News Roundup March 2017

Published by

In this the first of many news roundups, I am going to look back through the news that you may have missed and the stories/blogs that have interested me over the previous month(s). In this round up I will be taking a look at content from arround mid January, through to the 1st March 2017.

Announcing Open Source Guides

Via Nadia Eghbal on the Github Blog - Link

Have you ever wanted to get started in open source? Github have made your journey easier by building some excellent guides. Take a look at one for yourself: How To Contribute - Open Source Guides

Azure App Service Secrets and Web Site Hidden Gems

Via Scott Hanselman - Link

In this article, Scott shows many cool features that you may not necessarily know about, all of which you get for free as part of Azure. I can personally attest to the console and diagnostic features of Azure as Scott highlights. They have been invaluable for me when debugging certain issues.

Cloudbleed

Via Cloudflare, Project Zero, Troy Hunt

It’s not been a particularly good time for Cloudflare with the revelation of this bug. I’m a huge proponent of their services, they are truely amazing. Start off by reading the Project Zero outline of the bug, followed by the Cloudflare posts on Quantifying The Impact of Cloudbleed and the Official Cloudbleed Incident Report.

Troy Hunt also has a good, pragmatic post on #Cloudbleed.

Google Cloud Security Toolbox

Via Gianluca Brindisi on the Spotify Labs blog - Link

Spotify actively manage 800 Google Cloud platform projects. They’ve just released two of their internal tools GCP Audit & GCP-Firewall-Enforcer. Both projects are designed to help Spotify maintain a proper security posture as they develop more services.

Grafana plugin for DNS analytics

Via Marek Vavruša on the Cloudflare blog - Link

In better news for Cloudflare, they have released a plugin for Granfana allowing you to see various details about the DNS traffic on your domain. Read how to get started.

Netflix introduce HubCommander & Stethoscope

Via Netflix Tech Blog

HubCommander is another chatops bot for Github built for slack. It aims to solve their issues surround organizational management including: enabling travis CI, docker image support and granting outside collaborators specific permissions to repositories. Article Link

Stethoscope is an interesting project following a “User Focused Security” approach which essentially recognisies that employees are the easiest way for an attacker into a company. The project collects information for a given user’s devices and gives them clear and specific recommendations for securing their systems. Article Link

Practical NoSQL resilience design pattern for the enterprise

Via Ebay - Link

Personally, I’m a big fan of companies that open up to problems/solutions and EBay is no exception to that. In this post they offer a wealth of information on a resiliency design pattern for NoSql databases. It’s a good read, but pretty long at the same time.

TLS 1.3 Explained

Via Filippo Valsorda on the Cloudflare blog - Link

This is a recording of a talk from Filippo & Nick Sullivan about TLS 1.3 - the next itteration of TLS. They explain how it works in technical detail, why it is faster and more secure, and touches on its history and current status In fact, Cloudflare have had their implementation of TLS 1.3 audited recently.

Tumblr Swift Networking Deep Dive

Via Tumblr Engineering - Link

In this video, Kenny Ackerson shows that the Swift programming language has some interesting features that make networking alot easier and more expressive. It’s always interesting to see how other languages solve various problems, so worth a watch.

You’ve studied up on DDD, CQRS, and Event Sourcing… now what?

Via Nick Chamberlin - Link

Nick’s blog is an exceptional resource for all things DDD, CQRS and Event Sourcing. In this article, he tackles some of the questions/thoughts that people have when starting to apply these concepts.

Visual Studio 2017 Launch Date

Via Julia Liuson on the Visual Studio Blog - Link

On March 7th, a mere 6 days from now, the latest itteration of Visual Studio will be released. As with every release, this one is packed with new features including: a brand new modular installer, new extensibility features/optimizations, smarter intellisense and much, much more. Be sure to tune in via launch.visualstudio.com.

That’s all that I have for this round up. Let me know what you think on Twitter (@im5tu).