1 minute read

Fitting into the overall zeitgeist, several AI posts this week. From observations about the challenges with building LLM-backed features, to security considerations when adopting AI. Plus classic topics like packaging, infrastructure as code tools and DNS.

StackHawk sponsors Devops Weekly

Is your AppSec team copy and pasting lines of YAML every time a new app is ready for security testing? Try this instead: utilize environment variables and modularize configurations to share common elements across different applications.
https://sthwk.com/scaling-best-practices-strategies

News

Lots of folks are going to be building features backed by LLMs. This post covers some of the questions you’ll need to answer, based on an observability use case too.
https://www.honeycomb.io/blog/hard-stuff-nobody-talks-about-llm

Attacking AI systems is a whole new risk as the adoption of AI tools picks up. This post looks at building up an AI attack surface map that might be useful to anyone thinking about this problem.
https://danielmiessler.com/blog/the-ai-attack-surface-map-v1-0/

An in-depth post on anomaly detection. Discusses core platform, algorithms and specific use cases around spam detection and ML model changes.
https://medium.com/pinterest-engineering/warden-real-time-anomaly-detection-at-pinterest-210c122f6afa

The joke goes that it’s always DNS. So understanding how DNS works is useful when dealing with lots of real world incidents. One way of learning a bit more about DNS is building your own resolver from scratch.
https://jvns.ca/blog/2023/05/12/introducing-implement-dns-in-a-weekend/

An interesting packaging approach. This post looks at how to package up an open policy agent policy into a standalone executable using Nix.
https://determinate.systems/posts/open-policy-agent
https://github.com/DeterminateSystems/nix-policy

Not everyone jumps on new technology straight away, and it’s often more useful that people think to provide a beginner friendly introduction. Here’s a useful post to share with folks new to Kubernetes.
https://medium.com/@himeshikaabayaratne/a-beginner-friendly-introduction-to-kubernetes-c0c402e8f39c

Tools

Kestra is an open-source, event-driven orchestrator that aims to simplify data operations and collaboration around data. It has both a declarative YAML interface and a rich GUI.
https://kestra.io/
https://github.com/kestra-io/kestra

Org-formation is a dedicated infrastructure as code tool for managing AWS Organizations.
https://github.com/org-formation/org-formation-cli/tree/master

Updated:

You May Also Enjoy

DEVOPS WEEKLY ISSUE #699 - 26th May 2024

1 minute read

Platform engineering, establishing a center of production excellence, measuring the DORA metrics and tools for generating tests and writing bash. Oh, and a j...

DEVOPS WEEKLY ISSUE #698 - 19th May 2024

1 minute read

This week we have posts on APIs, behind the scenes of a large production infrastructure, speeding up monorepo builds and tools for managing feature flags and...

DEVOPS WEEKLY ISSUE #697 - 12th May 2024

less than 1 minute read

This week we have a range of posts covering API specification languages, log formats and CI/CD pipelines as well as tools for building development environmen...