From e0128491c87082ecf6993f3eeea9f621af5232ff Mon Sep 17 00:00:00 2001 From: rossbuggins Date: Fri, 2 Feb 2024 14:36:11 +0000 Subject: [PATCH] lock down --- ndc-ldn-2024/readme.md | 28 ++++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) diff --git a/ndc-ldn-2024/readme.md b/ndc-ldn-2024/readme.md index 42fe068..4f74c76 100644 --- a/ndc-ldn-2024/readme.md +++ b/ndc-ldn-2024/readme.md @@ -534,6 +534,8 @@ https://ndclondon.com/agenda/tracking-aircraft-with-streams-software-defined-rad ## Keynote: Transformers: The Rise of ChatGPT +13 + ![rise chat gpt](rise-gpt.jpg) - kesha Williams @@ -596,6 +598,8 @@ Went to end of what’s new in net 8 ## How GitHub delivers GitHub using GitHub +13 / 21 + - April Edwards - been at GitHub for 11 months - at ms before @@ -613,10 +617,34 @@ Went to end of what’s new in net 8 ## Keep your nose out of it. Denying yourself access to production +1: 5 +- Glenn +- why block yourself: +- blamability. You can’t touch it so can’t be blamed. Arse cover. +- criminal users at work +- criminal external +- limit attack surface +- explicit and auditable +- big shop Vs small shop, governance +- need to keep some agility. Deploying. +- zero trust. Assume breach. +- least privileged access +- application segmation, fits with microservices. Only have access to your part. +- azure managed identities, only can ever be assigned to a service. +- push logs out of prod that don’t have PII. +- just in time access +- azure PIM, request access for a set amount of time for certain resources, with reason specified and approval process. +- immutable ledgers for audit logs +- make a tool for it 😊 + ## Co-Create: Creating Better Together +- todo: watch online + ## How JavaScript Happened: A Short History of Programming Languages +- todo: watch online + # general notes - implement org or arch wide RFC process