Name: Best practices for securing open source
Start: 2020-10-07T15:00:00Z
End: 2020-10-07T15:00:39.000Z
Location: BrightTALK
Rating: 5

Get the most in depth information about the Ubuntu technology and services from Canonical. 

Learn why Ubuntu is the preferred Linux platform and how Canonical can help you make the most out of your Ubuntu environment.

In this walkthrough, Canonical Product Managers describe how to bring Entra ID authentication on Ubuntu Desktop at scale with Landscape, Authd, and cloud-init.

This talk will cover:
– A brief introduction of Authd, the new OIDC authentication daemon for Ubuntu.
– Authd’s capabilities and how to configure it for single sign on with Entra ID.
– How to automate Authd configuration using cloud-init.
– Landscape, what it is, and how it can be used to facilitate the above configuration and automation.
– How to take this solution into production using the additional security and compliance controls available with Ubuntu Pro.

Entra ID authentication on Ubuntu Desktop at scale with Landscape

Find out how you can apply a Defense in Depth approach with Ubuntu.

Ubuntu’s security offerings are much more than just a collection of tools: they are an ecosystem of layered defenses, each tuned to address specific threat levels and attacker capabilities. By understanding the unique threats each layer counters, you can make informed choices about which defenses are most important for your environment.


In this webinar, we will journey through the landscape of the security primitives and solutions that make up Ubuntu’s security in depth strategy, all through the lens of computational security:

Swift vulnerability response: Address known threats with Extended Security Maintenance, ensuring rapid patching and protection
Zero-day threat containment with AppArmor: Restrict applications to the bare minimum access they need, stopping attackers in their tracks
Regulated industry standards: FIPS-compliant cryptography and CIS benchmarks deliver system hardening tailored to your needs
Boot-level protection: Secure Boot enforces verified code execution, while Full Disk Encryption (FDE) protects sensitive data at rest
Next-gen isolation with confidential VMs: Technologies like Intel TDX and AMD SEV SNP create CPU-level isolation, safeguarding data even against hypervisor compromise or insider threats

What is Defense in Depth and how can you apply it with Ubuntu?

In today's dynamic business landscape, organizations need to be agile and responsive to changing demands. A robust VDI solution can be a game-changer, enabling you to empower your workforce and optimize your IT infrastructure. 

In this webinar on HPE Solutions for VDI with Canonical MicroCloud and HP Anyware, we will address the modern workspace challenges organizations face today. From strengthening security against data breaches and cyberattacks to optimizing IT infrastructure costs and empowering employees with seamless remote and BYOD experiences, our solution delivers unmatched performance and reliability. The solution is designed to redefine virtual desktop infrastructure (VDI) and elevate your workforce productivity while keeping costs and risks in check.

Learn more about the modern workforce challenges and how you can enhance security, improve scalability and get greater flexibility with HPE, Canonical and HP Anyware.

Unleash new ways of working with flexible, cost-effective VDI

Ensure data security and privacy in AI applications that employ Large Language Models (LLMs).

About the Webinar
As generative AI becomes increasingly vital for enterprises – especially in applications such as chatbots utilizing Retrieval-Augmented Generation (RAG) systems – ensuring the security and confidentiality of data within these frameworks is essential.

Our upcoming genAI security webinar will address the significant challenges related to data security and privacy in AI applications that employ Large Language Models (LLMs).

During this webinar, we will introduce confidential computing as a method for safeguarding data, with a specific focus on its application within RAG systems for securing data during usage or processing. Additionally, we will outline best practices for implementing confidential computing in AI environments, ensuring that data remains protected while still enabling advanced AI capabilities.

Learn more or contact our team: https://canonical.com/data

GenAI security with confidential computing

Join our technical demo where Andreea Munteanu, AI/ML Product Manager and Kimonas Sotirchos, Kubeflow Software Engineer, will:

* Talk about key considerations when building machine learning pipelines
* Learn how to build ML pipelines using Kubeflow
* Give insight of some best practices when using Kubeflow pipelines

More information about the webinar: 

Machine Learning Operations is a new practice that ensures machine learning projects run in an automated and reproducible manner. It is often described as DevOps for machine learning, since it brings together ML development and the operations that are required afterwards to maintain any ML initiative. MLOps has three core components: data pipelines, model pipelines and applications pipelines, which developers are often looking to optimize.

What are ML pipelines?

ML pipelines refer to the pipelines of all three components of the machine learning lifecycle and enable developers to automate ML workloads, streamlining the process of taking models to production. They are a foundational aspect to scaling machine learning projects and running them in a more effective manner.

There are multiple ways to build ML pipelines. Open source tools such as Kubeflow are an easy option, as they have already built the engine to perform such tasks. Kubeflow Pipelines are one of Kubeflow’s components which can be used to build ML pipelines.

Learn more or contact our team: https://canonical.com/solutions/ai

Build your machine learning pipeline with Kubeflow

Join is for a deep dive into group replication, clusterSet, and multi-cloud database architectures.

About the Webinar

Public cloud providers offer convenient services for database deployments. However, depending solely on a single provider's database-as-a-service can result in vendor lock-in and reduce your system’s resilience against widespread outages affecting the provider.
Instead, explore our approach to deploying MySQL across multiple clouds. A multi-cloud database strategy enables you to retain control of your infrastructure while enhancing overall resiliency and leveraging the unique strengths of each cloud provider.

Register to our webinar and learn more about:
MySQL Group replication
MySQL ClusterSet technology  
Our reference architecture for multi-cloud MySQL deployments

Learn more or contact our team: https://canonical.com/data/mysql

Navigating multi-cloud database deployments with MySQL for maximum uptime

Automotive is a highly regulated industry going through important changes towards software-defined vehicles (SDVs). Innovation is vital to meeting the new challenges and demands of the automotive industry as it evolves around software-defined vehicles – but this innovation cannot come at the expense of vehicle safety and cybersecurity. 

Canonical’s teams of support engineers, software developers and customer success professionals, have allowed us unique insights into the challenges that modern automotive leaders face. Join our upcoming webinar to learn from our experiences in supporting and enabling automotive software security and innovation.

Spotlight on automotive: Ensuring business continuity and long-term customer success

We’ve all heard the anecdotes of data scientists spending more time on tooling than ML models. There is no smoke without fire, right? The truth is AI/ML practitioners struggle with their environments for various reasons, including tooling fragmentation, package dependencies and access to computing power.

Data Science Stack (DSS) is an out-of-the-box solution for data scientists and machine learning engineers, published by Canonical. It is a ready-made environment for ML enthusiasts that enables them to develop and optimize models without spending time on the necessary underlying tooling. It is designed to run on any AI workstation that runs Ubuntu, maximizing the GPU’s capability and simplifying its usage.

Join us for this webinar to learn more about data science tools, with a focus on DSS and its capabilities. During the webinar, Michal Hucko, MLOps engineer at Canonical and Andreea Munteanu, AI & MLOps Product Manager, will talk about:

- Key considerations when getting started with data science
- Data science through the open source lens
- Deep dive into Data science stack (DSS)
- Demo of the DSS
- Prepare your questions and join us live to get insights into how DSS improves the developer experience for data science and ML projects on Ubuntu.

Learn more or contact our team: https://ubuntu.com/ai/data-science

Introducing Canonical Data Science Stack GA: set up an ML environment with 3 commands on Ubuntu

Are you facing challenges delivering and maintaining secure and compliant desktop environments to employees worldwide on your AWS environment? Traditional VDI solutions can be complex and expensive. Ubuntu Desktop on Amazon WorkSpaces offers a streamlined, cost-effective alternative. By logging into a desktop from any device, you can ensure consistent access to your applications and data, while maintaining the highest security standards. 

Ubuntu on WorkSpaces benefits from Ubuntu Pro which include access to Canonical’s Landscape solution. Landscape is a powerful management tool that simplifies the administration of Ubuntu Pro instances on Amazon WorkSpaces at scale. It automates critical tasks like configuration management, patching, auditing, access control, and compliance, enabling your systems to remain secure, compliant and up to date. Whether you're dealing with well-connected or air-gapped environments, Landscape offers flexible deployment options.

In this webinar, we will explore how Landscape can help streamline the management capabilities required to support a distributed, remote workforce utilizing Ubuntu on Amazon WorkSpaces.

Simplifying Ubuntu Desktop Management on Amazon WorkSpaces with Canonical Landscape

Developing an AAOS-based system comes with challenges like hardware dependencies, logistical delays and the need for vehicle and OEM specific customisation. Join us for an exclusive webinar where we explore how Anbox Cloud is solving these challenges and transforming the world of Android Automotive development. Designed to streamline and enhance the development process, Anbox Cloud enables developers to efficiently deploy, test, and scale Android apps across various configurations, eliminating the traditional hardware dependencies that slow down the development process.

Unleashing Android Automotive development with Anbox Cloud

OpenSearch is an open source search and analytics suite that developers use to build solutions for search, data observability, data ingestion, Security Event and Information Management (SIEM), vector databases, and more. It is designed for scalability, offering powerful full-text search capabilities and supporting various data types, including structured and unstructured data.
This webinar is designed to introduce participants to the basics of OpenSearch, a powerful and flexible search engine, and OpenSearch Dashboards, the associated analytics and visualisation platform.

By the end of this webinar, you will be able to:
-- Understand the basic architecture and core concepts of OpenSearch
-- Set up and configure an OpenSearch cluster
-- Install and navigate OpenSearch Dashboards
-- Create and customise dashboards to visualise data effectively
-- OpenSearch in production best practices
-- How to make it easier for you to manage OpenSearch in production

This webinar has been made for:
-- Developers who want to implement search functionality in their applications
-- Data Analysts looking to create visualisations and gain insights from large datasets
-- System Administrators responsible for managing and scaling search clusters
-- Business Intelligence Professionals interested in exploring new tools for data analysis

Learn more: https://canonical.com/data/opensearch

Getting started with OpenSearch (search engine) and OpenSearch Dashboard

AI is at the forefront of innovation. It changes the shape of all industries, challenging organisations to rethink their processes and adjust their infrastructure. Enterprises are looking nowadays to leverage their  existing computing power to accelerate model training and use tools such as Kubernetes for container orchestration or Kubeflow for workload automation in order to move their ML projects to production. 

In this webinar, you will:
- Learn what are the challenges with running AI on top of K8s
- Learn how to schedule your ML workloads
- Discover why K8s is a good fit for AI projects
- Leverage Kubernetes operators and schedulers to accelerate project delivery
- Understand better the cloud-native applications ecosystem and how it enhances AI/ML projects
- Have a clear path of taking ML projects to production with a fully open source solution

Learn more or contact our team: https://canonical.com/solutions/ai/infrastructure

Optimise your ML workloads on Kubernetes

Are you a .NET developer looking to optimise your development and deployment processes? Join our exclusive webinar, where we dive deep into the seamless integration of .NET on Ubuntu, offering you the tools and insights needed to enhance your development experience.

Join this webinar to learn more about:
- Expert Guidance: Learn directly from industry experts at Canonical and Microsoft who have spearheaded the integration of .NET on Ubuntu.
- .NET on Ubuntu 24.04
- What are chiselled Ubuntu containers?
- How do chiselled containers address container security challenges?
- Chiselled .NET and what it means for .NET developers
- Chiselled .NET 8 demo

Accelerate .NET development and deployment on Ubuntu

The Cyber Resilience Act (CRA) is a European Union legislation that will enter into force in 2027. Its overall goal is to make devices safer by implementing more rigorous cybersecurity, documentation, and vulnerability reporting requirements for the IT industry. The CRA is especially relevant for device manufacturers, who will need to ensure devices are secure throughout the product lifecycle. 

Join us for a 45 minute webinar, where Joao Pezzato Hellmeister and Jean-Charles Verdié will share insights on how this regulation will impact device manufacturers and how Canonical’s Ubuntu Pro for Devices can help you ensure compliance. 

We will zoom into:
- An overview of the vulnerability management obligations mandated by the CRA and what they mean for your software stack
- Implications for device management
- How a hardened attack surface can help you minimise threats and simplify compliance

Understand how the Cyber Resilience Act will impact device manufacturers

The Cyber Resilience Act is an upcoming European Union legislation that aims to implement more rigorous cybersecurity commitments, documentation, and vulnerability reporting requirements for the IT industry. The legislation would apply to developers, distributors, manufacturers and retailers of hardware, devices, software, applications, and other “products with digitally connected elements” sold within the EU. The requirements you need to meet depend on the CRA classification of products. 

Although the regulation does not enter into force until 2027, organisations need to start preparing now. Join us for a 30-minute webinar to understand how this new regulatory framework will impact the compliance landscape, and what it could mean for you. We will delve into the CRA’s 4 key obligations:

1. Risk Assessment
2. Documentation
3. Conformity assessment
4. Vulnerability reporting

We will also provide recommended actions so you can implement a roadmap for compliance in your organisation.

What is the Cyber Resilience Act?

In this webinar, Henry Coggill will showcase USG (the Ubuntu Security Guide) and demonstrate how it can automate compliance requirements. We will discuss the hardening profiles that are available, including DISA-STIG and CIS benchmarks, then cover setting up and configuring the tool and demonstrate the configuration options that you can make for maximum security and coverage of the STIG rules.

USG is available with an Ubuntu Pro subscription, and we will show you what extra features and capabilities that are included with Pro, such as extended security vulnerability patching and FIPS-140 certified crypto modules.

STIG hardening on Ubuntu 22.04 with Ubuntu Security Guide

Data lake is a very large scale data processing paradigm that disrupts the conventional data warehousing model. Data warehouses require all data to be structured and stored in a relational database, which can be inflexible and may require significant upfront data processing using extract-transform-load (ETL) technologies.

Data lakes can offer greater flexibility whilst retaining the benefits and efficiency of centralised data governance. With Canonical OpenStack private cloud platform, Kubernetes and Charmed Spark solutions, your data lake architecture can also benefit from extended flexibility and scalability whilst remaining cost effective to operate.

Join this webinar to learn more about the benefits of the data lake architecture, and how you can efficiently adopt this technology at scale using modern private cloud technology.

Learn more or contact our team: https://canonical.com/data/spark

A data lake on your cloud with Spark, Kubernetes and OpenStack

Confidential computing is a revolutionary technology that disrupts the conventional threat model of public clouds. In the past, vulnerabilities within the extensive codebase of the cloud’s privileged system software, including the operating system and hypervisor, could pose a constant risk to the confidentiality and integrity of code and data in operation. Likewise, unauthorized access by a cloud administrator could compromise the security of your virtual machine (VM). 

To protect your data and code against such threats on Google Cloud, Ubuntu Confidential VMs (CVMs) offer enhanced security for your workloads by utilizing hardware-protected Trusted Execution Environments (TEEs). To achieve such strong security guarantees, Ubuntu Confidential VMs build on Intel’s innovations at the silicon level, and the foundation laid by Intel(R) Trust Domain Extensions (Intel(R) TDX), now available through Google Cloud.  Ubuntu also offers further primitives to further secure your CVMs at rest, and offer a strong remote attestation.

Come join this webinar to learn about the great engineering that goes into making Ubuntu confidential VMs with Intel TDX on Google Cloud, and how you use them to implement a zero trust strategy for your security-sensitive application.

Exploring Ubuntu Confidential VMs with Intel TDX on Google Cloud

As Ubuntu is an open source OS of-choice across Linux machines, containers, public cloud and on-prem infrastructure platforms, like OpenStack, it is crucial to keep teams using our technology secure and compliant. The Ubuntu Security Team has 15 years of experience in securing open source technologies. From building and assessing security from the ground up, to prioritising vulnerabilities to patch management - we’ve learned a thing or two over the years.

In this webinar you will learn:
- Common security and compliance issues with open source
- Five best practices the Ubuntu Security Team implements
- How you can ensure the security integrity of your Ubuntu systems

Register to see how the Ubuntu Security team operates and learn some best practices along the way.

Best practices for securing open source

Open Source

Security

Ubuntu

cybersecurity

Vulnerability Management

Vulnerabilities

Patch Management

Vulnerability Intelligence

Operating Systems

Linux

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The application development community features top thought leadership focusing on optimal practices in software development, SDLC methodology, mobile app development and application development platforms and tools. Join top software engineers and coders as they cover emerging trends in everything from enterprise app development to developing for mobile platforms such as Android and iOS.

Application Development

Enterprise applications have become a crucial piece of infrastructure for many businesses. The enterprise applications community on BrightTALK features the latest insights in enterprise application integration, enterprise application architecture and EAS software. Join the community to gain access to thousands of videos and webinars presented by recognized enterprise information systems experts and arm yourself with the knowledge you need to succeed.

Enterprise Applications

Join thousands of engaged IT professionals in the application management community on BrightTALK. Interact with your peers in relevant webinars and videos on the latest trends and best practices for application lifecycle management, application performance management and application development.

Application Management

Get powerful end user computing insights from influential EUC experts. Connect with thought leaders and colleagues to get the most up-to-date knowledge on effective approaches to get non-programmers to create working applications.

End User Computing

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Best practices for securing open source

Presented by

About this talk

More from this channel