1 minute read

A short issue this week, but with some detailed case studies on workflow management with Argo, securing software pipelines with IaC and policy and a modern monitoring stack amongst the posts.

StackHawk sponsors Devops Weekly

Upcoming Webinar: Deeper API Security Test Coverage. Learn how to configure API security testing using existing resources like Postman Collections, Cypress Test Scripts, and other DevTools to test your API endpoints. No API specs required!
https://sthwk.com/Deeper-API-Security-Testing

News

A very interesting set of posts, looking at common questions around risk management security, viewed from the perspective of different audiences (CEOs/boards, CIO/CTOs, security teams and regulators).
https://www.philvenables.com/post/crucial-questions-from-ceos-and-boards
https://www.philvenables.com/post/crucial-questions-from-cios-and-ctos
https://www.philvenables.com/post/crucial-questions-from-cisos-and-security-teams
https://www.philvenables.com/post/crucial-questions-from-governments-and-regulators

A nice case study of solving a workflow management problem (backfilling data) using Argo Workflows.
https://medium.com/riskified-technology/k8s-workflow-management-for-software-developers-using-argo-workflows-1e5247d2c4a6

A post looking at one advantage of infrastructure as code and standard components (in this case CI/CD and Tekton), using Kyverno to apply policy to help secure the pipeline.
https://nirmata.com/2022/08/25/protect-the-pipe-secure-ci-cd-pipelines-with-a-policy-based-approach-using-tekton-and-kyverno/

A look at one organisations monitoring stack, based around Prometheus, Thanos and Grafana.
https://medium.com/ninjavan-tech/ninja-vans-monitoring-stack-3cba0139bf32

A reminder that managing software dependencies is difficult, with some information on public jquery exposure
https://public-exposure.inform.social/post/software-dependency/

Tools

cachegrand is an open-source fast, scalable and modular key-value store designed from the ground up to take advantage of modern hardware.
https://github.com/danielealbano/cachegrand

jgrapht is a Java library (with Python bindings) which supports graph theory data structures and algorithms.
https://jgrapht.org/
https://github.com/jgrapht/jgrapht

Updated:

You May Also Enjoy

DEVOPS WEEKLY ISSUE #699 - 26th May 2024

1 minute read

Platform engineering, establishing a center of production excellence, measuring the DORA metrics and tools for generating tests and writing bash. Oh, and a j...

DEVOPS WEEKLY ISSUE #698 - 19th May 2024

1 minute read

This week we have posts on APIs, behind the scenes of a large production infrastructure, speeding up monorepo builds and tools for managing feature flags and...

DEVOPS WEEKLY ISSUE #697 - 12th May 2024

less than 1 minute read

This week we have a range of posts covering API specification languages, log formats and CI/CD pipelines as well as tools for building development environmen...