1 minute read

Asset management and tips for moving into information security, as well reducing cloud network transfer costs and tips for Prometheus, JVM and PostgreSQL users.

StackHawk sponsors Devops Weekly

Join the GraphQL Security Testing Learning Lab on June 29 at 9 AM PT. Learn how to run automated security testing against your GraphQL APIs so you can find and fix vulnerabilities fast.
http://sthwk.com/graphql-learninglab

News

A post on the importance of asset management in relation to good cyber security health.
https://www.ncsc.gov.uk/blog-post/asset-management-for-cyber-security

A large infrastructure is likely to have hugely complex network traffic flow.This post describes a state-of-the-art eBPF system for providing network insight at scale.
https://netflixtechblog.com/how-netflix-uses-ebpf-flow-logs-at-scale-for-network-insight-e3ea997dca96

The way some cloud services work, internal data transfer costs can quickly escalate. This post looks into minimising cross-region container registry costs using a local cache.
https://lambda.grofers.com/reducing-data-transfer-costs-with-a-docker-registry-based-cache-8f93d7e561f3

An introduction to extending Prometheus monitoring systems with Thanatos.
https://thesaadahmed.medium.com/thanos-monitoring-with-prometheus-and-grafana-843ed231c8a6

An opinionated list of 50 things you should learn to work in information security. Lots of cross-over with good security knowledge for systems administrators too.
https://www.netmeister.org/blog/infosec-competencies.html

A good list of places to get help or learn more about PostgreSQL.
https://xzilla.net//blog/2021/Jun/Where-To-Get-Postgres-Help-Online.html

If you’re running Java applications then you need to understand how to get metrics from the JVM. This post describes the critical JVM metrics available via JMX like memory usage, garbage collection, and thread counts.
https://sematext.com/blog/jvm-metrics/

Tools

A set of best practices for AWS Serverless applications available for testing your infrastructure as code as plugins for cfn-lint and tflint.
https://github.com/awslabs/serverless-rules

Updated:

You May Also Enjoy

DEVOPS WEEKLY ISSUE #694 - 21st April 2024

less than 1 minute read

A theme of architecture this week, with posts on the development of large systems, infrastructure evolution at scale, internal developer toolchains and more.

DEVOPS WEEKLY ISSUE #693 - 14th April 2024

2 minute read

I’ve been crazy busy this week and travelling today, and with it being the start of a new quarter I thought a highlights issue, with some of the top posts fr...