Issue40

Security assessment techniques for Go projects

Static analysis tools like gosec, go-vet, and staticcheck can help catch low hanging fruits not included in compiler errors & warnings. Dynamic analysis techniques like fuzzing, property testing & fault injection should be used for deeper results.…

Issue40

How to avoid data breaches in the cloud

Draft a good data loss prevention (DLP) policy. Build a solution against breaches as well as unauthorized extraction & deletion. Implement encryption in transit as well as at rest: TLS/SSL connections are a must, as are IPsec VPN tunnels.…

Issue40

Scalability problems: Hidden challenges of growing a system

Two main challenges of scaling distributed systems: centralization and synchronization. When scaling up, the system can run into computational limitations, storage limitations, and network limitations.…

Issue39

The hidden costs of serverless

API Gateways tend to be a huge chunk of your serverless costs when you connect to a lot of APIs. The switch to serverless may not be worth it if data storage and networking are the largest chunks of your application’s costs.…

Issue39

9 serverless security best practices

Map your application - consider the data involved, its value and services that access it. Keep using your WAF and API Gateway but apply perimeter security at the function level too.…

Issue39

Mitigating serverless lock-in fears

Deploy existing tools such as serverless framework, apex, claudia.js & be as cloud-native as possible using the backend service provided by your cloud vendor. choose a programming language that's supported by multiple vendors.…

Issue38

Why I love trunk-based development (or pushing straight to master)

Earlier & better feedback, collective code ownership, fewer issues with merge conflicts, preservation of whole commit history,…

Issue38

How and why we switched from Erlang to Python

Mixpanel had coded one of their servers using Erlang. After 2 years, it became hard for them to debug downtime & performance issues. They switched to their de-facto language, Python. Having more code clarity & maintainability were the two main reasons for this move.…

Issue38

Will Kubernetes fall into the “shiny things” trap?

New & shiny can also mean immature. Developers must be cautious about excessive reliance on new technologies. Do not ask simply how to leverage Kubernetes at scale, ask how to use a single abstraction to cover Kubernetes.…

Issue37

The question of multiple databases and pre-production complexity

When working with long pipelines break up changes into smaller chunks that are easier to develop, test, and deploy. Deal with the complexity of distributed applications with a purpose-built tool.…