recentpopularlog in

endorama : type:article   390

« earlier  
12 Kubernetes configuration best practices | StackRox
Learn about Kubernetes configurations best practices in 12 areas: API server, kubelet, etcd, network policies, pod security policies, master node, worker node, and more
type:article  kubernetes  security  best-practice 
4 hours ago by endorama
Serverless Service Mesh with Knative and Linkerd | Linkerd
Overview Two of the most popular serverless platforms for Kubernetes are Knative and OpenFaaS, and there’s a lot of existing content on using Linkerd and OpenFaaS together. In this blog post, we’ll take a look at how to use Linkerd with Knative. While the first version of Knative required Istio, in recent Knative releases they have removed this requirement. We’ll show you how to add Linkerd to your Knative installation to automatically provide both mTLS (mutual TLS)...
type:article  type:how-to  service  mesh  linkerd  ambassador  kind 
3 days ago by endorama
Ten Teamwork Killers, And How To Avoid Them
There is a reason being good at teamwork is considered such a desirable trait. Being able to successfully lead and work in teams, whether formed for a specific short-term project or in a longer-term arrangement, is incredibly important to organizations. Yet too often, work teams fail to achieve their objectives. [...]
type:article  team  business-growth  business-culture 
3 days ago by endorama
Analysis of Open Source COVID-19 Pandemic Ventilator Projects
During this pandemic, everyone is trying to help. Whether temporarily giving up something you love, like going out with friends, or by sewing masks, or by trying to design a ventilator, most…
type:article  covid19  open-source  ventilator 
10 days ago by endorama
DevSecOps: Securing Software in a DevOps World - DZone DevOps
ipe out an entire bug class from your application(s). Sharing a lesson or reference m
type:article  devsecops  devops  security 
14 days ago by endorama
Creating Workspaces with the HashiCorp Terraform Operator for Kubernetes
We are pleased to announce the alpha release of HashiCorp Terraform Operator for Kubernetes. The new Operator lets you define and create infrastructure as code natively in Kubernetes by making calls to Terraform Cloud.
type:article  hashicorp  terraform  kubernetes  operator 
17 days ago by endorama
#737140 Mass account takeovers using HTTP Request Smuggling on https://slackb.com/ to steal session cookies
This researcher exploited an HTTP Request Smuggling bug on a Slack asset to perform a CL.TE-based hijack onto neighboring customer requests. This hijack forced the victim into an open-redirect that forwarded the victim onto the researcher's collaborator client with slack domain cookies. The posted cookies in the customer request on the collaborator client contained the customer's secret session...
type:article  hackerone  slack  http  request  smuggling 
23 days ago by endorama
«Torniamo a investire nella sanità pubblica. Con responsabilità» - Valori
L'ex senatrice Nerina Dirindin denuncia lo stato di abbandono del Sistema sanitario nazionale. «La salute è un investimento, non un costo da tagliare»
type:article  healthcare  italy 
23 days ago by endorama
Ambassador Edge Stack to Consul Connect - Steve Dillon - Medium
At the end of 2019 I was wrapping up our new ingress to our microservices. We had Ambassador API Gateway Pro accepting inbound connections and then forwarding them off to the Consul Connect based…
type:article  consul  ambassador  mtls 
29 days ago by endorama
Introduction to computer forensics - DEV Community 👩‍💻👨‍💻
Let's take a look to Linux computer forensics.. Tagged with security, linux.
type:article  computer  forensics 
4 weeks ago by endorama
Authenticating to GKE without gcloud
There’s a way to authenticate to GKE clusters without gcloud CLI!
type:article  kubernetes  gke 
4 weeks ago by endorama
The “Cloud Snooper” malware that sneaks into your Linux servers – Naked Security
Fascinating research from SophosLabs into a wolf-in-sheep's-clothing malware sample.
type:article  security  linux  server  malware 
4 weeks ago by endorama
What is O(log n)? Learn Big O Logarithmic Time Complexity - DEV Community 👩‍💻👨‍💻
In this tutorial, you’ll learn the fundamentals of Big O notation logarithmic time complexity with examples in JavaScript. Tagged with career, algorithms, computerscience, beginners.
type:article  beginner  o-notation 
4 weeks ago by endorama
Cross Functional Teams · Billie Thompson
How Cross Functional Teams prevent blockers and improve delivery
type:article  business  team  management 
4 weeks ago by endorama
A Working Solution to JWT Creation and Invalidation in Golang - DEV Community 👩‍💻👨‍💻
Discovering how to invalidate a JWT after logout. Tagged with go, jwt, authentication.
type:article  lang:go  ddd 
4 weeks ago by endorama
Signature Validation Bypass Leading to RCE In Electron-Updater · Doyensec's Blog
Doyensec's Blog :: Doyensec is an independent security research and development company focused on vulnerability discovery and remediation.
type:article  security  electron 
5 weeks ago by endorama
GoNotes.adoc · master · Eric S. Raymond / reposurgeon · GitLab
A tool for editing version-control repositories and translating among different systems. Supports git, bzr, Subversion, darcs, and fossil directly, also hg, CVS, and RCS through plugins.
type:article  python  go  rewrite 
5 weeks ago by endorama
Moving Towards Domain Driven Design in Go - Calhoun.io
Domain driven design sounds great in theory, but how is it applied in Go? In this article we explore some code as it slowly evolves into DDD, learning how and why each decision is made along the way and what benefits it will provide us in the future. We t
type:article  lang:go  ddd 
5 weeks ago by endorama
Fear database changes? Get them under control with CI/CD - DEV Community 👩‍💻👨‍💻
Learn how to include database migrations in your CI/CD process and push a non-backwards-compatible database change successfully. Tagged with webdev, javascript, devops, heroku.
type:article  development  devops  database  migration 
5 weeks ago by endorama
Twelve-Factor Apps: A Retrospective and Look Forward - DEV Community 👩‍💻👨‍💻
Chances are the Twelve-Factor App methodology has influenced the frameworks and platforms you’re using. Few have the far-reaching impact of this one. Tagged with webdev, devops.
type:article  12factor  devops 
5 weeks ago by endorama
Lessons from AWS NLB Timeouts - Tenable TechBlog - Medium
This post covers a timeout issue discovered during migration from AWS ELB to NLB. For a summary, please skip to the Lessons Learned section. In order to keep up with rapid growth, the SRE team at…
type:article  aws  tcp  timeout 
5 weeks ago by endorama
Kubernetes Pod Escape Using Log Mounts
A Kubernetes pod running as root and with a mount point to its node’s /var/log directory could result in a pod escape that puts the entire host at risk.
type:article  kubernetes  host  takeover  security  red-team 
5 weeks ago by endorama
Tracking Down REvil’s “Lalartu” by utilizing multiple OSINT methods
in order for the company to decrypt the files, hackers are demanding a payment, typically in Cryptocurrencies, for which in return they will give the key to open the files. A specific highly…
type:article  osint 
6 weeks ago by endorama
The USE Method
The Utilization Saturation and Errors (USE) Method is a methodology for analyzing the performance of any system. It directs the construction of a checklist, which for server analysis can be used for quickly identifying resource bottlenecks or errors. It begins by posing questions, and then seeks answers, instead of beginning with given metrics (partial answers) and trying to work backwards.
type:article  sysadmin  monitoring  observability  performance  metric 
6 weeks ago by endorama
CPU limits and aggressive throttling in Kubernetes - Omio Engineering - Medium
Improper use of CPU quota limit can harm your service reliability metrics like response time and error rate. We explain how throttling in Kubernetes works and how to use it to your benefit.
type:article  kubernetes  performance  cpu  limit 
6 weeks ago by endorama
Modules Part 04: Mirrors, Checksums and Athens
Series Index Why and What Projects, Dependencies and Gopls Minimal Version Selection Mirrors, Checksums and Athens Introduction One of the longer standing questions I had when first learning about modules was how the module mirror, checksum database and Athens worked. The Go team has written extensively about the module mirror and checksum database, but I hope to consolidate the most important information here. In this post, I provide the purpose of these systems, the different confi...
type:article  golang  module  mirror 
7 weeks ago by endorama
Developers: How we use SRP, and you can too | 1Password
1Password uses a multi-layered approach to protect your data in your account, and Secure Remote Password (SRP) is one of those very important layers. Today we’re announcing that our Go implementation of SRP is available as an open source project. But first, I’d like to show you the benefits SRP brings as an ingredient in the 1Password security parfait.
type:article  lang:go  security  encryption 
8 weeks ago by endorama
Extend Kubernetes via a Shared Informer
Kubernetes is designed to be extended. There a lot of way to do it via Custom Resource Definition for example. Kubernetes is an event-based architecture and you can use a primitive called Shared Informer to listen on the events triggered by k8s itself.
type:article  kubernetes  extension  informer 
8 weeks ago by endorama
Architecting Kubernetes clusters — choosing a worker node size
What type of worker nodes should I use for my Kubernetes cluster? And how many of them?. This article looks at the pros and cons of either.
type:article  kubernetes  architecture  design 
8 weeks ago by endorama
Functional options on steroids - Márk Sági-Kazár
Functional options is a paradigm in Go for clean and extensible APIs
popularized by Dave Cheney
and Rob Pike.
This post is about the practices that appeared around the pattern since it was first introduced.
type:article  development  pattern  lang:go 
8 weeks ago by endorama
Fake Company, Real Threats: Logs From a Smart Factory Honeypot - Security News - Trend Micro USA
To determine threat actors' degree of knowledge in compromising a smart factory, we deployed our most elaborate honeypot to date. The incidents we observed show the kinds of attacks that can easily affect poorly secured manufacturing environments.
type:article  smart  factory  iot  security  paper  honeypot 
8 weeks ago by endorama
How to Make Interesting Presentations for Software Projects - DEV Community 👩‍💻👨‍💻
Originally published on scenelab.io - try our online editor for branding and mockup graphics. No mat... Tagged with productivity, tutorial, career, techtalks.
type:article  software  presentation 
9 weeks ago by endorama
Indoor Positioning Using Arduino and Machine Learning in 4 Easy Steps - Hackster.io
Learn how to do WiFi indoor position with any ESP8266/ESP32 board and machine learning in the Arduino environment.
type:article  arduino  indoor  positioning 
9 weeks ago by endorama
What is the history of the use of “foo” and “bar” in source code examples?
Why do many code examples, especially tutorials, use the names "Foo" and "Bar" so often? It is almost a standard.
type:article  foo  history 
9 weeks ago by endorama
Why IT Ticketing Systems Don’t Work with Microservices
In order to effectively build cloud native microservices applications, your engineering organization has to adopt a culture of decentralized decision-making to move faster. You will also need the…
type:article  development  process  devops  team 
10 weeks ago by endorama
Plumbing At Scale
This article details our journey building and deploying an event sourcing platform in Go, building a stream processing framework over it, and then scaling it (reliably and efficiently) to service over 300 billion events a week.
type:article  streaming  processing  event  sourcing  architecture 
11 weeks ago by endorama
SSH Handshake Explained
Secure Shell (SSH) is a widely used Transport Layer Protocol to secure connections between clients and servers. SSH is also the underlying protocol that Teleport uses to secure connections between clients and servers. In this article, we walk through how SSH really works.
type:article  ssh  security  protocol 
12 weeks ago by endorama
How our security team handle secrets
We recently designed a new system to manage secret information safely – from the keys that we use to sign your Mastercard transactions, to credentials for external services.
type:article  security  kubernetes  vault  secret 
december 2019 by endorama
Making Sense of Kubernetes RBAC and IAM Roles on GKE
Google’s managed Kubernetes service has always been one of my favorite ways to run a Kubernetes cluster. Google Kubernetes Engine (GKE) provides some incredible functionality that makes Kubernetes…
type:article  kubernetes  gcp  iam 
december 2019 by endorama
Kubernetes Deep Dive: API Server – Part 3a – Red Hat OpenShift Blog
Extend the Kubernetes API using Custom Resource Definitions (CRDs), formerly known as Third Party Resources (TPRs).
type:article  kubernetes  internals 
december 2019 by endorama
Kubernetes Deep Dive: API Server – Part 2 – Red Hat OpenShift Blog
Learn how the state of Kubernetes objects is managed in a reliable and persistent way with etcd in this 2nd installment of the API Server series.
type:article  kubernetes  internals 
december 2019 by endorama
Kubernetes deep dive: API Server - part 1 – Red Hat OpenShift Blog
In this installment we start with a general introduction of the Kubernetes API Server, provide some terminology and explain the API request flow.
type:article  kubernetes  internals 
december 2019 by endorama
Security assessment techniques for Go projects | Trail of Bits Blog
The Trail of Bits Assurance practice has received an influx of Go projects, following the success of our Kubernetes assessment this summer. As a result, we’ve been adapting for Go projects some of the security assessment techniques and tactics we’ve used with other compiled languages. We started by understanding the design of the language, identifying…
type:article  security  testing  lang:go 
december 2019 by endorama
« earlier      
per page:    204080120160

Copy this bookmark:





to read