spot_imgspot_imgspot_imgspot_img

Cloud Native

How a WAF protects your applications

Every team that hosts an application in the public cloud need to think about protecting it against hackers. For internet accessible applications, such as websites and APIs this is an absolute must. If you do not put enough time and effort in it, your data is in severe danger....

The missing link in IT management; product design time configuration management

Chances that all elements of a digital product are designed by a single team are probably slim. You better know your product composition at design time and understand the related producer/consumer relations to be in control of your product and manage your value streams. Introduction In a previous article, I recognized...

Does DevOps needs a data model?

As product owner responsible for a number of development / CICD tools, I since long have a feeling that we do not leverage the data we have in all our tools and the data does not always nicely align with the digital products that my internal customers produce. The data...

DB-as-a-service: what you need to know to outsource your data solutions

Since data is the new gold, companies need to ensure they store, access, protect and transfer their data with utmost care. Choosing the best database solution is king here. For long, companies have been hosting DB related systems themselves. Nowadays, there is a shift towards acquiring databases as a...

Azure Hybrid Cloud as a stepping stone to the public Cloud

Many organizations already embraced public cloud and only that as their target platform for the software applications they create. Despite this, there are a lot of other organizations which are not there yet. Perhaps they have a lot of legacy applications to refactor or they choose a different path:...

How to fix the top 10 insecure defaults in AWS

DevSecOps quickly becomes a reality in many software development organizations. Those companies put security in the front seat and acknowledge it is an important factor to take into account. Knowledge increases steadily, but a lot of developers which do not have so much infra related knowledge need to gather...

SAST tool selection – tips to pick the right one for you

Every organization which treads security as a top priority needs a Static Application Security Testing (SAST) tool. Run this tool against every software application before you push out new versions to production. It's very important to use a tool that matches your budget and situation. Besides this, the tool...
00:16:59

How to migrate Kubernetes Pod Security Policy (PSP) using OPA and Styra DAS

The Kubernetes Pod Security Policy (PSP) was one of the first reliable security controls introduced by Kubernetes. It was an Admission Controller that simply checked whether or not the Pods being deployed met the minimum level of security expected for that cluster. It was a critical component in securing...

Announcing General Availability of HashiCorp Nomad 1.1

Nomad is one of Hashicorp’s products that I feel more people should take a look at. It offers a viable alternative or even a supplement to Kubernetes in that it orchestrates the deployment and management of Containers, but it can also be used to managed non-containerized applications too. Before...

Why Simple CI/CD reduces Friction and makes devs happy

For software development teams, one of the most important factors of an efficient and successful development process is frictionless CI/CD. While simple CI/CD reduces friction, getting to a point of 'simple' is, well, not simple. Development teams should only spend time on their code, not on the plumbing to get...