3 Tips to Secure Your Cloud Infrastructure and Workloads
As companies move to the cloud for benefits like efficiency and scalability, it is the job of security teams to enable them to do so safely.
In this reality, it is vital that IT leaders understand how threat actors are targeting their cloud infrastructure. As one might suspect, attackers first go after low-hanging fruit — the systems and applications that are the easiest to exploit.
In the 2023 CrowdStrike Global Threat Report, our researchers noted that adversaries:
Target neglected cloud inf
5 Hard Problems in Vector Search, and How Cassandra Solves Them
Vector search is a critical component of generative AI tooling because of how retrieval augmented generation (RAG) like FLARE helps LLMs incorporate up-to-date, customized information while avoiding hallucinations. At the same time, vector search is a feature, not a product — you need to query vectors as they relate to the rest of your data, not in isolation, and you shouldn’t need to build a pipeline to sync the rest of your data with a vector store to do that.
This year, we have seen an explo
OAuth.Tools: The Online Tool That Goes beyond JWTs
JSON Web Tokens (JWTs) are powerful and convenient tools for securing APIs. Their format is standardized; they are cryptographically protected, self-contained and simply very handy. Since JWTs are commonly unencrypted, you can easily parse them and inspect their structure and content. You can use convenient online tools for that purpose. Let me share a personal tip: Check out OAuth.Tools.
OAuth.Tools is a free online tool provided by Curity. It offers incredible features for anyone working with
PostgreSQL 16 Expands Analytics Capabilities
The recent release of PostgreSQL 16 is significant for a number of reasons. It enables more flexible access control mechanisms, which have immediate consequences for deployments involving Managed Service Providers (MSPs).
Version 16 also supports hot standby capabilities which, when serving as the source for logical replications, has the ability to “allow for new architectures,” affirmed Adam Wright, Senior Product Manager for EnterpriseDB (EDB). EDB was one of the foremost code contributors to
The Basics of Event-Driven Architectures
Real-time data and event-driven systems have enabled a wide range of use cases responsible for making what the internet is today. From real-time personalization, fraud detection, content recommendation engines and inventory management systems, to advancements in customer service, environmental monitoring and communication, event-driven systems power much of the web innovation we’ve seen over the past decade.
As you build and evolve your own products, features and fundamental data handling, it i
Even with repatriation cost savings, the value of cloud computing is still strong
37Signals, led by CTO David Heinemeier Hansson, implemented a cloud repatriation plan that has already saved them $1 million. Previously, the company spent $3.2 million annually on cloud services. They viewed that as being too much. Their repatriation project invested $600,000 in eight servers hosted by Deft. Hansson now projects that the plan can save $10 million over five years. That’s money they can put back into the business directly, investing in innovations and digital transformation pr
Ansible Contributor Summit, Durham 2023
The Ansible Contributor Summit is a full day working session for community contributors to interact with one another and meet with the Ansible development teams behind the projects like AWX, Galaxy NG, Molecule, Ansible Lint and Event-Driven Ansible. We will discuss important issues affecting the Ansible Community and help shape the future of collaboration.
We are happy to have the opportunity to do a second Contributor Summit this year, and this time it will be part of DjangoCon US 2023 i
Open Source Can Deflate the ‘Threat’ of AI
BILBAO, SPAIN — AI should not only be restricted, controlled, and locked down, but developers working with generative language models underpinning this revolution should rely on open source to ultimately allow for a positive outcome that we can only dream about today.
Of course, there are many naysayers for this assumption, and the examples are many, ranging from politicians with different agendas to frightened public members and other parties, some of whom could have good or bad intentions.
The Pillars of Platform Engineering: Part 3 — Provisioning
This guide outlines the workflows and checklists for the six primary technical areas of developer experience in platform engineering. Published in six parts, part one introduced the series and focused on security. Part three will address infrastructure provisioning. The other parts of the guide are listed below, and you can download the full PDF version for the complete set of guidance, outlines and checklists.
Security (includes introduction)
Pipeline (VCS, CI/CD)
Battling the Steep Price of Storage for Real-Time Analytics
Nowadays, customers demand that database providers offer massive amounts of data storage for real-time analytics. For many use cases, the amount of data that these users are working with requires large amounts of storage.
Plus, this storage needs to be readily accessible and fast. Manufacturers, healthcare providers, climate change scientists, and various other use cases need to access data stored in memory caches in real time, while simultaneously leveraging historical data relevant to that da
There’s No Value in Observability Bloat. Let’s Focus on the Essentials
Most companies only need the essential ingredients to satisfy their observability strategy, which means costs will be much more modest.
Tech Works: When Should Engineers Use Generative AI?
Your developers are already playing around with generative AI. You can’t stop them completely and you probably don’t want to, lest they fall behind the curve. After all, you want your developers focusing on meaningful work, and Large Language Model (LLM)-trained code-completion tools like Amazon Web Services’ CodeWhisperer and GitHub’s Copilot have great potential to increase developer productivity.
But, if you don’t have a generative AI policy in place, you’re putting your organization at risk
Observability Leaders: The Mighty Minority Holding Their Own Against Outages
A robust observability strategy can preemptively detect anomalies and potential issues—before they become full-blown outages.
Oracle CloudWorld 2023: 6 key takeaways from the big annual event
In line with Oracle co-founder CTO Larry Ellison’s notion that generative AI is one of the most important technological innovations ever, the company at its annual CloudWorld conference released a range of products and updates centered around the next generation of artificial intelligence.The last few months have witnessed rival technology vendors, such as AWS, Google, Microsoft, Salesforce and IBM, adopting a similar strategy, under which each of them integrated generative AI into their prod
How to import existing resources into AWS CDK Stacks
Many customers have provisioned resources through the AWS Management Console or different Infrastructure as Code (IaC) tools, and then started using AWS Cloud Development Kit (AWS CDK) in a later stage. After introducing AWS CDK into the architecture, you might want to import some of the existing resources to avoid losing data or impacting availability.
In this post, I will show you how to import existing AWS Resources into an AWS CDK Stack.
The AWS CDK is a framework for definin
Why Terraform is not like ElasticSearch
After recent licensing change from MPL to BUSL, a new Open Source form of Terraform – OpenTofu – has been created and moved to Linux Foundation.
Now, a while ago ElasticSearch’s license was similarly changed from Apache-2.0 to ELv2. That prompted AWS to create a fork – OpenSearch – still licensed with Apache-2.0.
While this may seem inconsistent, but I heavily favor Elastic’s ELv2 project vs AWS and at the same time heavily favor OpenTofu vs HashiCorp’s Terraform.
I believe the majority
Oracle unveils GraalOS for serverless Java
Oracle has introduced GraalOS, a high-performance serverless Java-based application deployment technology that promises to help developers improve application responsiveness and cut costs.GraalOS uses GraalVM Native Image technology to compile Java code to a standalone executable, leveraging x64 and AArch 64 processors on Oracle Cloud Infrastructure (OCI). Applications powered by GraalOS should require significantly less memory, thanks to Native Image ahead-of-time compilation, and be less ex
Cisco Acquires Splunk to Create Observability Powerhouse
Cisco today revealed it has signed a definitive agreement to acquire Splunk for $28 billion in cash.
A Practical Step-by-Step Approach to Building a Platform
In my previous article, I discussed the concept of a platform in the context of cloud native application development. In this article, I will dig into the journey of a platform engineering team and outline a step-by-step approach to building such a platform. It is important to note that building a platform should be treated no differently than building any other product, as the platform is ultimately developed for internal users.
Therefore, all the software development life cycle (SDLC) practic
As the Oracle CloudWorld conference takes place in Las Vegas this week, Oracle‘s MySQL team is announcing a number of enhancements to the HeatWave platform that shore up its core functionality; add capabilities in the realm of generative AI; enhance support for the data lakehouse approach to analytics data management, autonomous operation, and in-database machine learning; and address core programmability and performance on the OLTP side, too.
The MySQL team briefed the media