
FEATURED POST
There’s been a ton of coverage of the recently discovered Capital One breach. I’m generally very skeptical when AWS security makes the news; so far, most “breaches” have been a result of the customer implementing AWS services in an insecure manner, usually by allowing unrestricted internet access and often overriding defaults to remove safeguards (I’m looking at you, NICE and Accenture and Dow Jones!). Occasionally, a discovered “AWS vulnerability” impacts a large number of applications in AWS – and it also impacts any similarly-configured applications that are *not* in AWS (see, for example, this PR piece…um,…
Read MorePosts
Taking on AWS re:Inforce by Force
AWS re:Inforce 2019, the first security-focused AWS event, was held at the Boston Convention and Exposition Center—An incredible 516,000 sq ft modern-art well-architected venue of steel and glass. The event occupied 4 floors with ground 0 being the main expo of vendor booths, buffet lunch, and breakfast meals. They kept the same AWS feel of…
Read MoreMaturity in DevOps
As a consultant, I tend to work with a variety of clients and teams all across the product maturity spectrum. Some are just starting; maybe they have an MVP, maybe they are still building it. Others have existed in their space for years. Typically, when I get called into projects, the product maturity is on…
Read MoreContinuous Integration and Continuous Deployment in the World of DevOps Methodology
As we all know in this era of technology, manual tasks are gradually becoming obsolete. Everyone in the industry expects that processes, phases of development and deployments are expedited. The achievement of CI/CD (Continuous Integration and Continuous Deployment) plays an astounding role in automating every phase of the software development lifecycle. The basic phases…
Read MoreWhy Ops?
It seems the whole tech world is full of developers. Everyone and their mother (and my mother even) have learned to code and many are trying to start or change their careers to match. There are code bootcamps in every major city and it’s easy than ever to get started. Operations, however, remains a dirty…
Read MoreNew to AWS VPCs? Here’s What You Need to Know
Last week I was asked to create a 3 tier VPC (Virtual Private Cloud) from scratch and demo it to the company. This is what I learned. Using tools like AWS (Amazon Web Services) CloudFormation or Terraform can build a VPC quicker — like a microwaveable meal. However, if you’d like to learn the intricacies of a…
Read MoreScaling WordPress on AWS: An Overview
Here’s a story you’ve probably heard before: A team is using WordPress to power their web app, which works great for a while, but then they start to have performance problems. They audit their installed plugins and get rid of the ones they’re not using. They add “caching” plugins to help speed up WordPress and…
Read MoreHow and Why to Use GPG in Slack
What is GPG? GPG stands for GNU Privacy Guard (gnupg.org). GPG is a way to securely encrypt and decrypt text. For example, say you want to share a username, password, or any other sensitive information with a trusted person via Slack, GPG allows you to send that message securely. You never know if Slack could…
Read More- « Previous
- 1
- 2