Podcasts about control plane

This week on The Business of Open Source I spoke with Andrew Martin, CEO and founder of Control Plane. Control Plane is ultimately a consulting company, as Andrew introduced it. But the company also created and maintains KubeSec, and also has an enterprise version of Flux CD that it licenses. That gives this conversation a slightly different flavor from the usual. Here's some of the things we talked about: The business ROI that Andrew expected to get from releasing KubeSec, and whether or not he as actually seen those expected results play outThe difference between bootstrapping a company by offering services and by offering consulting — specifically what the difference between services and consulting is. The problem with “drive-by” feature development in open source projects — when people contribute features but don't commit to the ongoing maintenance of the projectWhy Control Plane decided to release an enterprise version of FluxCD, and how the enterprise version of Flux is differentiated from the pure open source project. Why underinvesting in marketing, especially in marketing for the open source projects, was a mistakeJoin us at Open Source Founders Summit if you want more conversations about how companies are built around open source projects, from consultancies to large corporations. 

DSO Overflow S4EP10Threat ModellingwithAshley WardIn this month's episode, Steve and Glenn chatted with Ashley Ward to discuss topics around threat modelling.Ashley is a highly experienced CTO at ControlPlan with expertise in cloud-native architectures and cybersecurity, known for leading transformative initiatives across startups and large enterprises, including as Group CTO for a €4.5 billion company. He excels in scaling organisations through agile, FinOps, and DevSecOps, while inspiring teams and engaging with stakeholders at all levels. As a Justice of the Peace since 2017, Ashley brings additional strengths in decision-making, public speaking, and community-focused leadership.In this episode of DSO Overflow, Ashley Ward, CTO at Control Plane, discusses threat modelling in cloud-native environments, security challenges, and the impact of emerging technologies like AI. Ward explains that threat modeling should start with existing knowledge and highlights the benefits of collaborative, iterative approaches. He emphasises involving various teams in the process to account for application, platform, and infrastructure layers. Ward also discusses practical frameworks, such as the CIA triad and STRIDE, and points out the specific challenges in cloud-native threat modelling, like microservices and fast-paced release cycles. Regarding AI, he cautions about the heightened risks, as AI democratises hacking capabilities. Ward advocates for using AI thoughtfully in threat modelling and encourages companies to adopt proactive security strategies. He concludes by encouraging organisations to embrace threat modelling as an evolving, essential practice.Resources mentioned in this podcast:Ashley Ward's LinkedIn profileControlPlane websiteDSO Overflow is a DevSecOps London Gathering production. Find the audio version on all good podcast sources like Spotify, Apple Podcast and Buzzsprout.This podcast is brought to you by our sponsors:  Prisma Cloud, Tigera and ApiiroYour HostsSteve Giguere linkedin.com/in/stevegiguereGlenn Wilson linkedin.com/in/glennwilsonJessica Cregg linkedin.com/in/jessicacregg

Sriram Panyam, CTO at DagKnows, discusses SaaS Control Planes with SE Radio host Brijesh Ammanath. The discussion starts off with the basics, examining what control planes are and why they're important. Sriram then discusses reasons for building a control plane and the challenges in designing one. They explore design and architectural considerations when building a SaaS control plane, as well as the key differences between a control plane and a data plane. This episode is sponsored by QA Wolf.

Check out my interview with Shirshanka Das, CTO and Co-founder of Acryl Data, at the Snowflake Summit. We discussed some interesting topics, including DataHub, Acryl, and the Control Plane for Data and AI. -- An important part of our discussion centered around the concept of a "Control Plane for Data and AI" -- As AI use-cases become more prevalent, a Control Plane serves as a crucial tool for organizations. It offers a single point of control and visibility for all data and AI operations, simplifying the complexities of AI implementation -- We also discussed about the future of AI use-cases given the hype of metadata solutions on the market -- On the subject of open source, Shirshanka emphasized its importance in fostering a collaborative environment for knowledge sharing and innovation Stay tuned for more insights and stories from the Snowflake Summit! #data #ai #snowflakesummit #snowflakeflake2024 #acryldata #theravitshow

This week on the show, we talk with Bill Tarr, Principal Solutions Architect at AWS SaaS Factory. He's a super thoughtful guy, expert in SaaS architecture and architectural patterns. We talk about tenancy, infrastructure decisions, SaaS gotchas, security, permissioning, and even dip into technical challenges of building Gen AI into SaaS. Timestamps 00:01:29 Background 00:07:26 Common Challenges 00:11:46 Infrastructure Choices 00:14:29 Missteps 00:18:57 Control Plane & Application Plane 00:25:52 Permissioning in a Multi-tenant setup 00:32:54 Gen AI & SaaS 00:35:07 Amazon Bedrock 00:49:27 Quickfire questions 01:01:17 Security In SaaS

Today on the Black Tech Building Episode. I'm going to give everyone a sneak preview of Code Launch MPLS, Also, doing demo. on CoPP (Control Plane Policing) and QOS intro. Recorded on 5/7/2024 Today's Black Tech Building Show Discussion https://study-ccnp.com/cisco-copp-control-plane-policing-configuration/ https://networklessons.com/quality-of-service/policing-configuration-example https://networklessons.com/quality-of-service/traffic-shaping-on-cisco-ios https://www.universe.com/events/codelaunch-minn-2024-live-startup-competition-and-innovation-expo-tickets-PJDYML https://codelaunch.com/the-six-startups-youll-see-compete-live-at-codelaunch-minn-2024-on-may-9th/ Tech News of the day https://www.pcworld.com/article/2320535/microsofts-newest-windows-update-breaks-vpns-and-theres-no-fix.html https://www.pcworld.com/article/2323207/microsoft-edge-browser-gets-a-built-in-network-test.html https://www.techradar.com/news/project-007-release-date-trailers-news-and-everything-we-know https://www.tomshardware.com/video-games/pc-gaming/sony-makes-helldivers-2-psn-account-linking-u-turn-gamer-uproar-and-review-bombing-turned-the-tide https://www.pcworld.com/article/2324475/may-the-geforce-be-with-you-nvidia-made-an-admiral-ackbar-4080.html https://www.pcworld.com/article/2326415/apple-claims-its-ai-will-obliterate-pcs-nah-not-really.html?utm_date=20240507212710&utm_campaign=PCWorld%20Top%20Stories%20%40PCWorld&utm_content=Title%3A%20Apple%20claims%20its%20M4%20chip%27s%20AI%20will%20obliterate%20PCs.%20Nah%2C%20not%20really&utm_term=Editorial%20-%20Top%20Stories%20%40PCWorld&utm_medium=email&utm_source=Adestra&huid=4709ed57-1b84-410b-9585-86a9eb0ed1ca https://www.pcworld.com/article/2324868/new-hdr-spec-is-designed-to-make-low-end-monitors-suck-less.html?utm_date=20240507212724&utm_campaign=PCWorld%20Top%20Stories%20%40PCWorld&utm_content=Title%3A%20VESA%27s%20new%20HDR%20spec%20makes%20low-end%20monitors%20less%20miserable&utm_term=Editorial%20-%20Top%20Stories%20%40PCWorld&utm_medium=email&utm_source=Adestra&huid=4709ed57-1b84-410b-9585-86a9eb0ed1ca --- Send in a voice message: https://podcasters.spotify.com/pod/show/ben-uko/message

Zero latency to nie lada wyzwanie przy budowie aplikacji i produktów o globalnym zasięgu. Razem z Darkiem Dwornikowskim rozmawiamy o tym, jak wygląda praca nad rozwojem globalnego produktu, którego używa między innymi Netflix. 

How do you manage your DNS? Carl and Richard talk to Anthony Eden of DNSimple about his latest product, the Domain Control Plane. Anthony talks about how everyone has DNS—and usually in more than one place. Getting a common view of all your DNS entries, no matter where they are, is valuable, but being able to automate changes is even more important, especially as things scale up! The conversation ranges over development, cloud, scaling systems, and some old-fashioned geekery!

How do you manage your DNS? Carl and Richard talk to Anthony Eden of DNSimple about his latest product, the Domain Control Plane. Anthony talks about how everyone has DNS—and usually in more than one place. Getting a common view of all your DNS entries, no matter where they are, is valuable, but being able to automate changes is even more important, especially as things scale up! The conversation ranges over development, cloud, scaling systems, and some old-fashioned geekery!

AP correspondent Ben Thomas reports on the latest developments in the Russi-Ukraine war, as it enters its third year.

Previously — In episode 11, we meet the three-man chalk of JTF Alpha—a motley collection of military oddballs hand-picked by John Spillers. There's Delaloza, who spends most of his time napping, not saying a word. And Chaulette, a full bird colonel recently transferred from an all black airborne unit known as the Triple Nickels. And Dawkins—a disgraced Navy UDT diver who is, in the words of Ramler “a pile-up of unintended consequences”. Dawkins is in charge of the chalk and their mission objectives are clear: jump into the Grass Cutting Area, cut off the compound's communications with Ramey, locate and take possession of the detainee Jesus Santiago, and kill anyone who gets in the way. Accompanying the chalk is a tight-lipped jumpmaster who wears a blank piece of fabric where his name tape ought to be. This small violation of uniform SOP immediately arouses the attention of the pilot—captain Will Hardesty, a man who by modern standards, would be classified as on the spectrum—but in 1950 is just another military oddball. Hardesty spends the duration of the flight spitballing possible names for the jumpmaster while observing the men of the chalk with a mixture of suspicion, astonishment, and detached coolness. Though he knows he's flying them to a spot above Ramey Air Force base in Puerto Rico, he has no idea why.

Highlights from this week's conversation include:Nick's background and journey in data (2:28)Founding Dagster Labs (7:50)The evolution of data engineering (12:32)Fragmentation in data infrastructure (15:04)The role of orchestration in data platforms (19:53)The importance of operational tools for data pipelines (25:01)Lessons learned from working with GraphQL (26:19)The role of the orchestrator in data engineering (34:51)The boundaries between data infrastructure and product engineering (37:33)Different orchestrators in the data infrastructure landscape(42:03)The role of MLOps in data engineering (46:04)Data Quality and Orchestration (51:04)Future of Data Teams and Orchestration (54:27)Final thoughts and takeaways from (58:01)The Data Stack Show is a weekly podcast powered by RudderStack, the CDP for developers. Each week we'll talk to data engineers, analysts, and data scientists about their experience around building and maintaining data infrastructure, delivering data and data products, and driving better outcomes across their businesses with data.RudderStack helps businesses make the most out of their customer data while ensuring data privacy and security. To learn more about RudderStack visit rudderstack.com.

Metadata is information that travels with the raw data that provides context, provenance, security, authorship, controls, and indexing. The number of ways that you can expand the use of data is controlled by adding metadata. It creates a change in how we look at and manage data. Instead of creating control systems that contain the data, it's actually packaged the control infrastructure, or the data control plane, as part of the data so that all of the systems can participate in it. We also talk about data mesh a lot in that context. Transcript: https://otter.ai/u/bho2SHu0N1YfECix6X8qNvKTlB4 Image: https://www.pexels.com/photo/pensive-ethnic-man-listening-to-answer-in-paper-cup-phone-3760607/

Join this episode of In the Nic of Time with Dan Wilson, Co-Founder and CTO, Control Plane as they discuss the importance of cloud agnosticism, the challenges, the benefits and the costs.

Iranian APT data extraction tool described. LockBit gang comes under DDoS. Twitter whistleblower security claims made public. Poland and Ukraine conclude cybersecurity agreement. Greek national natural gas supplier under criminal cyberattack. Update to the Joint Alert on Zimbra exploitation. Addition to CISA's Known Exploited Vulnerabilities Catalog. Johannes Ullrich from SANS on Control Plane vs. Data Plane vulnerabilities. Our guest is David Nosibor, Platform Solutions Lead for UL to discuss SafeCyber Phase II. And, finally, targeting and trolling, with an excursus on Speedos. Really. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/159 Selected reading. New Iranian APT data extraction tool (Google) LockBit gang hit by DDoS attack after Entrust leaks (Register)  Former security chief claims Twitter buried ‘egregious deficiencies' (Washington Post)  Ex-Twitter exec blows the whistle, alleging reckless and negligent cybersecurity policies (CNN)  Twitter's Ex-Security Head Files Whistleblower Complaint (Wall Street Journal) Deception, Bots, and Foreign Agents: The Twitter Whistleblower's Biggest Allegations (Time) The Ministry of Digital Transformation, State Service of Special Communication and Information Protection and the Council of Ministers of the Republic of Poland signed Memorandum of understanding in the cybersecurity field. (State Service of Special Communication and Information Protection)  Greek natural gas operator suffers ransomware-related data breach (BleepingComputer)  Greek gas operator refuses to negotiate with ransomware group after attack (The Record by Recorded Future) Announcement | (DESF) Threat Actors Exploiting Multiple CVEs Against Zimbra Collaboration Suite (CISA)  US government really hopes you've patched your Zimbra server (Register) CISA Adds One Known Exploited Vulnerabilities to Catalog (CISA)  Speedo-wearing Russian tourists leak defence secrets on Twitter (The Telegraph)

Niall Dalton (Co-Founder @seaplane_io) talks about simplifying the deployment of complex application and improving Day 2 operations.SHOW: 639CLOUD NEWS OF THE WEEK - http://bit.ly/cloudcast-cnotwCHECK OUT OUR NEW PODCAST - "CLOUDCAST BASICS"SHOW SPONSORS:CloudZero - Cloud Cost Intelligence for Engineering TeamsDatadog Kubernetes Solution: Maximum Visibility into Container EnvironmentsStart monitoring the health and performance of your container environment with a free 14 day Datadog trial. Listeners of The Cloudcast will also receive a free Datadog T-shirt.Streamline on-call, collaboration, incident management, and automation with a free 30-day trial of Lightstep Incident Response, built on ServiceNow. Listeners of The Cloudcast will also receive a free Lightstep Incident Response T-shirt after firing an alert or incident.Pay for the services you use, not the number of people on your team with Lightstep Incident Response. Try free for 30 days. Fire an alert or incident today and receive a free Lightstep Incident Response t-shirt.SHOW NOTES:Seaplane.io (homepage)Seaplane gets $15M in funding from SequoiaIntroducing Seaplane (blog)Topic 1 - Welcome to the show. Tell us a little bit about your background, and what led you to create Seaplane IO. Topic 2 - I feel like a lot of people talk about Lo-Code to make it easier for non-developers, and serverless for non-ops, but nobody really talks about more robust apps that want deployment and ops taken care of for them. Give us an overview of Seaplane IO.Topic 3 - If i'm a developer, where does my code and application stop and where does Seaplane IO take over? Is there a “best” application that can take advantage of Seaplane IO?Topic 4 - What does Day 2 look like for an application deployed to Seaplane IO? Topic 5 - Help us understand some of the intelligent (“automatic”) things that Seaplane IO does to align my application to user-traffic, or failed cloud infrastructure?Topic 6 - What are some areas where you see the Seaplane IO “control plane” expanding in the future?FEEDBACK?Email: show at the cloudcast dot netTwitter: @thecloudcastnet

Developers want an Edge experience akin to that of the public cloud. They simply write the code deployed to the endpoint. Astute developers can implement DevOps methods that fully use the underlying infrastructure but don't have to worry about the control plane. Sarbjeet Johal and RackN CEO Rob Hirschfeld both rejoin Keith Townsend in debating [...]

We talked to Grant Gumina and Bassam Tabbara of Upbound about all things Crossplane.

In this episode we are going to look at Software-Defined Networking.We will be discussing Control Plane and Data Plane, Network Virtualization Technologies, and finally Traditional and SDN Architectures.Thank you so much for listening to this episode of my series on Enterprise Networking, Security, and Automation for the Cisco Certified Network Associate (CCNA).Once again, I'm Kevin and this is KevTechify. Let's get this adventure started.All my details and contact information can be found on my website, https://KevTechify.com-------------------------------------------------------Cisco Certified Network Associate (CCNA)Enterprise Networking, Security, and Automation v3 (ENSA)Episode 13 - Network VirtualizationPart D - Software-Defined NetworkingPodcast Number: 67-------------------------------------------------------Equipment I like.Home Lab ►► https://kit.co/KevTechify/home-labNetworking Tools ►► https://kit.co/KevTechify/networking-toolsStudio Equipment ►► https://kit.co/KevTechify/studio-equipment 

Greetings to all my Tech Heads out there in the KevTechify Nation and if you are new here, welcome.In this episode we are going to look at Cisco Network Foundation Protection Framework.We will be discussing NFP Framework, Securing the Control Plane, Securing the Management Plane, and Securing the Data Plane.Thank you so much for listening to this episode of my series on Network Security.Once again, I'm Kevin and this is KevTechify. Let's get this adventure started.http://KevTechify.com***********************************Network Security v1Episode 3 - Mitigating ThreatsPart E- Cisco Network Foundation Protection FrameworkPodcast Number: 12

Начинаем 2022-й с эпизода LTE. История о том, как зарождалось публичное Облако, и как оно из стартапа превратилось в коммерческий продукт, увеличившись с one-pizza team до нескольких сотен человек. В гостях Валенинтин Синицын и Полиевкт Пчелинцев - два инженера и два руководителя, стоявшие у истоков. Поговорили про: Openstack в Яндексе - крупнейший кластер в России. Почему он не стал фундаментом публичного Облака? POC на Openstack всё же был. И он всё ещё шлёт уведомления о своём здоровье Компонентная база - де-факто стандарты в индустрии, Open-Source и In-house решения Откуда взять Control Plane? Роль личности. Ян Лещинский Что за слова такие: гиперконвергентность, догфудинг, селф-хостинг, текникал-превью За 3 месяца до запуска все диаграммы гантта и берндауны перестают работать Экстремальный канбан, в котором порой за день съезжаешь на день-два Technical preview - даже в тестовом кластере нельзя отобрать то, что дали Взросление: то, что было нормой в первые месяцы, в последующие стало инцидентом Стабильность — это тоже фича. Сообщение LTE №17. Как запустить публичное облако появились сначала на linkmeup.

When today's guest thought about what the future held for him, culture fit was top of mind. It matters greatly that our value systems align with that of the companies we work for, especially in terms of not being domain driven and learning from and collaborating with other teams.  In this episode, we interview Andrew Baker, Director of Engineering, Amazon Elastic Compute Cloud (EC2) at AWS, about the rigorous interview process, what attracted him to AWS, and why culture was a major criterion in his decision.  Join us as we discuss:  - Earning an outrageously high AS level in statistics  - What happened at Barclays with algorithmic trading  - The draw to be a part of an organization  - Andrew's views on cloud native and no code  Check out this related episode:  - Scott and comprehensive papers referenced at [18:41]  Keep connected with The Agile CTO at Apple Podcasts, Spotify, or our website.  Listening on a desktop & can't see the links? Just search for The Agile CTO in your favorite podcast player.

Cloud Security News this week 21 October 2021 It's a month full of conferences and as promised we are back with our 2nd episode this week to bring you the cloud security highlights from KubeCon. In this episode we will share some of our team's favourite from Kubecon 2021 North America If you aren't quite familiar with the wonderful world of Kubernetes, there are a few weird and wonderful open source acronyms in today's episode. TUF refers to The Update Framework, SPIFFE refers to Secure Production Identity Framework for Everyone SPIFFE, SPIRE is the SPIFFE's Runtime Environment). Now that we are all across cool Kube words - lets into the talks Starting off with the talk from Andrew Martin, Co-Founder of Control Plane and Author of Hacking Kubernetes and Kubernetes Threat Modelling. He spoke about Kubernetes Supply Chain Security - he showcased work to build a Kubernetes Software Factory with Tekton and Deep dived on signing and verification approaches to securely build software with (TUF) SPIFFE, SPIRE and sigstore Ian Coldwater from Twilio; Brad Geesaman & Rory McCune from Aqua Security Duffie Cooley from Isovalent combined forces to share with the community how they do security research or hacking Kubenetes clusters using a recently discovered Kubernetes CVE (Common Vulnerability and exposure) - Their talk was called Exploiting a Slightly Peculiar Volume Configuration with SIG-Honk Matt Jarvis from Synk shared what to do if your container has a huge number of Vulnerabilities - how to prioritise them and remediate them in his talk My Container Image has 500 Vulnerabilities, Now What? Talking about containers and Vulnerability scanning If you want to know about how vulnerability scanners work, their blind spots and how to implement a practical risk based approach to remedy vulnerabilities that really matter to your organisation - check out Pushkar Joglekar's Keeping Up with the CVEs: How to Find a Needle in a Haystack? If you find yourself asking “How do I access my S3 bucket in AWS from my GCP cluster?” Brandon Lum & Mariusz Sabath, IBM may have the answer for you in their talk Untangling the Multi-Cloud Identity and Access Problem With SPIFFE Tornjak where they talk about a proposed shift in the perspective of workload identity from being “platform specific” to “organization wide” using SPIFFE/SPIRE and the new SPIFFE Tornjak project. Episode Show Notes on Cloud Security Podcast Website. Podcast Twitter - Cloud Security Podcast (@CloudSecPod) Instagram - Cloud Security News If you want to watch videos of this LIVE STREAMED episode and past episodes, check out: - Cloud Security Podcast: - Cloud Security Academy:

Cloud Security News this week 21 October 2021 It's a month full of conferences and as promised we are back with our 2nd episode this week to bring you the cloud security highlights from KubeCon. In this episode we will share some of our team's favourite from Kubecon 2021 North America If you aren't quite familiar with the wonderful world of Kubernetes, there are a few weird and wonderful open source acronyms in today's episode. TUF refers to The Update Framework, SPIFFE refers to Secure Production Identity Framework for Everyone SPIFFE, SPIRE is the SPIFFE's Runtime Environment). Now that we are all across cool Kube words - lets into the talks Starting off with the talk from Andrew Martin, Co-Founder of Control Plane and Author of Hacking Kubernetes and Kubernetes Threat Modelling. He spoke about Kubernetes Supply Chain Security - he showcased work to build a Kubernetes Software Factory with Tekton and Deep dived on signing and verification approaches to securely build software with (TUF) SPIFFE, SPIRE and sigstore Ian Coldwater from Twilio; Brad Geesaman & Rory McCune from Aqua Security Duffie Cooley from Isovalent combined forces to share with the community how they do security research or hacking Kubenetes clusters using a recently discovered Kubernetes CVE (Common Vulnerability and exposure) - Their talk was called Exploiting a Slightly Peculiar Volume Configuration with SIG-Honk Matt Jarvis from Synk shared what to do if your container has a huge number of Vulnerabilities - how to prioritise them and remediate them in his talk My Container Image has 500 Vulnerabilities, Now What? Talking about containers and Vulnerability scanning If you want to know about how vulnerability scanners work, their blind spots and how to implement a practical risk based approach to remedy vulnerabilities that really matter to your organisation - check out Pushkar Joglekar's Keeping Up with the CVEs: How to Find a Needle in a Haystack? If you find yourself asking “How do I access my S3 bucket in AWS from my GCP cluster?” Brandon Lum & Mariusz Sabath, IBM may have the answer for you in their talk Untangling the Multi-Cloud Identity and Access Problem With SPIFFE Tornjak where they talk about a proposed shift in the perspective of workload identity from being “platform specific” to “organization wide” using SPIFFE/SPIRE and the new SPIFFE Tornjak project. Episode Show Notes on Cloud Security Podcast Website. Podcast Twitter - Cloud Security Podcast (@CloudSecPod) Instagram - Cloud Security News If you want to watch videos of this LIVE STREAMED episode and past episodes, check out: - Cloud Security Podcast: - Cloud Security Academy:

In this eighth episode of Access Control, a podcast providing practical security advice for startups, Developer Relations Engineer at Teleport Ben Arent chats with Andrew Martin, CEO of Control Plane. Control Plane is a London-based Kubernetes consultancy. Helping architect, install, audit, and secure Kubernetes clusters using Cloud Native technologies. Andrew was previously a DevOps Lead at the UK Home office and has helped lead teams implementing high-volume critical national infrastructure projects for the UK government. We'll deep-dive into securing Kubernetes and strategies for partnering with the public sector. Andrew is co-author of O'Reilly's Hacking Kubernetes, a great book in progress (and due November 21) to better understand the Kubernetes defaults, Kubernetes threat models and how you can protect against those attacks.

As companies deliver code ever faster, they need tooling to provide some semblance of control and governance over the cloud resources being used to deliver it. Env0, a startup that is helping companies do just that, announced a $17 million Series A today. M12, Microsoft's Venture Fund, led the round with participation from previous investors […]

As companies deliver code ever faster, they need tooling to provide some semblance of control and governance over the cloud resources being used to deliver it. Env0, a startup that is helping companies do just that, announced a $17 million Series A today. M12, Microsoft's Venture Fund, led the round with participation from previous investors […]

Crossplane is an open-source project that plugs into Kubernetes to serve as a control plane that can run across multiple private and public clouds. It allows infrastructure teams to compose infrastructure with all the required policies, permissions, and guardrails, while also providing APIs for developer self-service. Today's Day Two Cloud podcast dives into Crossplane and how it works with maintainer Daniel Mangum.

Crossplane is an open-source project that plugs into Kubernetes to serve as a control plane that can run across multiple private and public clouds. It allows infrastructure teams to compose infrastructure with all the required policies, permissions, and guardrails, while also providing APIs for developer self-service. Today's Day Two Cloud podcast dives into Crossplane and how it works with maintainer Daniel Mangum.

Crossplane is an open-source project that plugs into Kubernetes to serve as a control plane that can run across multiple private and public clouds. It allows infrastructure teams to compose infrastructure with all the required policies, permissions, and guardrails, while also providing APIs for developer self-service. Today's Day Two Cloud podcast dives into Crossplane and how it works with maintainer Daniel Mangum.

Crossplane is an open-source project that plugs into Kubernetes to serve as a control plane that can run across multiple private and public clouds. It allows infrastructure teams to compose infrastructure with all the required policies, permissions, and guardrails, while also providing APIs for developer self-service. Today's Day Two Cloud podcast dives into Crossplane and how it works with maintainer Daniel Mangum. The post Day Two Cloud 100: Get To Know Crossplane: An Infrastructure Control Plane For K8s appeared first on Packet Pushers.

Crossplane is an open-source project that plugs into Kubernetes to serve as a control plane that can run across multiple private and public clouds. It allows infrastructure teams to compose infrastructure with all the required policies, permissions, and guardrails, while also providing APIs for developer self-service. Today's Day Two Cloud podcast dives into Crossplane and how it works with maintainer Daniel Mangum. The post Day Two Cloud 100: Get To Know Crossplane: An Infrastructure Control Plane For K8s appeared first on Packet Pushers.

Crossplane is an open-source project that plugs into Kubernetes to serve as a control plane that can run across multiple private and public clouds. It allows infrastructure teams to compose infrastructure with all the required policies, permissions, and guardrails, while also providing APIs for developer self-service. Today's Day Two Cloud podcast dives into Crossplane and how it works with maintainer Daniel Mangum. The post Day Two Cloud 100: Get To Know Crossplane: An Infrastructure Control Plane For K8s appeared first on Packet Pushers.

If you’ve heard the term “clusters,” then you might know it refers to Confluent components and features that we run in all three major cloud providers today, including an event streaming platform based on Apache Kafka®, ksqlDB, Kafka Connect, the Kafka API, databalancers, and Kafka API services. Rashmi Prabhu, a software engineer on the Control Plane team at Confluent, has the opportunity to help govern the data plane that comprises all these clusters and enables API-driven operations on these clusters. But running operations on the cloud in a scaling organization can be time consuming, error prone, and tedious. This episode addresses manual upgrades and rolling restarts of Confluent Cloud clusters during releases, fixes, experiments, and the like, and more importantly, the progress that’s been made to switch from manual operations to an almost fully automated process. You’ll get a sneak peek into what upcoming plans to make cluster operations a fully automated process using the Cluster Upgrader, a new microservice in Java built with Vertx. This service runs as part of the control plane and exposes an API to the user to submit their workflows and target a set of clusters. It performs statement management on the workflow in the backend using Postgres.So what’s next? Looking forward, there will be the selection phase will be improved to support policy-based deployment strategies that enable you to plan ahead and choose how you want to phase your deployments (e.g., first Azure followed by part of Amazon Web Services and then Google Cloud, or maybe Confluent internal clusters on all cloud providers followed by customer clusters on Google Cloud, Azure, and finally AWS)—the possibilities are endless! The process will become more flexible, more configurable, and more error tolerant so that you can take measured risks and experience a standardized way of operating Cloud. In addition, expanding operation automations to internal application deployments and other kinds of fleet management operations that fit the “Select/Apply/Monitor” paradigm are in the works.EPISODE LINKSWatch Project Metamorphosis videos Learn about elastic scaling with Apache KafkaNick Carr: The Many Ways Cloud Computing Will Disrupt IT Join the Confluent CommunityLearn more with Kafka tutorials, resources, and guides at Confluent DeveloperLive demo: Kafka streaming in 10 minutes on Confluent CloudUse 60PDCAST to get an additional $60 of free Confluent Cloud usage (details)

Matt and Brandon discuss Hashicorp’s recent product announcements and Twilio buying Segment. Plus, Matt gives his thoughts on the new iPhone 12 mini. The Rundown New iPhones… iPhone SE vs. iPhone 12 mini (https://appleinsider.com/articles/20/10/14/compared-iphone-12-mini-versus-iphone-11-versus-iphone-se) Boundary by HashiCorp (https://www.boundaryproject.io/) Waypoint by HashiCorp (https://www.waypointproject.io/) Twilio buys Segment and employees share in success (https://twitter.com/rbranson/status/1315731261772582912) Companies with Extended Exercise Windows (https://github.com/holman/extended-exercise-windows) Relevant to your Interests Apple made ProtonMail add in-app purchases, even though it had been free for years (https://www.theverge.com/2020/10/8/21506995/apple-forced-in-app-purchase-protonmail-ceo-wordpress-iap) IBM shrinks with plans to spin-off managed infrastructure services arm (https://www.ciodive.com/news/ibm-shrinks-with-plans-to-spin-off-managed-infrastructure-services-arm/586713/) How One Guy Ruined #Hacktoberfest2020 #Drama (https://joel.net/how-one-guy-ruined-hacktoberfest2020-drama) Waymo’s driverless cars are open to the public. And Elon’s not impressed. (https://thehustle.co/10122020-Waymo/) Carahsoft is trying to trademark DevSecOps (https://twitter.com/USSJoin/status/1316078768390172672) (already withdrawn) (https://twitter.com/USSJoin/status/1316078768390172672) Gitpod - Dev environments built for the cloud (https://www.gitpod.io/) Podcast Data (https://thehustle.co/10092020-data-podcasts-have-on-you/) Azure Arc Is a Control Plane to Orchestrate Hybrid Cloud Systems (https://thenewstack.io/azure-arc-is-a-control-plane-to-orchestrate-hybrid-cloud-systems/) Forget 5G: MagSafe could be the biggest reason to buy an iPhone 12 (https://www.theverge.com/circuitbreaker/2020/10/14/21515490/apple-iphone-12-magsafe-accessories-ecosystem) A few words on Git (https://hadihariri.com/2020/10/14/a-few-words-on-git/) Introducing DigitalOcean App Platform (https://www.digitalocean.com/blog/introducing-digitalocean-app-platform-reimagining-paas-to-make-it-simpler-for-you-to-build-deploy-and-scale-apps/) Google will give up direct control of the Knative open-source project (https://www.protocol.com/google-gives-up-direct-control-knative-open-source-project) Twilio Set To Acquire Cloud Customer Data Startup Segment For $3.2 Billion (https://www.forbes.com/sites/alexkonrad/2020/10/09/twilio-to-acquire-cloud-startup-segment-for-3-billion/#29cfa3262020) Nonsense Gartner Hype Cycle Visualization (https://twitter.com/doctorow/status/1314225336742146049?s=21) Netflix plans to have even more originals in 2021 (https://www.engadget.com/netflix-q2-sarandos-202146135.html) The Netherlands goes into partial lockdown; face masks will be compulsory - DutchNews.nl (https://www.dutchnews.nl/news/2020/10/the-netherlands-goes-into-partial-lockdown-face-masks-will-be-compulsory/) Listener Feedback Dan wants you to work at IBM (http://PaaS Digital Product Marketing Manager | IBM Careers) Conferences KubeCon + CloudNativeCon November 17 – 20 (https://events.linuxfoundation.org/kubecon-cloudnativecon-north-america/) OpenShift Commons Gathering November 17, 2020 (https://commons.openshift.org/gatherings/Kubecon_North_America_Virtual_OpenShift_Commons_Gathering_2020.html) DevOps World Sessions (https://www.cloudbees.com/devops-world/sessions) SDT news & hype Join us in Slack (http://www.softwaredefinedtalk.com/slack). Send your postal address to stickers@softwaredefinedtalk.com (mailto:stickers@softwaredefinedtalk.com) and we will send you free laptop stickers! Follow us on Twitch (https://www.twitch.tv/sdtpodcast), Twitter (https://twitter.com/softwaredeftalk), Instagram (https://www.instagram.com/softwaredefinedtalk/) and LinkedIn (https://www.linkedin.com/company/software-defined-talk/). Brandon built the Quick Concall iPhone App (https://itunes.apple.com/us/app/quick-concall/id1399948033?mt=8) and he wants you to buy it for $0.99. Use the code SDT to get $20 off Coté’s book, (https://leanpub.com/digitalwtf/c/sdt) Digital WTF (https://leanpub.com/digitalwtf/c/sdt), so $5 total. Recommendations Matt: Radiolab: No Special Duty (https://www.wnycstudios.org/podcasts/radiolab/articles/no-special-duty) This Particular Album is Very, Very Important to Me: Devo’s Freedom Of Choice with Al Yankovic (https://wearecampfire.media/episodes/devos-freedom-of-choice-with-al-yankovic/) Brandon: Three Body Problem (https://www.audible.com/pd/The-Three-Body-Problem-Audiobook/B00P0277C2) Translator Ken Liu (https://www.nytimes.com/2019/12/03/magazine/ken-liu-three-body-problem-chinese-science-fiction.html) Photo Credit (https://unsplash.com/photos/5zMN9hdy3ag) Photo Credit (https://unsplash.com/photos/hd-l_8As3Bo)

Andi and I discussed about Keptn, an CNCF Sandbox Project, which mainly used as control plane for application delivery. Shouldn't Gitlab CI, or Github Action, Circle CI, etc is enough in handling application delivery? Probably not. Lets hear from Andi about what problem Keptn is trying to solve and how easy to extends Keptn to fit our special use cases. --- Send in a voice message: https://anchor.fm/ngobrolinstartup/message Support this podcast: https://anchor.fm/ngobrolinstartup/support

The ideal state of a cloud native shop is to run a development and deployment pipeline that can seamlessly move applications from the developer's laptop to the data center (or the edge) without any manual intervention. And while there are many tools available to facilitate such automation — Helm, Operators, CI/CD toolchains, GitOps architectures, Infrastructure-as-Code tools such as Terraform — all too often edge cases and exceptions still require personal attention, bringing DevOps pipelines to a halt. The missing pieces of the puzzles are a control plane and a unified application model for the control plane to run upon, asserted Phil Prasek, a principal product manager at Upbound, in this latest episode of The New Stack Context podcast. Prasek envisions a time when organizations can build their own customized set of platform services, where developers can draw from a self-serve portal the building blocks they need — be they containerized applications or third party cloud services, and have the resulting app run uniformly in multiple environments. “Within an enterprise control plane, you can basically have your own abstractions, and then you can publish them,” Prasek said. TNS Editorial and Marketing Director Libby Clark hosts this episode, with the help of TNS Senior Editor Richard MacManus, and TNS Managing Editor Joab Jackson.

The ideal state of a cloud native shop is to run a development and deployment pipeline that can seamlessly move applications from the developer's laptop to the data center (or the edge) without any manual intervention. And while there are many tools available to facilitate such automation — Helm, Operators, CI/CD toolchains, GitOps architectures, Infrastructure-as-Code tools such as Terraform — all too often edge cases and exceptions still require personal attention, bringing DevOps pipelines to a halt. The missing pieces of the puzzles are a control plane and a unified application model for the control plane to run upon, asserted Phil Prasek, a principal product manager at Upbound, in this latest episode of The New Stack Context podcast. Prasek envisions a time when organizations can build their own customized set of platform services, where developers can draw from a self-serve portal the building blocks they need — be they containerized applications or third party cloud services, and have the resulting app run uniformly in multiple environments. “Within an enterprise control plane, you can basically have your own abstractions, and then you can publish them,” Prasek said. TNS Editorial and Marketing Director Libby Clark hosts this episode, with the help of TNS Senior Editor Richard MacManus, and TNS Managing Editor Joab Jackson.

Guest Speaker: Cliff Lane and Rohan NaggiIn this special episode, we will go over the Components and flexible architecture for VMware SD-WAN. We will double click on the Gateway concept and learn all about Cloud Gateway, Partner Gateway and more. Here are some of the details covered about VMware SD-WAN gateway, - What are some of the advantages of using VMware SD-WAN gateway in SP/Telco providers- How is the networking blueprint changing for SP before and after implementing VMware SD-WAN partner Gateway- Internet Traffic through Cloud and Partner gateway- Different Use cases to Service provider and Telco offerings and more...Join our exciting discussion about "VMware SD-WAN Gateway"Support the show (https://www.velocloud.com/sd-wan-resources/podcasts/sd-wan-360)

 Tom Smyth speaks about OpenBSD And OpenBGPD As the ISP Controlplane in is BSDCAN2020 presentation: ● High-level overview of our network ● Routing fundamental crash-course ● Route Servers in 60 seconds ● BGP in 60 seconds ● Recursive Routes in 120 seconds ● Control Plane vs Data Plane ● OpenBGD ● Hardware routers /(More)…

Archana Balakrishnan joins Scott Hanselman to show how Azure Lighthouse can manage thousands of customers and millions of resources from a unified control plane. Azure Lighthouse helps deliver managed services with comprehensive and robust management tooling available in Azure.[0:00:00]- Intro[0:00:23]- Episode start[0:02:53]- Demo[0:11:27]- Final Q&AAzure Lighthouse overviewWhat is Azure Lighthouse?Azure Lighthouse docsAzure Lighthouse templates on GitHubAzure Lighthouse—managing cloud, hybrid, and edge environments at-scale through a single control plane (Azure blog)Create a free account (Azure)

Archana Balakrishnan joins Scott Hanselman to show how Azure Lighthouse can manage thousands of customers and millions of resources from a unified control plane. Azure Lighthouse helps deliver managed services with comprehensive and robust management tooling available in Azure.[0:00:00]- Intro[0:00:23]- Episode start[0:02:53]- Demo[0:11:27]- Final Q&AAzure Lighthouse overviewWhat is Azure Lighthouse?Azure Lighthouse docsAzure Lighthouse templates on GitHubAzure Lighthouse—managing cloud, hybrid, and edge environments at-scale through a single control plane (Azure blog)Create a free account (Azure)

Archana Balakrishnan joins Scott Hanselman to show how Azure Lighthouse can manage thousands of customers and millions of resources from a unified control plane. Azure Lighthouse helps deliver managed services with comprehensive and robust management tooling available in Azure.[0:00:00]- Intro[0:00:23]- Episode start[0:02:53]- Demo[0:11:27]- Final Q&AAzure Lighthouse overviewWhat is Azure Lighthouse?Azure Lighthouse docsAzure Lighthouse templates on GitHubAzure Lighthouse—managing cloud, hybrid, and edge environments at-scale through a single control plane (Azure blog)Create a free account (Azure)

Archana Balakrishnan joins Scott Hanselman to show how Azure Lighthouse can manage thousands of customers and millions of resources from a unified control plane. Azure Lighthouse helps deliver managed services with comprehensive and robust management tooling available in Azure.[0:00:00]- Intro[0:00:23]- Episode start[0:02:53]- Demo[0:11:27]- Final Q&AAzure Lighthouse overviewWhat is Azure Lighthouse?Azure Lighthouse docsAzure Lighthouse templates on GitHubAzure Lighthouse—managing cloud, hybrid, and edge environments at-scale through a single control plane (Azure blog)Create a free account (Azure)

Archana Balakrishnan joins Scott Hanselman to show how Azure Lighthouse can manage thousands of customers and millions of resources from a unified control plane. Azure Lighthouse helps deliver managed services with comprehensive and robust management tooling available in Azure.[0:00:00]- Intro[0:00:23]- Episode start[0:02:53]- Demo[0:11:27]- Final Q&AAzure Lighthouse overviewWhat is Azure Lighthouse?Azure Lighthouse docsAzure Lighthouse templates on GitHubAzure Lighthouse—managing cloud, hybrid, and edge environments at-scale through a single control plane (Azure blog)Create a free account (Azure)

Archana Balakrishnan joins Scott Hanselman to show how Azure Lighthouse can manage thousands of customers and millions of resources from a unified control plane. Azure Lighthouse helps deliver managed services with comprehensive and robust management tooling available in Azure.[0:02:53] - DemoAzure Lighthouse overviewWhat is Azure Lighthouse?Azure Lighthouse docsAzure Lighthouse templates on GitHubAzure Lighthouse—managing cloud, hybrid, and edge environments at-scale through a single control plane (Azure blog)Create a free account (Azure)

Załóżmy, że tworzymy nową aplikację. A gdyby tak zamiast bibliotek postawić obok aplikacji proxy i wrzucać w nie możliwie najwięcej kodu? I dodać do tego klocek kontrolny (Control Plane) kierujący ruchem? Na ten pomysł  jako pierwsza wpadła amerykańska firma Lift, tworząc Service Mesh. To oczywiście w dużym skrócie. W dzisiejszym odcinku DevTalka o szczegółach tego […] The post DevTalk #114 – O Service Mesh z Jakubem Dyszkiewiczem appeared first on DevTalk.

In this episode, we talk with Joe Beda about, of course, kubernetes, but also about an organization's platform, the roles that work in the software supply chain in enterprises, types of developers, and other topics like what DevOps "is" now. This discussion will give you a good view of how to model and think about enterprise software development and operations now-a-days, and thinking through the strategy you want to take to transform your organization to be cloud native.

In this episode, we talk with Joe Beda about, of course, kubernetes, but also about an organization's platform, the roles that work in the software supply chain in enterprises, types of developers, and other topics like what DevOps "is" now. This discussion will give you a good view of how to model and think about enterprise software development and operations now-a-days, and thinking through the strategy you want to take to transform your organization to be cloud native.

In this episode, we talk with Joe Beda about, of course, kubernetes, but also about an organization's platform, the roles that work in the software supply chain in enterprises, types of developers, and other topics like what DevOps "is" now. This discussion will give you a good view of how to model and think about enterprise software development and operations now-a-days, and thinking through the strategy you want to take to transform your organization to be cloud native.

In this episode, we talk with Joe Beda about, of course, kubernetes, but also about an organization's platform, the roles that work in the software supply chain in enterprises, types of developers, and other topics like what DevOps "is" now. This discussion will give you a good view of how to model and think about enterprise software development and operations now-a-days, and thinking through the strategy you want to take to transform your organization to be cloud native.

In this episode, we talk with Joe Beda about, of course, kubernetes, but also about an organization's platform, the roles that work in the software supply chain in enterprises, types of developers, and other topics like what DevOps "is" now. This discussion will give you a good view of how to model and think about enterprise software development and operations now-a-days, and thinking through the strategy you want to take to transform your organization to be cloud native.

# Podcast S01-E21: Google Kubernetes Engine agrega cuota por Control Plane & Corona Virus update - Conducido por @_marKox, @domix ## Revisión de las noticias - [GKE agrega una cuota por el Control Plane](https://cloud.google.com/kubernetes-engine/pricing) - [Novel Coronavirus Update](https://events.linuxfoundation.org/kubecon-cloudnativecon-europe/attend/novel-coronavirus-update/) - [Introducing Uber’s Open Source Principles](https://eng.uber.com/open-source-principles/) - [Istio in 2020 - Following the Trade Winds](https://istio.io/blog/2020/tradewinds-2020/) ## Twitter! - [SRE from Google?](https://twitter.com/stevehill1981/status/1235817973387907073) - [We didn't invent much...](https://twitter.com/mariofusco/status/1235583024764420099) - [The Istio project is really heading in the right direction! ](https://twitter.com/kelseyhightower/status/1235449975565254656) - [I give a lot of love to Istio, but Linkerd is dope too. ](https://twitter.com/kelseyhightower/status/1237113956738543616) ## Referencias y Recursos - [API Contract Testing Made Easy](https://thethinkingtester.blogspot.com/2020/03/api-contract-testing-made-easy.html) - [Updating the Industry's Reliability Practices](https://www.gremlin.com/blog/updating-the-industrys-reliability-practices/) - [Multi-Runtime Microservices Architecture](https://www.infoq.com/articles/multi-runtime-microservice-architecture/) ## Repos chingones de código - [Sloc Cloc and Code (scc)](https://github.com/boyter/scc) - [kitty - the fast, featureful, GPU based terminal emulator](https://sw.kovidgoyal.net/kitty) - [Nu Shell](https://github.com/nushell/nushell) - [git-trim](https://github.com/foriequal0/git-trim)

So in this podcast i'll be giving a brief summary of the different aspects of management plane protection and Control plane policing that i understood from my own personal study of the topic along with study strategies i like to implement inorder to reinforce the knowledge taken in. Note however that these are my own levels of understanding and not an expert opinion, Therefore thoughts and opinions do matter in improving whats been said which therefore expands our knowledge of the topic. Now sit back relax and enjoy.

AWS Morning Brief for the week of November 4th, 2019.

Steve Giguere of Aqua Security sat down with Andy Martin (Control Plane) to discuss GitOps and other subjects related to Cloud Native Security.

Cloud providers created the ability for developers to easily deploy their applications to servers on data centers. In the early days of the cloud, most of the code that a developer wrote for their application could run on any cloud provider, whether it was Amazon, Google, or Microsoft. These cloud providers were giving developers the The post Crossplane: Multicloud Control Plane with Bassam Tabbara appeared first on Software Engineering Daily.

Complex applications generally require a way to provision resources at scale to enable an organization to onboard customers in a frictionless way while remaining operationally efficient. In this session, we describe how you can architect a control plane built on AWS that is responsible for provisioning and maintaining infrastructure and application resources for multiple customers across a number of AWS accounts, VPCs, and AWS services.

While Chris was away traveling the world, Jon got a tour behind the scenes at Veritas, a tool making company based in Canada’s Capital. From the first all metal lathe ever made to building CNC machines at home, this episode is all about tools. This episode of Off Hours was made possible in part thanks to the Santa Fe Symposium • Control Plane We mentioned the macOS app, Control Plane, in the last episode, unfortunately it is no longer under active development • Cycloid Drawing Machine An advanced take on the Spirograph, by Joe Freedman • Making It Podcast A trio of makers talk about creativity, design, & making things with your hands • Jacques de Vaucanson • Vaucanson's Metal Lathe A nearly 300 year-old machine that "made everything" • James Watt Micrometer What is thought to be the world's oldest surviving micrometer, reputedly crafted by James Watt • The Perfectionists A book we talked about back in episode 23, that shares some parallels with the Vaucanson video above • Lee Valley A much loved Canadian company, founded in 1978 by Leonard Lee, Lee Valley came up in our very first episode of Off Hours • Veritas Tools Founded by Leonard Lee to craft products for Lee Valley, Jon recently got a tour around the manufacturing facilities of Veritas Tools in Ottawa • Beamer Lasers Veritas employs a Beamer FXL22 to inscribe their tools • Mitutoyo Precision measuring tools • Mitutoyo Surftest A tool to objectively evaluate surface finish • Surface Plate • CMMs A look at an automated Coordinate Measuring Machine in action • Maudslay’s Lord Chancellor A bench micrometer crafted by English Industrialist, Henry Maudslay • Autocrib Small scale, automated inventory management employed by Veritas to help manage CNC bits & other small equipment • Remstar A vertical carousel system for inventory management, particularly handy for small parts like those used in watchmaking • WALL-E's Wall A clip of WALL-E's vertical carousel system in the Pixar film, WALL-E • "Guns. Lots of guns." The "inventory" scene from The Matrix • Rolex 904L Stainless Steel This short video, now over a decade old, offers a brief glimpse into a small fraction of Rolex's inventory system • TE-CO Tour A a look behind the scenes at TE-CO with NYC CNC • Terry Fox • Tapmatic Deceptively simple, but effective tools that make quick work of tapping threads in a manufacturing environment • Flexarm Maker of pneumatic tapping arms, like the ones Chris mentioned • Busy Bee Tools • Walther-Trowal Makers of industrial scale tumbling polishers • Haas • Fanuc • Matsuura • Hurco • Göckel • Makerspace North Chris gave a talk, alongside Rich Loen, on how to make your own CNC machine recently at Makerspace North

In this episode, we answer: 1. What is the difference between the Data Plane and the Control Plane? 2:34 2. "Can you explain in-depth the difference between #Tor and #I2P and the risks for information leakage in each?" 6:47 3. "Advantage of Azure Active Directory over AD?" 14:32 4. NVRAM and Flash, are both persistent through reboots, what is the difference? 22:48 5. How is an IPv6 Anycast Address Secured? 29:15 6. "Do you have any content like CWNA, or similar, involving in depth wireless topics?" 34:25

Speaker: Madhu Venugopal and Jana Radhakrishnan (Docker)

Materials Available here: https://media.defcon.org/DEF%20CON%2023/DEF%20CON%2023%20presentations/DEFCON-23-Gregory-Pickett-Staying-Persistant-in-Software-Defined-Networks.pdf Extras Here: https://media.defcon.org/DEF%20CON%2023/DEF%20CON%2023%20presentations/DEFCON-23-Gregory-Pickett-Extras.rar Staying Persistent in Software Defined Networks Gregory Pickett Cybersecurity Operations, Hellfire Security The Open Network Install Environment, or ONIE, makes commodity or WhiteBox Ethernet possible. By placing a common, Linux-based, install environment onto the firmware of the switch, customers can deploy the Network Operating Systems of their choice onto the switch and do so whenever they like without replacing the hardware. The problem is, if this gets compromised, it also makes it possible for hackers to install malware onto the switch. Malware that can manipulate it and your network, and keep doing it long after a Network Operating System reinstall. With no secure boot, no encryption, no authentication, predictable HTTP/TFTP waterfalls, and exposed post-installation partition, ONIE is very susceptible to compromise. And with Network Operating Systems such as Switch Light, Cumulus Linux, and Mellanox-OS via their agents Indigo and eSwitchd not exactly putting up a fight with problems like no authentication, no encryption, poor encryption, and insufficient isolation, this is a real possibility. In this session, we'll cover the weaknesses in ONIE, ways to reach the platform through these Network Operating Systems, and what can happen if we don't properly protect the Control Plane these switches run on. I'll even demonstrate with a drive-by web-attack that is able to pivot through a Windows management station to reach the isolated control plane network, and infect one of these ONIE-based switches with malware, malware that's there even after a refresh. You'll even get the source code to take home with you to see how easily it's done. Finally, we'll talk about how to compensate for these issues so that your network doesn't become infected with and manipulated by this sort of persistent firmware-level malware. Gregory Pickett CISSP, GCIA, GPEN has a background in intrusion analysis for Fortune 100 companies but now heads up Hellfire Security’s Managed Security Services efforts and participates in their assessment practice as a network security subject matter expert. As a security professional, his primary area of focus and occasional research is networks with an interest in using network traffic to better understand, to better defend, and sometimes to better exploit the hosts that live on them. He holds a B.S. in Psychology which is completely unrelated but interesting to know. While it does nothing to contribute to how he makes a living, it does demonstrate how screwed up he actually is. Twitter: @Shogun7273

Brian talks with Jason Edelman (@jedelman8, SDN Evangelist, Principal Solutions Architect - Presidio) about his evolution from traditional networking skills to his focus on SDN and the programmability of networks. They discuss various SDN architectures, learning to write code, the challenge of silo’d organizations and where he sees networking evolving over time.