Levelling the playing field: 3 tips for women on breaking into tech
Do you worry over work decisions? Do you negatively compare your work to
others? Chances are you’ve experienced imposter syndrome. And you’re far from
alone — 90% of women in the UK experience it too. As Kim Diep from Trainline
mentioned at Code Fest: “No matter what level you are in, in your tech career,
I think everyone has some moments of self-doubt where they feel like they’re
not good enough.” When you feel insecure, it’s easy to bottle those feelings
up and keep your head down. To combat this, step out of your comfort zone and
face these insecurities head-on. Remember, you were hired because of skills,
talent and experience — not by luck! You don’t have to dive straight into
delivering your next company all-hands. However, trying something as simple as
active participation in meetings can help boost confidence. ... Whether you’re
looking to transition into a tech-based career or have worked in the industry
for years, mentors are an invaluable source of wisdom, experience and
relationships. Look to your managers for advice — that’s what they are there
for. Join webinars or virtual events, ask questions and don’t be afraid to
drop someone you admire a friendly LinkedIn note to see if they’d be up for
sharing any tips.
Why Every DevOps Team Needs A FinOps Lead
FinOps is the operating model for the cloud. FinOps enables a shift — a
combination of systems, best practices, and culture — to increase an
organization’s ability to understand cloud costs and make tradeoffs. In the
same way that DevOps revolutionized development by breaking down silos and
increasing agility, FinOps increases the business value of cloud by bringing
together technology, business, and finance professionals with a new set of
processes. Simply put, FinOps applies the same principles of DevOps to
financial and operational management of cloud assets and infrastructure.
Ideally, this means managing those assets through code rather than human
interventions. To do this effectively, a FinOps practitioner must understand
the patterns of both customer usage and product requirements, and map those
correctly to maximize value while continuing to optimize for customer
experience. ... When we started our FinOps project, all we had to work with
were flat data files that lacked key information. With these flat files, we
had no easy means of attributing dollar values to specific projects or
research deployments. Needless to say, this was a nightmare.
Three Reasons AI-Powered Platforms Fail
First and foremost, businesses must have a clear idea of exactly what they
want to replace with machines. If you shoot for the moon before
understanding gravity, you're not going to get very far. When it comes to
building AI-powered platforms, you have to build up to solving the
big-picture problem by first automating lots of small functions and tasks.
Often, businesses automate the wrong things and end up creating technology
that is unable to deliver on its promise. Start by studying the industry to
understand the most mundane, time-consuming, human-intensive or manual
processes of a task or function; focus on areas like repetitive tasks, data
entry, common requests, etc. This is where your automation work should
begin. It is paramount that the foundational elements of an AI-powered
platform are consistently operating with 100% accuracy before moving on to
building the next layer of automation. ... It's a given you need to hire
strong data scientists and technologists experienced in AI, machine learning
and natural language processing, and many businesses are following this
protocol: Job postings for AI-related roles grew 14% year over year prior to
the Covid-19 outbreak in early March 2020.
Rethinking risk and compliance for the Age of AI
At its core, risk management refers to a company’s ability to identify,
monitor and mitigate potential risks, while compliance processes are meant
to ensure that it operates within legal, internal and ethical boundaries.
These are information-intensive activities – they require collecting,
recording and especially processing a significant amount of data and as such
are particularly suited for deep learning, the dominant paradigm in AI.
Indeed, this statistical technique for classifying patterns – using neural
networks with multiple layers – can be effectively leveraged for improving
analytical capabilities in risk management and compliance. ... early
experience shows that AI can create new types of risks for businesses. In
hiring and credit, AI may amplify historical bias against female and
minority background applicants, while in healthcare it may lead to opaque
decisions because of its black box problem, to name just a few. These risks
are amplified by the inherent complexity of deep learning models which may
contain hundreds of millions of parameters. This encourages companies to
procure third-party vendors’ solutions about which they know little of the
inner functioning.
An introduction to web application firewalls for Linux sysadmins
Much like "normal" firewalls, a WAF is expected to block certain types of
traffic. To do this, you have to provide the WAF with a list of what to
block. As a result, early WAF products are very similar to other products
such as anti-virus software, IDS/IPS products, and others. This is what is
known as signature-based detection. Signatures typically identify a specific
characteristic of an HTTP packet that you want to allow or deny. ...
Signatures work pretty well but require a lot of maintenance to ensure that
false positives are kept to a minimum. Additionally, writing signatures is
often more of an art form rather than a straightforward programming task.
And signature writing can be quite complicated as well. You're often trying
to match a general attack pattern without also matching legitimate traffic.
To be blunt, this can be pretty nerve-racking. ... In the brave new world of
dynamic rulesets, WAFs use more intelligent approaches to identifying good
and bad traffic. One of the "easier" methods employed is to put the WAF in
"learning" mode so it can monitor the traffic flowing to and from the
protected web server. The objective here is to "train" the WAF to identify
what good traffic looks like.
Cryptojacking: The Unseen Threat
The reasons around why cryptojacking is more prolific is threefold: It doesn't
require elevated permissions, it is platform agnostic, and it rarely sets off
antivirus triggers. In addition, the code is often small enough to insert
surreptitiously into open source libraries and dependencies that other
platforms rely on. It can also be configured to throttle based on the device,
as well as use a flavor of encrypted DNS, in order not to arouse
suspicions. Cryptojacking can also be built for almost any context and in
various languages such as JavaScript, Go, Ruby, Shell, Python, PowerShell,
etc. As long as the malware can run local commands, it can utilize CPU
processing power and start mining cryptocurrency. In addition to entire
systems, cryptominers can thrive in small workhorse environments, such as
Docker containers, Kubernetes clusters, and mobile devices, or leverage
misconfigured cloud instances and overpermissioned accounts. The possibilities
are endless. ... In addition to the huge number of targets, corporate data
breaches are heavily underreported because laws vary by jurisdiction on when a
company is required to report a breach.
Speeding up HTTPS and HTTP/3 negotiation with... DNS
The fundamental problem comes from the fact that negotiation of HTTP-related
parameters (such as whether HTTPS or HTTP/3 can be used) is done through
HTTP itself (either via a redirect, HSTS and/or Alt-Svc headers). This leads
to a chicken and egg problem where the client needs to use the most basic
HTTP configuration that has the best chance of succeeding for the initial
request. In most cases this means using plaintext HTTP/1.1. Only after it
learns of parameters can it change its configuration for the following
requests. But before the browser can even attempt to connect to the website,
it first needs to resolve the website’s domain to an IP address via DNS.
This presents an opportunity: what if additional information required to
establish a connection could be provided, in addition to IP addresses, with
DNS? That’s what we’re excited to be announcing today: Cloudflare has rolled
out initial support for HTTPS records to our edge network. Cloudflare’s DNS
servers will now automatically generate HTTPS records on the fly to
advertise whether a particular zone supports HTTP/3 and/or HTTP/2, based on
whether those features are enabled on the zone. The new proposal,
currently discussed by the Internet Engineering Task Force (IETF) defines a
family of DNS resource record types (“SVCB”) that can be used to negotiate
parameters for a variety of application protocols.
Microsoft Issues Updated Patching Directions for 'Zerologon'
Microsoft issued a four-step plan to protect a user's environment and prevent
outages: Update domain controllers with a patch released Aug. 11 or
later; Find devices that are making vulnerable connections by monitoring
event logs; Address noncompliant devices making vulnerable connections;
and Enable enforcement mode to address CVE-2020-1472 in your environment.
Microsoft issued the first phase of the patch on Aug. 11 to partially mitigate
the vulnerability. It plans to issue a second patch Feb. 9, 2021, which will
handle the enforcement phase of the update. "The [domain controllers] will now
be in enforcement mode regardless of the enforcement mode registry key,"
Microsoft says. "This requires all Windows and non-Windows devices to use
secure [Remote Procedure Call] with Netlogon secure channel or explicitly
allow the account by adding an exception for the non-compliant device." ...
"An elevation of privilege vulnerability exists when an attacker establishes a
vulnerable Netlogon secure channel connection to a domain controller, using
the Netlogon Remote Protocol (MS-NRPC). An attacker who successfully exploited
the vulnerability could run a specially crafted application on a device on the
network," Microsoft says.
War of the AI algorithms: the next evolution of cyber attacks
Over the years, hackers have consistently reinforced the old adage: ‘where
there’s a will there’s a way’. Defenders have inputted new rules into their
firewalls or developed new detection signatures based on attacks they have
seen, and hackers have constantly reoriented their attack methodologies to
evade them, leaving organisations playing catch-up and scrambling for a plan
B in the face of an attack. A paradigm shift came in 2017 when the
destructive ransomware ‘worms’ WannaCry and NotPetya caught the security
world unaware, bypassing traditional tools like firewalls to cripple
thousands of organisations across 150 countries, including a number of NHS
agencies. A critical response to the onset of increasingly sophisticated and
novel attacks has been AI-powered defences, a development driven by the
philosophy that information about yesterday’s attacks cannot predict
tomorrow’s threats. In recent years, thousands of organisations have
embraced AI to understand what is ‘normal’ for their digital environment and
identify behaviour that is anomalous and potentially threatening. Many have
even entrusted machine algorithms to autonomously interrupt fast-moving
attacks. This active, defensive use of AI has changed the role of security
teams fundamentally, freeing up humans to focus on higher level tasks.
The biggest cyber threats organizations deal with today
“Ransomware criminals are intimately familiar with systems management concepts
and the struggles IT departments face. Attack patterns demonstrate that
cybercriminals know when there will be change freezes, such as holidays, that
will impact an organization’s ability to make changes (such as patching) to
harden their networks,” Microsoft explained. “They’re aware of when there are
business needs that will make businesses more willing to pay ransoms than take
downtime, such as during billing cycles in the health, finance, and legal
industries. Targeting networks where critical work was needed during the
COVID-19 pandemic, and also specifically attacking remote access devices
during a time when unprecedented numbers of people were working remotely, are
examples of this level of knowledge.” Some of them have even shortened their
in-network dwell time before deploying the ransomware, going from initial
entry to ransoming the entire network in less than 45 minutes. Gerrit
Lansing, Field CTO, Stealthbits, commented that the speed at which a targeted
ransomware attack can happen is really determined by one thing: how quickly an
adversary can compromise administrative privileges in Microsoft Active
Directory.
Quote for the day:
"A leader should demonstrate his thoughts and opinions through his actions, not through his words." -- Jack Weatherford
No comments:
Post a Comment