spot_imgspot_imgspot_imgspot_img

Continuous Delivery

GitLab’s security features for the modern software supply chain

Software supply chain security has largely remained an afterthought until the disastrous SolarWinds hack in 2020. The incident didn’t just affect thousands of private agencies but also several government agencies. In brief, the hack was due to a basic error of not changing the admin password regularly, which gave...

A detailed guide for your Incident Response Plan

Every company that builds or maintains software should have an incident response plan at hand. If you do not have one, it's best to create it before an attacker compromises your system. A response plan is needed to fight incidents in the best possible way using a structured approach....

How to get started with Deployment Automation

Getting started with deployment automation can be overwhelming. The sheer number of choices and decisions can stall even the most avid DevOps enthusiasts. This is precisely why many organizations are doing CI (continuous integration) but aren’t going all the way to automating deployments. To help you understand how to...

CI/CD pitfalls and the best practices to keep in mind

Are you killing the goose that lays golden eggs? Yes, maybe. The metaphoric goose we’re talking about here is your CI/CD pipeline. CI/CD has slowly become the primary way of delivering software today. And as the software development world has moved away from monoliths to microservices and containers, the...

What you need to know about Cloud Workload Protection

Shifting security left helps to reduce security related problems too late in the Software Development LifeCycle. Your CI/CD pipelines can include a lot of stages to check IaC templates, Dockerfiles, Helm charts and other scripts which acts as the base for your cloud (native) workloads. However, it's impossible to...

Three surprising statements that make you think

Being at the forefront of new CI/CD, Cloud native and other technological advancements is great. It's very interesting to see and participate in anything that has to do with application and infrastructure modernization. From a personal point of view I love PoCs and to explore new tools and evaluate...

Key aspects of observability and how your business can benefit from it

It's not an exaggeration that nearly every company moves their applications to the cloud. Experts at those companies agree that you can only reap the benefits of cloud technology with modern architectures. Use cloud native technologies as much as possible. Soon, the number of applications and/or services reaches a...

Digital product composition

In earlier articles, I introduced the concept of Design-time Configuration Items. The final missing element is the composition of DSIs into higher-order DSIs. Composition forms the basis for configuration management and is universally well understood by all stakeholders. During system development, many artifacts (files, database records, stored objects) are created...

Design-time configuration items

In a previous article I introduced the design-time configuration item (DSI) and only touched the surface of this. In this article I would like to go deeper in the what DSI entails and what it could bring. Within CICD we use many tools and each tool can hold several pieces...

Does DevOps needs a data model?

As product owner responsible for a number of development / CICD tools, I since long have a feeling that we do not leverage the data we have in all our tools and the data does not always nicely align with the digital products that my internal customers produce. The data...