All news with #how to tag

💬 This Google Cloud post by David Tamaki Szajngarten demonstrates how to build a context-aware conversational agent for BigQuery using the Conversational Analytics API powered by Gemini. It provides a reference Python SDK flow to register BigQuery tables, create a DataAgent with system instructions and permitted datasources, and deploy stateful or stateless conversations. The article shows a streaming chat loop that returns generated SQL, DataFrame-like results, Vega‑Lite chart specs, and final natural-language answers, and highlights integration with the Agent Development Kit (ADK) and lifecycle controls.

🔍 This webinar examines how modern cloud forensics replaces slow, manual log stitching with automated, context-aware investigation across transient infrastructure. You’ll learn why traditional incident response fails when compromised instances, rotating identities, and expiring logs erase evidence, and why three capabilities — host-level visibility, context mapping, and automated evidence capture — are essential. The session demonstrates real investigations where correlated signals rebuild full attack timelines in minutes, enabling faster scoping, clearer attribution, and more confident remediation.

🧭 I spent a day using Corelight's Investigator NDR to learn how network detection and response supports SOC workflows. The interface prioritized high-risk detections, showed packet-level evidence and MITRE ATT&CK context, and let me dig into suspicious DNS, reverse shells, and exploit tool activity. Built-in GenAI provided step-by-step investigative actions, and integrations with SIEM, EDR and firewalls demonstrated how NDR enriches and correlates network telemetry for faster triage.

📷 This article examines whether parents should allow children to post selfies online, arguing that prohibition rarely works and parental guidance is a more effective approach. It details specific harms — from predator grooming and AI-enabled sextortion (via nudifier tools) to identity theft, cyberbullying and long-term reputational damage — and highlights correlations between heavy social-media use and worsening adolescent mental health. Practical recommendations include open communication, using privacy settings and geolocation controls, selective follower approval, routine digital clean-ups and household screen-time rules, while urging parents to model responsible sharing and reduce their own “sharenting.”

🛡️ This article presents a layered, AI-enhanced defense-in-depth architecture for protecting serverless microservices on AWS. It outlines seven security layers—from edge DDoS and WAF protections to identity, API gateway controls, network isolation, compute hardening, secrets management, and data encryption—integrating GuardDuty, Cognito, API Gateway, Secrets Manager, and DynamoDB. The guidance emphasizes continuous monitoring, automated incident response using Amazon Bedrock and EventBridge, and operational practices that balance security, compliance, and developer velocity.

🔧 This guide explains how to adapt foundation models on Google Cloud by fine-tuning both managed and self-managed workflows. It contrasts a fully managed Vertex AI Supervised Fine-Tuning path for models like Gemini with a customizable GKE approach using LoRA on open-source models such as Llama. The labs walk through data preparation, baseline evaluation, tuning, and automated evaluation metrics, as well as GKE infrastructure, GPU provisioning, security with Workload Identity, and containerized training for production readiness.

🧰 The Google Cloud samples team describes building a specialized end-to-end system that uses Gemini on Vertex AI and Genkit to produce production-ready educational code samples across many languages and products. Their architecture separates generation, validation, and delivery so LLM outputs are combined with deterministic automations, linters, unit tests, and human review. The post presents seven practical technical takeaways—decomposition, determinism, precise prompts, vetted evaluation, scaled downstream processes, end-to-end testing, and solid engineering practices—that drove reliable, scalable sample generation.

🛡️ Breach & Attack Simulation (BAS) tools automate validation of security controls by emulating adversary tactics and mapping those behaviors to frameworks such as MITRE ATT&CK or the Cyber Kill Chain. BAS focuses on verifying detection and prevention capabilities across endpoints, networks, mail gateways and identity systems rather than discovering unknown vulnerabilities. When evaluating products, prioritize realistic, customizable scenarios, scalable automated testing, clear reporting, integration with existing tooling, and vendor support or managed options.

🔐 Attackers often build highly effective password lists without AI by harvesting organization-specific language from public websites. Tools like CeWL crawl corporate pages to extract terms that users recognize, which attackers then mutate into plausible passwords. This technique explains guidance in NIST SP 800-63B and shows why blocking context-derived and breached passwords is essential.

🛡️ Top CISOs are cutting MTTR and reducing SOC burnout by making sandbox execution the first investigative step. By automating triage and pairing automation with live, interactive analysis, teams resolve routine alerts faster and escalate less. Solutions like ANY.RUN deliver runtime evidence, extract IOCs, and produce concise reports so analysts act decisively without adding headcount. The result: predictable workloads, fewer decision points, and measurable gains in throughput and SLA performance.

🔍 This article explains how modern deepfakes are created, deployed, and detected in real-world scams, and why virtually anyone can be a target. It describes common visual, auditory, and behavioral signs—lighting and lip-sync errors, unnatural blinking, electronic vocal tones, and awkward gestures—and notes attackers use tools from Telegram bots to commercial services like HeyGen and ElevenLabs. Practical advice includes ending suspicious chats, verifying identities via alternate channels, agreeing a family codeword, tightening privacy on photos and recordings, enabling strong account security, and using content-analyzer services to flag AI-generated media.

🔍 The John Lewis Partnership’s platform team redefined how it measures the value of its internal developer platform, moving beyond simple tenant counts. They began with lead-time metrics for service creation, onboarding and first-customer deliveries, then adopted DORA metrics and a Technical Health score to capture operational quality and resilience. Combining telemetry with developer-experience feedback helped prioritise paved roads, automate change handling and simplify security assurance to reduce friction and speed delivery.

🔍 John Lewis Partnership outlines a pragmatic approach to selecting monitoring metrics for its developer platform, stressing that impressive numbers alone don't prove platform health. They pair objective DORA benchmarks with recurring qualitative engineer feedback via DX, and track feature adoption and technical hygiene through a custom Backstage plugin. Individual checks run as small jobs, results land in BigQuery, and insights are surfaced as aggregated views, per-team tasks, and leaderboards to drive targeted improvements.

🔍 John Lewis moved beyond simple adoption counts to measure whether its internal developer platform actually delivered value. Initially the team tracked practical lead-time metrics — Service Creation Lead Time, Onboarding Lead Time, and First Customer Lead Time — to show speed to production and prioritize improvements. Over time they adopted DORA metrics, centralized telemetry in BigQuery and dashboards, automated change handling, and introduced a Technical Health score to guide investments and reduce developer friction.

🕒 The opening moments after detection — often referred to as the first 90 seconds — determine whether an incident becomes manageable or spirals out of control. Responders must quickly decide what to preserve, what to examine first, and whether a single affected host reflects broader compromise. Prioritize evidence of execution and retain backward telemetry rather than immediately restoring services. Consistent discipline, environment knowledge, and repeatable procedures are what let teams scale investigations with confidence.

🔐 The article provides a practical, technical roadmap for eliminating passwords in hybrid Active Directory and Microsoft Entra ID environments. It emphasizes the prerequisite triangle of cloud Kerberos trust, device registration, and Conditional Access, then compares architectural choices like Windows Hello for Business, FIDO2 keys, and phone sign-in. The author presents phased migration steps, common troubleshooting patterns, and recovery best practices to help organizations move securely toward Zero Trust.

🧭 Antigravity and Gemini CLI offer two complementary approaches for running agent-driven workflows. Antigravity delivers an approachable, graphical experience with an Agent Manager, in-browser application views, guided walkthroughs, and a native debugger for inspecting stack traces. Gemini CLI is terminal-first, installs via npm (npm install -g @google/gemini-cli, requires Node.js), supports headless/CI-friendly execution, and can call local tools like gh or gcloud. Both are extensible with MCP and Agent Skills, and both provide generous free tiers so teams can evaluate which workflow best fits their needs.

🔍This live session breaks down practical choices for modern SOCs, led by Kumar Saurabh (CEO, AirMDR) and Francis Odum (CEO, SACR). Expect clear guidance on when to build, when to buy, and how to automate without losing control. The webinar features a real customer case study, a side‑by‑side look at SOC models, and a ready checklist to reduce tool sprawl and improve outcomes. Register to simplify operations and make every tool decision count.

📚 This free course from Google Cloud and DeepLearning.ai teaches practical use of Gemini CLI, guiding users through installation, context management, extensibility, and specialized workflows. It is designed for developers and non-developers who want to integrate the CLI into daily tasks such as data analysis, content generation, and personalized learning. The curriculum runs in under two hours and provides hands-on lessons covering GEMINI.md, memory features, MCP servers, and extensions.

🔒 Brand impersonation—fake websites, domains, emails, ads, and social pages—is an increasingly common tactic used to harvest credentials, steal payments, distribute malware, and defraud customers and partners. Attackers exploit lookalike domains, SEO and paid ads, and phishing messages to lure victims; even imperfect forgeries can inflict financial, operational, and reputational harm. Organisations should monitor clones, maintain a visible trust centre, pursue rapid takedowns, block malicious domains internally, and coordinate legal, IT, and communications teams for fast response.