Operations | Monitoring | ITSM | DevOps | Cloud

The latest News and Information on DevOps, CI/CD, Automation and related technologies.

CVE-2021-44142: Critical Samba Vulnerability Allows Remote Code Execution

Recently, a critical out-of-bounds vulnerability, assigned to CVE-2021-44142, was disclosed in Samba versions prior to 4.13.17. The Samba vulnerability carries a critical CVSS of 9.9 and allows attackers to remotely execute code on machines running a Samba server with a vulnerable configuration. The vulnerability was disclosed as part of the Pwn2Own Austin competition where researchers are challenged to exploit widely-used software and devices with unknown vulnerabilities.

Our Solution for Scalable Multi-Region SaaS Deployment

Just like many other production DevOps engineering teams, our JFrog team deploys new version releases several times a day to AWS, Azure and GCP, across more than 20 cloud regions. This process used to take us many hours and could have even failed if it was done alongside maintenance by other teams.

[Infographic] AWS RDS from a Serverless perspective

In this article, we’ll deep dive into all the basics to help you decide if AWS RDS is the right decision for your architecture and help you hit the ground running if you do end up AWS RDS. For many decades now, relational databases (RDS) have been the place to store your data. They are pretty flexible often use some kind of SQL dialect, which is one of the main languages taught in computer science classes, and widely understood by the average developer.

Your First Pulumi and Shipa Integration

Typically, Infrastructure-as-Code or IaCs have had their own languages to learn. For example, if leveraging Terraform most likely you came across Terraform’s native syntax, HCL. Though as software engineers we might be more familiar with other languages of choice. Using a general-purpose computer language vs a provider level syntax does unlock the power of the language; anything you can do in the computer language potentially can be additional methods, calls, etc.

Podcast: Break Things on Purpose | Gunnar Grosch: From user to hero to advocate

Reliability and serverless are at the forefront of today’s conversation. For this episode Gunnar Grosch, Senior Developer Advocate at AWS, is here to talk about Chaos Engineering, AWS Serverless, and the work that AWS is doing when it comes to reliability.

Use your words: the importance of clear writing in product development

The role of an engineer at a startup is a tangled web: as well as writing code, you have to be your own product manager, QA tester, customer support and designer. But there’s another hat that you have to wear which you might not have thought about: copywriter. All products have copy, from welcome messages to text on a submit button. At incident.io, we have to put on our copywriting hats every time we add a new feature.

3 reasons top-notch infrastructure performance is critical for service providers

Brocade, a Broadcom Company, named 2/8/2022 as End-of-Support (EOS) for Brocade Network Advisor (BNA), the collection mechanism for Brocade fabrics. Broadcom recommends Brocade SANnav as a replacement for BNA. To continue providing industry-leading infrastructure intelligence, Galileo’s new v2 agent for Brocade will use the REST functionality to collect all the configuration and performance metrics required. Read on for all the details you need to know.

Auto-generate Postman Collections from traffic

Postman is a great tool for API testing during development. It’s GUI is simple to learn and ubiquitous. However, manually writing test cases for local development gets tedious fast if you have a lot of endpoints. Meticulously entering every detail for every use case takes forever. Also, if you get one HTTP Header or parameter wrong, it can take hours to diagnose. And even when it’s done, the API tests are almost immediately out of date because the API contract changes.