
block 1
Msg
block 2
Msg
block n
XForm
block 1
XForm
block 2
XForm
block n
Static
IV
Compr
Result
Compr
Result
Compr
Result
Hash
Compression
Transformation
F
I
N
Merkle–Damgård
MD5/SHA1/SHA2
170. @adam_englander
Msg
block 1
Msg
block 2
Msg
block n
XForm
block 1
XForm
block 2
XForm
block n
Static
IV
Compr
Result
Compr
Result
Compr
Result
Hash
Compression
F
I
N
Merkle–Damgård
MD5/SHA1/SHA2
Transformation
171. @adam_englander
Msg
block 1
Msg
block 2
Msg
block n
XForm
block 1
XForm
block 2
XForm
block n
Static
IV
Compr
Result
Compr
Result
Compr
Result
Hash
Compression
F
I
N
Merkle–Damgård
MD5/SHA1/SHA2
Transformation
172. @adam_englander
Msg
block 1
Msg
block 2
Msg
block n
XForm
block 1
XForm
block 2
XForm
block n
Static
IV
Compr
Result
Compr
Result
Compr
Result
Hash
Compression
F
I
N
Merkle–Damgård
MD5/SHA1/SHA2
Transformation
173. @adam_englander
Msg
block 1
Msg
block 2
Msg
block n
XForm
block 1
XForm
block 2
XForm
block n
Static
IV
Compr
Result
Compr
Result
Compr
Result
Hash
Compression
F
I
N
Merkle–Damgård
MD5/SHA1/SHA2
Transformation
174. @adam_englander
Msg
block 1
Msg
block 2
Msg
block n
XForm
block 1
XForm
block 2
XForm
block n
Static
IV
Compr
Result
Compr
Result
Compr
Result
Hash
Compression
F
I
N
Merkle–Damgård
MD5/SHA1/SHA2
Transformation