August NYETM event recap by Michael Koh of OLC

On Wednesday, August 14, 2013, OLC attended NYETM, hosted by Jon Lehr at Microsoft. Four enterprise companies presented themselves on Wednesday night: InkTank, Bromium, Quandora and Pymetrics. A final presentation was held in regards to showcasing DefCon that had happened just weeks before.  This story originally appeared here.

InkTank is an open-sourced massively scalable, distributed storage system. They seek to solve the problem that is storage. In the enterprise, data is a rapidly growing problem. Data is always changing, always growing, so there are massively changing ways of storage. They’re transforming the space from disks of storage. The world has produced 1.5 zetabytes and it will only increase in the next five years. Everyone produces massive amounts of data and it gets worse every day.

InkTank launched in 2012 and its teams are distributed around the world. Ceph technology was developed in 2003 by Save Weil, the current CTO of InkTank. Ceph has been open source since 2006 and it is part of the Linux kernel since 2008.

Their business model is to use subscription fees, professional services, as well as training and certification programs. Ceph’s mission is to commercialize itself to liberate storage. It also offers enterprise-grade services and technology support. It is easily scalable and can be purchased at 1 to 5 cents per gigabyte a month. Ceph save money and time and it increases flexibility while lowering risk.

Ceph’s architecture is represented by its storage clusters, which consolidates data into one logical online server—but on different disks. It moves to object gateway, block device and file system. The entirety of the storage device is called RADOS. Users didn’t have to worry about where their data is stored.

InkTank is unique because it eliminated labels. Data is placed by CRUSH, which stands for Controlled Replication Under Scalable Hashing. Ceph is connected to Apache Cloudshare and to Open Stack.

Frida Polli and Missy Lafferty presented Pymetrics, a software that revolutionizes recruiting with neuroscience and big data. “We do talent assessment for talent management,” Lafferty said. The problem is that hiring is challenging—it’s based on gut instinct, phone screenings, interviews and reading resumes. “Ultimately, there’s no hard data. Turnover is also costly. About 60% of employee’s annual salary is lost,” she said.

Pymetrics, based on SaaS, assesses candidates using neuroscience testing. “It’s a complete analysis across 49 key cognitive and emotional dimensions,” Lafferty said. The usual questionnaires are replaced with games that deal with neuroscience, which cannot be faked. Lafferty revealed that competitors are very test heavy.

Algorithmic matching determines which attributes predict for a given job or even for the company’s culture. “To start, you build your profile, then take an employer test, and from that, data is combined with performance data and the output is the model employee profile.” Of course, when the candidates take the test, their scores are compared to the model employee’s and receive a fit score. Pymetrics isn’t just for hiring—it can be used for staffing and recruiting, giving feedback for all of the processes.

Quandora, presented by Andrea Barroca, is a Q&A system designed for continuous learning. Quandora was built in March of 2012 and thanks to rapid development, a working version was launched in the summer of that year. They signed their first client at the end of 2012. Barroca said they started the company because knowledge is important. “Tacit knowledge is difficult to share—it is unstructured, highly volatile and practical.”

Using the less is more philosophy; Quandora lets users ask questions and lets others answer. “It’s simple, open, light, social and self-managed. It provides incredible relevancy,” she said. Quandora even allows companies to document their culture. “Quandora is bringing a simple Q&A platform. It’s like a Dropbox for knowledge.”

To use Quandora, all the user has to do is log in with their Google or Yahoo or Yammer login names. It even gives badges to gamify the learning experience. Metrics are also available on the platform and allows knowledge to be shared across the company and teaches people how to do their jobs.

Bromium defeats unknown attacks while empowering users by design. Manish Kalia presented Bromium, founded in 2010. The team has a formidable number of experience in virtualization, security and in Windows. The problem is that end users are the weakest link in security. This threatens every data in the system and hackers are exploiting human nature that way. “Regarding black listings, detection is not protection. It doesn’t protect users. And for white listings, restriction is not protection. Most attacks occur through white-listed apps,” Kalia said. He then said that Bromium protects users through isolation.

Bromium built a micro virtualization product to virtualize the individual tasks that are performed on the computer. “There’s a tiny code base for maximum security. New micro VMs are created for every task. No data is present in it. As users use the apps, Bromium works behind the scenes to open them in microVMs. It goes everywhere with the user. It also tells them about attacks and what they are trying to do in real-time.”

Special Talk on Black Hat / DefCon by Carlos Hoyos (IBM CIO Lab Security team)

Carlos Hoyos gave a brief talk about DefCon and Black Hat. “It’s the largest security conference in the world. Over 7,000 people attended this one. The focus of the conference ranged from mobile, hardware, DIY products, malware, DDOS, privacy and anything digital that you can think of.” Hoyos gave a list of things that he found interesting at DefCon: Femtocells, exploiting apps for fun & profit, attacking mobile encryption, compromising mobiles through USBs, mobile devices broadcast too much information, wireless authentication is still too weak, SIM cards are minicomputers and run Java.

Leave a Reply

Required fields are marked *.