Continuing from my previous blog, let’s explore some more advanced topics related to DevSecOps implementation. Automated Vulnerability Management Automated vulnerability management is a key practice in DevSecOps. It involves using automated tools to identify, prioritize, and remediate vulnerabilities in an organization’s systems and applications. Automated vulnerability management includes the following activities: Shift-Left Testing Shift-left testing… Continue reading
Category: Software/System Design
DevSecOps: Integrating Security into DevOps – Part 6
Continuing from my previous blog, let’s explore some more advanced topics related to DevSecOps implementation. Threat Intelligence Threat intelligence is the process of gathering information about potential threats and vulnerabilities to an organization’s systems and applications. It involves collecting, analyzing, and disseminating information about potential threats, vulnerabilities, and threat actors. Threat intelligence includes the following… Continue reading
DevSecOps: Integrating Security into DevOps – Part 5
Continuing from my previous blog, let’s explore some more advanced topics related to DevSecOps implementation. Identity and Access Management Identity and Access Management (IAM) is a critical aspect of DevSecOps. It involves managing user identities and controlling their access to resources based on their roles and responsibilities. IAM includes the following activities: Infrastructure as Code… Continue reading
DevSecOps: Integrating Security into DevOps – Part 4
In this continuation blog, we will explore some more advanced topics related to DevSecOps implementation. Threat Modeling Threat modeling is the process of identifying potential threats to an application or system and evaluating their impact. It helps identify potential security vulnerabilities and prioritize security activities. The following steps are involved in the threat modeling process:… Continue reading
DevSecOps: Integrating Security into DevOps – Part 3
Continuing from my previous blog, let’s explore some more advanced topics related to DevSecOps implementation. Shift-Left Testing One of the key concepts in DevSecOps is shift-left testing. This means shifting security testing as far left in the software development process as possible. This helps identify security issues early in the development process, which is much… Continue reading
DevSecOps: Integrating Security into DevOps – Part 2
Continuing from my previous blog, let’s dive deeper into the implementation of DevSecOps. Integrating Security into DevOps To implement DevSecOps, it is essential to integrate security into every phase of the DevOps lifecycle. The following are the key phases in DevOps and how to integrate security into each phase: DevSecOps Best Practices Here are some… Continue reading
DevSecOps: Integrating Security into DevOps
As organizations continue to adopt and accelerate their DevOps practices, it has become increasingly clear that security cannot be an afterthought. Enter DevSecOps – a movement that seeks to integrate security into the entire software development lifecycle. DevSecOps aims to shift security left, empowering teams to take ownership of their security while building and deploying… Continue reading
Azure Cosmos DB – TTL (Time to Live) – Reference Usecase
TTL capability within Azure Cosmos DB is a live saver, as it would take necessary steps to purge redudent data based on the configurations you may. Let us think in terms of an Industrial IoT scenario, devices can produce vast amounts of telemetry information, logs and user session information that is only useful until we… Continue reading
Azure Cosmos DB–Multi Master
During the Ignite 2018, Microsoft has announced the general availability of Multi-Master feature being introduced to Azure Cosmos DB to provide more control into data redundancy and elastic scalability for your data from different regions with multiple writes and read instances. What is Multi-Master essentially? Multi-master is a capability that provided as part of Cosmos… Continue reading
Azure Cosmos DB – 429 Too Many Requests
Recently while I was doing Performance Testing in one of the APIs interacting with Cosmos DB, I encountered a problem as Azure Cosmos DB API’s started returning Http Code 429. Http Status Code 429 indicates that too many request been received or request rate is very large. This error would happen when we have concurrent… Continue reading