1 minute read

A short issue this week, but with some detailed case studies on workflow management with Argo, securing software pipelines with IaC and policy and a modern monitoring stack amongst the posts.

StackHawk sponsors Devops Weekly

Upcoming Webinar: Deeper API Security Test Coverage. Learn how to configure API security testing using existing resources like Postman Collections, Cypress Test Scripts, and other DevTools to test your API endpoints. No API specs required!
https://sthwk.com/Deeper-API-Security-Testing

News

A very interesting set of posts, looking at common questions around risk management security, viewed from the perspective of different audiences (CEOs/boards, CIO/CTOs, security teams and regulators).
https://www.philvenables.com/post/crucial-questions-from-ceos-and-boards
https://www.philvenables.com/post/crucial-questions-from-cios-and-ctos
https://www.philvenables.com/post/crucial-questions-from-cisos-and-security-teams
https://www.philvenables.com/post/crucial-questions-from-governments-and-regulators

A nice case study of solving a workflow management problem (backfilling data) using Argo Workflows.
https://medium.com/riskified-technology/k8s-workflow-management-for-software-developers-using-argo-workflows-1e5247d2c4a6

A post looking at one advantage of infrastructure as code and standard components (in this case CI/CD and Tekton), using Kyverno to apply policy to help secure the pipeline.
https://nirmata.com/2022/08/25/protect-the-pipe-secure-ci-cd-pipelines-with-a-policy-based-approach-using-tekton-and-kyverno/

A look at one organisations monitoring stack, based around Prometheus, Thanos and Grafana.
https://medium.com/ninjavan-tech/ninja-vans-monitoring-stack-3cba0139bf32

A reminder that managing software dependencies is difficult, with some information on public jquery exposure
https://public-exposure.inform.social/post/software-dependency/

Tools

cachegrand is an open-source fast, scalable and modular key-value store designed from the ground up to take advantage of modern hardware.
https://github.com/danielealbano/cachegrand

jgrapht is a Java library (with Python bindings) which supports graph theory data structures and algorithms.
https://jgrapht.org/
https://github.com/jgrapht/jgrapht

Updated:

You May Also Enjoy

DEVOPS WEEKLY ISSUE #694 - 21st April 2024

less than 1 minute read

A theme of architecture this week, with posts on the development of large systems, infrastructure evolution at scale, internal developer toolchains and more.

DEVOPS WEEKLY ISSUE #693 - 14th April 2024

2 minute read

I’ve been crazy busy this week and travelling today, and with it being the start of a new quarter I thought a highlights issue, with some of the top posts fr...