Tag: security iam management tools

Vision for 2021

Posted on by Subhadeep Datta

Sumit Ganguli

CEO, GAVS Technologies

God, grant me the serenity to accept things, I cannot change,

Courage to change the things I can,

And the wisdom to know the difference.

The events of 2020 have reaffirmed in me the ethos conveyed by this stanza, from the Serenity Prayer.

For us, COVID has been up close and personal. One of our key clients, Bronx Care Hospital has been an epicenter of the pandemic in New York City. The doctors, staff and support staff, including GAVS’ IT support engineers have experienced the devastating effect of this pandemic, up close and personal. GAVS’ technical team supported the ICUs and patient care units at the hospitals during the peak of pandemic.

“Every day we witness these heroic acts: one example out of many this week was our own Kishore going into our ICU to move a computer without full PPE (we have a PPE shortage). The GAVS technicians who come into our hospital every day are, like our doctors and healthcare workers, the true heroes of our time.”

Ivan Durbak, CIO, BronxCare Health System

“GAVS Team was instrumental in assisting the deployment of digital contact less care solutions and remote patient monitoring solutions during the peak of COVID. Their ability to react in quick time really helped us save more lives than what we could have, with technology at the fore-front.”

Dr. Sridhar Chilimuri, Chairman, Dept. of Medicine, BronxCare Health System

The alacrity with which our colleagues in India addressed the remote working situation and the initiative that they have demonstrated in maintaining business continuity for the clients in the US have inspired us at GAVS and  have reaffirmed our belief that we are on the way to create a purposeful company.  

The biggest learning from 2020, is that we need to be mindful of the fragility of life and truly make every day count. At GAVS, we are committed to use technology and service for the betterment of our clients and our stakeholders; and anchor this with our values of Respect, Integrity, Trust and Empathy.

The year was not without some positives. Thanks to some new client acquisitions and renewed contracts we have been able to significantly expand the GAVS family and have registered a 40% growth in revenue. 

We have formed Long 80, A GAVS & Premier, Inc. JV and have started reaching out to Healthcare providers in the US. We are reaching out to some of the largest hospitals in North America offering our AI-based Infrastructure Managed Services, Cybersecurity solutions, Prescriptive and Predictive Healthcare Solutions based on Analytics.

“Moving from a vendor-only model with GAVS to a collaborative model through Long 80 expands Premier’s current technology portfolio, enabling us to offer GAVS’ technology, digital transformation and data security services and solutions to US healthcare organizations. We are extremely excited about this opportunity and look forward to our new relationship with GAVS.”

Leigh Anderson, President, Performance Services, Premier, Inc.

This year, we see the Premier team growing by an additional 120 persons to continue to support their initiative to reduce costs, improve efficiency, enhance productivity and faster time to market.

We aim to hit some milestones in our journey of enabling AI-driven Digital Transformation in the Healthcare space. We have constituted a team dedicated to achieving that.

We are contemplating on establishing the GAVS Healthcare Institute in partnership leading institutions in India and US to develop competency within GAVS in the latest technologies for the healthcare space.

GAVS is committed to being a company focused on AI, and newer technologies and promote GAVS’ AI led Technology Operations, Zero Incident Framework. In 2021, we will work on increasing our ZIF sites around the US and India.  

Based on inputs from our Customer Advisory Board, we at GAVS would like to build a competency around Client Relationship and empower our Client Success Managers to evolve as true partners of our Clients and support their aspirations and visions.  

GAVS is also making strong progress in the BFS sector and we would like to leverage our expertise in AI, Blockchain, Service Reliability and other digital technologies.

GAVS has the competency to support multiyear contracts and there will be a push to reach out to Sourcing Companies, Influencers and partners to garner these long-term predictable business.

We will continue to build competency and expertise around Innovation, and there are some initiatives that we will be putting in place to promote a Culture of Innovation and have measurable successes under Novelty of Innovation.

Our experience of 2020 has inspired us to once again remind ourselves that we should make GAVS an aspirational company, a firm that is purposeful and anchored with our values.

Container Security

Posted on by Subhadeep Datta

Anandharaj V

We live in a world of innovation and are beneficiaries of new advancements. New advancements in software technology also comes with potential security vulnerabilities.

‘Containers’ are no exception. Let us first understand what a container is and then the vulnerabilities associated with it and how to mitigate them.

What is a Container?

You might have seen containers in the shipyard. It is used to isolate different cargos which is transported via ships. In the same way, software technologies use a containerization approach.

Containers are different from Virtual Machines (VM) where VMs need a guest operating system which runs on a host operating system (OS). Containers uses OS virtualization, in which required processes, CPU, Memory, and disk are virtualized so that containers can run without a separate operating system.

In containers, software and its dependencies are packaged so that it can run anywhere whether on-premises desktop or in the cloud.

IT Infrastructure Managed Services

Source: https://cloud.google.com/containers

As stated by Google, “From Gmail to YouTube to Search, everything at Google runs in containers”.

Container Vulnerabilities and Countermeasures

Containers Image Vulnerabilities

While creating a container, an image may be patched without any known vulnerabilities. But a vulnerability might have been discovered later, while the container image is no longer patched. For traditional systems, it can be patched when there is a fix for the vulnerability without making any changes but for containers, updates should be upstreamed in the images, and then redeployed. So, containers have vulnerabilities because of the older image version which is deployed.

Also, if the container image is misconfigured or unwanted services are running, it will lead to vulnerabilities.

Countermeasures

If you use traditional vulnerability assessment tools to assess containers, it will lead to false positives. You need to consider a tool that has been designed to assess containers so that you can get actionable and reliable results.

To avoid container image misconfiguration, you need to validate the image configuration before deploying.

Embedded Malware and Clear Text Secrets

Container images are collections of files packaged together. Hence, there are chances of malicious files getting added unintentionally or intentionally. That malicious software will have the same effect as of the traditional systems.

If secrets are embedded in clear text, it may lead to security risks if someone unauthorized gets access.

Countermeasures

Continuous monitoring of all images for embedded malware with signature and behavioral detection can mitigate embedded malware risks.

 Secrets should never be stored inside of containers image and when required, it should be provided dynamically at runtime.

Use of Untrusted Images

Containers have the advantages of ease of use and portability. This capability may lead teams to run container images from a third party without validating it and thus can introducing data leakage, malware, or components with known vulnerabilities.

Countermeasures

Your team should maintain and use only trusted images, to avoid the risk of untrusted or malicious components being deployed.

Registry Risks

Registry is nothing but a repository for storing container images.

  1. Insecure connections to registries

Images can have sensitive information. If connections to registries are performed over insecure channels, it can lead to man-in-the-middle attacks that could intercept network traffic to steal programmer or admin credentials to provide outdated or fraudulent images.

You should configure development tools and containers while running, to connect only over the encrypted medium to overcome the unsecured connection issue.

  1. Insufficient authentication and authorization restrictions

As we have already seen that registries store container images with sensitive information. Insufficient authentication and authorization will result in exposure of technical details of an app and loss of intellectual property. It also can lead to compromise of containers.

Access to registries should authenticated and only trusted entities should be able to add images and all write access should be periodically audited and read access should be logged. Proper authorization controls should be enabled to avoid the authentication and authorization related risks.

Orchestrator Risks

  1. Unbounded administrative access

There are many orchestrators designed with an assumption that all the users are administrators but, a single orchestrator may run different apps with different access levels. If you treat all users as administrators, it will affect the operation of containers managed by the orchestrator.

Orchestrators should be given the required access with proper role-based authorization to avoid the risk of unbounded administrative access.

  1. Poorly separated inter-container network traffic

In containers, traffic between the host is routed through virtual overlay networks. This is managed by the orchestrator. This traffic will not be visible to existing network security and management tools since network filters only see the encrypted packets traveling between the hosts and will lead to security blindness. It will be ineffective in monitoring the traffic.

To overcome this risk, orchestrators need to configure separate network traffic as per the sensitivity levels in the virtual networks.

  1. Orchestrator node trust

You need to give special attention while maintaining the trust between the hosts, especially the orchestrator node. Weakness in orchestrator configuration will lead to increased risk. For example, communication can be unencrypted and unauthenticated between the orchestrator, DevOps personnel, and administrators.

To mitigate this, orchestration should be configured securely for nodes and apps. If any node is compromised, it should be isolated and removed without disturbing other nodes.

Container Risks

  1. App vulnerabilities

It is always good to have a defense. Even after going through the recommendations, we have seen above; containers may still be compromised if the apps are vulnerable.

As we have already seen that traditional security tools may not be effective when you use it for containers. So, you need a container aware tool which will detect behavior and anomalies in the app at run time to find and mitigate it.

  1. Rogue containers

It is possible to have rogue containers. Developers may have launched them to test their code and left it there. It may lead to exploits as those containers might not have been thoroughly checked for security loopholes.

You can overcome this by a separate environment for development, test, production, and with a role-based access control.

Host OS Risks

  1. Large attack surface

Every operating system has its attack surface and the larger the attack surface, the easier it will be for the attacker to find it and exploit the vulnerability and compromise the host operating system and the container which run on it.

You can follow the NIST SP 800-123 guide to server security if you cannot use container specific operating system to minimize the attack surface.

  1. Shared kernel

If you only run containers on a host OS you will have a smaller attack surface than the normal host machine where you will need libraries and packages when you run a web server or a database and other software.

You should not mix containers and non-containers workload on the same host machine.

If you wish to further explore this topic, I suggest you read NIST.SP.800-190.


References

About the Author –

Anandharaj is a lead DevSecOps at GAVS and has over 13 years of experience in Cybersecurity across different verticals which include Network Security, application Security, computer forensics and cloud security.

The DNA of a Good Leader (PART I)

Posted on by Subhadeep Datta

Rajeswari S

In our lives, we would have come across some people with great leadership qualities. They may not be leading a team, or an organization, but they exude an aura. They conduct themselves in a manner that sets them apart from the rest. As the debate rages on whether leaders are born, made, discovered, innovated, invented!? Let’s see what makes a person a true and admirable leader.

Generally, a good leader should be successful, progressive, and positive, must possess good personality traits, communication and delegation skills, charisma, agility, adaptability, and ability to transform the air around them by effecting positive changes.

Some people are able to bring out the best in others and that is the edge they have over others. So, let’s look beyond and list out those qualities that makes a person or YOU a quintessential leader.

  1. Be passionate: Obviously, you would think it is the dedication, commitment for one’s work to up the number of clients, revenue figures, etc. However, it is not just about that. The passion that you have which affects not only your attitude and energy but that of those around you. Your passion should spread like a wildfire and inspire action and positive change among others.

  1. Face obstacles with grace: If any leader knows exactly what a customer or market truly wants from the business, they would be hailed as no less than a God! But alas, life is always full of obstacles, and a true leader knows which battles to fight and how. Effective leaders approach roadblocks with a high level of positivity and maturity. They adopt creative problem-solving techniques that allows them to overcome situations that others might give up on.
  1. Allow honest mistakes, spot talents: An over-protected child learns nothing and cannot sail against the tides. A good leader allows their people to just GO FOR IT! Failure often provides us with some of life’s biggest learning opportunities. As uncertainty and risk are inherent to running a team or business. Some people do commendable jobs under high pressure situations. A good leader spots such resources in their team and makes the best use of their qualities.
  1. Be street smart: It’s hard to find a substitute for old-fashioned street smarts. Knowing how to trust your gut, quickly analyzing situations as well as the people you’re dealing with and knowing how-to spot a bad deal or scammer is an important aspect of leadership. Maturity and experience complement each other, and a perfect combination of this makes a great leader.
  1. Be intuitive and take ownership: Intuition is to art as logic is to math. Leadership is often about following your gut instinct. It can be difficult to let go of logic in some situations but learn to trust yourself. Having said that, if your instinct fails, leadership is also about taking ownership for what happened, learning lessons from it and NEVER TO REPEAT THE SAME MISTAKE.
  1. Understand opportunity cost: Leaders know that many situations and decisions in business involve risk and there is an opportunity cost associated with every decision you make. An opportunity cost is the cost of a missed opportunity. This is usually defined in terms of money, but it may also be considered in terms of time, man-hours, or any other finite resource. Great leaders understand the consequences of their decisions before making them.
  1. Be liked: You can respect a person who talks flamboyantly, has a brilliant mind, impeccable manners, and business skills, but do you LIKE them? A leader should not only be respected but they should also be liked. Liking a person is a not a quantifiable quality, is it? But, it can be achieved in the way a leader captains the team, spreads a positive feeling among them and make the group feel that they belong there.
  1. Laugh: Yes…you read it right. The proven routes to a person’s mind or heart is a healthy sense of humor. It works well in getting the best out of your team. Nobody likes a templated talk or expression, even if it is good news you are trying to convey. Also, effective leaders can laugh at themselves as they understand that they are also humans and can make mistakes like everyone else. Leaders who take themselves too seriously risk alienating people.

Unique brands of Leadership

A quick look at some successful CEOs, new-age entrepreneurs, and their unique leadership mantras:

  1. Satya Nadella, CEO, Microsoft

Leadership mantra: 

  • An avid reader
  • Looks beyond the Horizon
  • Makes the right move at the right time
  • Makes every second count
  • Nurture strong company culture 
  1. Nitin Saluja and Raghav Verma, Founder, Chaayos, fastest growing tea startup of India,

Leadership mantra: Give people wings to fly and they will carve out their own journey.

  1. Mukesh Ambani, Chairman & Managing director, Reliance Industries Ltd

Leadership mantra:

  • Money is not everything but important
  • Have a dream and plan to fulfill it
  • Let your work speak for itself  
  • Trust your instincts
  • Trust all, but depend on none

References:

  • https://briandownard.com,
  • https://economictimes.indiatimes.com

About the Author –

Working in IP, into Content Development with 13 years of Technical, Content and Creative Writing background. Off-work, passionate about singing, music, creative writing; love highway drive, a movie buff.

IAST: A New Approach to Finding Security Vulnerabilities

Posted on by Subhadeep Datta

Roberto Velasco
CEO, Hdiv Security

One of the most prevalent misconceptions about cybersecurity, especially in the mainstream media and also among our clients, is that to conduct a successful attack against an IT system it is necessary to ‘investigate’ and find a new defect in the target’s system.

However, for most security incidents involving internet applications, it is enough to simply exploit existing and known programming errors.

For instance, the dramatic Equifax breach could have been prevented by following basic software security best-practices, such as patching the system to prevent known vulnerabilities. That was, in fact, one of the main takeaways from the forensic investigation led by the US federal government.

One of the most important ways to reduce security risks is to ensure that all known programming errors are corrected before the system is exposed to internet traffic. Research bodies such as the US NIST found that correcting security bugs early on is orders of magnitude cheaper than doing so when the development has been completed.

When composing a text in a text editor, the spelling and grammar corrector highlights the mistakes in the text. Similarly, there are security tools known as AST (Application Security Testing) that find programming errors that introduce security weaknesses. ASTs report the file and line where the vulnerability is located, in the same way, that a text editor reports the page and the line that contains a typo.

In other words, these tools allow developers to build software that is largely free of security-related programming errors, resulting in more secure applications.

Just like it is almost impossible to catch all errors in a long piece of text, most software contains many serious security vulnerabilities. The fact that some teams do not use any automated help at all, makes these security weaknesses all the most prevalent and easy to exploit.

Let’s take a look at the different types of security issue detection tools also known as ASTs, or vulnerability assessment tools, available in the market.

The Traditional Approach

Two mature technologies capture most of the market: static code analysis (SAST) and web scanners (dynamic analysis or DAST). Each of these two families of tools is focused on a different execution environment.

The SAST static analysis, also known as white-box analysis because the tool has access to the source code of the application, scans the source code looking for known patterns that indicate insecure programming that could lead to a vulnerability.

The DAST dynamic analysis replicates the view of an attacker. At this point, the tool executes hundreds or thousands of queries against the application designed to replicate the activity of an attacker to find security vulnerabilities. This is a black-box analysis because the point of view is purely external, with no knowledge of the application’s internal architecture.

The level of detail provided by the two types of tools is different. SAST tools provide file and line where the vulnerability is located, but no URL, while DAST tools provide the external URL, but no details on the location of the problem within the code base of the application. Some teams use both tools to improve visibility, but this requires long and complex triaging to manage the vulnerabilities.

The Interactive AST Approach

The Interactive Application Security Testing (IAST) tools combine the static approach and the dynamic approach. They have access to the internal structure of the application, and to the way it behaves with actual traffic. This privileged point of view is ideal to conduct security analysis.

From an architecture point of view, the IAST tools become part of the infrastructure that hosts the web applications, because an IAST runs together with the application server. This approach is called instrumentation, and it is implemented by a component known as an agent. Other platforms such as Application Performance Monitoring tools (APMs) share this proven approach.

Once the agent has been installed, it incorporates automatic security sensors in the critical execution points of the application. These sensors monitor the dataflow between requests and responses, the external components that the application includes, and data operations such as database access. This broad-spectrum coverage is much better than the visibility that SAST and DAST rely on.

In terms of specific results, we can look at two important metrics – how many types of vulnerabilities the tool finds, and how many of the identified vulnerabilities are false positives. Well, the best DAST is able to find only 18% of the existing vulnerabilities on a test application. And even worse, around 50% of the vulnerabilities reported by the best SAST static analysis tool are not true problems!

IT Automation with AI

Source: Hdiv Security via OWASP Benchmark public result data

The IAST approach provides these tangible benefits:

  1. Complete coverage, because the entire application is reviewed, both the custom code and the external code, such as open-source components and legacy dependencies.
  2. Flexibility, because it can be used in all environments; development, quality assurance (QA), and production.
  3. High accuracy, because the combination of static and dynamic point of views allow us to find more vulnerabilities with no false positives.
  4. Complete vulnerability information, including the static aspects (source code details) and dynamic aspects (execution details).
  5. Reduction of the duration of the security verification phase, so that the time-to-market of the secure applications is shorter.
  6. Compatible with agile development methodologies, such as DevSecOps, because it can be easily automated, and reduces the manual verification activities

IAST tool can add tons of value to the security tooling of any organization concerned with the security of the software.

In the same way that everyone uses an automated spell checker to find typos in a document, we believe that any team would benefit from an automated validation of the security of an application.

However, the AST does not represent a security utopia, since they can only detect security problems that follow a common pattern.

About the Author –

Roberto Velasco is the CEO of Hdiv Security. He has been involved with the IT and security industry for the past 16 years and is experienced in software development, software architecture and application security across different sectors such as banking, government and energy. Prior to founding Hdiv Security, Roberto worked for 8 years as a software architect and co-founded ARIMA, a company specialized in software architecture. He regularly speaks at Software Architecture and cybersecurity conferences such as Spring I/O and APWG.eu.

Quantum Computing

Posted on by Subhadeep Datta
Vignesh Ramamurthy

Vignesh Ramamurthy

In the MARVEL multiverse, Ant-Man has one of the coolest superpowers out there. He can shrink himself down as well as blow himself up to any size he desires! He was able to reduce to a subatomic size so that he could enter the Quantum Realm. Some fancy stuff indeed.

Likewise, there is Quantum computing. Quantum computers are more powerful than supercomputers and tech companies like Google, IBM, and Rigetti have them.

Google had achieved Quantum Supremacy with its Quantum computer ‘Sycamore’ in 2019. It claims to perform a calculation in 200 seconds which might take the world’s most powerful supercomputer 10,000 years. Sycamore is a 54-qubit computer. Such computers need to be kept under special conditions with temperature being close to absolute zero.

quantum computing

Quantum Physics

Quantum computing falls under a discipline called Quantum Physics. Quantum computing’s heart and soul resides in what we call as Qubits (Quantum bits) and Superposition. So, what are they?

Let’s take a simple example, imagine you have a coin and you spin it. One cannot know the outcome unless it falls flat on a surface. It can either be a head or a tail. However, while the coin is spinning you can say the coin’s state is both heads and tails at the same time (qubit). This state is called Superposition.

  • Quantum Physics

So, how do they work and what does it mean?

We know bits are a combination of 0s and 1s (negative or positive states). Qubits have both at the same time. These qubits, in the end, pass through something called “Grover Operator” which washes away all the possibilities, but one.

Hence, from an enormous set of combinations, a single positive outcome remains, just like how Doctor Strange did in the movie Infinity War. However, what is important is to understand how this technically works.

We shall see 2 explanations which I feel could give an accurate picture on the technical aspect of it.

In Quantum Mechanics, the following is as explained by Scott Aaronson, a Quantum scientist from the University of Texas, Austin.

Amplitude – an amplitude of a positive and a negative state. These could also be considered as an amplitude for being 0, and also an amplitude for being 1. The goal for an amplitude here is to make sure that amplitudes leading to wrong answers cancel each other out. Hence this way, amplitude with the right answer remains the only possible outcome.

Quantum computers function using a process called superconductivity. We have a chip the size of an ordinary computer chip. There are little coils of wire in the chip, nearly big enough to see with the naked eye. There are 2 different quantum states of current flowing through these coils, corresponding to 0 and 1, or the superpositions of them.

These coils interact with each other, nearby ones talk to each other and generate a state called an entangled state which is an essential state in Quantum computing. The way qubits interact are completely programmable, so we can send electrical signals to these qubits, and tweak them according to our requirements. This whole chip is placed in a refrigerator with a temperature close to absolute zero. This way superconductivity occurs which makes it to briefly behave as qubits.

Following is the explanation given according to ‘Kurzgesagt — In a Nutshell’, a YouTube channel.

We know a bit is either a 0 or 1. Now, 4 bits mean 0000 and so on. In a qubit, 4 classical bits can be in one of the 2^4 different configurations at once. That is 16 possible combinations out of which we can use just one. 4 qubits in position can be in all those 16 combinations at once.

This grows exponentially with each extra qubit. 20 qubits can hence store a million values in parallel. As seen, these entangled states interact with each other instantly. Hence while measuring one entangled qubit, we can directly deduce the property of its partners.

A normal logic gate gets a simple set of inputs and produces one definite output. A quantum gate manipulates an input of superpositions, rotates probabilities, and produces another set of superpositions as its output.

Hence a quantum computer sets up some qubits, applies quantum gates to entangle them, and manipulates probabilities. Now it finally measures the outcome, collapsing superpositions to an actual sequence of 0s and 1s. This is how we get the entire set of calculations performed at the same time.

What is a Grover Operator?

We now know that while taking one entangled qubit, it is possible to easily deduce properties for all the partners. Grover algorithm works because of these quantum particles being entangled. Since one entangled qubit is able to vouch for the partners, it iterates until it finds the solution with higher degrees of confidence.

What can they do?

As of now, quantum computing hasn’t been implemented in real-life situations just because the world right now doesn’t have such an infrastructure.

Assuming they are efficient and ready to be used. We can make use of it in the following ways: 1) Self-driving cars are picking up pace. Quantum computers can be used on these cars by calculating all possible outcomes on the road. Apart from sensors to reduce accidents, roads consist of traffic signals. A Quantum computer will be able to go through all the possibilities of how traffic signals

  • Best Cyber Security Services Companies

function, the time interval, traffic, everything, and feed these self-driving cars with the single best outcome accordingly. Hence, what would result is nothing but a seamless commute with no hassles whatsoever. It’ll be the future as we see in movies.

2) If AI is able to construct a circuit board after having tried everything in the design architecture, this could result in promising AI-related applications.

Disadvantages

RSA encryption is the one that underpins the entire internet. It could breach it and hackers might steal top confidential information related to Health, Defence, personal information, and other sensitive data. At the same time, it could be helpful to achieve the most secure encryption, by identifying the best one amongst every possible encryption. This can be made by finding out the most secure wall to break all the viruses that could infect the internet. If such security is made, it would take a completely new virus to break it. But the chances are very minuscule.

Quantum computing has its share of benefits. However, this would take years to be put to use. Infrastructure and the amount of investment to make is humongous. After all, it could only be used when there are very reliable real-time use cases. It needs to be tested for many things. There is no doubt that Quantum Computing will play a big role in the future. However, with more sophisticated technology, comes more complex problems. The world will take years to be prepared for it.

References:

About the Author –

Vignesh is part of the GAVel team at GAVS. He is deeply passionate about technology and is a movie buff.

Business Intelligence Platform RESTful Web Service

Posted on by Subhadeep Datta

Albert Alan

Restful API

RESTful Web Services are REST architecture based web services. Representational State Transfer (REST) is a style of software architecture for distributed systems such as the World Wide Web. In this architectural style, data and functionality is considered resources and are accessed using Uniform Resource Identifiers (URIs), typically links on the Web.

RESTful Web Service

REST has some advantages over SOAP (Simple Objects Access Protocol) but is similar in technology since it is also a function call via HTTP protocol. REST is easier to call from various platforms, transfers pure human-readable data in JSON or XML and is faster and saves resources.

In the basic idea of REST, an object is accessed via REST, not its methods. The state of the object can be changed by the REST access. The change is caused by the passed parameters. A frequent application is the connection of the SAP PI via the REST interface.

When to use Rest Services

  • You want to access BI platform repository objects or perform basic scheduling.
  • You want to use a programming language that is not supported by another BI platform SDK.
  • You want to extract all the query details and number of records per query for all the reports like Webi and Crystal, etc.
  • You want to extract folder path of all reports at once.

Process Flow

RESTful Web Service

RESTful Web Service Requests

To make a RESTful web service request, you need the following:

  • URL – The URL that hosts the RESTful web service.
  • Method – The type of HTTP method to use for sending the request, for example GET, PUT, POST, or DELETE.
  • Request header – The attributes that describe the request.
  • Request body – Additional information that is used to process the request.

Common RWS Error Messages

RESTful Web Service

Restful Web Service URIs Summary List

URLResponseComments
  /v1Service document that contains a link to the /infostore API.This is the root level of an infostore resource
  /v1/infostoreFeed contains all the objects in BOE system/v1/infostore
  /v1/infostore/ <object_id>Entry corresponding to the info object with SI_ID=./v1/infostore/99
      /v1/logon/longReturns the long form for logon, which contains the user and password authentication template.Used to logon to the BI system based on the authentication method.
  /v1/users/ <user_id>  XML feed of user details in BOE systemYou can Modify user using PUT method and DELETE user using DELETE method.
    /v1/usergroups/ <usergroup_id>    XML feed of user group details in BOE systemSupport GET and PUT and DELETE method. You can Modify user group using PUT method and DELETE user group using DELETE method.
  v1/folders/ <folder_id>XML feed displays the details of the folder, can be used to modify the details of the folder, and delete the folder.You modify the folder using PUT method and DELETE the folder using DELETE method
  /v1/publicationsXML feed of all publications created in BOE systemThis API supports GET method only.

Extended Workflow

 The workflow is as follows:

  • To Pass the Base URL

GET http:///localhost:6405/biprws/v1/users

  • To Pass the Headers

  • To Get the xml/json response

Automation of Rest Call

The Business Intelligence platform RESTful Web Service  (BI-REST-SDK) allows you to programmatically access the BI platform functionalities such as administration, security configuration and modification of the repository. In addition, to the Business Intelligence platform RESTful web service SDK, you can also use the SAP Crystal Reports RESTful Web Services  (CR REST SDK) and SAP Web Intelligence RESTful Web Services (WEBI REST SDK).

Implementation

An application has been designed and implemented using Java to automate the extraction of SQL query for all the webi reports from the server at once.

Tools used:

  • Postman (Third party application)
  • Eclipse IDE

The structure of the application is as below:

The application file comprises of the required java jar files, java class files, java properties files and logs. Java class files (SqlExtract) are the source code and will be compiled and executed using command prompt as:

Step 1

  • Javac -cp “.;java-json.jar;json-simple-1.1.jar;log4j-1.2.17.jar” SqlExtract.java

 The above command compiles the java code.

Step 2

  • Java -cp “.;java-json.jar;json-simple-1.1.jar;log4j-1.2.17.jar” SqlExtract.java

 The above command runs the compiled java file.

The java properties file (log4j) is used to set the configurations for the java code to run. Also, the path for the log file can be set in the properties file.

RESTful Web Service

The logs (SqlExtractLogger) consist of the required output file with all the extracted query for the webi reports along with the data source name, type and the row count for each query in the respective folder in the path set by the user in properties file.

RESTful Web Service

The application is standalone and can run in any windows platform or server which has java JRE (version greater than 1.6 – preferred) installed in it.

Note: All the above steps required to execute the application are consolidated in the (steps) file.

Conclusion

SAP BO provides Restful web service to traverse through its repository, to fetch structural info and to modify the metadata structure based on the user requirements. When integrated with programming languages like python, java, etc., extends the scope to a greater extent, allowing the user to automate the workflows and to solve the backtracking problems.

Handling Restful web service needs expertise in server administration and programming as changes made to the metadata are irreversible.

References

About the Author –

Alan is a SAP Business Intelligence consultant with a critical thinking and an analytical mind. He believes in ‘The more extensive a man’s knowledge of what has been done, the greater will be his power of knowing what to do’.

Center of Excellence – Network

Posted on by Site Admin

The Network CoE was established to focus on Network solution design, Network design, Advanced Network troubleshooting, Network consulting, Network automation, and competency development in Next Generation Network technologies. It is also involved in conducting Network and Network security assessments in the customer’s IT infrastructure environments focused on optimization and transformation.

Network and Network Security Certification drive

As part of Network CoE, we focus on upgrading the skill sets of L1, L2, L3 Network engineers so that their competency levels are high. This is achieved by Network certification drives organized by Network COE. There are many certification drives focusing on Routing, Switching, Network security, Data Center Technologies, and Network automation driven by Network CoE like CCNA, CCNP, PCNSE, CCNA Data Center and Cisco Certified DevNet Associate. There is an active participation in these certification drives, and many GAVS engineers got themselves certified.

Standard Best Practices and Standard Operating Procedures

In Network CoE, the focus is on industry best practices. Standard Operating Practices are created for various technologies within Networking and Network security and used for Network operations.  We have Standard Operating Practices for Monitoring, NOC, switching, routing, WIFI, load balancers and Network security.

Next generation Network Transformation

The Network and Network Security Industry is undergoing key changes in terms of next generation technologies,Next Generation Firewall, Software defined Networks, WIFI 6 standard. There is an added impetus to Network automation, Intent based Networking. We enable Network transformation by enabling these technologies in customer environments.

Network Automation

We are focusing on Network automation of Standard Operating practices pertaining to Network and Network Security technologies. Instead of usual script-based automation, we focus on automation through Network Programmability via standard API interfaces. This gives much finer control and increased functionality in automation.

Network Assessments and Recommendations

We undertake Network Assessments which focuses on Networking and Network security infrastructure including devices and monitoring tools. We focus on various device types like routers, switches, firewall, WIFI controllers, WIFI access points, load balancers, Layer-3 switches, collaboration devices, SD-WAN devices, MPLS devices, VPN devices, IPS devices, etc. We also focus on Network monitoring tools.  We have a GAVS tool called GAVS topology mapper which can be used to discover network topology and its serves as one of the inputs during Network assessment. We apply standard best practices and come out with findings and recommendations. The recommendations will be directed towards Network optimization and/or Network transformation.

Solutions for Pain Points

We identify customer paint points in Networking and Network security areas and address it with comprehensive solutions. A case in point is where we designed a disaster recovery solution for an enterprise network, where the main site and DR site had different subnet schemes and for the Disaster recovery solution to work the VMs in main site and DR site need to have the same IP address.

Network Maturity Model

In GAVS, we have a Network Maturity Model. We have various levels with the Model. We use the Network Maturity Model to rate Network and Network Security setup.

Network Maturity Levels
ScoreLevel
5Optimised
4Managed
3Defined
2Repeatable
1Ad hoc
Network Design

We undertake Network design of Green Field projects (New Network) or Network re-design of Brownfield projects (Existing Network).  A case in point is where we re-designed an existing data center for better resiliency.

Data Center Design

We have designed Data Centers with N+1 Redundancy based on Cisco Nexus 9K and ACI as part of Data Center move and consolidation.  We used spine and leaf architecture for high availability. We have migrated Catalyst 6000 based data center to a Data Center with Nexus 9K.

Advanced Network and Network Security Services

We undertake several Advanced Network and Network security services. We have done large scale Cisco Identity Service Engine (ISE) Hardening and upgrade. We also migrated to DMVPN for several hundreds of sites.

Advanced Network and Network SecurityTroubleshooting

There are situations when a problem will involve two or more towers, e.g., Networking, server applications etc., we get involved and crack these kinds of problems.

For example, a problem which involved DHCP Network service running in a server. The DHCP network service became slow. We systematically analysed and found out that the actual problem is the server slowness and not the DHCP Network service. In another situation, we found out that DMZ firewall was having 90% CPU utilization which led to connection drops of Applications and we fixed it by upgrading the firewall devices.

Conclusion

We continue to partner with GAVS Customer success managers to provide unique experience to customers in the Networking area.

If you have any questions about the CoE, you may reach out to them at COE_NETWORK@gavstech.com

CoE Team Members

  • Ambika Tripathi
  • Andrew Ellis
  • AvineshYokanathan
  • Deepak Narayanaswamy
  • Durai Murugan Prakash
  • Faheem koyatty
  • Ganesh Kumar J
  • Gayathri R
  • Ibrahim Silver Nooruddin
  • JettiTarakesh
  • Justin Robinson
  • Krishnakumar R
  • Nabiulla A
  • Nandhini Prabhu
  • Navaneetha Krishnan
  • Palanisamy Sakthivel
  • Prasad R
  • Rajeshkanna S
  • Ravichandran V
  • Shafi H
  • Shamini P
  • Shanmukha Ganesh
  • Sridhar
  • Srijith
  • Suresh Chander
  • Venkata Manikrishna Soma
  • Vishal Manuhar

Center of Excellence – Server

Posted on by Site Admin

Our Server CoE is a team of highly skilled individuals and experts in various server technologies who promote collaboration, standardization and best practices to drive business or customer-valued results.

The CoE is focused on providing expert level support in technologies like Windows / Linux Servers, Exchange / O365 Messaging solution, Virtualization with VMWare / Hyper-V / Citrix / Linux, Patch & Compliance Management, Application Availability & Performance Monitoring and Backup / Recovery solutions, etc.

The Server CoE also focuses on in-depth assessment of customer end server infrastructure components to study and analyze the existing design implementations, configurations, and operations to identify strengths and weaknesses to implement technical and economical improvements to businesses, wherever applicable, and perform upgrades, migrations and transformations as necessary.

IT Automation with AI

A wide range of server technologies comprise the Server CoE and not every business or customer can practically leverage all of them. And in the same way, not all the members can practically become an SME in all the server technologies.

Service Offerings

AI Devops Automation Service Tools

Current & Upcoming Engagements

A farm credit bank of US – Server Assessment – In Progress – July 2020

  • MS Active Directory Assessment
    • MS Exchange Assessment
    • VMWare Assessment
    • MS SCCM Assessment
    • MS SCOM Assessment
    • Storage
    • Backup Assessment

A global professional services firm – Hybrid Exchange 2016 Migration – July/August 2020

  • SOW Sign Off – Completed
    • Background verification process for 2 Technical Resources – Completed
    • Migration Environment Setup – In Progress
    • Assessment / Pre-requisites Review – Next Steps
    • Migration Test Phase – July 2020
    • Production Migration – July-August 2020

A Multinational Dairy Company – Active Directory & Exchange Server Migration / July – August 2020

  • Microsoft Active Directory Server Assessment
    • Microsoft Exchange Server Assessment
    • Migration of Active Directory from Windows Server 2008 R2 to Windows Server 2016.
    • Migration of Exchange from Exchange Server 2016 to Exchange Server 2019.

A Wellness Services Agency – Resolve Issues with Exchange Database / DDL – July – August 2020

  • Customer Call / Technical Solution / SOW – Completed
    • SOW Sign Off – In Progress by July 2020
    • Assessment / Migration – Next Steps

A Leading FMCG company of India – Digital Transformation to O365 – July – August 2020

  • Zimbra Mail to O365 Migration
    • Licensing Model Finalization – In Progress
    • Migration Plan & Execution – Next Steps

A Leading FMCG company of India – DNS Migration between Service Providers – July 2020

  • 30+ Domains are registered with Net4India
    • Availability & Support Issues with current provider
    • Assess current domain lists and Migrate to new Provider

A Diverse Hardware Group – Azure Cloud Integration & Support – July/August 2020

  • SOW – in Progress

Road Map

AIOps Artificial Intelligence for IT Operations

Contribution to Organization’s Growth

The Server CoE’s contribution is not limited to one activity with one customer at a time, but involved with multiple simultaneous activities in different server technologies in different customer requirements. Server CoE contributions:

  • Participating in RFPs / Proposals by providing technical solutions to prospects’ requirements
  • Participating in full time Infrastructure Assessment projects for various customers
  • Participating in full time Implementations & Migration projects for different customers
  • Providing Standard Operating Procedures, templates & best practice recommendations in various server technologies
  • Provide internal training to individuals to upskill and strengthen the team
  • Responding to requests and providing solutions to issues faced in various customer engagements

The members of our CoE are dedicated to in carrying out all CoE related activities in addition to their day to day activities in their assigned projects without any impact. We aim to contribute to the organization in terms of technological capability establishment and financial growth with new business opportunities.

If you have any questions about the CoE, you may reach out to them at COE_SERVER@gavstech.com

CoE Team Members

  • Balamurugan Rajamanickam
  • Dilipkumar Dhanasekaran
  • Dinesh Kumar
  • Karthick Mani
  • Karthickmanikandan G
  • Manoj Akula
  • Marimuthupandi Kalimuthu
  • Ramkumar Janakiraman
  • Sabari Nivas
  • Sathishkumar Jayaraman
  • Selvaganesh Kothandan
  • Sivakumar Duraisamy
  • Lakshmi Srikanth

Is the Future of White-Collared Workforce only Digital?

Posted on by Site Admin

Hariharan Madhavan

COVID-19 taught all white-collared workers and their employers one thing for sure – “It is possible to work from home”. With the current advancements in technology – using a mobile app-based contact center solutions, using collaboration platforms to edit content together, hosting tech troubleshooting bridges where multiple engineers solve an issue, video conferencing meetings allowing people to see each other, from where work is delivered does not matter anymore.

Rpa in Infrastructure Management

Wearing what feels comfortable, sitting comfortably, eating homemade food, personalizing your room, life was never better balanced between work and personal life better than now. With nobody to micromanage, the only way to measure a worker is through outcomes. Attendance swipes are a thing of the past. People managers who have no idea of the work done by their team members will become redundant starting2020.
New digital companies will take over like a storm to embrace this opportunity, just like AGILE took over like a religion to manage software development projects.

Existing digital workforce companies are already providing opportunities for companies to hire talent who can work remotely on a need basis from around the world and save potential hiring costs and free from commitments. Just like Uber and Lyft transformed the taxi business, we could see a wave of disruption transforming and killing the traditional brick and mortar IT behemoths to more agile and digital workforce capabilities hiring top talent on the click of a mobile app, and being able to get talent requirements fulfilled in minutes instead of having to wait for weeks or months to get somebody to join. This will be like the DevOps of Hiring for managers who have new projects and budgets looking for people to get things done.

Every other aspect of the business has changed, reducing time to market, and hiring talent is the only area still very traditional and inefficient. It’s not too late for somebody to realize and use this uncertain economic environment as a cradle of opportunity to offer enterprises as a solution.

The next question that comes up is if the borders are removed, how do you secure and still be compliant with your compliance norms. This is completely dependent on the level of sensitivity of data to which an employee/contractor has access. From using privacy screens in the laptops to using technology like VDI, SaaS-based EDR, NGAV, unified agents, CASB’s, you have literally every control that you can think of on-premise that you can enforce in a laptop used by an employee.

When companies hire you in the future, they will ship you an asset to your home location and expect you to use that asset for work. When you have moved out, you will be sent return shipping on which you can put the asset and send it back.

Another main setback that prevented a revolution is that IT companies had to pay for bench talent to provide for the demand. This will also be disrupted by new entrants. New disruptors will be willing to share up to 70% of the revenue earned by somebody back to them, but if there is a loss of billable revenue, the same will be immediately passed on to the concerned employee. These measures will weed out people who are just not meant for the IT workforce that demands constant skill up-gradation, essentially leaving IT to only the high potential workers who are dynamic.

About the Author –

Hariharan is the global head of Cybersecurity at GAVS. He is responsible for strategic and tactical leadership around emerging technologies such as cloud transformation, cloud-native microservices development, software-defined networking, cloud security, DevOps Security, Security and Automation, Security & AI.

Cognitive Computing

Posted on by Site Admin
Artificial Intelligence for IT Operations

Kalpana Vijayakumar

Is it possible for a computer to think and act without human intervention? The answer is yes, and that is called Cognitive computing.

Cognitive computing includes technology platforms that combine machine learning, reasoning, natural language processing, speech, vision, and human computer intervention that mimic the human brain, and solve problems without human assistance. Cognitive computing involves deep learning algorithms and big data analytics to provide insights.

The purpose of cognitive computing is to build a computing framework that can solve complicated problems without frequent human intervention. To implement it, cognitive computing consortium has recommended the following features.

software test automation platform

Scope of Cognitive Computing

We do have to accept that computers have been faster at calculations and processing than humans for decades. But, in a few cases, they have failed to accomplish the tasks that humans take for granted, like understanding the natural language and recognizing unique objects in the images and processing them. Cognitive computing solves all these challenges. They can act in complex situations and have a far-reaching impact on our lives.

Pera study by the IBM Institute for business value – cognitive computing involves three capabilities. These capabilities are related to the ways people think and demonstrate their cognitive abilities in their day-to-day life.

VDI desktop virtualization software

The current cognitive computing landscape is dominated by large players – IBM, Microsoft, and Google. IBM being the pioneer of this technology has invested $26 bn dollars in big data and analytics, now spends close to one-third of its R&D budget in developing cognitive computing technology. IBM and Google have acquired some of their rivals and the market is moving towards consolidation. Below are the leading players in this market.

virtual desktop infrastructure solutions

IBM Watson

Watson assistant is IBM’s AI product that allows you to build, train, and deploy conversational simulators into any applications, device, or channel.

Most chatbots try to mimic human interactions, which can frustrate the end-user when a misunderstanding occurs. Watson Assistant aims to resolve that. It knows how to handle the end-user sensibly and when to direct queries to a human executive. It can be deployed on any cloud or on-premises environment.

Watson supercomputer processes at a rate of 80 teraflops (i.e. trillion floating-point operations per second).To replicate a high functioning human’s ability to answer questions, Watson accesses 90 servers with a combined data store of over 200 million pages of information, which it processes against six million logic rules.

Microsoft Cognitive Services

The machine-learned smarts that enable Microsoft’s Skype Translator, Bing and Cortana to accomplish tasks such as translating conversations, compiling knowledge and understanding the intent of spoken words are increasingly finding their way into third-party applications that people use every day. The democratization of AI is coming as part of Microsoft cognitive services, a collection of 25 tools that allows developers to add features such as emotions and sentiment, detection, vision and speech recognition and language understanding to their applications with zero experience in machine learning.

“Cognitive services is about taking all the machine learning algorithms and AI smarts that we have in this company and exposing them to developers through APIs so that they don’t have to invent the technology themselves”, Mike Seltzer, a principal researcher in the Speech and Dialog research group at Microsoft’s lab in Redmond, Washington.

Machine learning service provider

Google DeepMind

DeepMind was acquired by Google in 2014 and is considered to be a leading player in AI research. If you have used Google, there’s a high possibility that you’ve interacted with DeepMind in some way, as its deep learning tools have been implemented across the spectrum of Google products and services. Some of the most prominent uses for DeepMind AI includes speech recognition, image recognition, fraud detection, spam identification, handwriting recognition, translation, Google Maps Street View, and Local Search.

ai devops automation service tools

Google devices like an Android Phone or Google Home, have invaded our homes and has impacted our lives. Every time you say, “Okay, Google” followed by a question, DeepMind helps Google Assistant understand what you are saying. Unlike Amazon’s Alexa, which uses eight microphones to understand voice commands, Google Home’s DeepMind-powered voice recognition system requires only two.

Cognitive Scale

Cognitive Scale founded by former members of the IBM Watson team provides cognitive cloud software for enterprises. Cognitive Scale’s augmented intelligence platform delivers insights-as-a-service and accelerates the creation of cognitive applications in healthcare, retail, travel, and financial services. They help businesses make sense from ‘dark data’ – messy, disparate, first and third-party data and drive actionable insights and continuous learning.

Spark Cognition Spark Cognition is an Austin-based start-up formed in 2014. Spark Cognition develops AI-Powered cyber-physical software for the safety, security, and reliability of IT, OT. The technology is more inclined towards manufacturing. It is capable of harnessing real-time sensor data and learning from it continuously, allowing for more accurate risk mitigation and prevention policies to intervene and avert disasters.

Cognitive Computing Use Cases

According to tech pundits, cognitive computing is the future. Many successful and established businesses have already integrated the technology into their business affairs. There are a number of successful use case scenarios and cognitive computing examples that show the world how to implement cognitive computing, efficiently. Let us look at some successful use cases of the technology.

Cora- Intelligent Agent by Royal Bank of Scotland

With the help of IBM Watson, Royal Bank of Scotland developed an intelligent assistant that is capable of handling 5000 queries in a single day. Using cognitive learning capabilities, the assistant gave RBS the ability to analyze customer grievance data and create a repository of commonly asked questions. Not only did the assistant analyze queries, but it was also capable of providing 1000 different responses and understand 200 customer intents. The digital assistant learned how customers ask general questions, how to handle the query, and transfer to a human agent if it is too complicated.

Healthcare Concierge by Welltok

Welltok developed an efficient healthcare concierge – CafeWell. It is a holistic population health tool that is being used by health insurance providers to help their customers with relevant information that improves their health. By collecting data from various sources and instant processing of questions by end-users, CafeWell offers smart and custom health recommendations that enhance the health quotient.

Personal Travel Planner by WayBlazer

Powered with cognitive technology, WayBlazer’s travel planner makes it easier for travelers to plan for trips by asking questions in natural language. The concierge asks basic questions and provides customized results by collecting and processing travel data as well as insights about traveler preferences.

aiops artificial intelligence for it operations

Such type of cognitive-powered tool helps travelers save time while searching for flights, booking hotels, and planning other activities. Travel agents have been successfully using such tools which have helped increase their revenues and customer delight at the same time.

Edge up’s Smart Tool to Manage Fantasy Football Teams via Mobile App

Fantasy Football is a very popular entertainment for more than 33 million people around the globe. With the help of cognitive learning and computing, Edge Up Sports developed a tool and integrated with their mobile app that helped users to draft their fantasy teams by asking simple questions.

aiops digital transformation solutions

The questions, drafted in natural language, making it easier for users to take a decision which is then analyzed by the system by browsing through data about a player across social media, news reports, and gauging user sentiment that help team managers make better decisions.

Conclusion

Cognitive computing doesn’t bring a drastic novelty into the AI and big data industry. Rather, it urges digital solutions to meet human-centric requirements like act, think, and behave like a human in order to achieve maximum synergy from human-machine interaction. It is believed that soon every digital system will be measured based on its cognitive abilities.

Cognitive computing will be a significant step towards digital humanism!

References

About the Author

Kalpana is a database developer. She strongly believes that “It’s not that we use technology, we live technology.” Outside of her professional role, Kalpana is passionate about travelling and watching movies.