logo
Dates

Author


Conferences

Tags

Sort by:  

Authors: Frederick Kautz
2023-04-21

tldr - powered by Generative AI

The presentation discusses the importance of establishing trust in computer systems and processes, and challenges the concept of 'zero trust' by suggesting that it should be renamed to 'zero implicit trust' to make it explicit.
  • Understanding the context of a system is important in determining how much to spend on defending it and what the value of the thing being defended is
  • Establishing trust in the foundation of a system is crucial before building on top of it
  • Developing a framework for trust involves asking questions about what is being trusted and why, and what the consequences are if that trust is violated
  • The blast radius of an incident should be kept small to minimize the impact of a breach or failure
  • The concept of 'zero trust' should be renamed to 'zero implicit trust' to make it explicit that something is being trusted and to encourage proper analysis and risk assessment
Authors: Jared Burck, Valentina Rodriguez Sosa, James Bench, Christopher Nuland
2023-04-21

tldr - powered by Generative AI

Lessons learned in implementing DevSecOps in large Enterprise IT
  • Take stock of inventory and work with security to change perception of secure software
  • Bring in security officers early on and provide education and training
  • Transitioning to agile methodology and tying it into deployment and build process takes culture change
  • Be mindful of tackling tech debt during migration
  • Learn from industry best practices and use relevant templates
Authors: Kunal Kushwaha, Mark Boost
2023-04-21

tldr - powered by Generative AI

Tips for students to overcome challenges and find mentorship in the cloud native industry
  • Research potential mentors and align goals and interests
  • Approach mentors professionally and provide meaningful insight into your background and interests
  • Utilize open source projects to gain experience and build your resume
  • Collaborate with diverse communities to foster innovation and knowledge sharing
  • Overcome communication barriers by asking specific questions and seeking out mentorship
  • Manage time effectively to balance coursework and open source contributions
  • Combat imposter syndrome by recognizing your value and belonging in the community
Authors: James Callaghan
2023-04-21

tldr - powered by Generative AI

The presentation discusses the use of threat modeling in a fictitious example of a workload architecture, and the importance of prototyping early to understand how technologies integrate with each other and what can go wrong.
  • The example architecture includes an external facing service using TLS, mutual TLS for service communication, and web identity federation for accessing AWS services
  • Two approaches are presented: a simple web service and a service mesh approach using Istio and OPA
  • Data flow diagrams are essential for threat modeling and can be used to apply STRIDE to individual communications
  • Prototyping early helps to understand technology integration and potential issues
  • The presentation includes a relevant anecdote about a last-minute issue with AWS policies on S3 buckets
Authors: Dan Sun, Theofilos Papapanagiotou
2023-04-21

tldr - powered by Generative AI

K-Serve is a tool for deploying machine learning models that can handle large language models with billions of parameters. It allows for easy deployment and management of models, as well as the ability to observe and analyze model performance.
  • K-Serve allows for easy deployment and management of machine learning models
  • It can handle large language models with billions of parameters
  • Observation and analysis of model performance is possible with K-Serve
  • The future of K-Serve is to support even larger language models
Authors: Andres Aguiar, Anders Eknert
2023-04-21

tldr - powered by Generative AI

The presentation discusses the use of service policies and Argo workflows for Cloud native open source authorization application architecture.
  • The use of service policies and Argo workflows enables Cloud native open source authorization application architecture.
  • Service policies allow for dynamic resolution of authorization checks based on service instances.
  • Argo workflows are used for end-to-end workflows for compiling, testing, and validating authorization changes.
  • The presentation provides an example of using Argo to submit a job to pull down policies and run tests to validate changes.
  • The presentation emphasizes the importance of testing and evolving policies over time.
Authors: William Wang
2023-04-21

tldr - powered by Generative AI

Volcano is a cloud-native batch system that provides a unified job scheduling and management solution for Kubernetes clusters. It is designed to be scalable, flexible, and extensible, and it supports a wide range of workloads, including machine learning, data processing, and scientific computing.
  • Volcano is a cloud-native batch system that provides a unified job scheduling and management solution for Kubernetes clusters.
  • It is designed to be scalable, flexible, and extensible, and it supports a wide range of workloads, including machine learning, data processing, and scientific computing.
  • Volcano has several features that make it a powerful tool for managing batch workloads, including job scheduling, resource management, and job dependencies.
  • Volcano is used by a diverse group of users, including those in the AI and data areas, and it has a large and active community of contributors.
  • Volcano integrates with a variety of other tools and platforms, including Spark, Argo, and Airflow.
  • Volcano provides documentation and support for a wide range of training operators, including TensorFlow, MXNet, and MPI.
Authors: Michael Maximilien, Paul Schweigert
2023-04-20

tldr - powered by Generative AI

The presentation discusses the use of quantum computing and Kubernetes to solve complex problems faster.
  • Quantum computing can solve hard problems faster when combined with classical computing
  • Kubernetes is a natural orchestrator for workload parallelization
  • IBM Cloud and OpenShift can run Kubernetes and serverless workloads
  • The presented example shows how to use quantum and Kubernetes to divide and conquer a workload
  • The example uses a small quantum circuit to demonstrate the process
Authors: Maciej Mazur, Andreea Munteanu
2023-04-20

tldr - powered by Generative AI

The presentation discusses the use of secure MLOps in the life science industry, with a focus on protecting patient privacy and complying with industry standards.
  • Tokenization is used to protect patient privacy by changing personally identifiable information to a token based on a hardware security key.
  • Strict confinement features of micro-kubernetes distribution are used to ensure tamper-proof tokenization.
  • Confidential computing is used to expand local Kubernetes clusters in a safe way by creating a VM on a public cloud and utilizing open enclave and open source projects to configure the confidential compute and underlying hardware features.
  • The benefits of using public clouds for research use cases are discussed, including the ability to spike up capacity when training a bigger model.
  • The presentation emphasizes the importance of using secure MLOps to comply with industry standards and protect patient privacy.
Authors: Kemal Akkoyun, Bryan Boreham
2023-04-19

As the 2nd oldest project in the CNCF, you have probably heard about Prometheus before. Prometheus is the de facto standard in cloud-native metrics monitoring and beyond, mainly because Kubernetes is designing its custom metrics engine for Prometheus. Nevertheless, the project maintainers will introduce you from the very beginning, followed by a deep dive into its internal and a list of the exciting new features that have been released recently or are in the pipeline. You will learn about many opportunities to use Prometheus, and we will cover a mix of introduction content, a deeper dive into current developments, and open Q&A at the end. We can even tempt you to contribute to the project yourself.