Detection, Response and the Azazel Rootkit

•

2 likes•3,943 views

Detection, Response and the Azazel Rootkit

Detection, Response and the
Azazel Rootkit
Continuous Monitoring for Elastic
Infrastructure
!
Wednesday, March 19th, 2014
!

Topics
‣ Deﬁning Purpose Built for the Cloud
‣ The Cloud Threat Landscape
‣ Cloud Security is a Shared Responsibility
‣ Introducing Cloud Sight
‣ Detecting the Azazel rootkit with Continuous
Monitoring
‣ Q & A

Agility Driving Cloud Adoption But
Security Concerns Remain
As reported by Right Scale: http://www.rightscale.com/pdf/rightscale-state-of-the-cloud-report-2013.pdf

Purpose Built Security Solutions are
Required
‣ No customer controlled egres point
‣ Resource intensive agents drive CPU/Hour $
‣ Lack of elasticity
‣ Servers launched with no protection
‣ On-prem designed backend lack scale
‣ Need persistence of forensics data for transient
instances
‣ Manual agent deployment

Cloud Ready, by Design
‣ Easy to deploy within DevOps processes
‣ True Elasticity
‣ Native Elastic Beanstalk support
‣ Big data backend enables scale, analytics, and IR
forensics
‣ Linux sensors, not agents
‣ Continuous v. real-time monitoring
‣ Resource friendly
!

The Cloud Threat Landscape
• Publicly Accessible
!
• You don’t control the hardware
!
• Linux / Open Source Software

Cloud Security is a Shared Responsibility
• It’s not the cloud providers responsibility to protect your
data.
!
• It’s not all bad - some providers offer some security features.
!
• Continuous monitoring is no longer a luxury but a necessity.

Introducing Cloud Sight
Continuous Monitoring for Elastic
Infrastructure
• Cloud Ready By Design.
!
• Continuos Monitoring for Cloud Assets, Automated
Behavioral Proﬁling.
!
• Server activity does not change as drastically as
desktop endpoints.
!
• Reconstructing the TTY session and gathering
context on all asset behavior is a must.

Cloud Sight in Action
Detecting the Azazel Rootkit

Thank You!
Q & A

More Related Content

What's hot

End-to-End Security Analytics with the Elastic Stack

End-to-End Security Analytics with the Elastic Stack

End-to-End Security Analytics with the Elastic Stack

An in-depth look at how the highest performing cloud is helping real businesses. Join us as we discuss candid and relevant examples of how a secure, performance oriented implementation is positively impacting Zeta Compliance Technologies. We'll cover how the secure FireHost infrastructure was designed from the ground up and fine-tuned with performance in mind, and how those decisions led to it outranking all other cloud providers in third party performance benchmarks.

FireHost Webinar: How a Secure High Performance Cloud Powers Critical Applica...

FireHost Webinar: How a Secure High Performance Cloud Powers Critical Applica...

FireHost Webinar: How a Secure High Performance Cloud Powers Critical Applica...

Overview of Blue Medora - New Relic Plugin for Cisco Nexus

Overview of Blue Medora - New Relic Plugin for Cisco Nexus

Overview of Blue Medora - New Relic Plugin for Cisco Nexus

Reducing Mean Time to Know

Reducing Mean Time to Know

Reducing Mean Time to Know

Overview of Blue Medora - New Relic Plugin for Nutanix

Overview of Blue Medora - New Relic Plugin for Nutanix

Overview of Blue Medora - New Relic Plugin for Nutanix

Ntxissacsc5 blue 2-herding cats and security tools-harold_toomey

Ntxissacsc5 blue 2-herding cats and security tools-harold_toomey

Ntxissacsc5 blue 2-herding cats and security tools-harold_toomey

North Texas Chapter of the ISSA

Cloud Access Security Brokers - What's all the Hype

Cloud Access Security Brokers - What's all the Hype

Cloud Access Security Brokers - What's all the Hype

JoAnna Cheshire

Incident response in Cloud

Incident response in Cloud

Incident response in Cloud

Operations seeking to make their apps and APIs both performant and available to their users must bake effective application security tooling into their processes and infrastructure configurations. How can development and operations teams release at increasing velocity with app protection built into their CI/CD pipeline? A true next-generation, holistic web application and API protection platform does just that: operations teams can integrate security into their workflows and ensure new infrastructure and app code released to production is both effective and secure in any environment from cloud using containers to datacenters to a hybrid of these. Join application security expert Aneel Dadani from Signal Sciences to learn how your team can automate, deploy at scale safely while gaining layer 7 visibility in production environments. Attendees will learn: What constitutes effective application security within the context of cloud adoption and an ever expanding threat landscape How development teams can gain visibility into how their apps and APIs are being used in production and what vulnerabilities may exist that they overlooked How DevOps teams can scale their application footprint to meet demand while securing your codebase in production How to inspect request traffic at the API gateway or the ingress

Automate Your Container Deployments Securely

Automate Your Container Deployments Securely

Automate Your Container Deployments Securely

Firehost Webinar: How a Secure High Performance Cloud Powers Applications

Firehost Webinar: How a Secure High Performance Cloud Powers Applications

Firehost Webinar: How a Secure High Performance Cloud Powers Applications

Construção de uma plataforma de observabilidade centralizada

Construção de uma plataforma de observabilidade centralizada

Construção de uma plataforma de observabilidade centralizada

WestJet Customer Presentation

WestJet Customer Presentation

WestJet Customer Presentation

Elastic APM: Amping up your logs and metrics for the full picture

Elastic APM: Amping up your logs and metrics for the full picture

Elastic APM: Amping up your logs and metrics for the full picture

Elastic SIEM (Endpoint Security)

Elastic SIEM (Endpoint Security)

Elastic SIEM (Endpoint Security)

Keynote: Elastic Security evolution and vision

Keynote: Elastic Security evolution and vision

Keynote: Elastic Security evolution and vision

What is the Future of SIEM?

What is the Future of SIEM?

What is the Future of SIEM?

Die Versicherungsindustrie steht vor großen Herausforderungen: Neben etablierten Prinzipien der Skalenökonomie müssen mehr und mehr Prinzipien der Geschwindigkeits- und Plattformökonomie berücksichtigt werden. Ein wesentlicher Schritt auf dem Weg in eine Geschwindigkeitsökonomie ist die agile Transformation des Unternehmens, um schnelle Reaktionen auf ver ändertes Kundenverhalten ermöglichen. Der Vortrag zeigt, welche Schlüsselrolle Cloud- und Plattformtechnologien in diesem Transformationsprozess einnehmen und wie sich schnell sichtbare Erfolge erzielen lassen.

The need for speed – transforming insurance into a cloud-native industry

The need for speed – transforming insurance into a cloud-native industry

The need for speed – transforming insurance into a cloud-native industry

Josef Adersberger

Keynote: Elastic Observability evolution and vision

Keynote: Elastic Observability evolution and vision

Keynote: Elastic Observability evolution and vision

What's hot (18)

End-to-End Security Analytics with the Elastic Stack

End-to-End Security Analytics with the Elastic Stack

End-to-End Security Analytics with the Elastic Stack

FireHost Webinar: How a Secure High Performance Cloud Powers Critical Applica...

FireHost Webinar: How a Secure High Performance Cloud Powers Critical Applica...

FireHost Webinar: How a Secure High Performance Cloud Powers Critical Applica...

Overview of Blue Medora - New Relic Plugin for Cisco Nexus

Overview of Blue Medora - New Relic Plugin for Cisco Nexus

Overview of Blue Medora - New Relic Plugin for Cisco Nexus

Reducing Mean Time to Know

Reducing Mean Time to Know

Reducing Mean Time to Know

Overview of Blue Medora - New Relic Plugin for Nutanix

Overview of Blue Medora - New Relic Plugin for Nutanix

Overview of Blue Medora - New Relic Plugin for Nutanix

Ntxissacsc5 blue 2-herding cats and security tools-harold_toomey

Ntxissacsc5 blue 2-herding cats and security tools-harold_toomey

Ntxissacsc5 blue 2-herding cats and security tools-harold_toomey

Cloud Access Security Brokers - What's all the Hype

Cloud Access Security Brokers - What's all the Hype

Cloud Access Security Brokers - What's all the Hype

Incident response in Cloud

Incident response in Cloud

Incident response in Cloud

Automate Your Container Deployments Securely

Automate Your Container Deployments Securely

Automate Your Container Deployments Securely

Firehost Webinar: How a Secure High Performance Cloud Powers Applications

Firehost Webinar: How a Secure High Performance Cloud Powers Applications

Firehost Webinar: How a Secure High Performance Cloud Powers Applications

Construção de uma plataforma de observabilidade centralizada

Construção de uma plataforma de observabilidade centralizada

Construção de uma plataforma de observabilidade centralizada

WestJet Customer Presentation

WestJet Customer Presentation

WestJet Customer Presentation

Elastic APM: Amping up your logs and metrics for the full picture

Elastic APM: Amping up your logs and metrics for the full picture

Elastic APM: Amping up your logs and metrics for the full picture

Elastic SIEM (Endpoint Security)

Elastic SIEM (Endpoint Security)

Elastic SIEM (Endpoint Security)

Keynote: Elastic Security evolution and vision

Keynote: Elastic Security evolution and vision

Keynote: Elastic Security evolution and vision

What is the Future of SIEM?

What is the Future of SIEM?

What is the Future of SIEM?

The need for speed – transforming insurance into a cloud-native industry

The need for speed – transforming insurance into a cloud-native industry

The need for speed – transforming insurance into a cloud-native industry

Keynote: Elastic Observability evolution and vision

Keynote: Elastic Observability evolution and vision

Keynote: Elastic Observability evolution and vision

Viewers also liked

Codetainer: a Docker-based browser code 'sandbox'

Codetainer: a Docker-based browser code 'sandbox'

Codetainer: a Docker-based browser code 'sandbox'

Stephen Sadowski - Securely automating infrastructure in the cloud

Stephen Sadowski - Securely automating infrastructure in the cloud

Stephen Sadowski - Securely automating infrastructure in the cloud

Henrique Dantas - API fuzzing using Swagger

Henrique Dantas - API fuzzing using Swagger

Henrique Dantas - API fuzzing using Swagger

Alfredo Reino - Monitoring aws and azure

Alfredo Reino - Monitoring aws and azure

Alfredo Reino - Monitoring aws and azure

Simon Bennetts - Automating ZAP

Simon Bennetts - Automating ZAP

Simon Bennetts - Automating ZAP

Renato Rodrigues - Security in the wild

Renato Rodrigues - Security in the wild

Renato Rodrigues - Security in the wild

Colin Domoney -

Colin Domoney -

Colin Domoney -

Matt carroll - "Security patching system packages is fun" said no-one ever

Matt carroll - "Security patching system packages is fun" said no-one ever

Matt carroll - "Security patching system packages is fun" said no-one ever

Viewers also liked (8)

Codetainer: a Docker-based browser code 'sandbox'

Codetainer: a Docker-based browser code 'sandbox'

Codetainer: a Docker-based browser code 'sandbox'

Stephen Sadowski - Securely automating infrastructure in the cloud

Stephen Sadowski - Securely automating infrastructure in the cloud

Stephen Sadowski - Securely automating infrastructure in the cloud

Henrique Dantas - API fuzzing using Swagger

Henrique Dantas - API fuzzing using Swagger

Henrique Dantas - API fuzzing using Swagger

Alfredo Reino - Monitoring aws and azure

Alfredo Reino - Monitoring aws and azure

Alfredo Reino - Monitoring aws and azure

Simon Bennetts - Automating ZAP

Simon Bennetts - Automating ZAP

Simon Bennetts - Automating ZAP

Renato Rodrigues - Security in the wild

Renato Rodrigues - Security in the wild

Renato Rodrigues - Security in the wild

Colin Domoney -

Colin Domoney -

Colin Domoney -

Matt carroll - "Security patching system packages is fun" said no-one ever

Matt carroll - "Security patching system packages is fun" said no-one ever

Matt carroll - "Security patching system packages is fun" said no-one ever

Similar to Detection, Response and the Azazel Rootkit

Cloud is a new frontier that requires new architectures, higher velocity processes and crisper business-level metrics—all of which smacks security programs square in the face. This session will leverage the nearly 20 years of the speakers’ combined cloud experience to lay out a complete strategy for building out a cloud-first security program that covers infrastructure and application development. (Source: RSA Conference USA 2018)

Building and Adopting a Cloud-Native Security Program

Building and Adopting a Cloud-Native Security Program

Building and Adopting a Cloud-Native Security Program

AWS TechConnect 2018 - Container Adoption

AWS TechConnect 2018 - Container Adoption

AWS TechConnect 2018 - Container Adoption

Presentacion de solucion cloud de navegacion segura

Presentacion de solucion cloud de navegacion segura

Presentacion de solucion cloud de navegacion segura

Information is the lifeblood of the modern enterprise! Yet there are escalating challenges around information explosion, fragmentation and availability. Moving data and workloads to the cloud undoubtedly brings efficiencies, cost savings and new capabilities – however there are a raft of critical issues to consider before, during and after this significant transition. Addressing such concerns requires a renewed focus on the information. Recognition that more data does not equal more value - and that adding yet more infrastructure isn't going to solve anything. Veritas address these new information challenges head-on! With Information Insight, Business Continuity, High Availability and Backup and Disaster Recovery solutions that operate seamlessly across on-premise, private cloud and the AWS public cloud. Technology experts from Veritas resolve these questions while profiling exciting new developments around Data Insight, Veritas Risk Advisor, Veritas Resiliency Platform and NetBackup that significantly enhance the AWS environment Speakers: Dave Hamilton, Distinguished Engineer, Storage and Availability, Veritas & Ian Fehring, Senior Technical Engineer, Veritas

Unique Ways Veritas can Supercharge your AWS Investment - Session Sponsored b...

Unique Ways Veritas can Supercharge your AWS Investment - Session Sponsored b...

Unique Ways Veritas can Supercharge your AWS Investment - Session Sponsored b...

Amazon Web Services

110307 cloud security requirements gourley

110307 cloud security requirements gourley

110307 cloud security requirements gourley

GovCloud Network

HCI ECOCAST

“Internet of Things” is changing our world and today the Internet of Things knows almost as many applications as there are types of devices connected. In this session, Sam and Glenn will give an overview of the latest IoT solutions, the different learnings from the field and explain which key components are instrumental to integrating your solutions to the Azure IoT platform to ensure they are robust, future-proof and secure.

Maturing IoT solutions with Microsoft Azure (Sam Vanhoutte & Glenn Colpaert a...

Maturing IoT solutions with Microsoft Azure (Sam Vanhoutte & Glenn Colpaert a...

Maturing IoT solutions with Microsoft Azure (Sam Vanhoutte & Glenn Colpaert a...

AWS & Intel: A Partnership Dedicated to Cloud Innovations

AWS & Intel: A Partnership Dedicated to Cloud Innovations

AWS & Intel: A Partnership Dedicated to Cloud Innovations

Amazon Web Services

Secure Foundations: Why Red Hat Enterprise Linux is not just another Linux di...

Secure Foundations: Why Red Hat Enterprise Linux is not just another Linux di...

Secure Foundations: Why Red Hat Enterprise Linux is not just another Linux di...

Lucy Huh Kerner

Threats are evolving and emerging every day. PagerDuty needed to take a more proactive and efficient stance to monitor, investigate and triage threats and maintain their security posture on the AWS Cloud. Splunk’s analytics-driven security solution made it easy for PagerDuty to gain end-to-end visibility across their cloud environment. In this webinar, you’ll learn how PagerDuty gained the end-to-end visibility required to respond quickly and effectively to security threats using Splunk on AWS.

How Splunk and AWS Enabled End-to-End Visibility for PagerDuty and Bolstered ...

How Splunk and AWS Enabled End-to-End Visibility for PagerDuty and Bolstered ...

How Splunk and AWS Enabled End-to-End Visibility for PagerDuty and Bolstered ...

Amazon Web Services

Scality SDS Day, London, 20 SEP 2017

Scality SDS Day, London, 20 SEP 2017

Scality SDS Day, London, 20 SEP 2017

Rik Ferguson

CloudExpoEurope

Qualys Corporate Brochure

Qualys Corporate Brochure

Qualys Corporate Brochure

somee.pptx

To the Cloud and beyond (Nantes, Rebuild 2018)

To the Cloud and beyond (Nantes, Rebuild 2018)

To the Cloud and beyond (Nantes, Rebuild 2018)

Security in the cloud Workshop HSTC 2014

Security in the cloud Workshop HSTC 2014

Security in the cloud Workshop HSTC 2014

Cloud Security for Life Science R&D

Cloud Security for Life Science R&D

Cloud Security for Life Science R&D

Chris Dagdigian

Building Cloud capability for startups

Building Cloud capability for startups

Building Cloud capability for startups

Imperative Induced Innovation - Patrick W. Dowd, Ph. D

Imperative Induced Innovation - Patrick W. Dowd, Ph. D

Imperative Induced Innovation - Patrick W. Dowd, Ph. D

Shared responsibility - a model for good cloud security

Shared responsibility - a model for good cloud security

Shared responsibility - a model for good cloud security

Similar to Detection, Response and the Azazel Rootkit (20)

Building and Adopting a Cloud-Native Security Program

Building and Adopting a Cloud-Native Security Program

Building and Adopting a Cloud-Native Security Program

AWS TechConnect 2018 - Container Adoption

AWS TechConnect 2018 - Container Adoption

AWS TechConnect 2018 - Container Adoption

Presentacion de solucion cloud de navegacion segura

Presentacion de solucion cloud de navegacion segura

Presentacion de solucion cloud de navegacion segura

Unique Ways Veritas can Supercharge your AWS Investment - Session Sponsored b...

Unique Ways Veritas can Supercharge your AWS Investment - Session Sponsored b...

Unique Ways Veritas can Supercharge your AWS Investment - Session Sponsored b...

110307 cloud security requirements gourley

110307 cloud security requirements gourley

110307 cloud security requirements gourley

HCI ECOCAST

Maturing IoT solutions with Microsoft Azure (Sam Vanhoutte & Glenn Colpaert a...

Maturing IoT solutions with Microsoft Azure (Sam Vanhoutte & Glenn Colpaert a...

Maturing IoT solutions with Microsoft Azure (Sam Vanhoutte & Glenn Colpaert a...

AWS & Intel: A Partnership Dedicated to Cloud Innovations

AWS & Intel: A Partnership Dedicated to Cloud Innovations

AWS & Intel: A Partnership Dedicated to Cloud Innovations

Secure Foundations: Why Red Hat Enterprise Linux is not just another Linux di...

Secure Foundations: Why Red Hat Enterprise Linux is not just another Linux di...

Secure Foundations: Why Red Hat Enterprise Linux is not just another Linux di...

How Splunk and AWS Enabled End-to-End Visibility for PagerDuty and Bolstered ...

How Splunk and AWS Enabled End-to-End Visibility for PagerDuty and Bolstered ...

How Splunk and AWS Enabled End-to-End Visibility for PagerDuty and Bolstered ...

Scality SDS Day, London, 20 SEP 2017

Scality SDS Day, London, 20 SEP 2017

Scality SDS Day, London, 20 SEP 2017

Rik Ferguson

Qualys Corporate Brochure

Qualys Corporate Brochure

Qualys Corporate Brochure

somee.pptx

To the Cloud and beyond (Nantes, Rebuild 2018)

To the Cloud and beyond (Nantes, Rebuild 2018)

To the Cloud and beyond (Nantes, Rebuild 2018)

Security in the cloud Workshop HSTC 2014

Security in the cloud Workshop HSTC 2014

Security in the cloud Workshop HSTC 2014

Cloud Security for Life Science R&D

Cloud Security for Life Science R&D

Cloud Security for Life Science R&D

Building Cloud capability for startups

Building Cloud capability for startups

Building Cloud capability for startups

Imperative Induced Innovation - Patrick W. Dowd, Ph. D

Imperative Induced Innovation - Patrick W. Dowd, Ph. D

Imperative Induced Innovation - Patrick W. Dowd, Ph. D

Shared responsibility - a model for good cloud security

Shared responsibility - a model for good cloud security

Shared responsibility - a model for good cloud security

More from Threat Stack

It All Started With a Wager About System Upgrades

It All Started With a Wager About System Upgrades

It All Started With a Wager About System Upgrades

Should You Use Security Point Solutions?

Should You Use Security Point Solutions?

Should You Use Security Point Solutions?

3 Reasons Why The Host Rules Intrusion Detection in The Cloud

3 Reasons Why The Host Rules Intrusion Detection in The Cloud

3 Reasons Why The Host Rules Intrusion Detection in The Cloud

Most companies value speed over security, which has traditionally been a blocker in delivering software. But with more and more breaches and vulnerabilities reported (Shellshock and Heartbleed to name a just few) it's more important than ever that security gets integrated into the operations process. Here are the top four ways to balance DevOps workflows while maintaining a pragmatic view on security.

4 Steps to Effectively Integrate DevOps Workflows With Cloud Security Practices

4 Steps to Effectively Integrate DevOps Workflows With Cloud Security Practices

4 Steps to Effectively Integrate DevOps Workflows With Cloud Security Practices

Preparing for the Next Shellshock

Preparing for the Next Shellshock

Preparing for the Next Shellshock

Bringing Infosec Into The Devops Tribe: Q&A With Gene Kim and Pete Cheslock

Bringing Infosec Into The Devops Tribe: Q&A With Gene Kim and Pete Cheslock

Bringing Infosec Into The Devops Tribe: Q&A With Gene Kim and Pete Cheslock

Traditionally, people have used the userland daemon ‘auditd’ built by some good Red Hat folks to collect and consume this data. However, there are a couple of problems with traditional open source auditd and auditd libraries that we’ve had to deal with ourselves, especially when trying to run it on performance sensitive systems and make sense of the sometimes obtuse data that traditional auditd spits out. To that effect, we’ve written a custom audit listener from the ground up for the Threat Stack agent (tsauditd).

SHOWDOWN: Threat Stack vs. Red Hat AuditD

SHOWDOWN: Threat Stack vs. Red Hat AuditD

SHOWDOWN: Threat Stack vs. Red Hat AuditD

Deploying insecure web applications into production can be risky -- resulting in potential loss of customer data, corporate intellectual property and/or brand value. Yet many organizations still deploy public-facing applications without assessing them for common and easily-exploitable vulnerabilities such as SQL Injection and Cross-Site Scripting (XSS). This is because traditional approaches to application security are typically complex, manual and time-consuming – deterring agile teams from incorporating code analysis into their sprints. But it doesn’t have to be that way. By incorporating key SecDevOps concepts into the Software Development Lifecycle (SDLC) – including centralized policies and tighter collaboration and visibility between security and DevOps teams – we can now embed continuous code-level security and assessment into our agile development processes. We’ve uncovered eight patterns that work together to transform cumbersome waterfall methodologies into efficient and secure agile development.

8 Patterns For Continuous Code Security by Veracode CTO Chris Wysopal

8 Patterns For Continuous Code Security by Veracode CTO Chris Wysopal

8 Patterns For Continuous Code Security by Veracode CTO Chris Wysopal

One of the core tenets of what people consider to be “DevOps” is to shorten the feedback loop in your development cycles. This tenet ties in directly with Agile methodologies utilized by software engineering teams. With the advent of easily accessible cloud infrastructure, and with the various operational tooling around those new infrastructure providers reaching a new level of maturity, we are now seeing a world where “DevOps” is mainstream. For companies starting new product development initiatives, using some form of Configuration Management is now table stakes to iterate quickly. Continuous Integration. Continuous Deployment. But who (or what) is continually monitoring the state of your operational security? This is where SecDevOps, or SecOps, comes into play. The SecDevOps methodology allows you to improve your security monitoring and response time, while maintaining your ability to continually deploy changes.

The Case For Continuous Security

The Case For Continuous Security

The Case For Continuous Security

More from Threat Stack (9)

It All Started With a Wager About System Upgrades

It All Started With a Wager About System Upgrades

It All Started With a Wager About System Upgrades

Should You Use Security Point Solutions?

Should You Use Security Point Solutions?

Should You Use Security Point Solutions?

3 Reasons Why The Host Rules Intrusion Detection in The Cloud

3 Reasons Why The Host Rules Intrusion Detection in The Cloud

3 Reasons Why The Host Rules Intrusion Detection in The Cloud

4 Steps to Effectively Integrate DevOps Workflows With Cloud Security Practices

4 Steps to Effectively Integrate DevOps Workflows With Cloud Security Practices

4 Steps to Effectively Integrate DevOps Workflows With Cloud Security Practices

Preparing for the Next Shellshock

Preparing for the Next Shellshock

Preparing for the Next Shellshock

Bringing Infosec Into The Devops Tribe: Q&A With Gene Kim and Pete Cheslock

Bringing Infosec Into The Devops Tribe: Q&A With Gene Kim and Pete Cheslock

Bringing Infosec Into The Devops Tribe: Q&A With Gene Kim and Pete Cheslock

SHOWDOWN: Threat Stack vs. Red Hat AuditD

SHOWDOWN: Threat Stack vs. Red Hat AuditD

SHOWDOWN: Threat Stack vs. Red Hat AuditD

8 Patterns For Continuous Code Security by Veracode CTO Chris Wysopal

8 Patterns For Continuous Code Security by Veracode CTO Chris Wysopal

8 Patterns For Continuous Code Security by Veracode CTO Chris Wysopal

The Case For Continuous Security

The Case For Continuous Security

The Case For Continuous Security

Recently uploaded

Vector Search -An Introduction in Oracle Database 23ai.pptx

Vector Search -An Introduction in Oracle Database 23ai.pptx

Vector Search -An Introduction in Oracle Database 23ai.pptx

Remote DBA Services

Effective data discovery is crucial for maintaining compliance and mitigating risks in today's rapidly evolving privacy landscape. However, traditional manual approaches often struggle to keep pace with the growing volume and complexity of data. Join us for an insightful webinar where industry leaders from TrustArc and Privya will share their expertise on leveraging AI-powered solutions to revolutionize data discovery. You'll learn how to: - Effortlessly maintain a comprehensive, up-to-date data inventory - Harness code scanning insights to gain complete visibility into data flows leveraging the advantages of code scanning over DB scanning - Simplify compliance by leveraging Privya's integration with TrustArc - Implement proven strategies to mitigate third-party risks Our panel of experts will discuss real-world case studies and share practical strategies for overcoming common data discovery challenges. They'll also explore the latest trends and innovations in AI-driven data management, and how these technologies can help organizations stay ahead of the curve in an ever-changing privacy landscape.

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery

Three things you will take away from the session: • How to run an effective tenant-to-tenant migration • Best practices for before, during, and after migration • Tips for using migration as a springboard to prepare for Copilot in Microsoft 365 Main ideas: Migration Overview: The presentation covers the current reality of cross-tenant migrations, the triggers, phases, best practices, and benefits of a successful tenant migration Considerations: When considering a migration, it is important to consider the migration scope, performance, customization, flexibility, user-friendly interface, automation, monitoring, support, training, scalability, data integrity, data security, cost, and licensing structure Next Wave: The next wave of change includes the launch of Copilot, which requires businesses to be prepared for upcoming changes related to Copilot and the cloud, and to consolidate data and tighten governance ShareGate: ShareGate can help with pre-migration analysis, configurable migration tool, and automated, end-user driven collaborative governance

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff

Webinar Recording: https://www.panagenda.com/webinars/why-teams-call-analytics-is-critical-to-your-entire-business Nothing is as frustrating and noticeable as being in an important call and being unable to see or hear the other person. Not surprising then, that issues with Teams calls are among the most common problems users call their helpdesk for. Having in depth insight into everything relevant going on at the user’s device, local network, ISP and Microsoft itself during the call is crucial for good Microsoft Teams Call quality support. To ensure a quick and adequate solution and to ensure your users get the most out of their Microsoft 365. But did you know that ‘bad calls’ are also an excellent indicator of other problems arising? Precisely because it is so noticeable!? Like the canary in the mine, bad calls can be early indicators of problems. Problems that might otherwise not have been noticed for a while but can have a big impact on productivity and satisfaction. Join this session by Christoph Adler to learn how true Microsoft Teams call quality analytics helped other organizations troubleshoot bad calls and identify and fix problems that impacted Teams calls or the use of Microsoft365 in general. See what it can do to keep your users happy and productive! In this session we will cover - Why CQD data alone is not enough to troubleshoot call problems - The importance of attributing call problems to the right call participant - What call quality analytics can do to help you quickly find, fix-, and prevent problems - Why having retrospective detailed insights matters - Real life examples of how others have used Microsoft Teams call quality monitoring to problem shoot problems with their ISP, network, device health and more.

Why Teams call analytics are critical to your entire business

Why Teams call analytics are critical to your entire business

Why Teams call analytics are critical to your entire business

Elevate Developer Efficiency & build GenAI Application with Amazon Q

Elevate Developer Efficiency & build GenAI Application with Amazon Q

Elevate Developer Efficiency & build GenAI Application with Amazon Q

Bhuvaneswari Subramani

Artificial Intelligence Chap.5 : Uncertainty

Artificial Intelligence Chap.5 : Uncertainty

Artificial Intelligence Chap.5 : Uncertainty

Khushali Kathiriya

Join our latest Connector Corner webinar to discover how UiPath Integration Service revolutionizes API-centric automation in a 'Quote to Cash' process—and how that automation empowers businesses to accelerate revenue generation. A comprehensive demo will explore connecting systems, GenAI, and people, through powerful pre-built connectors designed to speed process cycle times. Speakers: James Dickson, Senior Software Engineer Charlie Greenberg, Host, Product Marketing Manager

Connector Corner: Accelerate revenue generation using UiPath API-centric busi...

Connector Corner: Accelerate revenue generation using UiPath API-centric busi...

Connector Corner: Accelerate revenue generation using UiPath API-centric busi...

The Good, the Bad and the Governed - Why is governance a dirty word? David O'Neill, Chief Operating Officer - APIContext Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...

Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...

Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...

Keynote 2: APIs in 2030: The Risk of Technological Sleepwalk Paolo Malinverno, Growth Advisor - The Business of Technology Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...

Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...

Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...

FWD Group - Insurer Innovation Award 2024

FWD Group - Insurer Innovation Award 2024

FWD Group - Insurer Innovation Award 2024

The Digital Insurer

The microservices honeymoon is over. When starting a new project or revamping a legacy monolith, teams started looking for alternatives to microservices. The Modular Monolith, or 'Modulith', is an architecture that reaps the benefits of (vertical) functional decoupling without the high costs associated with separate deployments. This talk will delve into the advantages and challenges of this progressive architecture, beginning with exploring the concept of a 'module', its internal structure, public API, and inter-module communication patterns. Supported by spring-modulith, the talk provides practical guidance on addressing the main challenges of a Modultith Architecture: finding and guarding module boundaries, data decoupling, and integration module-testing. You should not miss this talk if you are a software architect or tech lead seeking practical, scalable solutions. About the author With two decades of experience, Victor is a Java Champion working as a trainer for top companies in Europe. Five thousands developers in 120 companies attended his workshops, so he gets to debate every week the challenges that various projects struggle with. In return, Victor summarizes key points from these workshops in conference talks and online meetups for the European Software Crafters, the world’s largest developer community around architecture, refactoring, and testing. Discover how Victor can help you on victorrentea.ro : company training catalog, consultancy and YouTube playlists.

Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024

Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024

Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024

ICT role in 21st century education and its challenges

ICT role in 21st century education and its challenges

ICT role in 21st century education and its challenges

rafiqahmad00786416

ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke

ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke

ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke

Product Anonymous

presentation ICT roal in 21st century education

presentation ICT roal in 21st century education

presentation ICT roal in 21st century education

💥 You’re lucky! We’ve found two different (lead) developers that are willing to share their valuable lessons learned about using UiPath Document Understanding! Based on recent implementations in appealing use cases at Partou and SPIE. Don’t expect fancy videos or slide decks, but real and practical experiences that will help you with your own implementations. 📕 Topics that will be addressed: • Training the ML-model by humans: do or don't? • Rule-based versus AI extractors • Tips for finding use cases • How to start 👨‍🏫👨‍💻 Speakers: o Dion Morskieft, RPA Product Owner @Partou o Jack Klein-Schiphorst, Automation Developer @Tacstone Technology

DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam

DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam

DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam

UiPathCommunity

DBX First Quarter 2024 Investor Presentation

DBX First Quarter 2024 Investor Presentation

DBX First Quarter 2024 Investor Presentation

AWS Community Day CPH - Three problems of Terraform

AWS Community Day CPH - Three problems of Terraform

AWS Community Day CPH - Three problems of Terraform

Andrey Devyatkin

Passkeys: Developing APIs to enable passwordless authentication Cody Salas, Sr Developer Advocate | Solutions Architect - Yubico Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...

Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...

Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...

Corporate and higher education. Two industries that, in the past, have had a clear divide with very little crossover. The difference in goals, learning styles and objectives paved the way for differing learning technologies platforms to evolve. Now, those stark lines are blurring as both sides are discovering they have content that’s relevant to the other. Join Tammy Rutherford as she walks through the pros and cons of corporate and higher ed collaborating. And the challenges of these different technology platforms working together for a brighter future.

Corporate and higher education May webinar.pptx

Corporate and higher education May webinar.pptx

Corporate and higher education May webinar.pptx

Rustici Software

Understanding the FAA Part 107 License ..

Understanding the FAA Part 107 License ..

Understanding the FAA Part 107 License ..

Christopher Logan Kennedy

Recently uploaded (20)

Vector Search -An Introduction in Oracle Database 23ai.pptx

Vector Search -An Introduction in Oracle Database 23ai.pptx

Vector Search -An Introduction in Oracle Database 23ai.pptx

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff

Why Teams call analytics are critical to your entire business

Why Teams call analytics are critical to your entire business

Why Teams call analytics are critical to your entire business

Elevate Developer Efficiency & build GenAI Application with Amazon Q

Elevate Developer Efficiency & build GenAI Application with Amazon Q

Elevate Developer Efficiency & build GenAI Application with Amazon Q

Artificial Intelligence Chap.5 : Uncertainty

Artificial Intelligence Chap.5 : Uncertainty

Artificial Intelligence Chap.5 : Uncertainty

Connector Corner: Accelerate revenue generation using UiPath API-centric busi...

Connector Corner: Accelerate revenue generation using UiPath API-centric busi...

Connector Corner: Accelerate revenue generation using UiPath API-centric busi...

Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...

Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...

Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...

Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...

Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...

Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...

FWD Group - Insurer Innovation Award 2024

FWD Group - Insurer Innovation Award 2024

FWD Group - Insurer Innovation Award 2024

Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024

Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024

Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024

ICT role in 21st century education and its challenges

ICT role in 21st century education and its challenges

ICT role in 21st century education and its challenges

ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke

ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke

ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke

presentation ICT roal in 21st century education

presentation ICT roal in 21st century education

presentation ICT roal in 21st century education

DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam

DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam

DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam

DBX First Quarter 2024 Investor Presentation

DBX First Quarter 2024 Investor Presentation

DBX First Quarter 2024 Investor Presentation

AWS Community Day CPH - Three problems of Terraform

AWS Community Day CPH - Three problems of Terraform

AWS Community Day CPH - Three problems of Terraform

Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...

Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...

Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...

Corporate and higher education May webinar.pptx

Corporate and higher education May webinar.pptx

Corporate and higher education May webinar.pptx

Understanding the FAA Part 107 License ..

Understanding the FAA Part 107 License ..

Understanding the FAA Part 107 License ..

Detection, Response and the Azazel Rootkit

1. Detection, Response and the Azazel Rootkit Continuous Monitoring for Elastic Infrastructure ! Wednesday, March 19th, 2014 !

2. Topics ‣ Deﬁning Purpose Built for the Cloud ‣ The Cloud Threat Landscape ‣ Cloud Security is a Shared Responsibility ‣ Introducing Cloud Sight ‣ Detecting the Azazel rootkit with Continuous Monitoring ‣ Q & A

3. Agility Driving Cloud Adoption But Security Concerns Remain As reported by Right Scale: http://www.rightscale.com/pdf/rightscale-state-of-the-cloud-report-2013.pdf

4. Purpose Built Security Solutions are Required ‣ No customer controlled egres point ‣ Resource intensive agents drive CPU/Hour $ ‣ Lack of elasticity ‣ Servers launched with no protection ‣ On-prem designed backend lack scale ‣ Need persistence of forensics data for transient instances ‣ Manual agent deployment

5. Cloud Ready, by Design ‣ Easy to deploy within DevOps processes ‣ True Elasticity ‣ Native Elastic Beanstalk support ‣ Big data backend enables scale, analytics, and IR forensics ‣ Linux sensors, not agents ‣ Continuous v. real-time monitoring ‣ Resource friendly !

6. The Cloud Threat Landscape • Publicly Accessible ! • You don’t control the hardware ! • Linux / Open Source Software

7. Cloud Security is a Shared Responsibility • It’s not the cloud providers responsibility to protect your data. ! • It’s not all bad - some providers offer some security features. ! • Continuous monitoring is no longer a luxury but a necessity.

8. Introducing Cloud Sight Continuous Monitoring for Elastic Infrastructure • Cloud Ready By Design. ! • Continuos Monitoring for Cloud Assets, Automated Behavioral Proﬁling. ! • Server activity does not change as drastically as desktop endpoints. ! • Reconstructing the TTY session and gathering context on all asset behavior is a must.

9. Cloud Sight in Action Detecting the Azazel Rootkit

10. Thank You! Q & A