In this the first of many news roundups, I am going to look back through the news that you may have missed and the stories/blogs that have interested me over the previous month(s). In this round up I will be taking a look at content from arround mid January, through to the 1st March 2017.
Announcing Open Source Guides
Via Nadia Eghbal on the Github Blog - Link
Have you ever wanted to get started in open source? Github have made your journey easier by building some excellent guides. Take a look at one for yourself: How To Contribute - Open Source Guides
Azure App Service Secrets and Web Site Hidden Gems
Via Scott Hanselman - Link
In this article, Scott shows many cool features that you may not necessarily know about, all of which you get for free as part of Azure. I can personally attest to the console and diagnostic features of Azure as Scott highlights. They have been invaluable for me when debugging certain issues.
Via Cloudflare, Project Zero, Troy Hunt
It’s not been a particularly good time for Cloudflare with the revelation of this bug. I’m a huge proponent of their services, they are truely amazing. Start off by reading the Project Zero outline of the bug, followed by the Cloudflare posts on Quantifying The Impact of Cloudbleed and the Official Cloudbleed Incident Report.
Troy Hunt also has a good, pragmatic post on #Cloudbleed.
Google Cloud Security Toolbox
Via Gianluca Brindisi on the Spotify Labs blog - Link
Spotify actively manage 800 Google Cloud platform projects. They’ve just released two of their internal tools GCP Audit & GCP-Firewall-Enforcer. Both projects are designed to help Spotify maintain a proper security posture as they develop more services.
Grafana plugin for DNS analytics
Via Marek Vavruša on the Cloudflare blog - Link
In better news for Cloudflare, they have released a plugin for Granfana allowing you to see various details about the DNS traffic on your domain. Read how to get started.
Netflix introduce HubCommander & Stethoscope
Via Netflix Tech Blog
HubCommander is another chatops bot for Github built for slack. It aims to solve their issues surround organizational management including: enabling travis CI, docker image support and granting outside collaborators specific permissions to repositories. Article Link
Stethoscope is an interesting project following a “User Focused Security” approach which essentially recognisies that employees are the easiest way for an attacker into a company. The project collects information for a given user’s devices and gives them clear and specific recommendations for securing their systems. Article Link
Practical NoSQL resilience design pattern for the enterprise
Via Ebay - Link
Personally, I’m a big fan of companies that open up to problems/solutions and EBay is no exception to that. In this post they offer a wealth of information on a resiliency design pattern for NoSql databases. It’s a good read, but pretty long at the same time.
TLS 1.3 Explained
Via Filippo Valsorda on the Cloudflare blog - Link
This is a recording of a talk from Filippo & Nick Sullivan about TLS 1.3 - the next itteration of TLS. They explain how it works in technical detail, why it is faster and more secure, and touches on its history and current status In fact, Cloudflare have had their implementation of TLS 1.3 audited recently.
Tumblr Swift Networking Deep Dive
Via Tumblr Engineering - Link
In this video, Kenny Ackerson shows that the Swift programming language has some interesting features that make networking alot easier and more expressive. It’s always interesting to see how other languages solve various problems, so worth a watch.
You’ve studied up on DDD, CQRS, and Event Sourcing… now what?
Via Nick Chamberlin - Link
Nick’s blog is an exceptional resource for all things DDD, CQRS and Event Sourcing. In this article, he tackles some of the questions/thoughts that people have when starting to apply these concepts.
Visual Studio 2017 Launch Date
Via Julia Liuson on the Visual Studio Blog - Link
On March 7th, a mere 6 days from now, the latest itteration of Visual Studio will be released. As with every release, this one is packed with new features including: a brand new modular installer, new extensibility features/optimizations, smarter intellisense and much, much more. Be sure to tune in via launch.visualstudio.com.
That’s all that I have for this round up. Let me know what you think on Twitter (@im5tu).