Meet a recent Microsoft Learn Student Ambassador graduate: Tarun Nanduri

by Contributed | Apr 12, 2021 | Technology

This article is contributed. See the original author and article here.

Welcome to our series highlighting Microsoft Learn Student Ambassadors who achieved the Gold milestone and have recently graduated from their university. Each blog features a different student and highlight their accomplishments, their experience with the Student Ambassadors program, and what they’re up to now. 

Today we’d like to introduce Tarun Nanduri, who graduated a few months ago from Pragati Engineering College in Surampalem, India. 

Responses have been edited for clarity and length.  

Q: When you joined the program, did you have specific goals you wanted to reach, and did you achieve them? How has the program helped to prepare you for the next chapter in your life? 

One thing is confidence. The amount of positivity or confidence that this program brings into the academic culture is very high–it’s unimaginable, I would say. I was always a confident guy, but then Microsoft Learn Student Ambassadors gave me a platform to talk with more and more people and build that foundation higher. 

When I joined the program back in August 2017, the thing which excited me to join was to travel around India and also around the globe. To my fortune, I’ve traveled in my first year itself and also in my last year before graduating to Student Ambassador gatherings like the Gold Summit and the India Summit where I got to meet great program managers, and it was a whole lot of networking and a whole lot of idea sharing. 

The other thing which excited me is Microsoft Azure. In 2017 I was not even aware of what the cloud is, how cloud development works,, but Microsoft Azure gave us a brilliant start. Giving students a USD100 credit allowed us to explore more and more on the cloud, deploy apps, and scale them out. It helped me know how cloud works and everything. Microsoft Azure is one of my favorite cloud platforms–it is the best thing I have learned from this community. Because of this program, I would say did I learn more about cloud computing and Azure. 

Yes, it was a beautiful experience from 2017 to 2020. 

Q: In the program, what was the one accomplishment that you’re the proudest of and why?  

My very first event that I worked on as a Student Ambassador that I weill forever cherish was an interactive event, an hour of code in our college. 11 Student Ambassadors connected and made hour of code possible for more than 700 plus students at one time. 

I’ve done multiple events, but one of my favorite events which I’m proud of is an Application Development workshop series. It’s a week or more with 80+ students each and every day coming in and out. Everything from A to Z, from organization to giving the certificates, it’s on me, including the talks. That was my greatest experience–sharing my knowledge and empowering juniors to learn more about Microsoft technologies and also technology as a whole. And letting them build their own on their own, letting their ideas materialize.  

Q: So what have you been doing or what are you working on? What have you been up to since graduation? 

I’m working as a software engineer at NCR Corporation.  It’s been a good journey so far, and I hope I reach more and more heights. I believe in learning wherever we go. Go wherever, but never stop learning, that’s it. I’m enjoying my job at this moment, but my dream job would be to be like a CEO, like Sundar Pichai or Satya Nadella. 

Q: If you could redo things, is there anything you would have done differently while in the program?  

Not the whole term, but 2018 to 2019. I was quite passive then, so I didn’t do many events or didn’t participate or be active in the community. So I would like to redo that because the contributions I’ve made before and after gave me an opportunity to become a Gold Ambassador, so if I were the same way in 2018 and 2019, I would have reached many more heights. 

Q: If you were to describe the Student Ambassadors program to a student who is considering joining, what would you say to them? 

I would like to showcase myself as a real example of how the program transformed me from a college student who just passed +2 (editor’s note: the 2 year bridge between 10 years of primary/secondary schooling and undergraduate college) and became a graduate or a technology graduate. The amount of positivity that this brings into one’s academic career is unimaginable, so if you would like to make an impact, this is the right place for you. 

Q: What advice would you give to new Student Ambassadors? 

Talk with folks. Don’t be a single person doing all the things. Get some regional Student Ambassadors around you. Talk with them and do some community events together.  Even though you’re knowledgeable, doing community events gives you fun and also gives you great experiences. That network matters a lot. You will enjoy the benefits once you graduate from the university. 

Q: Do you have a motto, a guiding principle that drives you in life? 

There are multiple things I believe in: 

• Never stop learning. 


• Sharing is learning, so learn as you share and share as you learn. 


• The more you know, the more you realize you don’t know. That played a good role in my development as a software engineer.

Good luck to you, Tarun, in your journey! 

Introducing Multivariate Anomaly Detection

by Contributed | Apr 12, 2021 | Technology

This article is contributed. See the original author and article here.

Microsoft partners and customers have been building metrics monitoring solutions for AIOps and predictive maintenance, by leveraging the easy-to-use time-series anomaly detection Cognitive Service: Anomaly Detector. Because of its ability to analyze time-series individually, Anomaly Detector is benefiting the industry with its simplicity and scalability.

What’s new

We are pleased to announce the new multi-variate capability of Anomaly Detector. The new multivariate anomaly detection APIs in Anomaly Detector further enable developers to easily integrate advanced AI of detecting anomalies from groups of metrics into their applications without the need for machine learning knowledge or labeled data. Dependencies and inter-correlations between different signals are now counted as key factors. The new feature protects your mission-critical systems and physical assets, such as software applications, servers, factory machines, spacecraft, or even your business, from failures with a holistic view.

Imagine 20 sensors from an auto engine generating 20 different signals, e.g., vibration, temperature, etc. The readings of those signals individually may not tell you much on system-level issues, but together, could represent the health of the engine. When the synergy of those signals turns odd, the multivariate anomaly detection feature can sense the anomaly like a seasoned floor expert. Moreover, the AI models are trained and customized for your data such that it understands your business. With the new APIs in Anomaly Detector, developers can now easily integrate the multivariate time-series anomaly detection capabilities as well as the interpretability of the anomalies into predictive maintenance solutions, or AIOps monitoring solutions for complex enterprise software, or business intelligence tools.

Customer love

“Medical device production demands unprecedented precision. For this reason, the Siemens Healthineers team uses Multivariate Anomaly Detector (MVAD) in medical device stress tests during the final inspection in the production. We found MVAD easy to use and work almost out of the box with promising performance. With the ready-to-use model, we don’t need to develop a custom AD model, which ensures a short time to market. We plan to expand this technology also to other use cases. It is made easy due to good integration into our ML platform and processes.” – Dr. Jens Fürst, Head Digitalization and Automation at Siemens Healthineers

To better understand the health and condition of the aircraft and foresee and fix potential problems before they occur, Airbus deployed Anomaly Detector, part of Cognitive Services, to gather and analyze the telemetry data. It began as a proof of concept of the aircraft-monitoring application by loading telemetry data from multiple flights for analysis and model training. “Early tests have shown that for many cases, the out-of-the-box solution works beautifully, which helps us deploy our solutions faster. I would say that we save up to three months on development for our smaller use cases with Anomaly Detector.”
Marcel Rummens: Product Owner of Internal AI Platform, Airbus

AI horsepower

Time-series anomaly detection is an important research topic in data mining and has a wide range of applications in the industry. Efficient and accurate anomaly detection helps companies to monitor their key metrics continuously and alert for potential incidents on time. In many real-world applications like predictive maintenance and SpaceOps, multiple time-series metrics are collected to reflect the health status of a system. Univariate time-series anomaly detection algorithms can find anomalies for a single metric. However, it could be problematic in deciding whether the whole system is running normally. For example, sudden changes of a certain metric do not necessarily mean failures of the system. As shown in Figure 1, there are obvious boosts in the volume of TIMESERIES RECEIVED and DATA RECEIVED ON FLINK in the green segment, but the system is still in a healthy state as these two features share a consistent tendency. However, in the red segment, GC shows an inconsistent pattern with other metrics, indicating a problem in garbage collection. Consequently, it is essential to take the correlations between different time series into consideration in a multivariate time-series anomaly detection system.Fig.1

In this newly introduced feature, we productized a novel framework — MTAD-GAT (Multivariate Time-series Anomaly Detection via Graph Attention Network), to tackle the limitations of previous solutions. Our method considers each univariate time-series as an individual feature and tries to model the correlations between different features explicitly, while the temporal dependencies within each time-series are modeled at the same time. The key ingredients in our model are two graph attention layers, namely the feature-oriented graph attention layer and the time-oriented graph attention layer. The feature-oriented graph attention layer captures the causal relationships between multiple features, and the time-oriented graph attention layer underlines the dependencies along the temporal dimension. In addition, we jointly train a forecasting-based model and a reconstruction-based model for better representations of time-series data. The two models can be optimized simultaneously by a joint objective function.

The magic behind the scenes can be summarized as follows:

• A novel framework to solve the multivariate time-series anomaly detection problem in a self-supervised manner. Our model shows superior performances on two public datasets and establishes state-of-the-art scores in the literature. 


• For the first time, we leverage two parallel graph attention (GAT) layers to learn the relationships between different time-series and timestamps dynamically. Especially, our model captures the correlations between different time-series successfully without any prior knowledge.


• We integrate the advantages of both forecasting-based and reconstruction-based models by introducing a joint optimization target. The forecasting-based model focuses on single-timestamp prediction, while the reconstruction-based model learns a latent representation of the entire time-series.


• Our network has good interpretability. We analyze the attention scores of multiple time-series learned by the graph attention layers, and the results correspond reasonably well to human intuition. We also show its capability of anomaly diagnosis.

Multivariate anomaly detection API overview

This new feature has a different workflow compared with the existing univariate feature. There are two phases to obtain the detection results, the training phase, and the inference phase. In the training phase, you need to provide some historical data to let the model learn past patterns. Then in the inference phase, you can call the inference API to acquire detection results of multivariate time-series in a given range.

Get started!

• Learning more from our documentation


• QuickStarts: C#, Python, JavaScript, Java


• Artificial Intelligence for developers

Why you should celebrate your Microsoft skills and certifications

by Contributed | Apr 12, 2021 | Technology

This article is contributed. See the original author and article here.

Earning new Microsoft Certifications and skills takes dedication; from completing courses and studying for the big day to finally passing the certification exam or putting new skills to work on the job, you deserve to celebrate your achievements.

Giving yourself a pat on the back and making sure others know you’ve put in all that effort not only feels good, it also empowers you to transform those additional tools into real benefits for your career. It ensures your professional network understands that you’re committed, hard-working, and talented enough to attain your career goals.

Letting peers know about your new skills and certifications can also increase your chances of getting ahead. Take LinkedIn for instance: Members listing at least five skills on their profiles are messaged up to 27 times more than those who don’t.¹

As Daniel Christian, a Microsoft MVP and certified trainer says, “When you earn certifications, in addition to the positive feeling you get, you can also put your badges on LinkedIn and your resume. It’s a simple action that can give you the edge you need to set yourself apart from other candidates – to prove that you’ve got something extra.”

Not only can you prove it, but you can also turn new knowledge and ability into added income. About 35% of technical professionals say getting certified led to salary or wage increases, and 26% report job promotions.² Gaining skills can also move your career forward; 87% of recruiters consider skills to be a critical factor when it comes to vetting candidates.³ These advantages come when your managers and others realize you have the capabilities and dedication to continuously learn.

Professional development also creates a measurable boost in confidence. IDC found that IT professionals who were certified were consistently more likely to believe they could learn difficult skills, with 91% of certified IT professionals believing that the effort employees put into acquiring new skills strongly contributes to their success.⁴

Wear your badge proudly

The first step to letting peers know about your achievement, as soon as you pass an exam or earn a certification, is through claiming a digital badge. Microsoft partners with Credly to award badges for certification achievements.

Digital badges give you authenticated digital representations of your achievements including an easily-recognized badge image and metadata uniquely linked to you and your achievement. Anyone looking at your information instantly sees your skills aligned to the certification and can verify the badge’s authenticity. You can share your digital badge on popular online sites, such as LinkedIn, Facebook, and Twitter, and embed it into your resume, personal website, or email signature. It’s an easy and objective way to prove you have what it takes to advance in your career.

One more tip to honor your achievements: keep them up to date. Don’t forget to periodically renew your certifications and update your skills. You can find a wealth of resources to refresh them on Microsoft Learn.

Related posts:

• 7 Lessons from a 24 year tech career


• Is your certification expiring soon? Renew it for free today!

¹LinkedIn, “What You Need to Know To Get Hired This Month: September 2020” 

²Microsoft, “10 reasons to earn a Microsoft certification,” 2020

³LinkedIn, “To Find Your Next Job More Quickly, Tell Your Community You’re Open to Work,” October 2020

⁴IDC white paper, sponsored by Microsoft, “Business Value of Digital Transformation and the Contribution of a Growth Mindset in IT,” May 2020.

Introduction to tokens

by Contributed | Apr 12, 2021 | Technology

This article is contributed. See the original author and article here.

Introduction

This article is written to explain OAuth 2.0 and OpenID Connect bearer tokens (JWT) and concepts relating to Microsoft Azure AD and related technologies, but can most likely be applied elsewhere too.

Tokens are everywhere on the Internet. Even if you don’t realise it, you may have just used one on the way to read this article! You may ask “What is a token and what do I need it for?” and my answer would be “Which token?”. You see, there are different types of tokens all with their use cases.

This article is here to break down the different types, how and when they are used and what a token is comprised of. Hopefully this article will help you better understand tokens and apply this to getting started with other technologies such as Microsoft Graph.

What is a token?

A token is a list claims of something. A real world analogy could be a receipt from a purchase of goods you made. Let’s say you needed to prove that you bought to goods to return something. The receipt would most likely contain the date of purchase, the price you paid and most importantly, the goods purchased. Essentially, you are making a claim of ownership using the receipt. A token works in a similar way – it is a way to claim “I am me” or “I am allowed to do this”.

Token types

As explained in the introduction, there are many different types of tokens. This article will concentrate on the 3 most commonly used tokens in Azure AD:

ID tokens

ID tokens are used by a client to provide a user’s identity. This is referred to as authentication. One example is a user entering their credentials in to a client and being given an ID token on sign-in success. By then having an ID token, the client then can access resources as the signed-in user without prompting the user.

Important Note: ID tokens should only be used for identity purposes and NOT be used to grant access to additional resources. This will be covered next

Access tokens

Access tokens are used by a client to obtain access to additional resources e.g. a protected API such as Microsoft Graph. This is referred to as authorization. With an access token, you can have a list of permissions (scopes) granted to you against a resource. You can then use these permissions in the access token to access protected resources that you would not be able to access with an ID token.

If you are still confused of the difference between authentication and authorization, @LuiseFreese sums it up perfectly:

The term “auth token” is widely used can become misleading as it could be interpreted as an authentication (ID) or authorization (access) token. It is important to distinguish the difference between the two and try to avoid using the term “auth token”.

Refresh tokens

Refresh tokens can be issued with ID and access tokens. Tokens have a fixed lifetime and expire, but with a refresh token a client can obtain a token without prompting the user for input. A basic example could be you are signed in to a client and it is using an access token with Microsoft Graph. On expiry of the access token, instead of interrupting the user, a new access token is silently obtained before the old access token expires using the refresh token from the original access token.

What makes up a token?

Let’s look at a sample token:

eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6IjFMVE16YWtpaGlSbGFfOHoyQkVKVlhlV01xbyJ9.eyJ2ZXIiOiIyLjAiLCJpc3MiOiJodHRwczovL2xvZ2luLm1pY3Jvc29mdG9ubGluZS5jb20vOTEyMjA0MGQtNmM2Ny00YzViLWIxMTItMzZhMzA0YjY2ZGFkL3YyLjAiLCJzdWIiOiJBQUFBQUFBQUFBQUFBQUFBQUFBQUFJa3pxRlZyU2FTYUZIeTc4MmJidGFRIiwiYXVkIjoiNmNiMDQwMTgtYTNmNS00NmE3LWI5OTUtOTQwYzc4ZjVhZWYzIiwiZXhwIjoxNTM2MzYxNDExLCJpYXQiOjE1MzYyNzQ3MTEsIm5iZiI6MTUzNjI3NDcxMSwibmFtZSI6IkFiZSBMaW5jb2xuIiwicHJlZmVycmVkX3VzZXJuYW1lIjoiQWJlTGlAbWljcm9zb2Z0LmNvbSIsIm9pZCI6IjAwMDAwMDAwLTAwMDAtMDAwMC02NmYzLTMzMzJlY2E3ZWE4MSIsInRpZCI6IjkxMjIwNDBkLTZjNjctNGM1Yi1iMTEyLTM2YTMwNGI2NmRhZCIsIm5vbmNlIjoiMTIzNTIzIiwiYWlvIjoiRGYyVVZYTDFpeCFsTUNXTVNPSkJjRmF0emNHZnZGR2hqS3Y4cTVnMHg3MzJkUjVNQjVCaXN2R1FPN1lXQnlqZDhpUURMcSFlR2JJRGFreXA1bW5PcmNkcUhlWVNubHRlcFFtUnA2QUlaOGpZIn0.1AFWW-Ck5nROwSlltm7GzZvDwUkqvhSQpm55TQsmVo9Y59cLhRXpvB8n-55HCr9Z6G_31_UbeUkoz612I2j_Sm9FFShSDDjoaLQr54CreGIJvjtmS3EkK9a7SJBbcpL1MpUtlfygow39tFjY7EVNW9plWUvRrTgVk7lYLprvfzw-CIqw3gHC-T7IK_m_xkr08INERBtaecwhTeN4chPC4W3jdmw_lIxzC48YoQ0dB1L9-ImX98Egypfrlbm0IBL5spFzL6JDZIRRJOu8vecJvj1mq-IUhGt0MacxX8jdxYLP-KUu2d9MbNKpCKJuZ7p8gwTL5B7NlUdh_dmSviPWrw

Makes sense, right? Of course not. All Azure AD tokens are also referred to as “JWTs” or JSON Web Tokens. This means that the token is formatted as a JSON object and then “base64Url” encoded and signed and with a bit of extra security (we’ll cover this soon), the end result is what we have above.

For an introduction in to JSON, I highly recommend Bob German’s article here.

Decoding a token

Taking the sample above and putting in in to jwt.ms, it is possible to decode from “base64url” back to human-readable JSON.

You will now see a JWT is made up of 3 parts:

• Header (red text)


• Payload (blue text)


• Signature (green text)

In the next two sections, we’ll cover off each part.

Payload

A payload or body is the content of the token where the claims are stored. Most tokens contain standard claims such as:

• “iss” – Identity of the service that issued the token e.g. https://login.microsoftonline.com/9122040d-6c67-4c5b-b112-36a304b66dad/v2.0


• “sub” – The subject of the token e.g. the user


• “aud” – The audience of the token, who the token is intended for. This is usually the client and not the user


• “exp” – Expiry date of token in seconds since the Unix epoch


• “iat” – Time token was issued (Unix epoch seconds)


• “nbf” – Time token is valid from (Unix epoch seconds)

In addition to standard claims, there are custom claims in Azure AD tokens such as:

• “name” – Name of the subject


• “oid” – Azure AD object ID of the subject


• “tid” – Azure AD tenant ID of the subject

One great feature of jwt.ms is that you can view detailed descriptions of standard and Azure AD claims.

Validating a token

You may be thinking: I just decoded a token on a webpage – how is that secure? JWTs are typically “signed” (not encrypted) with an algorithm and private key by the issuer of the token. This doesn’t stop any of the payload or header from being decoded as the aim of a token isn’t to hide information, but provide validity to it.

Never store secret information in a payload of a token as it can be easily decoded.

It is up to the recipient e.g. your client to validate the token to ensure it can be trusted.

There is a bit more nuance to the process than outlined here, but here is the summary on how to validate a token. Within the header part of the JWT, it contains the information on how the JWT was “signed” (what algorithm and private/public key pair was used). With this information it is possible for the client (if it has access to the public key) to validate the signature part of the JWT.

In addition to the signature, validation should also be taken place on the payload such as expiry time, audience and issuer.

Token usage

Now we are familiar with tokens. Let’s cover how they could be used in a couple of scenarios:

OpenID Connect

OpenID Connect is a way to sign a user in to an application. It is used for authentication only and not authorization. In this example, the end-user (user-agent) requests access to an application. The application requires authentication, so the end-user is redirected to authenticate at the authorization sever (I know, confusing). If successful, an ID token is returned and then validated by the application. If it passes validation, access is granted to the application.

OAuth 2.0 auth code grant

Auth code grant flow is where a user is asked to sign-in at the authorization server (Azure AD). This time, however, instead of an ID token being returned, an authorization code is returned. A second request is then made to the authorization server with the authorization code, but this time an access token is returned. With the access token, a protected API can then be accessed.

Wrap up

I hope you found this useful and understand more around what tokens are, the different types of tokens and how they are used.

MidDay Cafe pausing until re-launch with new format on May 10th

by Contributed | Apr 12, 2021 | Technology

This article is contributed. See the original author and article here.

We are temporarily pausing MidDay Cafe until our re-launch on May 10th. 

Due to scheduling conflicts with increased interest in new offerings, as well re-structuring MidDay Cafe for a shorter format with different content and a new emphasis on podcast readiness, we are temporarily pausing MidDay Cafe. Look for an upcoming announcement with meeting invite and more. 

Michael Gannotti

Michael Gannotti