Hey all. I played 20 minutes of Doom in 4K on this laptop. Then over the next year I only turned it on 10 times or so to use Excel. Im selling simply because I don’t use it. With such little use everything is still in great condition as can be seen from the pictures. There is one tiny mark on the top of the laptop about 1mm in size, beyond that there isn’t another mark or blemish to be seen.
Im including my Razer DeathAdder Elite gaming mouse for whoever buys this laptop. I bought the…
DevOps security processes have matured within enterprises over the last year, but IT shops still have far to go to stem the tide of data breaches.
DevOps teams have built good security habits almost by default as they have increased the frequency of application releases and adopted infrastructure and security automation to improve software development. More frequent, smaller, automated app deployments are less risky and less prone to manual error than large and infrequent ones.
Microservices management and release automation demand tools such as infrastructure as code and configuration management software to manage infrastructure, which similarly cut down on human error. Wrapped up into a streamlined GitOps process, Agile and DevOps techniques automate the path to production while locking down access to it — a win for both security and IT efficiency.
However, the first six months of 2019 saw such a flood of high-profile data breaches that at least one security research firm called it the worst year on record. And while cybersecurity experts aren’t certain how trustworthy that measurement is — there could just be more awareness of breaches than there used to be, or more digital services to attack than in past years — they feel strongly that DevOps security teams still aren’t staying ahead of attackers, who have also learned to automate and optimize what they do.
“The attackers have innovated, and that’s one of the problems with our industry — we’re at least five years behind the attackers,” said Adrian Sanabria, advocate at Thinkst Applied Research, a cybersecurity research and software firm based in South Africa. “We’re in a mode where we’re convinced, with all this VC money and money spent on marketing, that we have to wait for a product to be available to solve these problems … and they’re never going to be ready in time.”
DevOps security tools aren’t enough
A cybersecurity tool is only as good as how it’s used, Sanabria said, citing the example of a Target breach in 2013, where security software detected potentially malicious activity, but IT staff didn’t act on its warnings. In part, this was attributed to alert fatigue, as IT teams increasingly deal with a fire hose of alerts from various monitoring systems. But it also has to do with IT training, Sanabria said.
“In the breach research I’ve done, generally everyone owned [the tools] they needed to own,” he said. “They either didn’t know how to use it, hadn’t set it up correctly, or they had some kind of process issue where the [tools] did try to stop the attacks or warn them of it, [but] they either didn’t see the alert or didn’t act on the alert.”
Adrian SanabriaAdvocate, Thinkst Applied Research
DevOps security, or DevSecOps, teams have locked down many of the technical weak points within infrastructure and app deployment processes, but all too often, the initial attack takes a very human form, such as a spoofed email that seems to come from a company executive, directing the recipient to transfer funds to what turns out to be an attacker’s account.
“Often, breaches don’t even require hacking,” Sanabria said. “It requires understanding of financial processes, who’s who in the company and the timing of certain transactions.”
Preventing such attacks requires that employees be equally familiar with that information, Sanabria said. That lack of awareness is driving a surge in ransomware attacks, which rely almost entirely on social engineering to hold vital company data hostage.
Collaboration and strategy vital for DevOps security
Thus, in a world of sophisticated technology, the biggest problems remain human, according to experts — and their solutions are also rooted in organizational dynamics and human collaboration, starting with a more strategic, holistic organizational approach to IT security.
“Technology people don’t think of leadership skills and collaboration as primary job functions,” said Jeremy Pullen, CEO of Polodis, a digital transformation consulting firm in Atlanta. “They think the job is day-to-day technical threat remediation, but you can’t scale your organization when you have people trying to do it all themselves.”
An overreliance on individual security experts within enterprises leads to a ‘lamppost effect,’ where those individuals overcompensate for risks they’re familiar with, but undercompensate in areas they don’t understand as well, Pullen said. That kind of team structure also results in the time-honored DevOps bugaboo of siloed responsibilities, which increases security fragility in the same way it dampens application performance and infrastructure resilience.
“Developers and operations may be blind to application security issues, while security tends to focus on physical and infrastructure security, which is most clearly defined in their threat models,” Pullen said. “Then it becomes a bit of a game of Whac-a-Mole … where you’re trying to fix one thing and then another thing pops up, and it gets really noisy.”
Instead, DevSecOps teams must begin to think of themselves and their individual job functions as nodes in a network rather than layers of a stack, Pullen said, and work to understand how the entire organization fits together.
“Everyone’s unclear about what enterprise architecture is,” he said. “They stick Jenkins in the middle of a process but might not understand that they need to separate that environment into different domains and understand governance boundaries.”
Effective DevOps security requires more team practice
Strategically hardening applications and IT management processes to prevent attacks is important, but organizations must also strategically plan — and practice — their response to ongoing security incidents that can and will still happen.
“Cybersecurity so far has been focused on solitary study and being the best technical practitioner you can be, and building stand-alone applications and infrastructure to the best technical standard, which reminds me of golf,” said Nick Drage, principal consultant at Path Dependence Ltd., a cybersecurity consulting firm based in the U.K., in a presentation at DevSecCon in Seattle last month. “But in reality, cybersecurity is a fight with an opponent over territory — much more like American football.”
As long as security is practiced by isolated individuals, it will be as effective as taking the football field armed with golf clubs, Drage said. Instead, the approach should be more team-oriented, cooperative, and, especially, emphasize team practice to prepare for ‘game time.’
Charles BetzAnalyst, Forrester Research
American football defenses are particularly instructive for DevOps security strategy ideas about defense in depth, Drage said in his presentation. Among other things, they demonstrate that an initial incursion into a team’s territory — yards gained — does not amount to a breach — points scored. IT teams should also apply that thinking as they try to anticipate and respond to threats — how to protect the ‘end zone,’ so to speak, and not just their half of the field.
Thinkst’s Sanabria uses a different analogy — the DevOps security team as firefighters.
“We’re not going to get good at this if we don’t practice it,” he said. “We buy all the tools, but imagine firefighters if they’d never donned the suits, never driven the truck, never used the hose and they’re not expecting the amount of force and it knocks them down. Going out to their first fire would look like a comedy.”
And yet that’s exactly what happens with many enterprise IT security teams when they must respond to incidents, Sanabria said, in part because companies don’t prioritize experiential learning over informational training.
The good news is that IT analysts expect the next wave of DevOps security to look very much like chaos engineering used in many organizations to improve system resiliency, but with a human twist. Organizations have begun to emerge such as OpenSOC, which sets up training workshops, including simulated ransomware attacks, for companies to practice security incident response. Companies can also do this internally by treating penetration tests as real attacks, otherwise known as red teaming. Free and open source tools such as Infection Monkey from Guardicore Labs also simulate attack scenarios.
Tech companies such as such as Google already practice their own form of human-based chaos testing, where employees are selected at random for a ‘staycation,’ directed to take a minimum of one hour to answer work emails, or to intentionally give wrong answers to questions, to test the resiliency of the rest of the organization.
“Despite the implications of the word ‘chaos,’ some companies are already presenting chaos engineering to their risk management leaders and auditors,” said Charles Betz, analyst at Forrester Research. “This is the future of governance — controlling risk on the human side of our systems.”
Microsoft has been awarded the U.S. Department of Defense’s controversial JEDI contract over AWS in a surprise development that could be remembered as a watershed moment in the battle for market share among hyperscale cloud computing providers.
AWS had widely been expected to win the Joint Enterprise Defense Infrastructure contract, which was first announced in September 2017 and vigorously pursued by IBM, Oracle, Google and Microsoft. The DoD narrowed the field of candidates to AWS and Microsoft in April, and in July a judge tossed out a federal lawsuit brought by Oracle in protest of the process.
AWS had a perceived leg up on competitors for the JEDI contract, thanks not only to the breadth and depth of its cloud platform, but due to precedent. Several years ago, AWS landed a $600 million contract with the CIA centered on further development of the intelligence agency’s big data analytics capabilities.
Still, in May 2018, Microsoft said it had won a contract worth hundreds of millions of dollars that would see a panoply of U.S. intelligence agencies use its Azure Government service.
The DoD’s JEDI proposal, as laid out in a November 2017 memo, calls for a 10-year contract with a single provider to create a “highly available, exponentially elastic, secure, resilient cloud computing environment that seamlessly extends from the homefront to the tactical edge.”
The JEDI contract is worth up to $10 billion over the life of the agreement, but the base contract period is for just two years with $1 million guaranteed, according to the DoD. About $210 million is expected to be spent during the initial two years, but the remainder of the contract is subject to rigorous ongoing reviews, the DoD said.
AWS could not immediately be reached for comment, but in published reports, a company spokesperson expressed surprise at the result.
“AWS is the clear leader in cloud computing, and a detailed assessment purely on the comparative offerings clearly lead to a different conclusion,” the company said.
The specter of presidential politics has loomed over the JEDI contract saga, with President Donald Trump – a harsh critic of Amazon CEO Jeff Bezos – saying in July that his administration planned to scrutinize Amazon’s JEDI bid in the wake of complaints about the award process from AWS competitors.
It isn’t immediately clear whether Amazon can or will pursue additional recourse following the JEDI contract award to Microsoft.
“All offerors were treated fairly and evaluated consistently with the solicitation’s stated evaluation criteria,” the DOD said in a statement. “Prior to the award, the department conferred with the DOD Inspector General, which informed the decision to proceed.”
While the Pentagon plans to eventually move 80% of its internal systems to the platform created by JEDI, it maintains many other cloud services. It also “continues to assess and pursue various cloud contracting opportunities,” according to a statement.
The cloud infrastructure market is worth about $100 billion at present, according to new numbers from Synergy Research. AWS has about 33.5% share of that market, with Microsoft at about 16.5%, Synergy reported.
AWS may still have a healthy lead over Microsoft, but the JEDI award gives the latter not only bragging rights but also a high-profile testimony to Azure’s readiness for the world’s most critical and sensitive workloads, which could prove quite valuable in negotiating other large-scale deals.
More details of the DoD’s decision-making process could be learned in coming days. In recent months, there had been some speculation the DoD would add an additional vendor to the JEDI contract after an initial award, both to hedge its strategic bets and mollify critics.
This is a breaking news story. More details to follow.
Finally the wait is over and we’re thrilled to announce that Ori and the Blind Forest: Definitive Edition is available today for Nintendo Switch in the Nintendo eShop! We couldn’t be happier with the reception so far, especially from our fans!
Ori and the Blind Forest: Definitive Edition is a unique action platformer that combines deep Metroidvania style gameplay with emotional storytelling. The forest of Nibel is dying and Ori must find courage to confront Kuru, the dark owl, in order to save the forest. Ori’s journey is a story about love, sacrifice, and the hope that exists in us all.
To our Switch friends, we’re excited for you to enjoy the same Ori and the Blind Forest: Definitive Edition experience that Xbox and PC players know and love. We can’t wait for you to share your stories of your time exploring Nibel!
For over half a century, it has become a tradition in the U.S. to commemorate Hispanic Heritage Month from September 15th to October 15th. This is a month of celebration, tribute and pride for those of us that relate to the Hispanic/Latinx culture, either because we are part of it, or because we have grown fond of this community and feel a connection. But, this is also a time for reflection.
For some time now, our community has been going through challenging times deriving from strong external narratives that fail to represent our beauty, our diversity and the real challenges that we face today and in the past. Stories that attempt to create deep social divisions. Stories that intend to tear down the very fabric of what the Hispanic and Latinx communities truly represent.
As a Latino and Executive Sponsor of HOLA (Hispanic & Latinx Organization of Leaders in Action), Microsoft’s Hispanic/Latinx Employee Resource Group, I have learned so much on my journey to represent and propel the Latino culture in the USA. It’s just amazing to see the positive impact that Latinos have daily. On one hand, 86% of all new US businesses have been launched by Latinos over the last decadeandLatinas create small businesses 6x faster than any other group in the country. Latino GDP was $2.13 Trillion in 2015, and it’s growing 70% faster than the rest of the economy.
Latinos are contributing to the very fabric of this country and that is why it is extremely important that our individual voices and personal stories of struggles, achievements and contributions to the North American culture continue to collectively rise. Hispanic Heritage Month is a perfect moment to share the true narrative of who we are, and the great impact and role each one of us plays in society.
To honor Hispanic Heritage Month,Microsoft is celebrating Latinx culture and inspirational stories throughOur Voz. This will include local events in the community, celebrations, as well as stories from our own Latinxemployees who are making an impact in the community.
Microsoft HOLA, in partnership with our Global Diversity and Inclusion team and our many internal allies across all businesses, have established strong partnerships with key stakeholders in the Latino community. Byjoining forces,we have helped accelerate progress across a wide range of topicsfrom our own internal culture and ability to bring our true selves to work, to supporting families through immigration challenges, improvingeducation, and much more.We would like to take the opportunity to recognize and thank these organizations for their partnership and the great work they do every day to make a difference for our community.You can view the full list of partner organizations below.
It is my belief that through empathy, mutual understanding and purposeful action we can make a lasting, bigger impact that changes how we experience the world – and how the world experiences us. Please visitmicrosoft.com/en-us/hispanic-heritage-month/default.aspx for the most current news and opportunities to celebrate, engage and be inspired.If you want to learn more about broader initiatives for diversity and inclusion at Microsoft please visithere.
ALPFA ALPFA’s mission: To empower and develop Latino men and women as leaders of character for the nation, in every sector of the global economy.
DigiGirlz DigiGirlz is Microsoft’s own global outreach program that gives middle and high school girls opportunities to learn about careers in technology, connect with Microsoft employees, and participate in hands-on computer and technology workshops.
HACR HACR’s Mission is to advance the inclusion of Hispanics in Corporate America at a level commensurate with our economic contributions.
HITEC Global HITEC is a premier global executive leadership organization of senior business and technology executives who have built outstanding careers in technology. HITEC’s premiere network spans the Americas and is focused on building stronger technology and executive leaders, leadership teams, corporations, and role models in a rapidly changing, flatter, and technology centric world.
IPLI The “HNBA/Microsoft IP Law Institute” provides opportunities for Latino students interested in intellectual property law. This summer, up to twenty-five Latino law students from law schools across the country will be chosen to participate in an IP immersion program in Washington, DC. Candidates are selected in a highly competitive process, and the selected students are provided substantive instruction, the opportunity to observe first-hand U.S. IP institutions at work, and the chance to meet leading members of the IP legal community who will serve as mentors and potentially provide pathways for future job opportunities.
iUrbanTeen Mission: To expose and inspire underrepresented youth to become tomorrow’s business and technology leaders. iUrban Teen is a nationally recognized program focused on bringing career focused education to underrepresented teens ages 13 to 18. Youth receive hands-on exposure to a variety of careers and civic engagement that step them outside of their current boundaries. Our target demographics are African American, Latino and Native American males, however, the program is inclusive of all youth.
KIND (Kids in need of Defense) Microsoft, along with Angelina Jolie, founded KIND in 2008 to provide legal services to unaccompanied children entering the U.S. Brad Smith Microsoft President is also KIND Chairman of the Board. Many of our Microsoft in house attorneys and other professionals work on KIND cases on a pro bono basis, and Microsoft also supports for a KIND fellow, an attorney who works for KIND and supports Microsoft’s pro bono efforts. More information about KIND can be found Here
LatinaGeeks Empowering and inspiring adult Latinas by sharing technical knowledge, business skills, and entrepreneurship resources through hands-on workshops and community events.
Nuevo Foundation Inspiring kids to be curious, confident, and courageous by discovering the world of STEM. Offers coding workshops that provide hands on opportunities for students to learn real-world problem-solving skills using coding, hardware and their own imagination. Also, offers virtual sessions to share the stories of people who have succeeded in STEM fields with students worldwide. Lastly, offer speaker engagements to motivate students to pursue STEM education.
SHPE SHPE changes lives by empowering the Hispanic community to realize its fullest potential and to impact the world through STEM awareness, access, support and development.
Tapia conference The Tapia conference is the premier venue to acknowledge, promote and celebrate diversity in computing.
TECHNOLOchicas Microsoft is a sponsor of TECHNOLOchicas, a campaign of our strategic partner, the National Center for Women and Information Technologies (NCWIT) and the Televisa Foundation to increase the visibility and participation of Latinas in technology. Each campaign year a Latina Microsoft technologist serves as one of the TECHNOLOchica Ambassadors featured in the campaign video and social media assets and represents our company at TECHNOLOchica events.
Gearing up for adoption of non-volatile memory over fabrics, Cisco upgraded its multilayer MDs network switches to help shops transition to the next generation of Fibre Channel block storage.
Cisco will add line cards for the Cisco MDS 9700 family for in-place hardware upgrades and an extension of Cisco SAN Analytics to support the NVMe protocol.
The new Cisco MDS 9700 switching hardware enables data centers to run multiple Fibre Channel (FC) generations in the same chassis. Other new features include Ansible modules that automate deployment of storage tasks for VMware vSAN, device aliases and zoning.
Cisco said it plans to ship 64G line cards for MDS-9706, MDS-9710 and MDS-9718 Director switches by the end of 2019. The new cards are timed in advance of 64 gigabit per second FC, also known as Gen 7 FC. A data center can install the Cisco line card to run 64 Gbps FC concurrently with existing 16-gig and 32-gig traffic.
MDS 9700 switches are part of the Cisco MDS 9000 product line, which consists of large networking devices that centralize the management of storage traffic at the switch level. Cisco MDS 9700 products launched in 2013, around the time NVMe flash media emerged as a contender to SATA-based SSDs.
Cisco follows Brocade
The latest Cisco MDS product update comes nearly 18 months after similar products hit the market by SAN switching rival Brocade, now part of semiconductor giant Broadcom. Broadcom and Cisco are the only large vendors who sell FC network switches and are positioning those devices for NVMe over FC implementations. There are also Ethernet and InfiniBand options for running NVMe over Fabrics (NVMe-oF).
FC technology delivers a high level of lossless performance, while NVMe offers a quantum boost in network latency by routing traffic across PCI Express lanes. The combination is expected to have broad appeal to data centers with applications demanding extreme high performance.
Reengineering the Cisco MDS 9700 required a lot of work to avoid “rip and replace” scenarios, said Scott Sinclair, an analyst for storage at Enterprise Strategy Group, an IT research firm in Milford, Mass.
“There is a big desire to transition storage networks to NVMe, and the Fibre Channel community is making it insanely easy to do. Cisco had to do a lot of hard work to make this transition seamless, and that will help companies save a ton of money over the long haul,” Sinclair said.
Data centers can adapt existing FC technologies for NVMe via a software upgrade. FC has fewer hurdles to NVMe adoption than Ethernet-based remote direct memory access memory technologies, which include RDMA over Converged Ethernet and Internet Wide Area RDMA Protocol. Another NVME fabric option is TCP/IP, a server-native functionality popular with hyper-scale cloud providers.
Onboard telemetry is native to all Cisco MDS 9000 switches. The latest iteration of the software is designed to capture high-fidelity reads of all traffic, including traditional SCSI block messages and data sent via NVMe-oF. The tool allows admins to slide back one hour at a time to pinpoint trouble spots with networks or storage.
Unilever, the multibillion-dollar multinational consumer goods company, does a lot of advertising.
Owning over 400 brands, including Dove, Lipton, Axe, and Ben and Jerry’s, Unilever regularly processes massive amounts of consumer and social media data to help understand their customers and create personalized marketing campaigns.
To power its campaigns, Unilever turned to Google Cloud APIs, using natural language processing tools and AI for marketing.
Vision and Natural Language
“We have a broad repertoire of products that consumers love to eat, to use, and to clean with,” explained Alex Owens, VP and global head of data and analytics at Unilever.
“My job is to get insights on people that use our products, to ensure that we can deliver the products that meet their needs, as well as get us the data that we have on consumers and that we collect with their consent, to power a real-time marketing capability,” Owens said.
Due to its size and reach, Unilever has a special partnership with Google, Owens said. The company gets top-level support and enjoys early access to many Google products.
One that Unilever relies heavily on for its AI for marketing efforts is the Google Cloud Vision API, a product that, according to Google’s webpage for it, provides easily modifiable pre-trained machine learning models that can analyze objects, images and text.
“What that does is it allows you to decode images that you might have on the likes of Instagram,” Owens said. This essentially enables Unilever to gather massive amounts of metadata from social media posts to help power its AI for marketing campaigns.
For example, Owens continued, Unilever ran an advertising campaign on social media for the toothpaste brand Close-Up in Southeast Asia around Valentine’s Day. Unilever wanted to target younger people, so, using the Cloud Vision API, the company analyzed hashtags and social media content from Southeast Asia.
“We realized by looking at the search analytics that the second most popular thing on Google around Valentine’s Day is learning how to kiss. So, thankfully, we developed a campaign around the art of kissing,” Owens said. Unilever released short videos on Instagram, Facebook and YouTube that millions saw.
Analyzing social media
Unilever also uses the Google Cloud Vision API, along with the Cloud Natural Language API, to help ensure that marketing efforts adhere to the cultural norms of the many “culturally diverse” areas Unilever advertises in, Owens said.
The Vision API can decode all the user-generated content across social media, Owens said, while the Natural Language API analyzes user comments.
According to Google, the Natural Language API can perform analysis and annotation on text, including sentiment analysis, which can help decode emotion; entity analysis, which can help discern what the text refers to; and syntactic analysis, which can help determine the makeup of a sentence.
Combined, the two APIs “allow you to basically summarize the themes as the sentiment of how people are talking about your advertising real time,” Owens said. This enables Unilever to determine a campaign’s effectiveness and make changes quickly.
In another example, Unilever drew on its vast data sources and used the APIs to promptly identify a defective product based on user comments and swiftly made changes to the product, Owens said.
Owens said while Google’s tools work well for Unilever, and the relationship with the tech giant is important, he had some trouble initially getting the APIs to work as needed.
For example, it took a while to properly train the Vision API machine learning models, Owens explained.
“We played around a lot with the capability with Google to help refine it,”” Owens said. That’s like any AI tool, he said, but still, it took time.
Unilever also faced challenges with the Google’s translation technology. Years ago, the technology wasn’t as accurate as it is now, Owens said. Internal teams had to tweak the translation and adapt the tools to meet their needs.
“It probably didn’t cover the languages that maybe we would want, or at least have the coverage within those languages to translate what we needed,” he explained.
Being such a large organization, Unilever has the financial resources and software talent to test new technologies and features before deploying them. When the technologies are released, they are already workable and scalable because they were tested. Unilever also pairs third-party technologies with Unilever’s own platforms. All this ensures smoother rollouts of new features, Owens said.
Unilever also uses marketing tools from Adobe for Unilever’s AI for marketing efforts, which Owens said pairs well with Google’s tools.
With Google Cloud, “we support data-driven marketing to extract the insights that we need. And [to] ensure Unilever continues to be relevant to people that consumer our brands,” Owens said.
Selling as we’ve moved away from Apple products and back to Windows.
Would prefer pick up to avoid postage, I work at Heathrow so can always meet someone near there if that suits.
Price and currency: £650 Delivery: Delivery cost is not included Payment method: Paypal, COD, BT Location: Frimley, Surrey Advertised elsewhere?: Advertised elsewhere Prefer goods collected?: I prefer the goods to be collected
______________________________________________________ This message is automatically inserted in all classifieds forum threads. By replying to this thread you agree to abide by the trading rules detailed here. Please be advised, all buyers and sellers should satisfy themselves that the other party is genuine by providing the following via private conversation to each other after negotiations are complete and prior to dispatching goods and making payment:
Landline telephone number. Make a call to check out the area code and number are correct, too
Name and address including postcode
Valid e-mail address
DO NOT proceed with a deal until you are completely satisfied with all details being correct. It’s in your best interest to check out these details yourself.