DevSecOps Pune Meetup 4

This I had attended almost a month back. I just didn’t have the time or the energy to blog about it. Thankfully, one of the organizers Rohan Nageskar took the time to blog about it so I don’t have to do much other than share a few of the links I had shared and some which I had forgotten to do on that date. The first one was about usage of A.I. for vulnerability assessment using twitter mentions as a source. While the idea certainly has merit and would go a long way in getting nods to fix vulnerabilities in the code during the whole cycle of development, production, deployment, scaling, maintainance till the time the code or app. or whatever needs to be retired. At the same time however, it is not known how accurate the system would be because at the end, it still relies on human input and humans per-se are bad at threat perception and evaluation as per millions of examples. All the wars that have been fought and are still being fought in whatever name is a strong example of that.

One of the other things that I shared was the Intel Spoiler attack which was just shared just a few hours ago or something so it was pretty fresh at the time. I also shared a bit about where the hardware industry seemed to be heading and it seems at least for the near future that AMD would have the leg up. There’s the whole RISC bit for which chips are already out there and lot more being promised in the coming months and year but that’s a different topic altogether.

Incidentally, while Rohan was sharing about using Ansible for scaling a webapp and how you would have different servers for scaling the webapp. depending on needs, I was wondering that definitely the BJP IT Team would have profited from Rohan’s presentation. While Rohan didn’t go much into specifics of things, it was more or a high-level overview of the process, it did establish some groundwork for any individual or team as to how they could go about it. For newbies they could well read up on the differences on webapp. and website . To my mind, they are one and the same as most sites nowadays are dyanmic in nature due to nature of things.

I also shared about the BJP site hack (unofficially of course) and everybody was nonplussed to learn about it because we all have been told again and again the skills the BJP IT cell has. This is when it was almost 2 weeks when the site was down. Few days later, they did put a sort of site back and stole a bootstrapable theme . There were quite a few hate comments, which can be easily be termed victim-shaming and they had no choice but to respond back . It seems that the people in BJP do not understand either understand or don’t want to understand Intellectual Property Rights or to be more specific, Copyright in this particular case. This specific example is clearly a case of copyright infringment rather than anything else. In fact all of the FOSS environment revolves around credit-sharing apart from monetary compensation.

Anyways, some pictures from the meetup to round off the day 🙂

Me sharing some point probably
All the attendees of the Devops meetup.

In the last picture you can see Rohan at the end right in an orange t-shirt with glasses while Rahul you can see in dead center in white shirt at the center. They were the organizers of the event. Many thanx to Qualys for being the host for the meetup.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.