News AggregatorAPI Security Weekly: Issue 169Aggregated on: 2022-07-18 21:51:32 This week, we have details of a vulnerability in the popular WordPress plugin, WP HTML Mail, which potentially exposed 20,000 WordPress sites, and a vulnerability in TeslaMate software exposing dozens of Teslas to remote access. On more positive news, we have an introduction to vAPI, an open-source laboratory for learning API security, and an article on how to reduce API attack surfaces. Vulnerability: WordPress Sites Exposed by Insecure REST API This week, we have another vulnerability in a WordPress plugin: this time, the popular WP HTML Mail plugin. The vulnerability is tracked as CVE-2022-0218 with a CVSS score of 8.3, and it was discovered by Wordfence researcher Chloe Chamberland. The vulnerability may have impacted up to 20,000 WordPress installations, rendering them vulnerable as a result of the cross-site scripting (XSS) bug courtesy of an unprotected REST API endpoint in the plugin. View more...Analytics Apps That Will Take Center StageAggregated on: 2022-07-18 21:51:32 Developers are increasingly at the forefront of analytics innovation, driving an evolution in analytics beyond traditional BI and reporting to modern analytics applications. These applications—fueled by the digitization of businesses—are being built for real-time observability at scale for cloud products and services, next-gen operational visibility for security and IT, revenue-impacting insights and recommendations, and for extending analytics to external customers. And Apache Druid has been the database of choice for analytics applications trusted by developers of 1000+ companies, including Netflix, Confluent, and Salesforce. We are at the forefront of an analytics evolution, moving beyond traditional BI and reporting to modern analytics applications. View more...Write Your Kubernetes Infrastructure as Go Code — Cdk8s-Plus in Action!Aggregated on: 2022-07-18 21:51:32 One of my previous blog posts covered how to get started with cdk8s (Cloud Development Kit for Kubernetes), which is an open-source framework (part of CNCF) using which you can define your Kubernetes applications using regular programming languages (instead of yaml). You were able to set up a simple nginx Deployment and accessed it via a Service - all this was done using Go, which was then converted to yaml (using cdk8s synth) and submitted to the cluster using kubectl. This was a good start. However, since the core cdk8s library is pretty low-level (for a good reason!) the code involved a lot of boilerplate (you can refer to the code here). View more...Explore Deep in 4.6 Billion GitHub EventsAggregated on: 2022-07-18 20:06:32 4.6 billion is literally an astronomical figure. The richest star map of our galaxy, brought by Gaia space observatory, includes just under 2 billion stars. What does a view of 4.6 billion GitHub events really look like? What secrets and values can be discovered in such an enormous amount of data? Here you go: OSSInsight.io can help you find the answer. It’s a useful insight tool that can give you the most updated open source intelligence, and help you deeply understand any single GitHub project or quickly compare any two projects by digging deep into 4.6 billion GitHub events in real-time. Here are some ways you can play with it. View more...For Six Sigma Black Belts: It’s Time To Break Fresh Ground With Sustainable Process PerformanceAggregated on: 2022-07-18 18:21:32 The upheaval suffered by manufacturers since the onset of the COVID-19 pandemic is forcing companies to rethink their processes. It’s not surprising that Six Sigma thinkers, as process improvement experts, are high on the go-to list for help. But for Six Sigma experts, it’s also time to rethink. View more...Questions Developers Should Consider Asking Potential EmployersAggregated on: 2022-07-18 18:21:32 During the whole recruitment process, we are asked a lot of questions to prove our skills as software engineers. This is understandable, as each company wants to get the best employee to meet their — more or less sane — criteria. It is equally understandable that we, as engineers, also want to work for the best companies out there. The “best” company means something different to each one of us, but no matter our criteria, we still need to work out a way to filter out the right companies or at least cross out the wrong ones. View more...Required Capabilities in Self-Navigating Vehicle-Processing ArchitecturesAggregated on: 2022-07-18 17:06:32 This article is adapted from my new book, Modern Computer Architecture and Organization. Second Edition, published by Packt Publishing. For more detail on the mathematics and economics of self-driving vehicle architectures, including details on implementing the CNN image recognition architecture discussed in this article using TensorFlow, please see Chapter 16 of the book. Overview of Self-Driving Vehicles Several major motor vehicle manufacturers and technology companies are actively pursuing the development and sale of fully self-driving, or autonomous, motor vehicles. The utopian vision of safe, entirely self-driving vehicles beckons us to a future in which commuters are free to relax, read, or even sleep while in transit and the likelihood of being involved in a serious traffic accident is drastically reduced from the hazardous situation of today. View more...Image Generation in Action: 3 Methods With Code Samples and Image Generation APIAggregated on: 2022-07-18 15:51:32 In this article, we share our experience generating millions of images with DynaPictures in the last months. We will go over possible solutions needed to generate images programmatically, possible caveats and pitfalls you may hit, as well as the best practices that emerged from our experience using dynamic image generation. So let us dive in and discuss what image generation is and then review the available options. View more...What I Have Understood About DevOpsAggregated on: 2022-07-18 15:51:32 When I first heard the term DevOps, What I understood from my peers is that, “The process of deploying the application in any environment (dev/QA/prod) is called DevOps. It’s just another synonym for operations.” View more...What Is Software Impact Analysis?Aggregated on: 2022-07-18 15:06:32 Every time a developer makes a change to a code, there is some impact on a system. Ideally, the impact is either fairly small or fully expected. The goal is to implement the change to make its influence on the system in the right way and select the best option available. That is when a software impact analysis is relevant. Impact analysis is the process of analyzing, predicting, and estimating the potential consequences before carrying out a change in the deployed product, focusing on unexpected side effects of a decision or change in a system and indicating potentially affected areas. It tells us what part of the system can be unintentionally affected by a change and helps deal with potential problems before they arise. View more...Why Building an External Data Product Is So HardAggregated on: 2022-07-18 15:06:32 Developing internal data products–whether a high-powered executive dashboard, a machine learning-powered predictive buyer model for marketing, or a new customer model for the BI team–is still one of the most powerful ways data teams can add value to the organization. But developing an external data product is a cut above: both in value-added and in the level of difficulty. It’s a different motion that requires your team to build new muscle memory. View more...Access Undenied on AWSAggregated on: 2022-07-18 14:21:32 Access Undenied on AWS is an open source CLI tool that analyzes AWS CloudTrail AccessDenied events, scans the environment to identify and explain the reasons for the events, and offers actionable least-privilege remediation suggestions. Basically, you give the tool a CloudTrail event with an Access Denied outcome, and the tool will tell you how to fix it! What’s the Problem? It’s a beautiful day. You’re building a lambda function, and everything is going exactly as planned. The code looks great. Then you give it a test and… View more...3 Ways to Create Spring Boot Docker Images Without Docker FileAggregated on: 2022-07-17 20:21:32 In this article, we would be looking into some of the ways to create docker images for a Spring Boot Application. As technology is growing, things have changed how applications that serve requests from end-user are deployed. Traditionally you would have a machine to deploy the application and decide on the configuration of the machine to keep the application running. View more...Machine Learning and Data Science With Kafka in HealthcareAggregated on: 2022-07-16 22:06:31 IT modernization and innovative new technologies change the healthcare industry significantly. This blog series explores how data streaming with Apache Kafka enables real-time data processing and business process automation. Real-world examples show how traditional enterprises and startups increase efficiency, reduce cost, and improve the human experience across the healthcare value chain, including pharma, insurance, providers, retail, and manufacturing. This is part five: Machine Learning and Data Science. Examples include Recursion and Humana. Blog Series - Kafka in Healthcare Many healthcare companies leverage Kafka today. Use cases exist in every domain across the healthcare value chain. Most companies deploy data streaming in different business domains. Use cases often overlap. I tried to categorize a few real-world deployments into different technical scenarios and added a few real-world examples: View more...Regression Testing in CI/CD and Its ChallengesAggregated on: 2022-07-15 23:21:31 The introduction of the continuous integration/continuous deployment (CI/CD) process has strengthened the software release mechanism, helping products go to market faster than ever before and allowing application development teams to deliver code changes more frequently and reliably. Regression testing ensures no new mistakes have been introduced to a software application by testing newly modified code as well as any parts of the software that could potentially be affected. The software testing market size is projected to reach $40 billion in 2020 with a 7% growth rate by 2027. Regression testing accounted for more than 8.5% of market share and is expected to rise at an annual pace of over 8% through 2027, as per reports from the Global Market Insights group. The Importance of Regression Testing Regression testing is a must for large-sized software development teams following an agile model. When many developers are making multiple commits frequently, regression testing is required to identify any unexpected outcome in overall functionality caused by each commit. The CI/CD setup identifies that and notifies the developers as soon as the failure occurs and makes sure the faulty commit doesn’t get shipped into the deployment. View more...CMS, CRM, and ERP – What Is It and Why?Aggregated on: 2022-07-15 21:06:30 CMS, CRM, and ERP are the three main software solutions to automate core processes in business. They assist in managing day-to-day operations, the company’s interactions with customers, handling data, reducing redundant tasks, prioritizing leads, running a website, and much more. CMS, CRM, and ERP offer powerful tools to boost profitability and increase sales. However, the core components and the work principles are not the same, especially regarding CMS. What Is a CMS Software? Answering what CMS means in business, we come to the next definition. Content Management System (CMS) is computer software to build a web page on. It is used to publish, add, easy to replace, and manage digital content – design, text, and graphics. It provides an interface for working with content, handling both the back-end and front-end of a website to modify online business without technical knowledge or background. It is a convenient option for someone who is not technically minded to deliver content and build a dynamic website without getting into the code. For example, to write or to update a page. CMS platforms provide a variety of pre-designed templates to create a simple yet well-designed page. Templates visualize future websites. Thus, they can be used as a starting point for small businesses. View more...How to Improve Data Quality With GCP Protocol BuffersAggregated on: 2022-07-15 21:06:30 E-commerce platforms and marketplaces generate data on every step of their operations: inventory, customer orders, pick-up locations, and customer delivery, not to mention marketing channels and integrations. The requirements for data platforms used in the fast-moving online retail industry vary from business to business, though the baseline is more or less the same:Flexibility and scalability. The number of events and data sources is growing exponentially, and not just in online retail. That is why flexibility is a basic requirement for data platforms. View more...A Generic and Concurrent Object PoolAggregated on: 2022-07-15 20:36:30 In this post, we will take a look at how we can create an object pool in Java. In recent years, the performance of the JVM has multiplied manifold that object pooling for better performance has been made almost redundant for most types of objects. In essence, the creation of objects is no longer considered as expensive as it was before. However, there are some kinds of objects that certainly prove costly upon creation. Objects such as Threads, database connection objects etc are not lightweight objects and are slightly more expensive to create. In any application, we require the use of multiple objects of the above kind. So it would be great if there was an easy way to create and maintain an object pool of that type so that objects can be dynamically used and reused without the client code being bothered about the live cycle of the objects. View more...10 Error Status Codes When Building APIs for the First Time and How To Fix ThemAggregated on: 2022-07-15 20:06:30 Things don’t always go well when using an API for the first time, especially if you’re a beginner and it’s your first time integrating an API into another system. Often documentation is lacking in terms of errors, since it’s easier to anticipate things going right, than things going wrong. In HTTP, many status codes can give you an idea of what was going on when you called an API. The standardized status codes go from 100 to 511, and all have different meanings, but only the ones from 400 to 511 are about errors. See them here in this handy table. View more...Create a Full-Stack App Using Nuxt.js, NestJS, and DataStax Astra DB (With a Little Help From GitHub Copilot)Aggregated on: 2022-07-15 19:36:31 Building a full-stack application can be daunting because you have to not only think about how the frontend will display the data but where the data will come from and where it’s stored. However, it’s not as hard as you might think to get the basics of a full-stack application up and running. If you want to create a full-stack application, complete with dynamic data retrieved from a cloud database by an API, then watch the tutorial below, created by Eddie Jaoude. In his tutorial, Eddie shows you how to do it in less than an hour using Nuxt.js with VuetifyJS for the frontend, NestJS to create RESTful APIs, and DataStax’s Astra DB for the cloud database service. Also, you’ll use GitHub Copilot as your AI-powered pair programmer. View more...A Complete Guide to IoT ArchitectureAggregated on: 2022-07-15 15:51:30 The Internet of Things (IoT) is growing from strength to strength. IoT projects are in development across a huge variety of industries thanks to the technology’s automation, data gathering, and processing potential. However, understanding IoT architecture is key to creating a successful IoT project and leveraging all of its benefits. Why? Because it can give you a clear vision of how everything works and how different components interact. In its essence, IoT architecture ensures data gets where it needs to and is processed correctly. Without proper IoT architecture, networks would become unreliable, defeating the entire purpose of investing in IoT in the first place. View more...How Microcontainers Gain Against Large ContainersAggregated on: 2022-07-15 15:21:30 The best practices of modern development, especially when implementing a microservices architecture, involve the use of Docker, Kubernetes, and other container technologies. Containers are transforming how enterprises deploy and use applications. The main biggest draws of containers as such are increased efficiency and portability. Сontainers allow running software without worrying about operating systems or dependencies. So, the container simplifies your software architecture, allowing you to skip building a production environment with the right settings and libraries, as the container already has that built-in. View more...Low-Code: Viable for Developers?Aggregated on: 2022-07-15 14:51:30 Low-code platforms are often praised for their ease of use and understandability by business users; however, some developers may not be too excited by this prospect. What if there is an alternative to low-code that follows coding principles? Will such an interface feel more natural for developers? Before asking that question, we must ask, is low-code a viable solution for developers? In this post, we will explore if Low-code is a viable option for developers and what low-code platforms can do for developers. View more...4 Major Steps Of Web Application Penetration TestingAggregated on: 2022-07-15 04:51:30 In the early days of the internet, security was little but an afterthought. Then as hackers started to exploit businesses' lax security postures, things gradually started to change. At first, nonprofits like the Electronic Frontier Foundation started pushing web users to embrace HTTPS Everywhere. In response, certification authorities began offering free SSL certificate variations to any site admin that wanted one. As a result, at least 79.6% of all active websites now use SSL. That was only the beginning. In the ensuing years, developers and web application administrators gradually started to harden their apps against all manner of attacks. They rolled out more complex password requirements. They started to add two-factor authentication as a default measure. They even started putting public-facing services behind high-performance web application firewalls. View more...API Security Weekly: Issue 168Aggregated on: 2022-07-15 03:51:30 This week, we have news of a vulnerability in the IndexedDB API in Safari 15 that exposed user information, a pair of vulnerabilities in AWS affecting AWS Glue and AWS CloudFormation, and a podcast featuring Rinki Sethi and Alissa Knight discussing API security. Last week, we featured an “awesome API security” guide from a 3rd-party site with good intentions. Subsequently, we’ve discovered that this guide is a direct and unattributed copy of the excellent guide by André Rainho previously featured in this newsletter. Our apologies to Andre for this oversight, and we strongly advise readers to check out his original Awesome API Security guide. View more...Security and Compliance Considerations for the Public CloudAggregated on: 2022-07-14 23:36:30 Setting up your own servers requires a lot of up-front investment and ongoing maintenance. That’s why most technology companies today use an Infrastructure-as-a-Service (IaaS) provider for their compute needs. Cloud providers like Amazon Web Services (AWS), Google Cloud, and Microsoft Azure take care of infrastructure tasks like provisioning new machines and keeping them up to date for you, and their services free up your team to focus on building valuable new functionality for your application. This post is the fourth in a series about what developers need to keep in mind when sorting out security and compliance for their application. Cloud-based companies frequently need to prove that their software is set up with security best practices in mind. Compliance standards and certifications are an effective way to communicate a company’s security posture and build trust with customers. View more...The Cost of Production BlindnessAggregated on: 2022-07-14 23:36:30 When I speak at conferences, I often fall back to the fact that, just a couple of decades ago, we’d observe production by kicking the server. This is obviously no longer practical. We can’t see our production. It’s an amorphous cloud that we can’t touch or feel. A power that we read about but don’t fully grasp. In this case, we have physical evidence that the cloud is there. View more...AWS Lambda Provisioned Concurrency AutoScaling Configuration With AWS CDKAggregated on: 2022-07-14 22:51:30 A couple of weeks ago, I was working on some AWS CDK-based code and I was trying to figure out how to configure auto-scaling for the provisioned concurrency configuration of an AWS Lambda function. We wanted to run some performance tests on our service and were wondering how scaling provisioned concurrency would impact our overall latency. We tried with the default configuration but also wanted to experiment with a bit more aggressive scaling policy so we had to provide our own metric configuration. In this article, I will explain what provisioned concurrency is and how to set up an auto-scaling configuration for it using AWS CDK. We’ll be looking at using predefined metric configurations, but also how to do it with a custom metric. View more...Groovy 4.0: These 10 New Features Make It AWESOME!Aggregated on: 2022-07-14 22:21:30 Switch Expression Groovy has always had much more powerful switch statements compared to Java. Class case values, regular expression case values, collection case values, closure case values, or at the end, equal values case. All these options made the switch statement a first-class citizen in the Groovy world. And now, following the latest updates in the Java programming language, Groovy also supports a switch expression. The main difference between a switch statement and a switch expression is that the latter introduces a syntax compatible with Java and returns a value. You can still use a variety of combinations as cases, but the new syntax will make your code a bit more elegant. Groovy 'just a null' case 0 -> 'zero' case 1 -> 'one' case { it instanceof List && it.empty } -> 'an empty list' case List -> 'a list' case '007' -> 'James Bond' case ~/\d+/ -> 'a number' default -> 'unknown' }" data-lang="text/x-groovy"> switch (value) { case null -> 'just a null' case 0 -> 'zero' case 1 -> 'one' case { it instanceof List && it.empty } -> 'an empty list' case List -> 'a list' case '007' -> 'James Bond' case ~/\d+/ -> 'a number' default -> 'unknown' } Records Records, a handy immutable "data carrier" type, were introduced in Java 16. Now, they are also available in Groovy. The same syntax, though Groovy also introduces a `@RecordType` annotation that you can use interchangeably. And even if this is not that a game-changer as it was for Java, it's good to see Groovy heading up with the latest features introduced in its mother language. View more...Introduction to Data Replication With MariaDB Using Docker ContainersAggregated on: 2022-07-14 22:21:30 Clones. Send in the clones. That’s what we do when we replicate databases. At least to some extent. In this article, you’ll learn how to perform the most basic form of replication with MariaDB. You can adapt the instructions in this article to use virtual machines or bare metal, but Docker is probably one of the easiest ways to try out MariaDB replication without having to install a full operating system before getting to the meat of the matter. So, the only requirement here is to have Docker installed and running on your system (check with docker --version in a terminal). View more...Write Your Kubernetes Infrastructure as Go Code - Getting Started With Cdk8sAggregated on: 2022-07-14 21:51:30 Infrastructure as Code (IaC) is a well established paradigm and refers to the standard practice of treating infrastructure (network, disk, storage, databases, message queues etc.) in the same way as application code and applying general software engineering practices including source control versioning, testing and more. For example, Terraform and AWS CloudFormation are widely-adopted technologies that use configuration files/templates to represent the infrastructure components. Infrastructure-IS-Code - A Different Way of Thinking About This Imagine you have an application that comprises a Serverless function fronted by an API Gateway along with a NoSQL database as the backend. Instead of defining it in a static way (using JSON, YAML, etc.), one can represent these components using standard programming language constructs such as classes, methods, etc. Here is a pseudo-code example: View more...Test Management for QA EngineersAggregated on: 2022-07-14 21:21:30 The projects that a QA Engineers participate can range from small maintenance projects, emergency fixes( spanning 1-2 days or less), mid-range projects(spanning weeks or months) to full-scale large projects( can last up to a year or more). While each of these projects may differ in terms of testing efforts and resources, they all adhere to common test process. Let’s divide this test management process into 3 categories: View more...Kafka Topics NamingAggregated on: 2022-07-14 20:21:30 Creating a Topic in a Kafka cluster is easy and is well documented for kafka-topics.sh or even the official API documentation. bin/kafka-topics.sh --help View more...How To Perform OCR on a Photograph of a Receipt Using JavaAggregated on: 2022-07-14 17:51:30 The purpose of this article is to demonstrate an API that is specifically designed to perform OCR (Optical Character Recognition) operations on photographs of receipts and extract key business information from them automatically, such as the name and address of the business, the phone number, the receipt total, and much more. Further down the page, I’ve provided code examples and instructions to help you structure an API call in Java. There are dozens of costs associated with running a business, and efforts to manage those costs vary in complexity. While corporate expenditures such as office rent, salaries, and vendor contracts represent cyclical and manageable invoices that internal teams (i.e., accounts payable) can handle directly, employee expenditures in the form of client dinners, taxi rides, and team outings require corporate reimbursement which may only be accomplished with proof of the employee’s transactions. For the employee, proving such transactions entails presenting a receipt to the business. Along with displaying the all-important total cost of the outing, receipts provide other useful information which the employee’s business can verify, including the name of the venue the employee visited, its website, address, phone number, and a list of the specific purchased goods or services at that location. As simple as the receipt-expensing process may appear, however, it often suffers from a major technological deficiency: most businesses have fully digitized their payroll and expensing procedures, and receipts are still often obtained in hard-copy form. As a result, transitioning a physical receipt into a digital form presents a relevant business technology challenge. View more...Everything You Should Know About APIsAggregated on: 2022-07-14 15:36:30 API stands for Application Programming Interface. An API is a connector/ intermediary between two software components. It is a set of definite protocols that makes the interface possible. The interface simply means the nature of requests and responses. How developers would form the request and responses comes under API documentation. In simpler words, API allows two applications to communicate with each other. We use API when we check the weather on our phones or while sending and receiving messages on apps like Instagram or Facebook, etc. View more...It’s Time to Use a Data Privacy VaultAggregated on: 2022-07-14 13:36:30 Earlier in my career, our entire development team volunteered to help the reporting team validate some major updates with their service. None of us were excited about pausing our current priorities, but we all realized this was the right thing to do. After I ran my first report, it appeared that the data connected to the application might be a copy of production data. I was able to quickly validate this assumption by running reports based on my own work-related expenses. View more...Building a REST Service That Collects HTML Form Data Using Netbeans, Jersey, Apache Tomcat, and JavaAggregated on: 2022-07-13 23:36:30 The Jersey project is very well documented so it makes it easy to learn REST with Java. In this article I’m going to build two projects. The first project will be a very simple HTML page that presents a form to the user and then submits it to a REST project residing on the same server. The second project will be the REST part. For this article I used the following tools:1. Netbeans 72. Apache Tomcat 73. Jersey4. Java View more...Best Runtime for AWS Lambda FunctionsAggregated on: 2022-07-13 22:06:30 AWS Lambda is a compute service that lets you run code without any infrastructure management and it natively supports Java, Go, NodeJS, .Net, Python, and Ruby runtimes. In this article, we will compare the performances of the same hello world Lambda functions written in Java, Go, NodeJS, .Net, and Python runtimes and I hope this article helps you to decide which runtime should we use in the scenarios we have. Structure of the Template We are using simple hello world functions to test invocation times of Lambdas’ by using the AWS SAM templates. When we compare them first we will use the latest versions of the runtimes the AWS SAM provided us. You can check the complete deployment package from this Github repository. View more...Reaper 3.0 for Apache Cassandra Is AvailableAggregated on: 2022-07-13 21:06:29 The K8ssandra team is pleased to announce the release of Reaper 3.1. Let’s dive into the features and improvements that 3.0 recently introduced (along with some notable removals) and how the newest update to 3.1 builds on that. JDK11 Support Starting with 3.1.0, Reaper can now compile and run with jdk11. Note that jdk8 is still supported at runtime. View more...The Best Authentication Methods for B2B SaaS IntegrationsAggregated on: 2022-07-13 20:36:30 From the earliest days of software development, authentication (also called auth) has been essential. To ensure system and data security, you must ensure that only properly identified users are permitted to log in to a system. If you’re building native integrations to connect your SaaS product to the other apps your customers use, one of the tricky pieces is dealing with the nuances of the third-party apps, such as authentication. Sometimes you'll be the one setting up authentication for your own app, and sometimes you'll need to configure your integrations to use whatever auth pattern has been provided. In either case, knowing how user authentication methods work and what to look for can save you time and prevent integration headaches. View more...How Does MySQL Configuration Work?Aggregated on: 2022-07-13 20:06:29 If you've found yourself in the MySQL space at least for a little while, chances are that you have heard about one of its well-known files: my.cnf. my.cnf is a configuration file exclusive to MySQL and all of its flavors and it's widely regarded as the "go-to" file whenever MySQL configuration errors occur. Sure, we can set up a couple of settings when we start MySQL with the "--" options, but that doesn't do much - it's much more effective to set the settings inside of the configuration file instead. Why Does MySQL Need a Configuration File? First things first, we will look into why MySQL needs a configuration file in the first place. After all, MySQL is a powerful beast as-is, right? Well, not quite. You see, these days MySQL is running on a very wide variety of infrastructures and database servers - some servers might have 20TB of hard drive space and 256GB of RAM allocated to them, others - like small virtual private servers or the like - might only have 2GB of space and 256MB of RAM. The difference here is huge and the primary purpose of configuration files in this scenario is to provide an "endpoint" for MySQL DBAs and developers to configure it according to their requirements. View more...The Benefits of Open Source and the Risks of Open Core [Recording]Aggregated on: 2022-07-13 20:06:29 The open source movement has taken center stage in software development, and its influence echoes through other areas of life, such as open culture and open data. Many software companies hope to cement both their revenue sources and their status in open source communities by offering a mixture of open source (also called “free”) and closed (proprietary) software. The combination is generally called open core which brings with it often hidden and misunderstood risks. Despite the widespread adoption of open core software, we believe it tends to have negative long-term impacts on vendors and customers alike. After watching the webinar, we invite you to draw your own conclusions. We'll discuss: View more...A Comprehensive Guide to Cloud Application Security AuditsAggregated on: 2022-07-13 19:36:30 When it comes to cloud security audits, many organizations find themselves asking the same question: what is a cloud application security audit? And more importantly, what are the steps in a cloud application security audit? This comprehensive study will answer any and all of your questions, as well as a few you didn't even realize you had. We'll start by discussing the definition of a cloud application security audit and then move on to outline the steps involved in conducting one. After that, we'll take a look at some of the risks associated with using cloud applications and provide advice on how to mitigate them. Finally, we'll recommend some reputable companies that offer cloud application security audits and discuss some alternative options for those who want to conduct their own audits. View more...Creating GitHub Actions for Vercel DeploymentAggregated on: 2022-07-13 03:51:29 Vercel allows you to host your project as fast as possible with little or no setup. When Vercel is used with GitHub for project deployment, things get more fascinating. When a new update is pushed to GitHub, this enables automated code deployment, streamlining your CI/CD workflow. What Is Github Actions? GitHub Actions is a CI/CD platform for automating your build, test, and deployment workflows. You can build and test every pull request in your repository using workflows, or you may deploy merged pull requests to the production repository. View more...What Developers Need to Know About Table Geo-PartitioningAggregated on: 2022-07-13 03:06:29 In the first two articles of the table partitioning series, we reviewed how the partition pruning and maintenance capabilities of PostgreSQL can speed up and facilitate the design of our applications. In this final post in the series, we’ll experiment with the table geo-partitioning feature that automatically distributes application data across multiple locations. We’ll continue using a large pizza chain as an example. This pizza chain has branches in New York, London, and Hong Kong. It also uses a single centralized database cluster to track the orders of its delighted customers. View more...How to Grab Eclipse Console Output PainlesslyAggregated on: 2022-07-13 00:06:29 Use this guide to grab eclipse console output effortlessly. After reading it, you'll be able to grab eclipse console output successfully. But before we dive into it, let's start by answering this crucial question: View more...Java Thread Programming (Part 2)Aggregated on: 2022-07-12 23:06:29 In a previous post, we discussed the history of threading and provided instructions on how to initiate and begin a thread. Let's take a look at an illustration of how we might leverage threads to our advantage in this article. View more...Creating Your Own Face Dataset with DatasetGAN and GPUsAggregated on: 2022-07-12 23:06:29 What Are Face Datasets? Image datasets include digital images chosen especially to help test, train, and evaluate the performance of ML and artificial intelligence (AI) algorithms, typically computer vision algorithms. Specifically, face datasets include images of human faces, curated for machine learning (ML) projects. See a list of commonly used face datasets. A face dataset includes faces shown in a variety of lighting conditions, emotions, poses, ethnicity, gender, age, and other factors. Face datasets are key enablers of face recognition, a computer vision field applicable to various use cases, such as augmented reality (AR), personal device security, and video surveillance. View more...Everything You Need to Know About SaaS Security CertificationAggregated on: 2022-07-12 18:06:29 SaaS Security Certification is a process by which your SaaS business can prove to customers and partners that it has implemented security controls to protect their data. The accreditation shows that you follow industry best practices for data security. We'll talk about the significance of SaaS security certifications, the many sorts available, and how to pick which one is appropriate for your organization in this blog article. What Is SaaS Security? SaaS Security, or Software as a Service Security, is the practice of protecting data that is stored in and accessed via the cloud. SaaS applications are often used by businesses to store sensitive data, such as customer financial information or employee records. SaaS Security Certification helps to ensure that your SaaS provider has implemented security controls to protect this data. View more...Overcoming Challenges in End-To-End Microservices TestingAggregated on: 2022-07-12 17:36:29 Web and mobile application developers around the world are using microservices architecture to build and deliver amazing tech products that are fast, responsive, and highly integrated within an ecosystem. Unlocking high potential in the context of a rapidly growing tech startup comes with a set of big rewards, so anything which breaks barriers in the development of better tech is appreciated and adopted by all. View more... |
|
|