logo
Dates

Author


Conferences

Tags

Sort by:  

Authors: Justin Cormack, Toddy Mladenov
2023-04-21

tldr - powered by Generative AI

The presentation discusses the importance of standards in supply chain security and the ongoing efforts to incorporate transparency logs and metadata into software in the container ecosystem.
  • Verifying identity and large entities is important in supply chain actions
  • Working with the SKET project to build a transparency log and record identities and signatures
  • Incorporating additional metadata around supply chains, such as S-BOMs and SPGX, to have more fine-grained controls
  • Proposing a new sub-project of Notary to directly store TUF repository metadata in the registry
  • Seeing Notary projects as a home for a set of standards around supply chain security
Authors: Moti Harmats
2023-02-16

tldr - powered by Generative AI

The speaker discusses the importance of monitoring server error logs for security vulnerabilities and shares their experience of discovering critical vulnerabilities through this method.
  • Server error logs can contain indications of application vulnerabilities
  • Creating detection rules and signatures for server error logs can help identify vulnerabilities
  • Lessons learned from monitoring server error logs at scale and in distributed systems
  • Automating security processes is crucial for large enterprises with limited security resources
Authors: Amim Knabben, Xinqi Li
2022-10-27

tldr - powered by Generative AI

The presentation discusses the use of Sona boy plugin to run Windows operational readiness tests in Kubernetes clusters.
  • The Sona boy plugin can be used to run Windows operational readiness tests in Kubernetes clusters.
  • The plugin can be used inside the cluster instead of running the tests outside the software.
  • The plugin can be used to parse and extract results and give a summary of the results.
  • The plugin can be used to publish the latest Sona boy image of the project on the GCR bucket Upstream.
  • The plugin can be used to bootstrap a Windows cluster locally using Windows Dev tools.
  • The plugin can be integrated with Pro jobs to run the tests and bring up the results of changes in the project.
  • The plugin can be used with Cappy to bring up a new workload cluster in the hybrid view or Windows view.
  • The plugin can be used with runtime extensions and closer class to execute commands or operations in the lifecycle of a cluster.
Authors: Brian Mason
2021-10-15

tldr - powered by Generative AI

The presentation discusses the development of a project called NetSync, which allows for the synchronization of data between systems on a private network behind a firewall. The project is open source and hosted on GitHub. The presentation also outlines future plans for the project, including adding a NetSync prefix to messages and improving APIs for searching metadata.
  • NetSync is a project that allows for the synchronization of data between systems on a private network behind a firewall
  • The project is open source and hosted on GitHub
  • Future plans for the project include adding a NetSync prefix to messages and improving APIs for searching metadata