Continuing from my previous blog, let’s explore some more advanced topics related to DevSecOps implementation. Threat Intelligence Threat intelligence is the process of gathering information about potential threats and vulnerabilities to an organization’s systems and applications. It involves collecting, analyzing, and disseminating information about potential threats, vulnerabilities, and threat actors. Threat intelligence includes the following… Continue reading
Category: Others
All Other Developer
DevSecOps: Integrating Security into DevOps – Part 5
Continuing from my previous blog, let’s explore some more advanced topics related to DevSecOps implementation. Identity and Access Management Identity and Access Management (IAM) is a critical aspect of DevSecOps. It involves managing user identities and controlling their access to resources based on their roles and responsibilities. IAM includes the following activities: Infrastructure as Code… Continue reading
DevSecOps: Integrating Security into DevOps – Part 4
In this continuation blog, we will explore some more advanced topics related to DevSecOps implementation. Threat Modeling Threat modeling is the process of identifying potential threats to an application or system and evaluating their impact. It helps identify potential security vulnerabilities and prioritize security activities. The following steps are involved in the threat modeling process:… Continue reading
DevSecOps: Integrating Security into DevOps – Part 2
Continuing from my previous blog, let’s dive deeper into the implementation of DevSecOps. Integrating Security into DevOps To implement DevSecOps, it is essential to integrate security into every phase of the DevOps lifecycle. The following are the key phases in DevOps and how to integrate security into each phase: DevSecOps Best Practices Here are some… Continue reading
Introduction to NDepend : Static Code Analysis Tool
As a developer, you always have to take the pain of getting adapted to the best practices and coding guidelines to be followed as per the organizational or industrial standards. Easy way to ensure your coding style follows certain standard is to manually analyze your code or use a static code analyzer like FxCop, StyleCop… Continue reading
PowerShell: Check a parameter/variable value is null
While you are writing PowerShell modules, with lot with parameters and you might want to verify these parameters are not ‘null’ to validate some business cases. In normal powershell inline scripting context, $variablename -eq “$null” would work : if ($varibalename -eq $null) { Write-Host "variable is null.Please supply the values for variablename." } RECOMMENDED APPROACH:… Continue reading
Node.js 9.x.x and npm 6.x.x – “npm audit” to identify and fix security vulnerabilities in dependencies
It has been a while I have been reading about the major changes that areintroduced in Node.js 9.x.x / NPM 6.x.x and myself faced by Node.js application going to a toss after I upgraded to Node.js 9.x.x, as I always keep Node.js up to date in my development environment. I use NVM(Node Virtual Manager) to… Continue reading
[NPM Tip] Error: self signed certificate in certificate chain
As a developer, if you are behind a corporate proxy that assigns an intermediatory self signed SSL certificate to every request to provide secure content filtering as part of cybersecurity measures, I am sure you might have gone through the pain to get it working when working with NodeJS. if you have Admin access to… Continue reading
[NPM Tip] Rewriting the default protocol for GitHub package references
Some times as a Modern Web Developer you will face some “npm install” as some of the packages would be referring to git/ssh protocol to reference private packages from Git Hub. This would fail when you are behind a corporate proxy. Rewriting the default protocol for GitHub, run the following snippet in your command line… Continue reading
Setting up Local NPM repository to Speedup Dev/CI Builds
As a modern day JavaScript developer working with Node.js and NPM, it has been always any developer’s case to clean up local node modules sometimes when local build is broken. It is a tedious tasks to cleanup %appData%\npm-cache to do a fresh install of all the modules again. Depending on the number of modules your… Continue reading