Category Archives: WorldOfSecDevOps

[Recommended Reading] Microservices

Source: Microservices Wikipedia

“A ‘microservice’ is a software development technique—a variant of the service-oriented architecture (SOA) architectural style that structures an application as a collection of loosely coupled services. In a microservices architecture, services are fine-grained and the protocols are lightweight. The benefit of decomposing an application into different smaller services is that it improves modularity and makes the application easier to understand, develop, test, and more resilient to architecture erosion. It also parallelizes development by enabling small autonomous teams to develop, deploy and scale their respective services independently. It also allows the architecture of an individual service to emerge through continuous refactoring. Microservices-based architectures enable continuous delivery and deployment. Read more…

Image source.

Advertisements

Leave a comment

Filed under General, InfoSec, Recommendations, Site Reliability Engineering, WorldOfSecDevOps

[Recommended Reading] Feature toggle

Source: Feature Toggle Wikipedia

“A feature toggle (also feature switchfeature flagfeature flipperconditional feature, etc.) is a technique in software development that attempts to provide an alternative to maintaining multiple source-code branches (known as feature branches), such that a feature can be tested even before it is completed and ready for release. Feature toggle is used to hide, enable or disable the feature during run time. For example, during the development process, a developer can enable the feature for testing and disable it for other users. Read more… “

Image source.

Leave a comment

Filed under General, InfoSec, Recommendations, Site Reliability Engineering, WorldOfSecDevOps

[Recommended Reading] Nagios

Source: Nagios Wikipedia

Nagios, now known as Nagios Core, is a free and open sourcecomputer-software application that monitorssystems, networks and infrastructure. Nagios offers monitoring and alerting services for servers, switches, applications and services. It alerts users when things go wrong and alerts them a second time when the problem has been resolved. Read more… “

Image source.

Leave a comment

Filed under General, InfoSec, Recommendations, WorldOfSecDevOps

[Recommended Reading] Advanced Encryption Standard

Source: Advanced Encryption Standard Wikipedia

“The Advanced Encryption Standard (AES), also known by its original name Rijndael, is a specification for the encryption of electronic data established by the U.S. National Institute of Standards and Technology (NIST) in 2001. Read more… “

Image source.

Leave a comment

Filed under General, InfoSec, Recommendations, WorldOfSecDevOps

[Recommended Book] Team of Teams: New Rules of Engagement for a Complex World

Source: Team of Teams: New Rules of Engagement for a Complex World on Amazon

What if you could combine the agility, adaptability, and cohesion of a small team with the power and resources of a giant organization?

THE OLD RULES NO LONGER APPLY . . .

When General Stanley McChrystal took command of the Joint Special Operations Task Force in 2004, he quickly realized that conventional military tactics were failing. Al Qaeda in Iraq was a decentralized network that could move quickly, strike ruthlessly, then seemingly vanish into the local population. The allied forces had a huge advantage in numbers, equipment, and training—but none of that seemed to matter.

TEACHING A LEVIATHAN TO IMPROVISE 
It’s no secret that in any field, small teams have many ad­vantages—they can respond quickly, communicate freely, and make decisions without layers of bureaucracy. But organizations taking on really big challenges can’t fit in a garage. They need management practices that can scale to thousands of people. 

General McChrystal led a hierarchical, highly disci­plined machine of thousands of men and women. But to defeat Al Qaeda in Iraq, his Task Force would have to acquire the enemy’s speed and flexibility. Was there a way to combine the power of the world’s mightiest military with the agility of the world’s most fearsome terrorist network? If so, could the same principles apply in civilian organizations?

A NEW APPROACH FOR A NEW WORLD
McChrystal and his colleagues discarded a century of conventional wisdom and remade the Task Force, in the midst of a grueling war, into something new: a network that combined extremely transparent communication with decentralized decision-making authority. The walls between silos were torn down. Leaders looked at the best practices of the smallest units and found ways to ex­tend them to thousands of people on three continents, using technology to establish a oneness that would have been impossible even a decade earlier. The Task Force became a “team of teams”—faster, flatter, more flex­ible—and beat back Al Qaeda.

BEYOND THE BATTLEFIELD

In this powerful book, McChrystal and his colleagues show how the challenges they faced in Iraq can be rel­evant to countless businesses, nonprofits, and other or­ganizations. The world is changing faster than ever, and the smartest response for those in charge is to give small groups the freedom to experiment while driving every­one to share what they learn across the entire organiza­tion. As the authors argue through compelling examples, the team of teams strategy has worked everywhere from hospital emergency rooms to NASA. It has the potential to transform organizations large and small. Read more… “

Image source.

Leave a comment

Filed under Books, General, InfoSec, Leadership, Management, People, Recommendations, WorldOfSecDevOps