DEVOPS WEEKLY ISSUE #693 - 14th April 2024
I’ve been crazy busy this week and travelling today, and with it being the start of a new quarter I thought a highlights issue, with some of the top posts from January, February and March was in order.
StackHawk sponsors Devops Weekly
[ICYMI] DAST is Dead! Long Live DAST! The Evolution of Dynamic API security Testing webinar is now available on YouTube. Watch on-demand here.
https://sthwk.com/long-live-dast-webinar
News
A good opinion piece on security not being special, when compared to other disciplines - and the problems caused by security teams assuming it is.
https://kellyshortridge.com/blog/posts/cybersecurity-isnt-special/
If you’ve ever run into a problem that’s come down to time in computer systems then this is a good post for you.
https://brooker.co.za/blog/2023/11/27/about-time.html
A detailed, technical, post on embracing eBPF for monitoring at the network layer and providing better control of a large microservice and infrastructure platform.
https://doordash.engineering/2023/08/15/bpfagent-ebpf-for-monitoring-at-doordash/
A great post with tips for being on-call. Covering why on-call is hard, and what you and your team can do to make it suck less.
https://hart-michael.medium.com/how-to-be-on-call-034e3a202729
There is quite a bit of cross-over between how a central security team needs to interact with a larger development team, and what’s needed for cost-control in self-service platform teams. A good post on this topic.
https://stateofsecurity.com/how-information-security-and-risk-management-teams-can-support-finops/
Alert fatigue quickly becomes a problem as systems grow, and monitoring software does its thing. This next post talks about how to prevent it.
https://www.datadoghq.com/blog/best-practices-to-prevent-alert-fatigue/
An epic post that’s well worth the long read. A look at each of the 14 points from Deming’s System of Profound Knowledge with modern cyber security examples.
https://itrevolution.com/articles/out-of-the-cyber-crisis-deming-in-the-world-of-cybersecurity/
An interesting post on the perils of productivity metrics for software development, in particular considering the impact of generative AI developer tools.
https://isthisit.nz/posts/2024/engineering-productivity-metrics-genai/
A couple of posts on evolving incident management practices, looking at the need to introduce gradual changes, standardising severity levels, the importance of training and more.
https://medium.com/dyninno/dyninnos-incident-management-an-introduction-a4516b910269
https://medium.com/dyninno/streamlining-and-implementing-incident-management-at-dyninno-c8ea06327f3a
A look at Platform Engineering, and introducing a layered model of platform, with the oft-missing platform orchestration layer binding together the application and infrastructure.
https://www.syntasso.io/post/platform-engineering-orchestrating-applications-platforms-and-infrastructure
A look at how one team used gamedays as a tool to test and improve performance and resilience.
https://firehydrant.com/blog/improving-signals-speed-and-resilience-through-pressure-testing/
A post on some of the pitfalls of platform engineering teams, including the ability for central teams to generate work for everyone else, and lose sight of their internal customers’ needs.
https://www.srepath.com/danger-of-unreliable-platform-engineering/
Tools
Pgxman is a package manager for PostgreSQL extensions, along with a repository of packages. It integrates with native build systems for installation.
https://pgxman.com/
Chalk is a new tool that captures metadata at build time, and can add a small ‘chalk mark’ with that information to any artefacts (like compiled binaries or container images).
https://github.com/crashappsec/chalk
testkube is a Kubernetes-native testing framework for test execution and orchestration. Store tests from any testing tool as CRDs and run them on the cluster.
https://testkube.io/
https://github.com/kubeshop/testkube
Daytona is a new tool for managing a development environment. It supports both local and remote environments as well as integration with various Git services and IDEs.
https://github.com/daytonaio/daytona