Daily Tech Digest - November 07, 2019

Forrester: Edge computing is about to bloom

edge computing budgets up spending fintech circuitry ben franklin
It’ll also mean that telecom companies will begin to feature a lot more heavily in the cloud and distributed-computing markets. Forrester said that CDNs and colocation vendors could become juicy acquisition targets for big telecom, which missed the boat on cloud computing to a certain extent, and is eager to be a bigger part of the edge. They’re also investing in open-source projects like Akraino, an edge software stack designed to support carrier availability. But the biggest carrier impact on edge computing in 2020 will undoubtedly be the growing availability of 5G network coverage, Forrester says. While that availability will still mostly be confined to major cities, that should be enough to prompt reconsideration of edge strategies by businesses that want to take advantage of capabilities like smart, real-time video processing, 3D mapping for worker productivity and use cases involving autonomous robots or drones. Beyond the carriers, there’s a huge range of players in the edge computing, all of which have their eyes firmly on the future.

Cloud native core banking enables consumers to personalise what they buy

Mark Warrick, chief design officer at Thought Machine, said that rather than the customer being able to just change loan amounts and durations, the system can offer dozens of extra parameters they can edit. “Users can adjust obvious things like the amount, the duration and the payback frequency but can also add repayment breaks,” he said. “This goes straight into their instance of a smart contract and banks can have millions of customers with millions of individually configured loans and mortgages.” Thought Machine already works with a diverse group of banks, including Lloyds Banking Group, Atom Bank, Standard Chartered and Sweden’s SEB – all of which have gone public – as well as others yet to. Ed Twiddy, chief customer officer at Atom Bank, said changing people’s relationship with their money is “at the heart of Atom” and a “cornerstone” of its three years of work with Thought Machine.

AI will now watch for fraudsters on the world’s largest stock exchange

Nasdaq MarketSite TV studio
After investigating the case, the analyst enters the outcome back into the system. In this way, the deep-learning algorithm continuously refines its understanding. It will also be trained to detect different types of abuse over time. But neural networks, the algorithms that power such deep-learning systems, are only as good as the examples they are trained on. In other domains, hackers have been able to fool them by exploiting their blind spots. Doug Hamilton, Nasdaq’s managing director of artificial intelligence, says that’s why the team will first roll out the new surveillance system on top of the old one, rather than replacing it immediately. Having human analysts as a backstop adds an additional layer of insurance, he says. If the system is a success, the company plans to roll it out globally. Nasdaq also operates 29 total markets across North America and Europe and provides market surveillance technologies to 59 other marketplaces, 19 regulators, and over 160 banks and brokers.

React Native End-to-end Testing and Automation with Detox

Software development demands fast responses to user and/or market needs. This fast development cycle can result (sooner or later) in parts of a project being broken, especially when the project grows so large. Developers get overwhelmed with all the technical complexities of the project, and even the business people start to find it hard to keep track of all scenarios the product caters for. In this scenario, there’s a need for software to keep on top of the project and allow us to deploy with confidence. But why end-to-end testing? Aren’t unit testing and integration testing enough? And why bother with the complexity that comes with end-to-end testing? First of all, the complexity issue has been tackled by most of the end-to-end frameworks, to the extent that some tools (whether free, paid or limited) allow us to record the test as a user, then replay it and generate the necessary code. Of course, that doesn’t cover the full range of scenarios that you’d be able to address programmatically, but it’s still a very handy feature.

Amazon fixes Ring Video Doorbell wi-fi security vulnerability

The vulnerability has been disclosed by researchers at cybersecurity company Bitdefender, who note that all Ring Doorbell Pro cameras have now received a security patch to mitigate the issue. Ring Doorbells have become one of the most popular internet-connected doorbells installed in smart homes. These devices provide motion-sensing and video surveillance capabilities that allow users to see and communicate with anyone outside their door via an app -- even if they're not at home. One of the reasons people buy IoT doorbells is safety and the ability to ward off unwanted visitors by speaking to them through the device. But the vulnerability uncovered in the Ring device could have put users at risk from cyber attacks. The vulnerability stems from when the device is first configured to the local network, when the Ring smartphone app needs to send the wireless network connections to the Amazon Ring servers in the cloud. Researchers found that this takes place in an insecure manner that can be exploited by an attacker: not only does the device create an access point without a password, but the credentials of the network are also sent using HTTP, which means they can be exposed to snooping from nearby attackers.

How to Turn Data Management Challenges of Benchmark Reform into Opportunities for New Analytics

Firms can reap benefits from digitising contracts and applying a data governance framework to them, according to Gannon. For example, they will be able to adapt to regulatory change with more agility in future as, in minutes, the business or compliance team will be able to use contract analytics to see all of the documents that are impacted by a rule change. This will dramatically increase efficiency, reduce compliance risk and lead to better client outcomes. As well, firms can drive reporting analysis out of the digitised documents for management purposes. Says Gannon: “We find, particularly in corporate legal departments, that people oftentimes don’t know what’s in their contracts. Sometimes they are paying for things they no longer use, or they are unaware of risks. Maybe they are missing out on revenue opportunities. Just having the contracts digitised can give people better insights into their relationships with customers, vendors, and strategic partners.” Firms with digitised contracts will be able to analyse contracts in bulk and export the information into Word, Excel, a contract management database, or another type of database.

Organizations fail to implement basic cloud security tools

Applications in the cloud help streamline work and improve communications in the enterprise. The most popular cloud applications include Microsoft Office 365 (79%) and Slack (62%), which experienced significant growth over the past couple of years, rising from 56% and 43% in 2018, respectively. Despite early success in the cloud productivity market, Google's G Suite (33%) has lost traction, only seeing an 8% increase in adoption between 2018 and 2019, indicating increased competition in the cloud apps market, according to the report. Cloud app adoption is significant across industries, with the majority of organizations in education (81%), technology (80%), finance (82%) and healthcare (79%) adopting Office 365. While adoption rates were high, adoption of cloud basic cloud security was not, the report found.  One of the most popular cloud security tools is single sign-on (SSO). The report defined SSO as a cloud security tool that organizations use to authenticate users trying to access data within the cloud, referring to SSO as "table stakes when it comes to protecting data in the cloud."

Testing Microservices: 6 Case Studies With a Combination of Testing Techniques

The architects were responsible for gathering techniques, guidelines, and tools to be used by the developers. They were also responsible for creating an architecture that would minimize waste by reuse of proven techniques, tools, and components. The developers wrote JUnit and TestNG integration tests, and used an API mocking tool to mock dependent components. They also wrote Cucumber/Gherkin BDD acceptance API tests to capture the business requirements (they called these "contract tests"), which use a Docker image of the microservice and a Docker image of an API mocking tool called Traffic Parrot. The BDD tests verify both the microservice API and interactions with dependent components by verifying the interactions on the API mocks. That way, the BDD tests verify both microservice API request and response and all communication with dependent components by assertions and verifications. The company used JMeter to create performance tests. JMeter tests test individual microservices, and replaces the dependent components with API mocks of real dependencies like the microservices and the old legacy monolith.

Pros and cons of RPA platforms vs. APIs

As dependent systems change, RPA-powered processes may not be able to absorb the small changes that human beings would absorb without noticing. Changes like colors, button labels or menus can cripple RPA integration. "Thus, RPA can actually be less flexible than APIs," Thielens said. However, Coureil said he expects better OCR and machine learning capabilities will reduce these problems by discovering changes and adjusting configurations. "This potential self-healing property of future RPA could ease the workload of change requests and enhancements," he said. ... "The utility of RPA ends with trivial business processes, such as swivel chair data entry tasks or simple point-to-point orchestrations," said Ross Garrett, chief product officer at Cloud Elements, an API integration platform based in Denver. Most enterprise business processes are far more nuanced than this and rely upon complex data and application integration scenarios to work as required.

Kaspersky Lab Analysis Shines Light on DarkUniverse APT Group

The security vendor made the discovery when trying to identify an advanced persistent group the US National Security Agency (NSA) had been quietly tracking when the ShadowBrokers outfit leaked many of the spy agency's offensive tools in 2017. One of the leaked tools had been used by the NSA to check for traces of malware and other artifacts tied to specific APT groups on compromised systems. Kaspersky Lab's analysis of the tool revealed the NSA was using it to track 44 separate APT groups, many of them unknown and not publicly described at the time. Researchers from the security firm decided to see what they could find about one of the APT groups the NSA was tracking, identified only as "framework #27" in the tool. In a report Tuesday, Kaspersky Lab said its investigation showed the group — which it has dubbed "DarkUniverse" — targeted organizations in Middle Eastern and African countries, as well as entities in Russia and Belarus. 

Quote for the day:

"Leadership is an opportunity to serve. It is not a trumpet call to self-importance." -- J. Donald Walters

No comments:

Post a Comment