Docker Security at PyCon: Threat Modeling & State Machines

The Docker Security Team was out in force at PyCon 2017 in Portland, OR, giving two talks focussed on helping the Python Community to achieve better security. First up was David Lawrence and Ying Li with their “Introduction to Threat Modelling talk”.

Threat Modelling is a structured process that aids an engineer in uncovering security vulnerabilities in an application design or implemented software. The great majority of software grows organically, gaining new features as some critical mass of users requests them. These features are often implemented without full consideration of how they may impact every facet of the system they are augmenting.

Threat modelling aims to increase awareness of how a system operates, and in doing so, identify potential vulnerabilities. The process is broken up into three steps: data collection, analysis, and remediation. An effective way to run the process is to have a security engineer sit with the engineers responsible for design or implementation and guide a structured discussion through the three steps.

For the purpose of this article, we’re going to consider how we would  threat model a house, as the process can be applied to both real world scenarios in addition to software.

threat Modeling

Data Collection

Five categories of Continue reading

Example of private VLAN isolation across Virtual and Physical servers using ESX/dvSwitch and HP Networking Comware switches

The target was simple, we have an internal cloud datacenter at work that provides users and customers both virtual machines and physical machines. Each machine has to network interface cards (NICs), one is in control of the user/customer using SDN layer, the secondary NIC is for our support to monitor and help troubleshoot these machines when needed. This second NIC will be our target today. In the past we used per-user or per-customer firewall separations that was configuration intensive nightmare, but was reliable. However since we learned private VLANs are now supported by vmWares Distributed vSwitch (dvSwitch), we immediately tried to make it cooperate with private VLANs on physical switches. And since it worked like a charm, let me share with you a quick lab example. But theory first!

Theory of separating management rail between different customers with and without private VLANs

Solving management separation with a lot of subnets and firewalls

Fortunately Private VLANs arrived for most major vendors and promissed the ability to have one giant subnet and separate every host from each other on L2 using some basic principle of declaring ports as either promiscuous (can talk to any other port type), community (can talk to ports Continue reading

Worth Reading: A few secrets of successful learning

Turn off every single distraction, put your phone into silent mode and leave it in another room, shut down all applications on your laptop (or tablet) and study. Also, don’t push it. You can’t absorb a complex topic in a few hours. Take a few small chunks at a time, try to understand them completely, think about them for a while (great ideas happen when your brain is totally bored while you’re brushing your teeth), figure out how you could use that knowledge in your network, and then proceed to the next chunk. —ipspace

The post Worth Reading: A few secrets of successful learning appeared first on rule 11 reader.

It’s Not The Size of Your Conference Community

CLUS2016Tweetup

Where do you get the most enjoyment from your conference attendance? Do you like going to sessions and learning about new things? Do you enjoy more of the social aspect of meeting friends and networking with your peers? Maybe it’s something else entirely?

It’s The Big Show

When you look at shows like Cisco Live, VMworld, or Interop ITX, there’s a lot going on. There are diverse education tracks attended by thousands of people. You could go to Interop and bounce from a big data session into a security session, followed by a cloud panel. You could attend Cisco Live and never talk about networking. You could go to VMworld and only talk about networking. There are lots of opportunities to talk about a variety of things.

But these conferences are huge. Cisco and VMware both take up the entire Mandalay Bay Convention Center in Las Vegas. When in San Francisco, both of these events dwarf the Moscone Center and have to spread out into the surrounding hotels. That means it’s easy to get lost or be overlooked. I’ve been to Cisco Live before and never bumped into people I know from my area that said they Continue reading

Top 5 misconceptions of IoT network and device security

Security in multiplesImage by ShutterstockThe Internet of Things (IoT) describes an interconnected system of standalone devices, which communicate and transfer data within the existing internet infrastructure, providing greater insight and control over elements in our increasingly connected lives. With an estimated 30 billion connected devices to be deployed across the globe by 2020, the promise of a global Internet of Things is fast approaching, posing a whole new level of threats to connected organizations. To a potential attacker, a device presents an interesting target for several reasons. First, many of the devices will have an inherent value by the simple nature of their function. A connected security camera, for example, could provide valuable information about the security posture of a given location when compromised. Hackers are already using IoT devices for their malicious purposes in multiple types of attacks on networks and servers. DSL, DDoS and bot attacks in 2016 have proven that there is no shortage of opportunities that hackers are willing to exploit. Portnox explains these common misconceptions.To read this article in full or to leave a comment, please click here

Top 5 misconceptions of IoT network and device security

Security in multiplesImage by ShutterstockThe Internet of Things (IoT) describes an interconnected system of standalone devices, which communicate and transfer data within the existing internet infrastructure, providing greater insight and control over elements in our increasingly connected lives. With an estimated 30 billion connected devices to be deployed across the globe by 2020, the promise of a global Internet of Things is fast approaching, posing a whole new level of threats to connected organizations. To a potential attacker, a device presents an interesting target for several reasons. First, many of the devices will have an inherent value by the simple nature of their function. A connected security camera, for example, could provide valuable information about the security posture of a given location when compromised. Hackers are already using IoT devices for their malicious purposes in multiple types of attacks on networks and servers. DSL, DDoS and bot attacks in 2016 have proven that there is no shortage of opportunities that hackers are willing to exploit. Portnox explains these common misconceptions.To read this article in full or to leave a comment, please click here

Stuff The Internet Says On Scalability For May 26th, 2017

Hey, it's HighScalability time:

 

 

Sport imitating tech. Cloud Computing chases down Classic Empire to win...the Preakness. (Daily News)

If you like this sort of Stuff then please support me on Patreon.
  • 42%: increase US wireless traffic since 2015; 44: age of Ethernet; I $18.5m: low cost of Target data breach; 25 million: record set from Library of Congress; 98%: WannaCry infections on Windows 7; 100 terabytes: daily Pinterest logging; 2020: when Microsoft will have DNA storage in the cloud; 220 μm: size of microbots; 2 billion: lines of code in Google repository; 40%+: esports industry growth; 

  • Quotable Quotes:
    • @Werner: There is no compression algorithm for experience.
    • @colinmckerrache: We just crossed over 2m EVs on the road. So yeah, second million took just under 18 months. Next million in about 10 months.
    • @swardley: When discussing China, stop thinking cheap labour, communism & copying ... to understand changes, start thinking World's largest VC.
    • @JOTB17: "Cars generate more than 4Tb of data a day, humans are becoming irrelevant in data collection" ? @saleiva #JOTB17
    • Wojciech Kudla: that's why blacklisting workqueues from critical Continue reading

Whose Zoomin who? Polycom is

Shortly after talking the helm as Polycom, CEO Mary McDowell discussed her strategy for the company moving forward. One of the focus areas for it is to broaden its technology partner ecosystem. The company has a great partnership with Microsoft and is the only vendor that has products that interoperate natively with Skype for Business/Office 365. As lucrative as this partnership has been to Polycom, McDowell recognizes that not everyone will be using Microsoft for their collaboration needs. + Also on Network World: Polycom brings a wide variety of video solutions to Microsoft Unified Communications + Also, Polycom will be directing more resources into endpoint innovation. The infrastructure business at Polycom has been in decline for years because customers are choosing to leverage the power and ubiquity of the cloud. Polycom has been a technology leader since its inception, but the transition of video from being on premises to the cloud has shrunk the companies addressable market. Hence the change in strategy.To read this article in full or to leave a comment, please click here

Whose Zoomin who? Polycom is

Shortly after talking the helm as Polycom, CEO Mary McDowell discussed her strategy for the company moving forward. One of the focus areas for it is to broaden its technology partner ecosystem. The company has a great partnership with Microsoft and is the only vendor that has products that interoperate natively with Skype for Business/Office 365. As lucrative as this partnership has been to Polycom, McDowell recognizes that not everyone will be using Microsoft for their collaboration needs. + Also on Network World: Polycom brings a wide variety of video solutions to Microsoft Unified Communications + Also, Polycom will be directing more resources into endpoint innovation. The infrastructure business at Polycom has been in decline for years because customers are choosing to leverage the power and ubiquity of the cloud. Polycom has been a technology leader since its inception, but the transition of video from being on premises to the cloud has shrunk the companies addressable market. Hence the change in strategy.To read this article in full or to leave a comment, please click here

Worth Reading: There is no free market for electricity

Electricity is an input in virtually everything we do as a modern society. Few Americans remember what it was like to live without it and its attendant benefits on quality of life, labor productivity, and human health. Electricity is today largely taken for granted, yet for middle-class and older Americans utility bills often constitute a significant share of household expenses. In the manufacture of everything from aluminum to silicon to chemicals, electricity is usually the largest operating expense; for many other manufactured goods, it is second only to labor. —American Affairs

The post Worth Reading: There is no free market for electricity appeared first on rule 11 reader.

Dell EMC and The Amazing Internet Of Things

While at Dell EMC World 2017 I had a very interesting chat with Jason Shepherd, Dell EMC’s Director of IoT Strategy & Partnerships. To be clear, I’m not an expert on the Internet of Things (IOT), and our discussion was a useful reminder how much difference perspective makes when evaluating a technology.

 

Dell EMC Logo

 

Internet Of Things: Use Cases

When I think about IOT the first thing that comes to mind — naturally enough — are the items most applicable to me, like a smart thermostat, smart door locks, smart light bulbs, and so forth. I work in an enterprise, so I also think about building management in the enterprise, to include things like smart lighting, HVAC, presence sensors, temperature monitoring and more. Both of these environments are ripe for IOT functionality, and are the ones that most of us are likely to encounter on a daily basis.

However, it’s probably obvious that there are many more use cases for IOT devices, including for example:

  • industrial (monitoring critical equipment like motors, valves, temperatures, flow meters)
  • metropolitan (city-wide automotive/pedestrian traffic monitoring, traffic flows)
  • agricultural (monitoring water levels, animal health, production volumes, environmental)
  • automotive (monitoring the car’s engine, location, mechanical and electronic Continue reading

23% off iRobot Roomba 650 Robotic Vacuum Cleaner – Deal Alert

If you want a thorough, everyday clean, maybe you should consider using robots. The Roomba 650 Vacuuming Robot provides a thorough clean at the push of a button. The patented, 3-Stage Cleaning System easily picks up dust, pet hair and large debris like cereal and works on all floor types, adjusting itself and re-charging itself as needed to make sure the job is done correctly every time you need it -- preset Roomba to clean when it’s convenient for you. Roomba is just 3.6 inch tall, and is specifically designed to fit under most furniture, beds and kickboards. The 650 model is a #1 best seller on Amazon, where its typical list price of $374 is reduced right now to $286.99. See this deal on Amazon.To read this article in full or to leave a comment, please click here

1 2,083 2,084 2,085 2,086 2,087 3,883