This week's articles
Visibility at Scale: How Figma Detects Sensitive Data Exposure
Figma built Response Sampling, a real-time monitoring system that samples API responses to detect sensitive data exposure. It validates access permissions asynchronously, catches authorization bugs in staging and production, and integrates with their FigTag data categorization system to protect all sensitive fields.
#monitor
#saas
#strategy
Vulnerabilities in LUKS2 disk encryption for confidential VMs
Trail of Bits is disclosing vulnerabilities in confidential computing systems that use LUKS2 for disk encryption. These vulnerabilities allow attackers with access to storage disks to extract confidential data and modify contents.
#attack
#gcp
#aws
#azure
Advancing Our Chef Infrastructure: Safety Without Disruption
Slack's engineering team has enhanced its Chef infrastructure to improve deployment safety and reliability without causing disruption to service owners. Instead of a complex migration to Chef Policyfiles, they focused on practical improvements to their existing EC2 and Chef frameworks.
#aws
#ci/cd
#iac
#strategy
|