SlideShare une entreprise Scribd logo

Unique way-to-hack-into-a-python-web-service

T
Tilak T

Some of the unique vulnerabilities in Python Rest Framework, and How to fix those vulnerabilities.

Technologie
1  sur  32
Télécharger pour lire hors ligne
Unique ways to Hack into a Python Web Service Copyright - we45, 2019
Copyright - we45, 2019 @ti1akt YOURS TRULY ● Senior Solutions Engineer at we45 ● Full Stack Developer ● Developer of Open source Projects ● Trainer and Speaker
@ti1akt Outline ● Why web services aren’t secure ● Unique vulnerabilities ● Demo ! ● Security Pipeline Copyright - we45, 2019
@ti1akt Why web services aren't secure Copyright - we45, 2019
@ti1akt Copyright - we45, 2019
@ti1akt Copyright - we45, 2019
@ti1akt Unique Vulnerabilities ● JWT Manipulation ● Insecure Deserialization ● Server Side Template Injection ● Click Jacking ● Etc …
@ti1akt Copyright - we45, 2019
JWT Manipulation OWASP-2017 A5 Broken Access Control Copyright - we45, 2019
Copyright - we45, 2019 @ti1akt Why JWT ● Stateless Application ● Authorization Mechanism ● Transfers information between server and client ● Scalable and decoupled
Copyright - we45, 2019 @ti1akt JSON Web Token(JWT) ● The process is relatively simple (typically): ● Once a user authenticates, the server generates some JSON payload (with some info) and signs the JSON payload with a key ● This can be a HMAC Based Key (HS256) or a Asymmetric System (RS256) ● The token is sent by the client (like a session cookie) ● The server attempts to verify the token based on the signature and allows/disallows the user to perform actions
Copyright - we45, 2019 @ti1akt Lots of ways to get JWT wrong ● Modify the algorithm to `none` ● Leakage of sensitive information ● Algorithm Confusion ● Cracking Secret Keys
Copyright - we45, 2019 @ti1akt
Copyright - we45, 2019 @ti1akt
Copyright - we45, 2019 @ti1akt Mitigation for JWT ● Know the Algorithms ● Ensure that JWT implementation doesn’t support ‘None’ signature ● Secret key size must be strong ● JWT lifetime relatively short ● Check library flaw ● Validate using Unique ID
Server Side Template Injection Copyright - we45, 2019
@ti1akt Why Template Engine ● Readability ● Separation ● Auto-Escaping ● Template Caching ● Template Inheritance Copyright - we45, 2019
@ti1aktCopyright - we45, 2019
@ti1akt
Copyright - we45, 2019 @ti1akt
@ti1akt Mitigation ● Sanitise and then render ● Sandboxing the application Copyright - we45, 2019
Insecure Direct Object Reference OWASP-2017 A8 Broken Access Control Copyright - we45, 2019
@ti1akt Insecure Direct Object reference ● “id”,”pid”,”uid” are often seen in HTTP parameter ● Accessing other user privilege ● Backend not properly validated users Copyright - we45, 2019
Copyright - we45, 2019 @ti1akt How it works
Copyright - we45, 2019 @ti1akt Yahoo Breach Source:https://thehackernews.com/2014/03/yahoo-vulnerability-allows-hacker-to_1.html
Copyright - we45, 2019 @ti1akt
@ti1akt Mitigation ● Validate user using requested query ● Check database is that user is genuine or not ● Custom validation in server side as well as client side ● JWT should be invalidated once the user is logout Copyright - we45, 2019
Copyright - we45, 2019 @ti1akt
Copyright - we45, 2019 @ti1akt
Copyright - we45, 2019 @ti1akt Basic Pipeline Demo
Copyright - we45, 2019 @ti1akt SecDevOps Jenkins pipeline
@ti1akt Thank you Copyright - we45, 2019 @ti1akt ti1akt https://github.com/we45/pyconth2019

Recommandé

Unique way-to-hack-into-a-python-web-service
Unique way-to-hack-into-a-python-web-serviceUnique way-to-hack-into-a-python-web-service
Unique way-to-hack-into-a-python-web-serviceTilak T
 
Vault: Beyond secret storage - Using Vault to harden your infrastructure
Vault: Beyond secret storage - Using Vault to harden your infrastructureVault: Beyond secret storage - Using Vault to harden your infrastructure
Vault: Beyond secret storage - Using Vault to harden your infrastructureOpenCredo
 
WebRTC Live Q&A Session #4 - WebRTC in WebKit and the story around Apple and ...
WebRTC Live Q&A Session #4 - WebRTC in WebKit and the story around Apple and ...WebRTC Live Q&A Session #4 - WebRTC in WebKit and the story around Apple and ...
WebRTC Live Q&A Session #4 - WebRTC in WebKit and the story around Apple and ...Amir Zmora
 
Toronto Virtual Meetup #5 - API Security and Threats
Toronto Virtual Meetup #5 - API Security and ThreatsToronto Virtual Meetup #5 - API Security and Threats
Toronto Virtual Meetup #5 - API Security and ThreatsAlexandra N. Martinez
 
Toronto Virtual Meetup #4 - Anypoint Monitoring (Dashboards, Alerts) and Visu...
Toronto Virtual Meetup #4 - Anypoint Monitoring (Dashboards, Alerts) and Visu...Toronto Virtual Meetup #4 - Anypoint Monitoring (Dashboards, Alerts) and Visu...
Toronto Virtual Meetup #4 - Anypoint Monitoring (Dashboards, Alerts) and Visu...Alexandra N. Martinez
 
Identity Server on Azure: A Reference Architecture
Identity Server on Azure: A Reference ArchitectureIdentity Server on Azure: A Reference Architecture
Identity Server on Azure: A Reference ArchitectureWSO2
 
Cavemen to Captains
Cavemen to CaptainsCavemen to Captains
Cavemen to CaptainsRamesh Podila
 
WebGoat.SDWAN.Net in Depth: SD-WAN Security Assessment
WebGoat.SDWAN.Net in Depth: SD-WAN Security Assessment WebGoat.SDWAN.Net in Depth: SD-WAN Security Assessment
WebGoat.SDWAN.Net in Depth: SD-WAN Security Assessment Sergey Gordeychik
 

Recommandé

Unique way-to-hack-into-a-python-web-service
Unique way-to-hack-into-a-python-web-serviceUnique way-to-hack-into-a-python-web-service
Unique way-to-hack-into-a-python-web-serviceTilak T
 
Vault: Beyond secret storage - Using Vault to harden your infrastructure
Vault: Beyond secret storage - Using Vault to harden your infrastructureVault: Beyond secret storage - Using Vault to harden your infrastructure
Vault: Beyond secret storage - Using Vault to harden your infrastructureOpenCredo
 
WebRTC Live Q&A Session #4 - WebRTC in WebKit and the story around Apple and ...
WebRTC Live Q&A Session #4 - WebRTC in WebKit and the story around Apple and ...WebRTC Live Q&A Session #4 - WebRTC in WebKit and the story around Apple and ...
WebRTC Live Q&A Session #4 - WebRTC in WebKit and the story around Apple and ...Amir Zmora
 
Toronto Virtual Meetup #5 - API Security and Threats
Toronto Virtual Meetup #5 - API Security and ThreatsToronto Virtual Meetup #5 - API Security and Threats
Toronto Virtual Meetup #5 - API Security and ThreatsAlexandra N. Martinez
 
Toronto Virtual Meetup #4 - Anypoint Monitoring (Dashboards, Alerts) and Visu...
Toronto Virtual Meetup #4 - Anypoint Monitoring (Dashboards, Alerts) and Visu...Toronto Virtual Meetup #4 - Anypoint Monitoring (Dashboards, Alerts) and Visu...
Toronto Virtual Meetup #4 - Anypoint Monitoring (Dashboards, Alerts) and Visu...Alexandra N. Martinez
 
Identity Server on Azure: A Reference Architecture
Identity Server on Azure: A Reference ArchitectureIdentity Server on Azure: A Reference Architecture
Identity Server on Azure: A Reference ArchitectureWSO2
 
Cavemen to Captains
Cavemen to CaptainsCavemen to Captains
Cavemen to CaptainsRamesh Podila
 
WebGoat.SDWAN.Net in Depth: SD-WAN Security Assessment
WebGoat.SDWAN.Net in Depth: SD-WAN Security Assessment WebGoat.SDWAN.Net in Depth: SD-WAN Security Assessment
WebGoat.SDWAN.Net in Depth: SD-WAN Security Assessment Sergey Gordeychik
 
Onsite brochure-jan2014
Onsite brochure-jan2014Onsite brochure-jan2014
Onsite brochure-jan2014Logit Group
 
WebRTC Live Q&A Session 2
WebRTC Live Q&A Session 2WebRTC Live Q&A Session 2
WebRTC Live Q&A Session 2Amir Zmora
 
2020 05-tech saturday-devsecops-#2-v03
2020 05-tech saturday-devsecops-#2-v032020 05-tech saturday-devsecops-#2-v03
2020 05-tech saturday-devsecops-#2-v03Diego Gabriel Cardoso
 
Conclusions from Tracking Server Attacks at Scale
Conclusions from Tracking Server Attacks at ScaleConclusions from Tracking Server Attacks at Scale
Conclusions from Tracking Server Attacks at ScaleGuardicore
 
MuleSoft Online Meetup - Salesforce Streaming APIs
MuleSoft Online Meetup - Salesforce Streaming APIsMuleSoft Online Meetup - Salesforce Streaming APIs
MuleSoft Online Meetup - Salesforce Streaming APIsRoyston Lobo
 
Blockchain workshop
Blockchain workshopBlockchain workshop
Blockchain workshopVodqaBLR
 
Meetup en español #5 - Continuous Integration and Continuous Delivery (CI/CD)...
Meetup en español #5 - Continuous Integration and Continuous Delivery (CI/CD)...Meetup en español #5 - Continuous Integration and Continuous Delivery (CI/CD)...
Meetup en español #5 - Continuous Integration and Continuous Delivery (CI/CD)...Alexandra N. Martinez
 
2016-08-18 Red Hat Partner Security Update
2016-08-18 Red Hat Partner Security Update2016-08-18 Red Hat Partner Security Update
2016-08-18 Red Hat Partner Security UpdateShawn Wells
 
Aleksei Dremin - Application Security Pipeline - phdays9
Aleksei Dremin - Application Security Pipeline - phdays9Aleksei Dremin - Application Security Pipeline - phdays9
Aleksei Dremin - Application Security Pipeline - phdays9Alexey Dremin
 
Break up the Monolith: Testing Microservices
Break up the Monolith: Testing MicroservicesBreak up the Monolith: Testing Microservices
Break up the Monolith: Testing MicroservicesMarcus Merrell
 
Video Game Security
Video Game SecurityVideo Game Security
Video Game SecurityCigital
 
Can containers be secured in paas?
Can containers be secured in paas?Can containers be secured in paas?
Can containers be secured in paas?Sufyaan Kazi
 
Securing an NGINX deployment for K8s
Securing an NGINX deployment for K8sSecuring an NGINX deployment for K8s
Securing an NGINX deployment for K8sDevOps Indonesia
 
APIsecure 2023 - For flex(ibility) sake, modernize your legacy APIs!, Topher ...
APIsecure 2023 - For flex(ibility) sake, modernize your legacy APIs!, Topher ...APIsecure 2023 - For flex(ibility) sake, modernize your legacy APIs!, Topher ...
APIsecure 2023 - For flex(ibility) sake, modernize your legacy APIs!, Topher ...apidays
 
Network Automation Journey, A systems engineer NetOps perspective
Network Automation Journey, A systems engineer NetOps perspectiveNetwork Automation Journey, A systems engineer NetOps perspective
Network Automation Journey, A systems engineer NetOps perspectiveWalid Shaari
 
APIdays Paris 2019 - API Gateway & Identity Providers, a Match Made in Micros...
APIdays Paris 2019 - API Gateway & Identity Providers, a Match Made in Micros...APIdays Paris 2019 - API Gateway & Identity Providers, a Match Made in Micros...
APIdays Paris 2019 - API Gateway & Identity Providers, a Match Made in Micros...apidays
 
Reactive Micro Services with Java seminar
Reactive Micro Services with Java seminarReactive Micro Services with Java seminar
Reactive Micro Services with Java seminarGal Marder
 
Building A Self Service Streaming Platform at Pinterest - Steven Bairos-Novak...
Building A Self Service Streaming Platform at Pinterest - Steven Bairos-Novak...Building A Self Service Streaming Platform at Pinterest - Steven Bairos-Novak...
Building A Self Service Streaming Platform at Pinterest - Steven Bairos-Novak...Flink Forward
 
5 Pillars of Building Enterprise0grade APIs
5 Pillars of Building Enterprise0grade APIs5 Pillars of Building Enterprise0grade APIs
5 Pillars of Building Enterprise0grade APIsWSO2
 
Webcast: Deep-Dive Apigee Edge Microgateway
Webcast: Deep-Dive Apigee Edge MicrogatewayWebcast: Deep-Dive Apigee Edge Microgateway
Webcast: Deep-Dive Apigee Edge MicrogatewayApigee | Google Cloud
 
DataEngConf: Apache Kafka at Rocana: a scalable, distributed log for machine ...
DataEngConf: Apache Kafka at Rocana: a scalable, distributed log for machine ...DataEngConf: Apache Kafka at Rocana: a scalable, distributed log for machine ...
DataEngConf: Apache Kafka at Rocana: a scalable, distributed log for machine ...Hakka Labs
 
RTBkit Meetup - Developer Spotlight, Behind the Scenes of RTBkit and Intro to...
RTBkit Meetup - Developer Spotlight, Behind the Scenes of RTBkit and Intro to...RTBkit Meetup - Developer Spotlight, Behind the Scenes of RTBkit and Intro to...
RTBkit Meetup - Developer Spotlight, Behind the Scenes of RTBkit and Intro to...Datacratic
 

Contenu connexe

Tendances

Onsite brochure-jan2014
Onsite brochure-jan2014Onsite brochure-jan2014
Onsite brochure-jan2014Logit Group
 
WebRTC Live Q&A Session 2
WebRTC Live Q&A Session 2WebRTC Live Q&A Session 2
WebRTC Live Q&A Session 2Amir Zmora
 
2020 05-tech saturday-devsecops-#2-v03
2020 05-tech saturday-devsecops-#2-v032020 05-tech saturday-devsecops-#2-v03
2020 05-tech saturday-devsecops-#2-v03Diego Gabriel Cardoso
 
Conclusions from Tracking Server Attacks at Scale
Conclusions from Tracking Server Attacks at ScaleConclusions from Tracking Server Attacks at Scale
Conclusions from Tracking Server Attacks at ScaleGuardicore
 
MuleSoft Online Meetup - Salesforce Streaming APIs
MuleSoft Online Meetup - Salesforce Streaming APIsMuleSoft Online Meetup - Salesforce Streaming APIs
MuleSoft Online Meetup - Salesforce Streaming APIsRoyston Lobo
 
Blockchain workshop
Blockchain workshopBlockchain workshop
Blockchain workshopVodqaBLR
 
Meetup en español #5 - Continuous Integration and Continuous Delivery (CI/CD)...
Meetup en español #5 - Continuous Integration and Continuous Delivery (CI/CD)...Meetup en español #5 - Continuous Integration and Continuous Delivery (CI/CD)...
Meetup en español #5 - Continuous Integration and Continuous Delivery (CI/CD)...Alexandra N. Martinez
 
2016-08-18 Red Hat Partner Security Update
2016-08-18 Red Hat Partner Security Update2016-08-18 Red Hat Partner Security Update
2016-08-18 Red Hat Partner Security UpdateShawn Wells
 
Aleksei Dremin - Application Security Pipeline - phdays9
Aleksei Dremin - Application Security Pipeline - phdays9Aleksei Dremin - Application Security Pipeline - phdays9
Aleksei Dremin - Application Security Pipeline - phdays9Alexey Dremin
 

Tendances (9)

Onsite brochure-jan2014
Onsite brochure-jan2014Onsite brochure-jan2014
Onsite brochure-jan2014
 
WebRTC Live Q&A Session 2
WebRTC Live Q&A Session 2WebRTC Live Q&A Session 2
WebRTC Live Q&A Session 2
 
2020 05-tech saturday-devsecops-#2-v03
2020 05-tech saturday-devsecops-#2-v032020 05-tech saturday-devsecops-#2-v03
2020 05-tech saturday-devsecops-#2-v03
 
Conclusions from Tracking Server Attacks at Scale
Conclusions from Tracking Server Attacks at ScaleConclusions from Tracking Server Attacks at Scale
Conclusions from Tracking Server Attacks at Scale
 
MuleSoft Online Meetup - Salesforce Streaming APIs
MuleSoft Online Meetup - Salesforce Streaming APIsMuleSoft Online Meetup - Salesforce Streaming APIs
MuleSoft Online Meetup - Salesforce Streaming APIs
 
Blockchain workshop
Blockchain workshopBlockchain workshop
Blockchain workshop
 
Meetup en español #5 - Continuous Integration and Continuous Delivery (CI/CD)...
Meetup en español #5 - Continuous Integration and Continuous Delivery (CI/CD)...Meetup en español #5 - Continuous Integration and Continuous Delivery (CI/CD)...
Meetup en español #5 - Continuous Integration and Continuous Delivery (CI/CD)...
 
2016-08-18 Red Hat Partner Security Update
2016-08-18 Red Hat Partner Security Update2016-08-18 Red Hat Partner Security Update
2016-08-18 Red Hat Partner Security Update
 
Aleksei Dremin - Application Security Pipeline - phdays9
Aleksei Dremin - Application Security Pipeline - phdays9Aleksei Dremin - Application Security Pipeline - phdays9
Aleksei Dremin - Application Security Pipeline - phdays9
 

Similaire à Unique way-to-hack-into-a-python-web-service

Break up the Monolith: Testing Microservices
Break up the Monolith: Testing MicroservicesBreak up the Monolith: Testing Microservices
Break up the Monolith: Testing MicroservicesMarcus Merrell
 
Video Game Security
Video Game SecurityVideo Game Security
Video Game SecurityCigital
 
Can containers be secured in paas?
Can containers be secured in paas?Can containers be secured in paas?
Can containers be secured in paas?Sufyaan Kazi
 
Securing an NGINX deployment for K8s
Securing an NGINX deployment for K8sSecuring an NGINX deployment for K8s
Securing an NGINX deployment for K8sDevOps Indonesia
 
APIsecure 2023 - For flex(ibility) sake, modernize your legacy APIs!, Topher ...
APIsecure 2023 - For flex(ibility) sake, modernize your legacy APIs!, Topher ...APIsecure 2023 - For flex(ibility) sake, modernize your legacy APIs!, Topher ...
APIsecure 2023 - For flex(ibility) sake, modernize your legacy APIs!, Topher ...apidays
 
Network Automation Journey, A systems engineer NetOps perspective
Network Automation Journey, A systems engineer NetOps perspectiveNetwork Automation Journey, A systems engineer NetOps perspective
Network Automation Journey, A systems engineer NetOps perspectiveWalid Shaari
 
APIdays Paris 2019 - API Gateway & Identity Providers, a Match Made in Micros...
APIdays Paris 2019 - API Gateway & Identity Providers, a Match Made in Micros...APIdays Paris 2019 - API Gateway & Identity Providers, a Match Made in Micros...
APIdays Paris 2019 - API Gateway & Identity Providers, a Match Made in Micros...apidays
 
Reactive Micro Services with Java seminar
Reactive Micro Services with Java seminarReactive Micro Services with Java seminar
Reactive Micro Services with Java seminarGal Marder
 
Building A Self Service Streaming Platform at Pinterest - Steven Bairos-Novak...
Building A Self Service Streaming Platform at Pinterest - Steven Bairos-Novak...Building A Self Service Streaming Platform at Pinterest - Steven Bairos-Novak...
Building A Self Service Streaming Platform at Pinterest - Steven Bairos-Novak...Flink Forward
 
5 Pillars of Building Enterprise0grade APIs
5 Pillars of Building Enterprise0grade APIs5 Pillars of Building Enterprise0grade APIs
5 Pillars of Building Enterprise0grade APIsWSO2
 
Webcast: Deep-Dive Apigee Edge Microgateway
Webcast: Deep-Dive Apigee Edge MicrogatewayWebcast: Deep-Dive Apigee Edge Microgateway
Webcast: Deep-Dive Apigee Edge MicrogatewayApigee | Google Cloud
 
DataEngConf: Apache Kafka at Rocana: a scalable, distributed log for machine ...
DataEngConf: Apache Kafka at Rocana: a scalable, distributed log for machine ...DataEngConf: Apache Kafka at Rocana: a scalable, distributed log for machine ...
DataEngConf: Apache Kafka at Rocana: a scalable, distributed log for machine ...Hakka Labs
 
RTBkit Meetup - Developer Spotlight, Behind the Scenes of RTBkit and Intro to...
RTBkit Meetup - Developer Spotlight, Behind the Scenes of RTBkit and Intro to...RTBkit Meetup - Developer Spotlight, Behind the Scenes of RTBkit and Intro to...
RTBkit Meetup - Developer Spotlight, Behind the Scenes of RTBkit and Intro to...Datacratic
 
Zetta: An API First Platform
Zetta: An API First PlatformZetta: An API First Platform
Zetta: An API First PlatformAPI Meetup
 
Security .NET.pdf
Security .NET.pdfSecurity .NET.pdf
Security .NET.pdfAbhi Jain
 
HKNOG 6.0 Next Generation Networks - will automation put us out of jobs?
HKNOG 6.0 Next Generation Networks - will automation put us out of jobs?HKNOG 6.0 Next Generation Networks - will automation put us out of jobs?
HKNOG 6.0 Next Generation Networks - will automation put us out of jobs?Tom Paseka
 
Scrubbing Your Active Directory Squeaky Clean
Scrubbing Your Active Directory Squeaky CleanScrubbing Your Active Directory Squeaky Clean
Scrubbing Your Active Directory Squeaky CleanNetIQ
 
Software architecture also needs agile
Software architecture also needs agileSoftware architecture also needs agile
Software architecture also needs agileBoyan Mihaylov
 
Advanced Security Extensions in Apigee Edge: JWT, JWE, JWS
Advanced Security Extensions in Apigee Edge: JWT, JWE, JWSAdvanced Security Extensions in Apigee Edge: JWT, JWE, JWS
Advanced Security Extensions in Apigee Edge: JWT, JWE, JWSApigee | Google Cloud
 

Similaire à Unique way-to-hack-into-a-python-web-service (20)

Break up the Monolith: Testing Microservices
Break up the Monolith: Testing MicroservicesBreak up the Monolith: Testing Microservices
Break up the Monolith: Testing Microservices
 
Video Game Security
Video Game SecurityVideo Game Security
Video Game Security
 
Can containers be secured in paas?
Can containers be secured in paas?Can containers be secured in paas?
Can containers be secured in paas?
 
Securing an NGINX deployment for K8s
Securing an NGINX deployment for K8sSecuring an NGINX deployment for K8s
Securing an NGINX deployment for K8s
 
APIsecure 2023 - For flex(ibility) sake, modernize your legacy APIs!, Topher ...
APIsecure 2023 - For flex(ibility) sake, modernize your legacy APIs!, Topher ...APIsecure 2023 - For flex(ibility) sake, modernize your legacy APIs!, Topher ...
APIsecure 2023 - For flex(ibility) sake, modernize your legacy APIs!, Topher ...
 
Network Automation Journey, A systems engineer NetOps perspective
Network Automation Journey, A systems engineer NetOps perspectiveNetwork Automation Journey, A systems engineer NetOps perspective
Network Automation Journey, A systems engineer NetOps perspective
 
APIdays Paris 2019 - API Gateway & Identity Providers, a Match Made in Micros...
APIdays Paris 2019 - API Gateway & Identity Providers, a Match Made in Micros...APIdays Paris 2019 - API Gateway & Identity Providers, a Match Made in Micros...
APIdays Paris 2019 - API Gateway & Identity Providers, a Match Made in Micros...
 
Reactive Micro Services with Java seminar
Reactive Micro Services with Java seminarReactive Micro Services with Java seminar
Reactive Micro Services with Java seminar
 
Building A Self Service Streaming Platform at Pinterest - Steven Bairos-Novak...
Building A Self Service Streaming Platform at Pinterest - Steven Bairos-Novak...Building A Self Service Streaming Platform at Pinterest - Steven Bairos-Novak...
Building A Self Service Streaming Platform at Pinterest - Steven Bairos-Novak...
 
5 Pillars of Building Enterprise0grade APIs
5 Pillars of Building Enterprise0grade APIs5 Pillars of Building Enterprise0grade APIs
5 Pillars of Building Enterprise0grade APIs
 
Webcast: Deep-Dive Apigee Edge Microgateway
Webcast: Deep-Dive Apigee Edge MicrogatewayWebcast: Deep-Dive Apigee Edge Microgateway
Webcast: Deep-Dive Apigee Edge Microgateway
 
DataEngConf: Apache Kafka at Rocana: a scalable, distributed log for machine ...
DataEngConf: Apache Kafka at Rocana: a scalable, distributed log for machine ...DataEngConf: Apache Kafka at Rocana: a scalable, distributed log for machine ...
DataEngConf: Apache Kafka at Rocana: a scalable, distributed log for machine ...
 
RTBkit Meetup - Developer Spotlight, Behind the Scenes of RTBkit and Intro to...
RTBkit Meetup - Developer Spotlight, Behind the Scenes of RTBkit and Intro to...RTBkit Meetup - Developer Spotlight, Behind the Scenes of RTBkit and Intro to...
RTBkit Meetup - Developer Spotlight, Behind the Scenes of RTBkit and Intro to...
 
Hinting at a better web
Hinting at a better webHinting at a better web
Hinting at a better web
 
Zetta: An API First Platform
Zetta: An API First PlatformZetta: An API First Platform
Zetta: An API First Platform
 
Security .NET.pdf
Security .NET.pdfSecurity .NET.pdf
Security .NET.pdf
 
HKNOG 6.0 Next Generation Networks - will automation put us out of jobs?
HKNOG 6.0 Next Generation Networks - will automation put us out of jobs?HKNOG 6.0 Next Generation Networks - will automation put us out of jobs?
HKNOG 6.0 Next Generation Networks - will automation put us out of jobs?
 
Scrubbing Your Active Directory Squeaky Clean
Scrubbing Your Active Directory Squeaky CleanScrubbing Your Active Directory Squeaky Clean
Scrubbing Your Active Directory Squeaky Clean
 
Software architecture also needs agile
Software architecture also needs agileSoftware architecture also needs agile
Software architecture also needs agile
 
Advanced Security Extensions in Apigee Edge: JWT, JWE, JWS
Advanced Security Extensions in Apigee Edge: JWT, JWE, JWSAdvanced Security Extensions in Apigee Edge: JWT, JWE, JWS
Advanced Security Extensions in Apigee Edge: JWT, JWE, JWS
 

Dernier

New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DayH2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DaySri Ambati
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostZilliz
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyAlfredo García Lavilla
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 

Dernier (20)

E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DayH2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 

Unique way-to-hack-into-a-python-web-service