Cloud Security

Customer identity resolution becomes increasingly complex as organizations scale across multiple systems, regions, and data formats. Traditional rule-based approaches often fail to keep up with data variability, require constant manual tuning, and struggle with real-time processing needs. This session presents a practical approach to building a scalable identity resolution pipeline using AWS services and modern AI techniques. The architecture combines data ingestion through Amazon S3 and AWS Glue, transformation pipelines using Spark on EMR, and machine learning models deployed via SageMaker for entity matching and standardization. Graph-based relationship modeling is implemented using Amazon Neptune to improve resolution accuracy by incorporating household and shared attribute context. We will walk through how machine learning models can be used for name and address normalization, how intelligent blocking strategies improve matching efficiency, and how feedback loops can be introduced to continuously improve accuracy. The session also highlights how serverless components such as AWS Lambda can be used for orchestration and real-time processing. **SPEAKER BIO** Mosaic Syed is a Senior Data Engineering and Cloud Solutions Architect with over 20 years of experience designing and delivering scalable, secure, and high-performance data solutions across global enterprise environments. https://www.linkedin.com/in/mosaic-basha-syed-92300856 **CALL FOR SPEAKERS** Learn more: [https://www.awscolumbus.com/get-involved/](https://www.awscolumbus.com/get-involved/) **THANK YOU** *VEEAM* for hosting our meetup! To learn more about *Veeam*, please visit their website: [https://www.veeam.com/](https://www.veeam.com/) **DIRECTIONS** 8800 Lyra Dr #450 · Columbus, OH go to 4th floor. **Want to sponsor the pizza and/or bar tab?** Please contact me if you would like to sponsor this meetup's pizza and/or bar tab: angelo@mandato.com

We will show how to build custom agents with Microsoft Agent Framework. Attendees will learn how to build and custom host agents when Microsoft Foundry is not a viable option.

On Thursday, May 21, 2026, we will meet at the 700N Conference Room at 700 N Hurstbourne Pkwy. Doors will open at 6:00 p.m., and the presentations will begin sharply at 6:30 p.m. Along with an excellent presentation, TEKsystems will provide food. Please RSVP so we know how much food to order. Afterward, we will go to Brick House Tavern for drinks and food to continue the conversation. The session will also be broadcast at https://twitch.tv/TaleLearnCode. ### **GitOps: Easy Deploy and Even Easier Rollback** GitOps isn't just for containers. The methodology of deploying from a build is now baked into our culture. Take it a touch farther with infrastructure as code and a few extra techniques, and you can reliably deploy to any platform: cloud, on-prem, container, PaaS, and more. Join us as we learn the methodology of GitOps, the critical pieces you need in place, and the elegance of rollbacks with GitOps. You'll leave with a working repo of deployment techniques that doesn't consume any paid tools or container-specific techniques.

Practical AI for Power BI Developers A year ago, “agentic AI” was mostly hype for Power BI teams. Today, it deserves your undivided attention. For Power BI pros, there is now a real opportunity to reduce repetitive development work, accelerate delivery, and help developers do more, but only when strong DataOps practices are in place to make AI workflows effective. This session is a no-nonsense introduction to effective AI patterns for Power BI and Fabric development. Along the way, we will make sense of the growing pile of terminology, including skills, plugins, hooks, and MCP. You will see examples of how modern AI tooling can help with development tasks across Power BI and Fabric, along with the prerequisites, guardrails, and DataOps principles needed to use it responsibly. Whether you're burned out on AI hype or already using Copilot CLI daily, this session will show you the foundations that are finally making AI-assisted development genuinely useful.

What does a trojan look like when it has over 900k+ combined installs and a Forbes write-up? Exactly like a legitimate Chrome extension. This session presents a technical dissection of two Chrome extensions, each with over one million active installations — that functioned as trojans in production environments, evading detection while operating through entirely legitimate browser APIs. These were not obscure tools. They were widely trusted, actively recommended, and covered by mainstream press before their malicious behavior was fully understood. We will walk through the actual source code of both extensions, showing precisely how the malicious functionality was constructed, concealed, and executed at scale. This analysis anchors a broader examination of how modern compromises actually succeed. Drawing on aggregated real-world incident data, we identify the technique categories currently delivering the highest adversary return, and why they keep working. Spoiler: it's rarely a zero-day. It's trust. The Chrome extension deep-dive will cover: * Line-by-line source analysis of how malicious functionality was embedded within working, useful software * Which browser permission scopes were abused, and why a million users — and their IT teams — didn't see it coming * The behavioral and structural indicators that distinguish a trojan extension from a legitimate one, and how to operationalize detection around them This session closes with a practical defensive prioritization framework built around observed attacker behavior: which mitigations are measurably reducing risk in production environments, which are consuming budget without impact, and a scoring methodology your team and leadership can apply immediately. **Source material:** Primary analysis of extension source code, corroborated by reporting from Forbes and other established outlets. **What this is not:** A vendor pitch, a speculative threat narrative, or a surface-level breach retrospective. **Who should attend:** Security architects, AppSec and cloud security practitioners, blue team leads, threat hunters, browser security practitioners, and security leaders responsible for prioritizing risk and investment decisions.

**Important time note:** Please plan on arriving between 5:30 and 6:00 as the elevators lock after 6 and you'll need to message us and we'll need to come get you. The building address is 4450 Bridge Park The entrance is 6620 Mooney St, Suite 400 You will need to scan your ID at the door to get a visitor badge. **Abstract** TBD **YouTube Link** TBD

Sleep in on Sundays. When you've had your fill of pajama-time, roll out and have some tasty brunch with your fellow Humanists!