1 minute read

Fitting into the overall zeitgeist, several AI posts this week. From observations about the challenges with building LLM-backed features, to security considerations when adopting AI. Plus classic topics like packaging, infrastructure as code tools and DNS.

StackHawk sponsors Devops Weekly

Is your AppSec team copy and pasting lines of YAML every time a new app is ready for security testing? Try this instead: utilize environment variables and modularize configurations to share common elements across different applications.
https://sthwk.com/scaling-best-practices-strategies

News

Lots of folks are going to be building features backed by LLMs. This post covers some of the questions you’ll need to answer, based on an observability use case too.
https://www.honeycomb.io/blog/hard-stuff-nobody-talks-about-llm

Attacking AI systems is a whole new risk as the adoption of AI tools picks up. This post looks at building up an AI attack surface map that might be useful to anyone thinking about this problem.
https://danielmiessler.com/blog/the-ai-attack-surface-map-v1-0/

An in-depth post on anomaly detection. Discusses core platform, algorithms and specific use cases around spam detection and ML model changes.
https://medium.com/pinterest-engineering/warden-real-time-anomaly-detection-at-pinterest-210c122f6afa

The joke goes that it’s always DNS. So understanding how DNS works is useful when dealing with lots of real world incidents. One way of learning a bit more about DNS is building your own resolver from scratch.
https://jvns.ca/blog/2023/05/12/introducing-implement-dns-in-a-weekend/

An interesting packaging approach. This post looks at how to package up an open policy agent policy into a standalone executable using Nix.
https://determinate.systems/posts/open-policy-agent
https://github.com/DeterminateSystems/nix-policy

Not everyone jumps on new technology straight away, and it’s often more useful that people think to provide a beginner friendly introduction. Here’s a useful post to share with folks new to Kubernetes.
https://medium.com/@himeshikaabayaratne/a-beginner-friendly-introduction-to-kubernetes-c0c402e8f39c

Tools

Kestra is an open-source, event-driven orchestrator that aims to simplify data operations and collaboration around data. It has both a declarative YAML interface and a rich GUI.
https://kestra.io/
https://github.com/kestra-io/kestra

Org-formation is a dedicated infrastructure as code tool for managing AWS Organizations.
https://github.com/org-formation/org-formation-cli/tree/master

Updated:

You May Also Enjoy

DEVOPS WEEKLY ISSUE #694 - 21st April 2024

less than 1 minute read

A theme of architecture this week, with posts on the development of large systems, infrastructure evolution at scale, internal developer toolchains and more.

DEVOPS WEEKLY ISSUE #693 - 14th April 2024

2 minute read

I’ve been crazy busy this week and travelling today, and with it being the start of a new quarter I thought a highlights issue, with some of the top posts fr...