June 24, 2015

Oracle's biggest database foe: Could it be Postgres?
Gartner, for example, forecasts that more than 70% of new in-house applications will be developed on an open-source database by 2018, and that 50% of existing commercial RDBMS instances will have been converted to open-source databases or will be in process. In other words, open-source databases are almost certainly cutting off Oracle's oxygen when it comes to new applications, but it may also be cutting into its hegemony within existing workloads. If true, that's new. Though from a biased source, an EnterpriseDB survey of Postgres users certainly suggests that Postgres users are running the venerable open-source database for increasingly mission-critical workloads, including those that used to pay the Oracle tax:


Infographic: Must Read Books in Analytics / Data Science
There are 2 attributes all the members in our team at Analytics Vidhya share: We all are voracious readers; and We all love to share our knowledge with people in simplified manner, so that everyone gets access to this knowledge. These two attributes lead us to naturally gravitate towards sharing some of the best reads we come across. You can think of this infographic as an ideal list of books to have in bookshelf of every data scientist / analyst. These books cover a wide range of topics and perspective (not only technical knowledge), which should help you become a well rounded data scientist.


Snowflake Launches Virtual Data Warehouses On AWS
Snowflake isn't a data warehouse of big data dimensions or routine enterprise data dimensions. Rather, it's a virtual data warehouse that will be sized to match the job sent to it. When the analytical tasks are finished, the warehouse shuts itself off to save overhead. "In other cloud data warehouses, you would have to unload the data to turn it off and then reload it [to use it again]," he said. Snowflake avoids that data movement task. Although Snowflake runs on AWS at its US West facility in Oregon, customers may use Snowflake without an AWS account. They also don't need to understand the ins and outs of Amazon virtual machine selection.


Report Template for Threat Intelligence and Incident Response
When handling a large-scale intrusion, incident responders often struggle with obtaining and organizing the intelligence related to the actions taken by the intruder and the targeted organization. Examining all aspects of the event and communicating with internal and external constituents is quite a challenge in such strenuous circumstances. The following template for a Threat Intelligence and Incident Response Report aims to ease this burden. It provides a framework for capturing the key details and documenting them in a comprehensive, well-structured manner. This template leverages several models in the cyber threat intelligence (CTI) domain, such as the Intrusion Kill Chain, Campaign Correlation, the Courses of Action Matrix and the Diamond Model.


Startup’s Lightbulbs Also Stream Music
The speaker bulb, which twists into a standard-size light socket, contains white and yellow LEDs, the brightness or dimness of which co√∂rdinates wirelessly with other Twist bulbs that contain just LEDs. Astro, which plans to ship the gadgets early next year, says a starter pack with two LED bulbs, a speaker bulb, and a handheld dimmer switch will cost $399, reduced to $249 for two months to encourage people to sign up. While companies like Philips Hue focus on automating and customizing the lights themselves, Twist is among a handful of companies thinking of the lightbulb as a conduit for wireless audio, too. The company says it plans to add additional functions in the future as well.


Why It's Worth Divorcing Information Security From IT
Too often, when Security reports to IT, we find the IT mentality interferes with security processes and priorities. These days, there is little to no common ground between keeping IT systems up and running for authorized users and monitoring them for signs of compromise by smart, stealthy criminals. Identifying and securing an already compromised system requires the capability to differentiate malicious activity from normal behavior, and hackers are very good at making their activity look normal. The only way to find them is through a combination of new technologies and human judgment. Being a subdivision of the IT department makes security blind to important business processes and to decision making at the corporate and department level.


Aligning Private Cloud and Storage: 4 Considerations
Firstly, the private cloud offers a greater degree of control than the public cloud, especially with data. When you build a private cloud, you’re able to keep your data at your fingertips, establish performance levels that your organization demands to best serve end-users and customers and set security policies that align with your customer responsibilities or industry regulations. Secondly, private cloud gives you more control of applications. Most public clouds require apps to fit their cloud mould, but a lot of businesses have unique, custom-made applications and recoding these applications to fit the public cloud is not a good solution.


Finance Hit by 300 Times More Attacks Than Other Industries
As can be expected, cyber-criminals are working hard to ensure their attacks are as successful as possible, firing a large volume of low level threats at their targets in order to distract IT security professionals while the main targeted attack is launched, Websense said. Obfuscation, malicious redirection and black hat SEO have become popular of late, although patterns apparently shift on a month-by-month basis – again to improve success rates. Targeted typosquatting is also making a comeback in the sector, usually in combination with social engineering as part of spear phishing attacks designed to compromise a host or trick a user into instigating a payment or transfer of money, the report claimed.


Mobile app testing for fun and profit
"If you're doing testing for a mobile website you can more or less use the same tools as you would when just testing out a normal website with your browser," Prusak said. "Ultimately, it should still work with your browser, and there are plug-ins and extensions which work with today's browsers which you can modify HTTP headers or even the resolution and make the backend still think you're connecting on a mobile device." "I'm aware of a plethora of different solutions and all of them require either jail-breaking the device or installing software on your computer and then pointing your phone or device to your computer and using that as a proxy," Prusak said. He sees these solutions as rife with issues, inefficient, and too complex.


Why You Should Definitely Migrate Existing Apps to the Cloud
100% security is an illusion. If you have to make a decision based on the available choices, cloud services are in no way less secure than any of the existing systems in place. Cloud service providers are known for their innovations. It is apparent that at any point in time they would implement better physical and logical security practices than a standalone on-premise data center operation. Many cloud providers are now ISO, PCI DSS, EU Model Clauses and other global security agencies certified. Moreover not all the applications require a bank grade security. Do they? In case you’ve highly sensitive data or your app is subjected to specific security & privacy regulations (such as HIPAA and HITECH) you can opt for Hybrid Cloud Service



Quote for the day:

"The time is always right to do what is right." -- Martin Luther King Jr.