Les Smart Contracts sont un élément clé de la technologie blockchain. Ils sont des programmes informatiques déployés sur une blockchain, qui automatisent des transactions complexes, éliminent les intermédiaires et renforcent la confiance entre les parties prenantes. Les Smart Contracts sont devenus un élément essentiel de nombreux projets blockchain et ont le potentiel de transformer de nombreux secteurs d'activité. Cependant, la sécurité des Smart Contracts est un enjeu majeur. Comme tout programme informatique, ils peuvent contenir des bugs ou des vulnérabilités qui peuvent être exploités par des attaquants. Dans cette présentation, nous allons explorer ce qu'est un Smart Contract, les risques associés à leur utilisation, les vulnérabilités connues et les meilleures pratiques pour réduire ces risques si vous utilisez des Smart Contracts dans votre business. L'objectif est de vous donner une meilleure compréhension de la sécurité des Smart Contracts et de vous fournir les outils nécessaires pour utiliser cette technologie de manière sûre et fiable.

GitGuardian est de retour avec l'édition 2024 du State of Secrets Sprawl, la recherche la plus complète sur les secrets exposés dans GitHub à ce jour. Découvrez le nombre de secrets qui ont fait surface l'année dernière et plongez dans une série de sujets captivants.

Summary

Generative AI has rapidly transformed everything in the technology sector. When Andrew Lee started work on Shortwave he was focused on making email more productive. When AI started gaining adoption he realized that he had even more potential for a transformative experience. In this episode he shares the technical challenges that he and his team have overcome in integrating AI into their product, as well as the benefits and features that it provides to their customers.

Announcements

Hello and welcome to the Data Engineering Podcast, the show about modern data management Dagster offers a new approach to building and running data platforms and data pipelines. It is an open-source, cloud-native orchestrator for the whole development lifecycle, with integrated lineage and observability, a declarative programming model, and best-in-class testability. Your team can get up and running in minutes thanks to Dagster Cloud, an enterprise-class hosted solution that offers serverless and hybrid deployments, enhanced security, and on-demand ephemeral test deployments. Go to dataengineeringpodcast.com/dagster today to get started. Your first 30 days are free! Data lakes are notoriously complex. For data engineers who battle to build and scale high quality data workflows on the data lake, Starburst powers petabyte-scale SQL analytics fast, at a fraction of the cost of traditional methods, so that you can meet all your data needs ranging from AI to data applications to complete analytics. Trusted by teams of all sizes, including Comcast and Doordash, Starburst is a data lake analytics platform that delivers the adaptability and flexibility a lakehouse ecosystem promises. And Starburst does all of this on an open architecture with first-class support for Apache Iceberg, Delta Lake and Hudi, so you always maintain ownership of your data. Want to see Starburst in action? Go to dataengineeringpodcast.com/starburst and get $500 in credits to try Starburst Galaxy today, the easiest and fastest way to get started using Trino. Your host is Tobias Macey and today I'm interviewing Andrew Lee about his work on Shortwave, an AI powered email client

Interview

Introduction How did you get involved in the area of data management? Can you describe what Shortwave is and the story behind it?

What is the core problem that you are addressing with Shortwave?

Email has been a central part of communication and business productivity for decades now. What are the overall themes that continue to be problematic? What are the strengths that email maintains as a protocol and ecosystem? From a product perspective, what are the data challenges that are posed by email? Can you describe how you have architected the Shortwave platform?

How have the design and goals of the product changed since you started it? What are the ways that the advent and evolution of language models have influenced your product roadmap?

How do you manage the personalization of the AI functionality in your system for each user/team? For users and teams who are using Shortwave, how does it change their workflow and communication patterns? Can you describe how I would use Shortwave for managing the workflow of evaluating, planning, and promoting my podcast episodes? What are the most interesting, innovative, or unexpected ways that you have seen Shortwave used? What are the most interesting, unexpected, or challenging lessons that you have learned while working on Shortwave? When is Shortwave the wrong choice? What do you have planned for the future of Shortwave?

Contact Info

LinkedIn Blog

Parting Question

From your perspective, what is the biggest gap in the tooling or technology for data management today?

Closing Announcements

Thank you for listening! Don't forget to check out our other shows. Podcast.init covers the Python language, its community, and the innovative ways it is being used. The Machine Learning Podcast helps you go from idea to production with mach

Overview of data privacy, safety considerations and best practices when using Generative AI tools.

Summary

Databases come in a variety of formats for different use cases. The default association with the term "database" is relational engines, but non-relational engines are also used quite widely. In this episode Oren Eini, CEO and creator of RavenDB, explores the nuances of relational vs. non-relational engines, and the strategies for designing a non-relational database.

Announcements

Hello and welcome to the Data Engineering Podcast, the show about modern data management This episode is brought to you by Datafold – a testing automation platform for data engineers that prevents data quality issues from entering every part of your data workflow, from migration to dbt deployment. Datafold has recently launched data replication testing, providing ongoing validation for source-to-target replication. Leverage Datafold's fast cross-database data diffing and Monitoring to test your replication pipelines automatically and continuously. Validate consistency between source and target at any scale, and receive alerts about any discrepancies. Learn more about Datafold by visiting dataengineeringpodcast.com/datafold. Dagster offers a new approach to building and running data platforms and data pipelines. It is an open-source, cloud-native orchestrator for the whole development lifecycle, with integrated lineage and observability, a declarative programming model, and best-in-class testability. Your team can get up and running in minutes thanks to Dagster Cloud, an enterprise-class hosted solution that offers serverless and hybrid deployments, enhanced security, and on-demand ephemeral test deployments. Go to dataengineeringpodcast.com/dagster today to get started. Your first 30 days are free! Data lakes are notoriously complex. For data engineers who battle to build and scale high quality data workflows on the data lake, Starburst powers petabyte-scale SQL analytics fast, at a fraction of the cost of traditional methods, so that you can meet all your data needs ranging from AI to data applications to complete analytics. Trusted by teams of all sizes, including Comcast and Doordash, Starburst is a data lake analytics platform that delivers the adaptability and flexibility a lakehouse ecosystem promises. And Starburst does all of this on an open architecture with first-class support for Apache Iceberg, Delta Lake and Hudi, so you always maintain ownership of your data. Want to see Starburst in action? Go to dataengineeringpodcast.com/starburst and get $500 in credits to try Starburst Galaxy today, the easiest and fastest way to get started using Trino. Your host is Tobias Macey and today I'm interviewing Oren Eini about the work of designing and building a NoSQL database engine

Interview

Introduction How did you get involved in the area of data management? Can you describe what constitutes a NoSQL database?

How have the requirements and applications of NoSQL engines changed since they first became popular ~15 years ago?

What are the factors that convince teams to use a NoSQL vs. SQL database?

NoSQL is a generalized term that encompasses a number of different data models. How does the underlying representation (e.g. document, K/V, graph) change that calculus?

How have the evolution in data formats (e.g. N-dimensional vectors, point clouds, etc.) changed the landscape for NoSQL engines? When designing and building a database, what are the initial set of questions that need to be answered?

How many "core capabilities" can you reasonably design around before they conflict with each other?

How have you approached the evolution of RavenDB as you add new capabilities and mature the project?

What are some of the early decisions that had to be unwound to enable new capabilities?

If you were to start from scratch today, what database would you build? What are the most interesting, innovative, or unexpected ways that you have seen RavenDB/NoSQL databases used? What are the most interesting, unexpected, or challenging lessons t

Retrieval Augmented Generation (RAG) is a powerful technique to provide real time, domain-specific context to the LLM to improve accuracy of responses. RAG doesn't require the addition of sensitive data to the model, but still requires application developers to address security and privacy of user and company data. In this session, you will learn about security implications of RAG workloads and how to architect your applications to handle user identity and to control data access.

Click the blue “Learn more” button above to tap into special offers designed to help you implement what you are learning at Google Cloud Next 25.

In this session, we'll dive into deploying Java apps using Google Cloud's serverless platform. Designed for Java developers, it offers practical insights into consideration, challenges, tips and tricks for deploying JVM applications in Serverless platforms. We’ll also cover other best practices across different part of the application lifecycle, such as CI/CD pipelines, security, and observability. Through interactive demos, learn to build, secure, and monitor Java applications efficiently.

Click the blue “Learn more” button above to tap into special offers designed to help you implement what you are learning at Google Cloud Next 25.

Which software vulnerabilities in my cloud environment pose the greatest risk, and how do I fix them quickly? What’s the best way to prevent over-permissioned identities from leading to unauthorized cloud access? Join this technical session and learn how new vulnerability response and cloud identity and entitlement management capabilities in Security Command Center can help strengthen your overall risk posture.

Click the blue “Learn more” button above to tap into special offers designed to help you implement what you are learning at Google Cloud Next 25.

Plan, migrate, and deploy your mission-critical SAP workloads on Google Cloud’s highly available, secure, and scalable certified infrastructure. In this technical session, learn how our customers use SAP-specific tools and infrastructure to improve availability, performance, and security based on proven best practices. Post-deployment, learn how customers use Google Cloud’s SAP-optimized workload management tools to ensure smooth, efficient operations of and continuously high availability for their SAP applications.

Click the blue “Learn more” button above to tap into special offers designed to help you implement what you are learning at Google Cloud Next 25.

This session offers a hands-on guide to building your first generative AI application within the secure and controlled infrastructure of Google Distributed Cloud Hosted. Explore the potential of generative AI while ensuring data security and meeting compliance requirements in air-gapped settings.

Click the blue “Learn more” button above to tap into special offers designed to help you implement what you are learning at Google Cloud Next 25.

Cyberattacks are rising, and businesses need to protect themselves in the cloud. In this session, we’ll discuss the latest trends in cloud security and how businesses can integrate security services in the cloud to mitigate risks. We’ll also hear from a panel of cybersecurity experts from Exabeam and Palo Alto Networks whose expertise and services will optimize your security posture, drive business value, and keep you ahead of emerging threats. Tap into a wealth of cybersecurity knowledge to get the most out of your investment.

Click the blue “Learn more” button above to tap into special offers designed to help you implement what you are learning at Google Cloud Next 25.

API attacks are on the rise, threatening your applications and sensitive data. Apigee's Advanced API Security helps detect API abuses with machine learning models training on a corpus of traffic from Google’s services like YouTube. Join us in this session to learn how Apigee customizes these models for each customer to improve precision in detecting malicious activity.

Click the blue “Learn more” button above to tap into special offers designed to help you implement what you are learning at Google Cloud Next 25.

Web Security Scanner identifies security vulnerabilities in your App Engine, Google Kubernetes Engine (GKE), and Compute Engine web applications. This service crawls your application, following all links within the scope of your starting URLs, and attempts to exercise as many user inputs and event handlers as possible. It can automatically scan and detect four common vulnerabilities, including cross-site-scripting (XSS), flash injection, mixed content (HTTP in HTTPS), and outdated/insecure libraries. In this spotlight lab, you will use Web Security Scanner—one of Security Command Center's built-in services—to scan a Python Flask application for vulnerabilities.

Click the blue “Learn more” button above to tap into special offers designed to help you implement what you are learning at Google Cloud Next 25.

IHG Hotels & Resorts, managing 6,500+ hotels across 19 brands, faced data challenges amidst rapid growth. Cognizant & Google Cloud helped modernize their infrastructure. Using Data Fusion & migration tools, 320TB of data moved from Teradata to BigQuery, enabling scalability, security, and advanced analytics. This laid the foundation for IHG's future growth and empowers data-driven decision-making. Please note: seating is limited and on a first-come, first served basis; standing areas are available. By attending this session, your contact information may be shared with the sponsor for relevant follow up for this event only.

Click the blue “Learn more” button above to tap into special offers designed to help you implement what you are learning at Google Cloud Next 25.

This session discusses how to secure user-to-application communications in a multicloud environment using Google’s Cross-Cloud Network cloud-first integration of Secure Access Service Edge (SASE) solutions. We will discuss how the cloud-first integration of Secure Service Edge (SSE) stacks optimizes the performance, effectiveness, and operations of the stack, and illustrate this with a demo. We will study a customer design for a multi-regional multicloud deployment securing users accessing public and private applications from any location.

Click the blue “Learn more” button above to tap into special offers designed to help you implement what you are learning at Google Cloud Next 25.

Serverless is a new paradigm – and sometimes a scary one when it’s disruptive. We'll cover all the security aspects of a traditional web application about network routing, public exposure, secret management, and more. In this session you’ll learn how to increase your security posture in a serverless environment and will be able to apply its implementation in your next serverless application.

Click the blue “Learn more” button above to tap into special offers designed to help you implement what you are learning at Google Cloud Next 25.

Feeling overwhelmed by multicloud security? Ditch the complexity and attend this fast-paced session for a refreshing perspective. Learn seven powerful multicloud security strategies in this session that touch on the usage of built-in guardrails, security of data across realms, choosing the right tools, automation of security processes, risk and threat assessments, and enabling your cloud team with the right skill set. You’ll leave with some actionable steps that you can take to ensure security of multicloud deployments.

Click the blue “Learn more” button above to tap into special offers designed to help you implement what you are learning at Google Cloud Next 25.

This lecture delves into the evolution from LLMOps to GenOps, showcasing how the GenOps solution revolutionizes Generative AI with its cutting-edge security and governance framework powered by Google Cloud. It highlights the necessity of continuous security throughout the AI lifecycle and the strategic integration of ethical guidelines and compliance measures, ensuring safe, compliant, and efficient AI operations. By attending this session, your contact information may be shared with the sponsor for relevant follow up for this event only.

Click the blue “Learn more” button above to tap into special offers designed to help you implement what you are learning at Google Cloud Next 25.

This talk will focus on understanding what CNAPP is and its major pillars for cloud infrastructure and application security. Explore why a ״shift-right״ security approach and runtime insights are crucial for dynamic, modern cloud-native security that effectively consolidates Devs, Sec & Ops contextual analysis from runtime to code. By attending this session, your contact information may be shared with the sponsor for relevant follow up for this event only.

Click the blue “Learn more” button above to tap into special offers designed to help you implement what you are learning at Google Cloud Next 25.