Tag Archives: continues

JFrog taps partners, adds features to bolster DevOps platform

JFrog continues to bolster its core universal repository platform with new features and strategic partnerships to provide developers with a secure, integrated DevOps pipeline.

The Sunnyvale, Calif. company’s continued evolution includes partnerships with established companies to provide services around JFrog’s flagship Artifactory universal repository manager. This week, JFrog partnered with RunSafe Security of McLean, Va. to help secure code as it is created.

Under the partnership, RunSafe’s security software will plug into users’ Artifactory repositories to protect binaries and containers in development. RunSafe’s Alkemist tool adds protection to all compiled binaries as developers add them to Artifactory, said Joe Saunders, founder and CEO of RunSafe.

Alkemist inserts in CI/CD pipelines at build or deploy time. The security software hardens third-party, open-source components, compiled code that developers originate themselves, and it hardens containers as part of the process, he said.

“We immunize software without developer friction to enable continuous delivery of code or product,” Saunders said.

How RunSafe works with JFrog

Rather than scanning and testing the code, RunSafe inserts protections into the code without changing the functionality, slowing it down, or introducing any overhead.

“We eliminate a major set of vulnerabilities that are often attributed to both open source and general compiled code,” Saunders said. “That is all the memory based attacks, things like buffer overflow, etc.”

RunSafe launched a beta program for developers to try out the Alkemist plugin, as memory corruption-based attacks can be devastating and stopping them is no trivial exercise in most development environments.

“When a determined attacker understands the layout and memory allocations within an application, they can craft targeted exploits to devastating effect,” said Chris Gonsalves, senior vice president of research at The 2112 Group in Port Washington, N.Y. “And they can keep using those attacks as long as the underlying binaries remain the same. What RunSafe does is bring reduced-friction binary hardening to app development.”

RunSafe uses a “moving target approach” that changes the underlying binary in a way that keeps the app’s functionality intact while destroying the effectiveness of previous attacks, Gonsalves said.

“Just when a hacker thinks they know precise location of a buffer overflow vulnerability and how to exploit it, boom, RunSafe’s Alkemist plugin for JFrog users switches things up and effectively neutralizes the attack,” he said. “This is hand-to-hand combat with the bad guys at the binary level. That it can be done with negligible performance overhead and zero change in app functionality makes it an effective and important layer of defense in DevSecOps.”

RunSafe employs a process known as binary randomization to thwart intruders. This process eliminates the footing that exploits need to find and identify vulnerabilities in code. Randomization is typically a runtime protection, but RunSafe has added it into the development process.

“What you see now, especially when you have to move faster, is a full integration with your security pipelines,” said Shlomi Ben Haim, CEO of JFrog. The goal is to be able to avoid or to quickly resolve any kind of bugs or violations of vulnerability or license compliance issues, he said. “We want to provide continuous deployment all the way to the edge, fully automated, with no script.”

JFrog-Tidelift deal assures open source integrity

Regarding open source license compliance, JFrog recently partnered with Boston-based Tidelift. The companies introduced an integration between the Tidelift Subscription, a managed open source subscription, and JFrog Artifactory.

Tidelift checks that open-source software it supports is clean and secure with no licensing issues. The combination of the Tidelift Subscription and JFrog Artifactory gives development teams assurance  that the open source components they are using in their applications ‘just work’ and are properly managed, said Matt Rollender, Tidelift’s vice president of global partners, strategic alliances and business development, in a blog post.

“Customers save time by being able to offload the complexity of managing open source components themselves, which means they can develop applications faster, spend less time managing security issues and build fails, while improving software integrity,” said Donald Fischer, CEO of Tidelift.

As more enterprises include large amounts of open-source code to their repertoires, companies like Tidelift allow developers to use open-source without having to think twice. While Tidelift is somewhat unique in its approach, its competitors could include Open Collective, License Zero, GuardRails and Eficode.

“Tidelift is taking a very interesting approach to developing a way to sustainably manage the maintenance on open source software components and tools that are used at enterprise development,” said Al Gillen, an analyst at IDC. “The company is filling a niche that is not readily addressed by any other solutions in the market today.”

The Tidelift Subscription ensures that all open-source software packages in the subscription are issue-free and are backed and managed by Tidelift and the open source maintainers who created them.

“This means comprehensive security updates and coordinated responses to zero-day vulnerabilities, verified-accurate open source licenses, indemnification, and actively maintained open source components,” Rollender said.

JFrog tool updates

At its SwampUp 2020 virtual conference in June, JFrog introduced several new offerings and updates to existing products.

The company introduced CDN-based and peer-to-peer software package distribution mechanisms to help companies that have to deliver large volumes of artifacts to internal teams and external clients. The company also released new features for its JFrog Pipelines CI/CD offering, expanding the number of pre-built common functions, known as “Native Steps.”

In addition, JFrog introduced ChartCenter, a free community repository that provides immutable Helm Chart management for developers. Helm charts are collections of files that describe a related set of Kubernetes resources.

While JFrog has made some good strategic moves, a lot of them only strengthen the company’s core business as a repository, said Thomas Murphy, a Gartner analyst.

“They have a solid footprint and are very robust, but the question is, over the next three years as we see a move from a toolchain of discrete tools to integrated pipelines and value stream tooling, what do they do to be bigger and broader?” Murphy said. “I think of the growth in ability of GitLab and GitHub, and the expansion of Digital.ai and CloudBees in contrast.”

Go to Original Article
Author:

Microsoft integration adds more AI to Tibco analytics suite

Tibco continues to add to the augmented intelligence capabilities of its analytics platform, most recently revealing that Tibco Spotfire and Tibco Data Science now support Microsoft Azure Cognitive Services.

Azure Cognitive Services is a system from Microsoft that enables application developers to embed AI and machine learning capabilities. Spotfire, meanwhile, is Tibco’s chief business intelligence tool for data visualizations and Data Science is a BI tool focused less on visualization and more on hard core data analysis, and the two can be used together or independently of one another.

Tibco, founded in 1997 and based in Palo Alto, Calif., is adding support for Azure Cognitive Services following other AI investments in its analytics platform. In January 2020, the vendor added to the natural language generation capabilities of Spotfire via an integration with Arria NLG Studio for BI, and in the fall of 2019 it unveiled new products and added to existing ones with the credo of AI everywhere.

Meanwhile, the vendor’s addition of native support for Azure Cognitive Services, revealed June 2, comes after Tibco expanded the multi-cloud capabilities of its analytics platform through an integration with Microsoft Azure late in 2019; it already had an integration with Amazon Web Services and supports Google Cloud, among other cloud service providers.

“We don’t believe that AI is a marketing tool or a marketing term,” said Matt Quinn, Tibco’s COO. “We see that AI can actually be used as foundational element in people’s systems, and so working with Microsoft, doing this integration, is all about us being able to use our own technology, inside of our own products, as a foundational layer.”

A sample Tibco dashboard displays an organization's data.
An organization’s data is displayed on a sample Tibco dashboard.

AI, meanwhile, is an area where Tibco should be focused, according to Rick Sherman, founder and managing partner of Athena IT Solutions.

“With Spotfire, AI is definitely where they should be,” he said. “AI, machine learning and data science is where they’re great. They’re geared to sophisticated users, and if you’re doing a deeper dive, doing serious visualizations, Tibco is a way you want to go.”

Beyond simply adding a new integration, Tibco’s move to enable application developers to embed AI and machine learning capabilities by using Azure Cognitive Services continues the vendor’s process of expanding its analytics platform.

While some longtime BI vendors have struggled to maintain an innovative platform, Tibco, after losing some momentum in the early 2000s, has been able to remain among the top vendors with a suite of BI tools that are considered innovative.

We see that AI can actually be used as foundational element in people’s systems, and so working with Microsoft, doing this integration, is all about us being able to use our own technology, inside of our own products, as a foundational layer.
Matt QuinnCOO, Tibco

Tibco’s platform is entirely cloud-based, which allows Tibco to deliver new and upgraded features without having to roll out a major update each time, and its partnership strategy gives it the ability to embed products such as Azure Cognitive Services and Arria NLG Studio for BI without having to develop them in-house.

“Tibco has really evolved into a much more partner-centric company,” Quinn said. “We realize we are part of a broader ecosystem of tools and technologies, and so these partnerships that we’ve created are pretty special and pretty important, and we’ve been really happy with the bidirectional of those, especially the relationship with Microsoft. It’s clear that they have evolved as we have evolved.”

As far as motivation for the addition of Azure Cognitive Services to the Tibco analytics platform, Quinn said it’s simply about making data scientists more productive.

Customers, he added, were asking for the integration, while Tibco had a preexisting relationship with Microsoft that made adding Azure Cognitive Services a natural fit.

“Data scientists use all sorts of tools from all different walks of life, and because of our integration heritage we’re really good at integrating those types of things, so what we’re doing is we’re opening up the universe of all the Microsoft pieces to this data science group that just wants to be more productive,” Quinn said. “It enhances the richness of the platform.”

Similarly, Sherman said that the new integration is a positive move for data scientists.

Tibco’s acquisitions in recent years, such as its 2018 purchase of Scribe Software and its 2019 purchase of SnappyData, helped advance the capabilities of Tibco’s analytics platform, and now integrations are giving it further powers.

“They’re doing some excellent things,” Sherman said. “They’re aiming at deeper analytics, digging deeper into data science and data engineering, and this move to get their analytics closer to their data science makes a heck of a lot of sense.”

In the coming months, Quinn said that Tibco plans to continue adding integrations in order to add to the capabilities of its analytics platform. In addition, ease of use will be a significant focus for the vendor.

Meanwhile, ModelOps — the lifecycle of model development — will be a new area of emphasis for Tibco.

“ModelOps is really the set of things you have to do to take a model, whether it’s AI or just plain data science, and move it into the real world, and then how do you change it, how do you evolve it, who needs to sign off on it,” Quinn said. “For Tibco it’s great because it really brings together the data science piece with the hardcore engineering stuff that people have known us for.”

Go to Original Article
Author:

Machine health systems play critical role in age of disruption

As the COVID-19 crisis continues to disrupt operations around the world, manufacturers are facing unprecedented challenges.

Some have seen facilities shut down, at least temporarily, as the outbreak has forced workers to stay home. Those deemed essential must keep production going with reduced or remote workforces. Others have had to scramble to change equipment and production lines as they shift from making one product to another.

All this has made machine maintenance strategies critical, as manufacturers need to optimize the output of their equipment. Machine health systems that capture industrial IoT data and analyze it using AI algorithms are a step beyond predictive maintenance, which are often focused on points of failure. They can play a big role in enabling manufacturers to keep production lines going in a quickly changing and disruptive environment.

Listening to machines

Augury Inc.’s machine health system does just that. It uses IIoT sensors to listen to machines as they operate, sends the data to Augury’s cloud where AI algorithms analyze the data in real time and provides steps to take to resolve potential problems. The system also includes the ability to collaborate with Augury’s machine health experts in real time to identify and troubleshoot issues, said Saar Yoskovitz, co-founder CEO of Augury, which was founded in Israel and is based in New York.

Saar Yoskovitz, co-founder and CEO, Augury Inc.Saar Yoskovitz

“We install a sensor on a machine, connect it, and from then on it’s purely remote,” Yoskovitz said. “You get real-time visibility into the health and performance of the machines and then you also have access to experts when needed to help advise you on the right course of actions.”

An automated machine health system is valuable when it’s business as usual, he said, but it is even more so as manufacturers deal with COVID-19 disruption.

“From a planning and management perspective, the first thing you typically do when you’re stretched for resources or uptime is remove all preventive maintenance tasks and scheduled downtime, but doing it while flying blind is like gambling ” Yoskovitz said. “This enables you to make better decisions. For example, can you run this machine for another week, or do you have to take it down tomorrow to replace a bearing or correct whatever that malfunction may be?”

This beverage production line uses the Augury machine health system to diagnose and resolve potential problems.
The Augury machine health system uses IIoT sensors to listen to machines and provides real-time insight on how to resolve potential problems.

Getting more out of existing equipment

The Augury machine health system is a major evolution in predictive maintenance technology and best practices, said Ed Ballina, a 40-year manufacturing industry veteran who ran facilities for PepsiCo Inc. and Scott Paper Co.

Ballina oversaw the implementation of the Augury machine health system at PepsiCo and has served as a board advisor for Augury after retiring from PepsiCo in 2018.

Ed Ballina, food and beverage board advisor, Augury Inc.Ed Ballina

“Now manufacturers are trying to increase their output — for example, changing production from soda to sanitizer,” Ballina said. “So, they’re looking for ways to get more out of their existing equipment, and machine health can be a huge enabler for that.”

Standard predictive maintenance practices were based on outdated methods that typically required machines or production lines to be shut down, he said. The analysis can be limited and often finds problems only at the point of failure.

Constant monitoring

“The beauty of Augury is that it can monitor constantly,” Ballina said. “Previously, if you ran into problems you could call someone in to do vibration monitoring, but the problem with that is you’re only taking a snapshot, so you don’t have any kind of trending, don’t have the ‘movie’ of where you’ve been and project where you’re going.”

Manufacturers are now trying to get more hours out of their machines, and one way to do this is to cut down the number of times equipment is shut down. Machine health systems can help determine which machines are at greatest risk, making shutdowns more targeted.

The COVID-19 crisis has also forced manufacturers to work with reduced staffs, making remote monitoring vital, Ballina said.

“Some facilities may be down 30% to 40% in staffing, so you have the ability to monitor equipment without being there and to potentially engage support staff to help you determine what readings mean,” he said. “If you can’t get people into your plants — and a lot of OEMs won’t bring their people in now [to examine equipment] — having machine health data that is shareable is incredibly valuable.”

No batteries included

Another approach to machine health is now available from Everactive, a technology startup based in Santa Clara, Calif.

Everactive recently launched its Machine Health Monitoring system, which delivers real-time data on machine health, primarily for rotating equipment, such as motors, pumps, fans and compressors, to avoid overuse, according to the company.

This motor uses the Everactive Machine Health Monitoring system sensors to measure and report on machine performance in real time.
The Everactive Machine Health Monitoring system uses a batteryless IoT sensor to provide real-time data on machine operations.

Everactive’s Machine Health Monitoring system uses proprietary sensors that run continually and transmit vibration, temperature and magnetic field data to the cloud. There, the data is analyzed to detect machine faults before they are evident by other means, such as through routine maintenance or part failure.

Brian Alessi, Everactive director of product marketing and corporate communicationsBrian Alessi

The sensors operate without battery power, but instead are powered by “ambiently harvested energy” that comes from environmental conditions, such as light, thermal differences and machine vibrations, said Brian Alessi, Everactive director of product marketing.

These “batteryless sensors” can run continually without maintenance, Alessi said.

“This can’t power your iPhone without a battery, but if you’re looking to take temperature measurements, vibration measurements, humidity and pressure, those are all things that this can do, because the data packet is very small,” he said.

The sensors transmit data every minute to the Everactive cloud-based analytics platform, which can then provide machine health analysis and trend data. If issues are detected, the system can send out alerts based on the specific machine profile or user-selected thresholds via email or SMS, according to the company.

One particular use for Machine Health Monitoring is for stream traps used in industrial settings that have a failure rate of 20% to 30% but are hard to inspect because there are often hundreds in difficult-to-reach locations, Alessi said.

“Even if you put a wireless device in there with a battery, you’re still going to have to eventually change the battery,” he said. “This is an asset case that’s super high volume, very high value, but unmonitored due to the pain points of batteries.”

Go to Original Article
Author:

Looker analytics platform adding app development capability

Looker is maintaining a focus on application development as it continues to add new features to its analytics platform six months after its last major release and three months after it finally joined forces with Google Cloud.

The vendor, which was founded in 2012 and is based in Santa Cruz, Calif., was acquired by Google for $2.6 billion in June 2019, just four days before Tableau was purchased by Salesforce for $15.7 billion. Unlike Tableau, however, which serves a largely on-premises customer base and delivers platform updates quarterly, Looker is entirely cloud-based and therefore, beyond its one major update each year, delivers new and upgraded features throughout the year.

Looker 7, released in November 2019, included a new application development framework and enhanced embedded BI capabilities. Since then, Looker has kept adding to its set of tools for application developers, enhancing the power of its no-code query capabilities and providing new ways to embed analytics into the applications customers use in their everyday workflows.

“Developers are their bread and butter,” said Mike Leone, senior analyst at Enterprise Strategy Group. “It’s all about enabling developers to seamlessly, intelligently and rapidly incorporate analytics at scale into modern applications. This is and has been a top priority for Looker.”

Meanwhile, as Looker has continued to build up its analytics platform, the vendor’s acquisition was finalized. The purchase closed so recently, however, that there hasn’t yet been any obvious evidence of collaboration between Looker and Google Cloud, analysts said.

Developers are their bread and butter. It’s all about enabling developers to seamlessly, intelligently and rapidly incorporate analytics at scale into modern applications. This is and has been a top priority for Looker.
Mike LeoneSenior analyst, Enterprise Strategy Group

“I have not seen anything yet to suggest that they’ve made a dramatic change yet in their approach,” said Dave Menninger, research director of data and analytics research at Ventana Research.

He added, however, that Looker and Google Cloud share a lot of similarities and the two are a natural fit. In particular, the way Looker uses its LookML language to enable developers to build applications without having to write complex code fits in with Google Cloud’s focus.

“Looker has found a good partner in Google in the sense that Looker is really targeted at building custom apps,” Menninger said. “Looker is all about the LookML language and constructing these analyses, these displays that are enhanced by the LookML language. And a large part of Google, the Google Cloud Platform division, is really focused on that developer community. So Looker fits into that family well.”

Leone, meanwhile, also said he’s still waiting to see Google’s influence on Looker but added that he expects to hear more about their integration in the near future.

And collaboration, according to Pedro Arellano, Looker’s vice president of product marketing, is indeed on the horizon. The two are working together on new features, and given that Looker is entirely cloud-based and that Looker and Google Cloud not only had a strong partnership before they joined forces but had 350 shared customers, Looker’s integration into the Google Cloud portfolio is proceeding more rapidly than it might have had Looker had a host of on-premises customers.

“It’s exciting to talk with the product teams and understand where the potential integration points are and think about these really exciting thing that we’ll be able to develop, some things that I expect will be out in a relatively short amount of time,” Arellano said. “That work case is happening, and it’s absolutely something we’re doing today.”

As far as features Looker has added to the analytics platform since last fall, one of the key additions is the Slack integration the vendor unveiled at the time Looker 7 was released but was still in beta testing. The tool delivers insights directly into customers’ Slack conversations.

Beyond the Slack integration, Looker has added to its extension network, which is its low-code/no-code tool set for developers. Among the latest new tools are the Data Dictionary, which pulls up metadata about fields built by developers using the LookML model and displays them in a digestible format, as well as tools that help developers customize user interfaces and create dashboard extensions such as adding a chat widget.

In terms of query power, Looker has developed what it calls aggregate awareness, a feature that uses augmented intelligence and machine learning to reduce the amount of time it takes a user to run a query and helps them run more focused queries.

“We really think of Looker as a platform for developing and building and deploying any kind of data experience that our customers might imagine,” Arellano said. “We recognize that we can’t anticipate all the data experiences they might come up with. We’re very focused on the developers because these are the people that are building those experiences.”

In addition to the new features Looker has added since the release of Looker 7, the vendor put together the Looker COVID-19 Data Block, a free hub for data related to the ongoing pandemic that includes data models and links to public sources such Johns Hopkins University, the New York Times and the COVID Tracking Project. The hub uses LookML to power frequent updates and deliver the data in prebuilt dashboards.

“This was an opportunity to do good things with technology and with data,” Arellano said.

As Looker continues to enhance its analytics platform, one of its next areas the vendor says it will focus on will be the platform’s mobile capabilities.

Mobile has long been a difficult medium for BI vendors with data difficult to digest on the small screens of phones and tablets. Many, as a result, have long ignored mobile. Recently, however, vendors such as Yellowfin and MicroStrategy have made significant investments in their mobile capabilities, and Arellano said that Looker plans to offer an improved mobile experience sometime in the second half of 2020.

That fits in with what Leone expects from Looker now that it’s under the Google Cloud umbrella, which is a broadening of the vendor’s focus and capabilities.

“I think, individually, they were behind a few of the leaders in the space, but the Google acquisition almost instantly brought them back on par with direct competition,” he said. “Google’s influence will be beneficial, especially around the ideas of democratizing analytics/insights, faster on-ramp and a much wider vision that incorporates a powerful AI vision.”

Go to Original Article
Author:

Emsisoft, Coveware offer free ransomware services to hospitals

As the coronavirus pandemic continues to overwhelm healthcare and medical facilities, another complication has surfaced: the possibility of a ransomware attack, which have been shown to spike during the spring and summer months, according to antimalware vendor Emsisoft.

In anticipation of such attacks, Emsisoft and incident response company Coveware partnered for an initiative to give healthcare providers access to both companies’ complete range of ransomware response services at no cost for the duration of the crisis. The aim is to get impacted providers operational again in the shortest possible time so that patient care is minimally disrupted, Emsisoft threat analyst Brett Callow said.

In the event of a ransomware attack, Emsisoft and Coveware will provide services to hospitals and medical facilities that include technical analysis of the ransomware; the development of a decryption tool, if possible; and “as a last resort, ransom negotiation, including transaction handling and recovery assistance including replacement of the decryption tool supplied by the criminals with a custom tool that will recover data faster and with less chance of data loss,” according to a blog post from Emsisoft.

Bill Siegel, CEO of Coveware, cautioned that a ransomware attack on a healthcare organization will still have devastating consequences, regardless of how Emsisoft and Coveware can mitigate it. “Even with our help, it will likely result in unnecessary causalities because of the disruption,” Siegel said.

Bracing for ransomware attacks

Emsisoft’s blog said, “it is likely that there will be an increase in the number of healthcare providers impacted by ransomware in the coming months and unfortunately this increase may coincide with the peak of the COVID-19 outbreak. Further, the spikes may be more pronounced than in previous years due to security weaknesses resulting from hastily introduced work-from-home arrangements, personal device usage and staffing shortages.”

A ransomware attack could hinder response efforts, communications and treatments during the pandemic.

Even prior to the pandemic, healthcare facilities were a common target of ransomware attacks. At least 764 healthcare providers were impacted by ransomware in 2019, according to the Emsisoft report, titled “The State of Ransomware in the U.S.: Report and Statistics 2019.”

However, two ransomware gangs, Maze and DoppelPaymer, announced Wednesday they would cease ransomware attacks on medical and healthcare facilities during the COVID-19 pandemic. Despite these promises, the problem persists, according to Callow.

“I saw a medical research company in the U.K. was attacked a couple days ago by a group who steals data and threatens to release it if you don’t pay,” Callow said, referencing the Maze group.

Siegel said he hopes the promise made by ransomware gangs is genuine.

“It will be interesting to see if Defray/777 ransomware affiliates adhere, as that variant almost exclusively targeted healthcare providers prior to the pandemic,” Siegel said.

Since the announcement on Wednesday, no one has yet to take up the free offer, and both Callow and Siegel said they hope no one will need to.

Go to Original Article
Author:

RapidAPI, MongoDB answer the call for GraphQL support

As developer demand for GraphQL continues to heat up, more and more vendors are heeding the call and providing support for the API query language in their product lines.

Both MongoDB and RapidAPI have introduced GraphQL support in their products. MongoDB has added support for GraphQL in its Atlas database, which means developers can work on MongoDB documents with GraphQL in their JavaScript applications via Stitch, MongoDB’s serverless platform. Stitch helps developers implement application logic and integrate with cloud services and microservices, as well as build APIs.

GraphQL lets users query an API endpoint and get only the fields they want, rather than receiving the full payload of that endpoint, which is what you get with an HTTP request. This can boost application performance, said Nicolas Raboy, a senior developer advocate at MongoDB, in a blog post.

“Until now, being able to use GraphQL in your applications required a dedicated web service that contained schema information, resolve functions with database logic, and other middleware logic to sit between the database and the client facing application,” Raboy said.

It’s an advancement that developers should welcome, according to one observer.

Of late, the industry has focused too much on REST APIs as the main thing.
Randy HeffnerAnalyst, Forrester

“Of late, the industry has focused too much on REST APIs as the main thing,” said Randy Heffner, an analyst at Forrester. “The request/reply model that is primary to REST APIs is a critical foundation but not enough; there are numerous other interaction styles in the landscape of business — such as events, data view, data sync, process, remote views and file transfer. So, instead of an API strategy, enterprises should think about a ‘digital bonding’ strategy.”

Randy HeffnerRandy Heffner

GraphQL is an important tool in the broad toolbox for digital bonding, Forrester’s term for extending API strategies beyond just REST-only APIs to encompass GraphQL and possibly other models.

RapidAPI aims for speed with GraphQL support

Meanwhile, with the addition of GraphQL APIs, developers can choose between GraphQL and REST APIs on the RapidAPI marketplace and then find and manage both types of APIs using a single SDK, API key and dashboard, said Iddo Gino, RapidAPI’s CEO and founder.

“I think that the biggest benefit of GraphQL is in areas where you have a lot of data and a lot of very structured data, being able to pull and query that data more easily in a single request versus having to do a lot of back and forth requests,” Gino said.

The RapidAPI Marketplace is used by more than a million developers, according to Gino. For API creators, the platform provides onboarding for publishing APIs, as well as interactive documents that enable users to test an API from a browser and begin using it. The platform also provides API management so users can monitor performance metrics.

RapidAPI may find an eager audience for the new GraphQL support. According to a recent developer survey on “The State of JavaScript,” of the 20,000 JavaScript developers surveyed, 21% said they had used GraphQL and would use it again. But it’s not a cure-all, according to Heffner.

“To have the option of using GraphQL is an important bit of industry movement,” he said. “GraphQL is a great tool in the toolbox, but only one among many, not a killer be-all/end-all — the way some talk about it.”

Go to Original Article
Author:

Announcing Imagine Cup Junior – AI for Good Challenge | | Microsoft EDU

As technology continues to evolve, we are faced with an incredible opportunity to leverage the power of new solutions and human expertise to unlock some of the biggest challenges we face in society. It’s why Microsoft invests in AI for Good initiatives, which support and empower those working to address humanitarian, environmental and cultural challenges by creating a more sustainable and accessible world.

What’s more, we believe the future is in the hands of students around the world who are increasingly driven by a sense of purpose and who want to have a positive impact on the world and their communities. That’s why I am incredibly excited to share that we are bringing Imagine Cup Junior to secondary students worldwide, providing an opportunity for students to take part in a global challenge while learning about the power of Artificial Intelligence and its responsible use to change the world.

Introduction to Imagine Cup Junior 2020 from Anthony Salcito, Vice President, Microsoft Education

Video for Announcing Imagine Cup Junior – AI for Good Challenge

Imagine Cup Junior is an extension of the hugely popular Imagine Cup – a global competition that empowers the next generation of computer science students to team up and use their creativity, passion and knowledge of technology to create applications that shape how we live, work and play. The introduction of the Imagine Cup Junior challenge will now enable younger students, starting at age 13 up to 18, to learn about technology and come up with ideas for improving the world around them, while building 21st century skills like communication, collaboration, critical thinking and creativity.

This year’s challenge is focused on Artificial Intelligence and introducing students to Microsoft’s AI for Good initiatives so they can think of solutions to issues that matter to them. This includes AI for Humanitarian Action, AI for Earth, AI for Cultural Heritage and AI for Accessibility.

The challenge is designed to be approachable for all students and educators, and it does not require any existing knowledge of technology or cloud concepts. We’ve created a host of materials, including templates and AI resource guides, that will help make it easy for educators and students to participate. The beauty of Imagine Cup Junior is that students can be entirely new to the concept of AI and build the competence to continue learning about technology and its impact throughout their school years. And for those students eager to learn more, we’ve created an extra opportunity to get hands on with Azure and the Wick Editor to bring their concepts to life.

To get started, educators need to register at www.imaginecup.com/junior which will provide access to the Imagine Cup Junior resource kit including educator guides, student guides, templates and slides for the following modules:

  • Module 1         Fundamentals of AI
  • Module 2         Machine Learning
  • Module 3         AI Applications in Real Life
  • Module 4         Deep Learning and Neural Networks
  • Module 5         AI for Good

Included in the resource kit is a “Build your project in a day” kit, with videos from members of Microsoft’s Education, Artificial Intelligence and Cloud teams. This can be used in class to inspire students and coach them on how to get started, and perhaps even spark excitement to one day work in the field of AI. Students can participate in teams of between three to six people.

Registration opens today to allow educators time over the holidays to get creative with incorporating the challenge into class curriculum. Submissions for team projects will be open from February 3, 2020 and close April 17, 2020. To ensure the privacy of students, all submissions must be made by educators/instructors on behalf of their students. While we can’t wait to see ALL the amazing ideas of students around the world, Microsoft will be proud to recognize the top three ideas from each region – America’s, Asia, and EMEA (Europe, Middle East and Africa). They will win a Windows 10 device and receive an Imagine Cup Junior trophy.

Challenge rules and regulations can be found here.

It is never too early to get started, and we hope by cultivating student creativity and passion for technology it will spark interest in and support the development of careers at the cutting edge of technology.

Register today at www.imaginecup.com/junior and empower students to truly change the world.

Open only to schools/instructor led clubs for students 13+. Game ends 4/17/20. For Official Rules, see here.

Explore tools for Future Ready SkillsExplore tools for Future Ready Skills

Go to Original Article
Author: Microsoft News Center

What’s new with the Exchange hybrid configuration wizard?

Exchange continues to serve as the on-ramp into Office 365 for many organizations. One big reason is the hybrid capabilities that connect on-premises Exchange and Exchange Online.

If you use Exchange Server, it’s not difficult to join it to Exchange Online for a seamless transition into the cloud. Microsoft refined the Exchange hybrid configuration wizard to remove a lot of the technical hurdles to shift one of the more important IT workloads into Exchange Online. If you haven’t seen the Exchange hybrid experience recently, you may be surprised about some of the improvements over the last few years.

Exchange hybrid setups have come a long way

I started configuring Exchange hybrid deployments the first week Microsoft made Office 365 publicly available in June 2011 with the newest version of Exchange at the time, Exchange 2010. Setting up an Exchange hybrid deployment was a laborious task. Microsoft provided a 75-page document with the Exchange hybrid configuration steps, which would take about three workdays to complete. Then I could start the troubleshooting process to fix the innumerable typos I made during the setup.

In December 2011, Microsoft released Exchange 2010 Service Pack 2, which included the Exchange hybrid configuration wizard. The wizard reduced that 75-page document to a few screens of information that cut down the work from three days to about 15 minutes. The Exchange hybrid configuration wizard did not solve all the problems of an Exchange hybrid deployment, but it made things a lot easier.

What the Exchange hybrid configuration wizard does

The Exchange hybrid configuration wizard is just a PowerShell script that runs all the necessary configuration tasks. The original hybrid configuration wizard completed seven key tasks:

  1. verified prerequisites for a hybrid deployment;
  2. configured Exchange federation trust;
  3. configured relationships between on-premises Exchange and Exchange Online;
  4. configured email address policies;
  5. configured free/busy calendar sharing;
  6. configured secure mail flow between the on-premises and Exchange Online organizations; and
  7. enabled support for Exchange Online archiving.

How the Exchange hybrid configuration wizard evolved

Since the initial release of the Exchange hybrid configuration wizard, Microsoft expanded its capabilities in multiple ways with several major improvements over the last few years.

Since the initial release of the Exchange hybrid configuration wizard, Microsoft expanded its capabilities in multiple ways with several major improvements over the last few years.

Exchange hybrid configuration wizard decoupled from service pack updates: This may seem like a minor change, but it’s a significant development. Having the Exchange hybrid configuration wizard as part of the standard Exchange update cycle meant that any updates to the wizard had to wait until the next service pack update.

Now the Exchange hybrid configuration wizard is an independent component from Exchange Server. When you run the wizard, it checks for a new release and updates itself to the most current configuration. This means you get fixes or additional features without waiting through that quarterly update cycle.

Minimal hybrid configuration: Not every migration has the same requirements. Sometimes a quicker migration with fewer moving parts is needed, and Microsoft offered an update in 2016 for a minimal hybrid configuration feature for those scenarios.

The minimal hybrid configuration helps organizations that cannot use the staged migration option, but want an easy switchover without worrying about configuring extras, such has the free/busy federation in calendar availability.

The minimal hybrid configuration leaves out the following functionality from a full hybrid configuration:

  • cross-premises free/busy calendar availability;
  • Transport Layer Security secured mail flow between on-premises Exchange and Exchange Online;
  • cross-premises eDiscovery;
  • automatic Outlook on the web (OWA) and ActiveSync redirection for migrated users; and
  • automatic retention for archived mailboxes.

If these features aren’t important to your organization and speed is of the essence, the minimal hybrid configuration is a good option.

Recent update goes further with setup work

Microsoft designed the Exchange hybrid configuration wizard to migrate mailboxes without interrupting the end user’s ability to work. The wizard gives users a full global address book, free/busy calendar availability and some of the mailbox delegation features used with an on-premises Exchange deployment.

A major new addition to the hybrid configuration wizard its ability to transfer some of the on-premises Exchange configurations to the Exchange Online tenant. The Hybrid Organization Configuration Transfer feature pulls configuration settings from your Exchange organization and does a one-time setup of the same settings in your Exchange Online tenant.

Microsoft expanded the abilities of Hybrid Organization Configuration Transfer in November 2018 so it configures the following settings: Active Sync Mailbox Policy, Mobile Device Mailbox Policy, OWA Mailbox Policy, Retention Policy, Retention Policy Tag, Active Sync Device Access Rule, Active Sync Organization Settings, Address List, DLP Policy, Malware Filter Policy, Organization Config and Policy Tip Configuration.

The Exchange hybrid configuration wizard only handles these settings once. If you make changes in your on-premises Exchange organization after you run the Exchange hybrid configuration wizard, those changes will not be replicated in the cloud automatically.

Go to Original Article
Author:

Ecstasy programming language targets cloud-native computing

While recent events have focused on Java and how it will fare as computing continues to evolve to support modern platforms and technologies, a new language is targeted directly at the cloud-native computing space — something Java continues to adjust to.

This new language, known as the Ecstasy programming language, aims to address programming complexity and to enhance security and manageability in software, which are key challenges for cloud app developers.

Oracle just completed its Oracle Open World and Oracle Code One conferences, where Java was dominant. Indeed, Oracle Code One was formerly known as JavaOne until last year, when Oracle changed its name to be more inclusive of other languages.

Ironically, Cameron Purdy, a former senior vice president of development at Oracle and now CEO of Xqiz.it (pronounced “exquisite”), based in Lexington, Mass., is the co-creator of the Ecstasy language. Purdy joined Oracle in 2007, when the database giant acquired his previous startup, Tangosol, to attain its Coherence in-memory data grid technology, which remains a part of Oracle’s product line today.

Designed for containerization and the cloud-native computing era

Purdy designed Ecstasy for what he calls true containerization. It will run on a server, in a VM or in an OS container, but that is not the kind of container that Ecstasy containerization refers to. Ecstasy containers are a feature of the language itself, and they are secure, recursive, dynamic and manageable runtime containers, he said.

For security, all Ecstasy code runs inside an Ecstasy container, and Ecstasy code cannot even see the container it’s running inside of — let alone anything outside that container, like the OS, or even another container. Regarding recursivity, Ecstasy code can create nested containers inside the current container, and the code running inside those containers can create their own containers, and so on. For dynamism, containers can be created and destroyed dynamically, but they also can grow and shrink within a common, shared pool of CPU and memory resources. For manageability, any resources — including CPU, memory, storage and any I/O — consumed by an Ecstasy container can be measured and managed in real time. And all the resources within a container — including network and storage — can be virtualized, with the possibility of each container being virtualized in a completely different manner.

Overall, the goal of Ecstasy is to solve a set of problems that are intrinsic to the cloud:

  • the ability to modularize application code, so that some portions could be run all the way out on the client, or all the way back in the heart of a server cluster, or anywhere in-between — including on shared edge and CDN servers;
  • to make code that is portable and reusable across all those locations and devices;
  • to be able to securely reuse code by supporting the secure containerization of arbitrary modules of code;
  • to enable developers to manage and virtualize the resources used by this code to enhance security, manageability, real-time monitoring and cloud portability; and
  • to provide an architecture that would scale with the cloud but could also scale with the many core devices and specialized processing units that lie at the heart of new innovation — like machine learning.

General-purpose programming language

Ecstasy, like C, C++, Java, C# and Python, is a general-purpose programming language — but its most compelling feature is not what it contains, but rather what it purposefully omits, Purdy said.

For instance, all the aforementioned general-purpose languages adopted the underlying hardware architecture and OS capabilities as a foundation upon which they built their own capabilities, but additionally, these languages all exposed the complexity of the underlying hardware and OS details to the developer. This not only added to complexity, but also provided a source of vulnerability and deployment inflexibility.

As a general-purpose programming language, Ecstasy will be useful for most application developers, Purdy said. However, Xqiz.it is still in “stealth” mode as a company and in the R&D phase with the language. Its design targets all the major client device hardware and OSes, all the major cloud vendors, and all of the server back ends.

“We designed the language to be easy to pick up for anyone who is familiar with the C family of languages, which includes Java, C# and C++,” he said. “Python and JavaScript developers are likely to recognize quite a few language idioms as well.”

Ecstasy is not a superset of Java, but [it] definitely [has] a large syntactic intersection. Ecstasy adds lots and lots onto Java to improve both developer productivity, as well as program correctness.
Mark FalcoSenior principal software development engineer, Workday

Ecstasy is heavily influenced by Java, so Java programmers should be able to read lots of Ecstasy code without getting confused, said Mark Falco, a senior principal software development engineer at Workday who has had early access to the software.

“To be clear, Ecstasy is not a superset of Java, but [it] definitely [has] a large syntactic intersection,” Falco said. “Ecstasy adds lots and lots onto Java to improve both developer productivity, as well as program correctness.” The language’s similarity to Java also should help with developer adoption, he noted.

However, Patrick Linskey, a principal engineer at Cisco and another early Ecstasy user, said, “From what I’ve seen, there’s a lot of Erlang/OTP in there under the covers, but with a much more accessible syntax.” Erlang/OTP is a development environment for concurrent programming.

Falco added, “Concurrent programming in Ecstasy doesn’t require any notion of synchronization, locking or atomics; you always work on your local copy of a piece of data, and this makes it much harder to screw things up.”

Compactness, security and isolation

Moreover, a few key reasons for creating a new programming language for serverless, cloud and connected devices apps are their compactness, security and isolation, he added.

“Ecstasy starts off with complete isolation at its core; an Ecstasy app literally has no conduit to the outside world, not to the network, not to the disk, not to anything at all,” Falco said. “To gain access to any aspect of the outside world, an Ecstasy app must be injected with services that provide access to only a specific resource.”

“The Ecstasy runtime really pushes developers toward safe patterns, without being painful,” Linskey said. “If you tried to bolt an existing language onto such a runtime, you’d end up with lots of tough static analysis checks, runtime assertions” and other performance penalties.

Indeed, one of the more powerful components of Ecstasy is the hard separation of application logic and deployment, noted Rob Lee, another early Ecstasy user who is vice president and chief architect at Pure Storage in Mountain View, Calif. “This allows developers to focus on building the logic of their application — what it should do and how it should do it, rather than managing the combinatorics of details and consequences of where it is running,” he noted.

What about adoption?

However, adoption will be the “billion-dollar” issue for the Ecstasy programming language, Lee said, noting that he likes the language’s chances based on what he’s seen. Yet, building adoption for a new runtime and language requires a lot of careful and intentional community-building.

Cisco is an easy potential candidate for Ecstasy usage, Linskey said. “We build a lot of middlebox-style services in which we pull together data from a few databases and a few internal and external services and serve that up to our clients,” he said. “An asynchronous-first runtime with the isolation and security properties of Ecstasy would be a great fit for us.”

Meanwhile, Java aficionados expect that Java will continue to evolve to meet cloud-native computing needs and future challenges. At Oracle Code One, Stewart Bryson, CEO of Red Pill Analytics in Atlanta, said he believes Java has another 10 to 20 years of viability, but there is room for another language that will better enable developers for the cloud. However, that language could be one that runs on the Java Virtual Machine, such as Kotlin, Scala, Clojure and others, he said.

Go to Original Article
Author:

The use of technology in education has pros and cons

The use of technology in education continues to grow, as students turn to AI-powered applications, virtual reality and internet searches to enhance their learning.

Technology vendors, including Google, Lenovo and Microsoft, have increasingly developed technology to help pupils in classrooms and at home. That technology has proved popular with students in elementary education and higher education, and has been shown to benefit independent learning efforts, even as critics have expressed worry that can lead to decreased social interactions.

Lenovo, in a recent survey of 15,000 technology users across 10 countries, reported that 75% of U.S. parents who responded said their children are more likely to look something up online than ask for help with schoolwork. In China, that number was 85%, and in India, it was 89%.

Taking away stress

According to vendors, technology can augment schoolwork help busy parents give their children.

Parenting in general is becoming a challenge for a lot of the modern families as both parents are working and some parents may feel overwhelmed,” said Rich Henderson, director of global education solutions at Lenovo, a China-based multinational technology vendor.

If children can learn independently, that can take pressure and stress off of parents, Henderson continued.

Independent learning can include searching for information on the web, querying using a virtual assistant, or using specific applications.

About 45% of millennials and younger students find technology “makes it much easier to learn about new things,” Henderson said.

Many parents, however, said on the survey that they felt the use of technology in education, while beneficial to their children’s learning, also led to decreases in social interactions. Using the technology to look up answers, instead of consulting parents, teachers or friends, concerned parents that “their children may be becoming too dependent on technology and may not be learning the necessary social skills they require,” according to the survey.

At the same time, however, many parents felt that the use of technology in education would eventually help future generations become more independent learners.

Technology has certainly helped [children learn].
Rich HendersonDirector of global education solutions, Lenovo

“Technology has certainly helped [children learn] with the use of high-speed internet, more automated translation tools. But we can’t ignore the fact that we need students to improve their social skills, also,” Henderson said. “That’s clearly a concern the parents have.”

Yet, despite the worries, technology vendors have poured more and more money into the education space. Lenovo itself sells a number of hardware and software products for the classroom, including infrastructure to help teachers manage devices in a classroom, and a virtual reality (VR) headset and software to build a VR classroom.

The VR classroom has benefited students taking online classes, giving them a virtual classroom or lab to learn in.

Google in education

Meanwhile Google, in an Aug. 15 blog post, promoted the mobile learning application Socratic it had quietly acquired last year. The AI-driven application, released for iOS, can automatically solve mathematical and scientific equations by taking photos of them. The application can also search for answers to questions posed in natural language.

Use of technology in education, student, learning
The use of technology in education provides benefits and challenges for students.

Also, Socratic features references guides to topics frequently taught in schools, including algebra, biology and literature.

Microsoft, whose Office suite is used in many schools around the world, sells a range of educational and collaborative note-taking tools within its OneNote product. The tool, which includes AI-driven search functions, enables students to type in math equations, which it will automatically solve.

While apparently helpful, the increased use of technology in education, as well as the prevalence of AI-powered software for students, has sparked some criticism.

The larger implications

Mike Capps, CEO of AI startup Diveplane, which sells auditable, trainable, “transparent” AI systems, noted that the expanding use of AI and automation could make basic skills obsolete.

Many basic skills, including typing and driving, could eventually end up like Latin — learnable, potentially useful, but unnecessary.

AI systems could increasingly help make important life decisions for people, Capps said.

“More and more decisions about kids’ lives are made by computers, like college enrollment decisions and what car they should buy,” Capps said.

Go to Original Article
Author: