This week's articles
Applying DevSecOps to your software supply chain
#ci/cd, #defend
GitHub's 2019 State of the Octoverse Report showed that on average, each repository has more than 200 dependencies. The reality of the software supply chain is that you are dependent on code you didn't write, yet the dependencies still require work from you for ongoing upkeep. So where should you get started in implementing security controls?
How To Protect Sensitive Data in Terraform
#terraform, #build
Tutorial on protecting sensitive data in Terraform, by hiding sensitive data in outputs during execution and storing state in a secure cloud object storage.
Monitoring & securing AWS with Microsoft
#aws, #azure, #defend
Interesting approach, how to setup (advanced) monitoring of AWS with Azure Security Center (CSPM), Azure Defender (CWPP), Cloud App Security (CASB), and Azure Sentinel (SIEM).
Service Mesh with Envoy
#k8s, #build
Post covering a working setup of a service mesh architecture using Envoy for both control and data plane.
|