AWS

Virtual Machine vs Container

Posted on by Admin
Virtual Machine vs Container

The difference between virtual machines and containers Virtual machines (VMs) and containers are as similar as they are different. They each have their own unique characteristics and use cases that separate them from each other. However, they are similar in that they can be used either together, or interchangeably, to enhance IT and DevOps efficiency. Great, all that sounds fine and dandy, but what are virtual machines and containers actually used for? I’m glad you…

Read More

Cloud Configuration Management: Add These Guardrails After Launch

Posted on by Admin
Cloud Configuration Management: Add These Guardrails After Launch

The Challenge With a brand-new account, your initial configuration sets the tone. With existing accounts, the challenge is twofold. The first is the team working with that account will already be used to operating under the existing configuration. And since they’ve been doing it this way for a while and things are working, there’s no motivation to change. The second challenge is on the technical side. Can these guardrails be implemented without breaking anything inside…

Read More

New AWS Competency Category – Why It’s Important

Posted on by Admin
New AWS Competency Category – Why It’s Important

What is AWS DevOps Competency Partners? AWS DevOps Competency Partners are vendors vetted and selected by AWS that “have demonstrated expertise in delivering DevOps solutions on AWS.” According to AWS, these solutions include: software products to simplify provisioning and managing infrastructure, deploying application code, automating software release processes, monitoring application and infrastructure performance, and integrating security best practices, policies, and guardrails into CI/CD pipelines. Why it matters to DevOps teams DevSecOps is the newest category,…

Read More

Secure application development for the cloud best practices

Posted on by Admin
Secure application development for the cloud best practices

Why follow best practices? Understanding and following best practices as well as building in the cloud on Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform™, Kubernetes, containers, and applications will enable you to get the most out of your toolkit. This includes more security as you are building, more proficiency with the tools and services you are using, better structure, faster environment, a reliable system that will withstand outages, and a more cost-effective solution….

Read More

How to Optimize Your Lambda Code

Posted on by Admin
How to Optimize Your Lambda Code

This code worked well in our tests and was approved in the code review process. It returns True when there are two files with the right prefixes, and it returns False when there isn’t. Simple enough. That wasn’t what happened in real life, however. It would still work in the scenario where the right files are there, but it would, only sometimes, return True when just one of the files were there. And this was…

Read More

Terraform Tutorial: Drift Detection Strategies

Posted on by Admin
Terraform Tutorial: Drift Detection Strategies

A common misconception among DevOps teams using infrastructure as code (IaC) tools is that the templates they use to run their deployments are infallible sources of truth. Instead, a fundamental challenge of architectures built using tools like Terraform is configuration drift. This occurs when the actual state of your infrastructure begins to accumulate changes and deviates from the configurations defined in your code. Configuration drift can occur for many reasons, regardless of how good your…

Read More

How to Secure AWS Serverless API(s)

Posted on by Admin
How to Secure AWS Serverless API(s)

How to Secure AWS Serverless API(s) Network Security Discover how to easily enhance security of your container-based AWS serverless API to protect against known and unknown vulnerabilities. By: Anna Lapyko March 18, 2022 Read time:  ( words) Container-based serverless APIs are becoming increasingly popular as many organizations move toward cloud native applications. Serverless containers outsource the effort of managing the actual servers, making it easier to scale quickly and maintain at any scale. However, you…

Read More

How to Build a Serverless API with Lambda and Node.js

Posted on by Admin
How to Build a Serverless API with Lambda and Node.js

Serverless technologies enable developers to concentrate on what the application does without the hassle of managing where it runs and how it scales. The cloud provider manages infrastructure, simply upload the applications, and the provider handles the rest. This article highlights the benefits of going serverless by walking through creating a serverless REST API using AWS Lambda and Node.js. Setting Up the Local Environment This tutorial requires the following dependencies: Now that the environment is…

Read More

10 best practices for S3 bucket security configuration

Posted on by Admin
10 best practices for S3 bucket security configuration

Rule GD-001: GuardDuty enabled Conformity has rule GD-001 for enabling GuardDuty. This rule checks that GuardDuty is enabled in all regions for the security of your AWS environment and infrastructure. Because this rule is a medium-level threat, Conformity encourages compliance. The result of non-compliance is the potential occurrence and proliferation of malicious activity on your AWS account and infrastructure without your knowledge, such as Recon:EC2/PortProbeUnprotectedPort, UnauthorizedAccess:EC2/SSHBruteForce, or UnauthorizedAccess:IAMUser/MaliciousIPCaller. To remediate, simply visit GuardDuty to enable…

Read More

Cloud Native Security Platform Must-have Components

Posted on by Admin
Cloud Native Security Platform Must-have Components

5 key components to review To ensure secure apps are developed and deployed, McCluney and Griffin recommend implementing review processes for the following: Cloud posture and compliance Vulnerability visibility and management Container security Template scanning Securing your code Before delving into each of these components, let’s review why each one is key, and understand how the state of the industry has shaped these key security components. 4 cloud native development trends McCluney and Griffin point…

Read More
1 2 3 4 5