1 minute read

Asset management and tips for moving into information security, as well reducing cloud network transfer costs and tips for Prometheus, JVM and PostgreSQL users.

StackHawk sponsors Devops Weekly

Join the GraphQL Security Testing Learning Lab on June 29 at 9 AM PT. Learn how to run automated security testing against your GraphQL APIs so you can find and fix vulnerabilities fast.


A post on the importance of asset management in relation to good cyber security health.

A large infrastructure is likely to have hugely complex network traffic flow.This post describes a state-of-the-art eBPF system for providing network insight at scale.

The way some cloud services work, internal data transfer costs can quickly escalate. This post looks into minimising cross-region container registry costs using a local cache.

An introduction to extending Prometheus monitoring systems with Thanatos.

An opinionated list of 50 things you should learn to work in information security. Lots of cross-over with good security knowledge for systems administrators too.

A good list of places to get help or learn more about PostgreSQL.

If you’re running Java applications then you need to understand how to get metrics from the JVM. This post describes the critical JVM metrics available via JMX like memory usage, garbage collection, and thread counts.


A set of best practices for AWS Serverless applications available for testing your infrastructure as code as plugins for cfn-lint and tflint.