Privacy Respected. πΈοΈ
π₯οΈ Designing Resilient and Robust Systems| β Rust | π¨π»βπ» DevSecOps |
π Cyber Security| π οΈ Technologist | βπΌ Hobby Blogger | πΆ Listener
On Lime Light π¦
Parameters to Consider while choosing an Open-Source tool.
When deciding on an open-source tool for a specific purpose, there are several key parameters you should consider to ensure the tool meets your needs and is a good fit for your project. Here are some important parameters to keep in mind.
Which service to Use Azure Kubernetes Services or Azure App service (A curated topic)
Getting started with Azure App-service is quite easy and a best place to start with. configuration through Azure dashboard with few click is the most liked feature of this Azure service. But when we talk about a production grade application and an infrastructure for the same , App service lacks in various perspective. This article highlights all the pros and cons of using App-service for a application hosting and Azure Kubernetes with facts.
Part 1: Variable and DataTypes in Rust
Variables are the basic building blocks of a programming language. It holds data in the computer memory during runtime. The data that a variable hold can be different types. Like other languages, Rust has 2 kinds of high-level data types. Scalar and Compound . Scalar contains a single value whereas Compound holds multi-value data in the memory during run time.
Shell script to Remove history from a git Branch
There are various instances where we decide to remove the history from a git repository. Let's see a script action.
Part-2: Recursive Search with Rust
In this blog lets talk about the recursive search In Rust programming, We will understand it from the algo with and try to build a small command line utility to practice that.
Configuring Meshery behind ISTIO and ingress gateway
Accessing Workloads behind a ingress-gateway always has been a industry standard practice in Kubernetes setup. It facilitate single entry point for all your services deployed in a production grade Kubernetes. This setup also allows you to leverage the service-mesh functionality of implementing policies and have a better authz and authn to the deployed services. Meshery is no different, you can configure it to be accessed through ingress gateway. Letβs see how can we configure it
Gen AI tools made my college days alive
This blog is a good read if you are still poking in to your mobile to read some interesting and relatable Tech stories. Here I share my Experience which resembles the way Generative AI is behaving these days.
This is the upcoming plans for ls-lrt. Apart from the notification from the main site, if you are curious to know the future plans of mine you may keep the tab on here. I try my best to Achieve those but may be delayed due to my Schedule
Uncontrolled Data Used in Path Expression: A Cyber Security Threat
It is essential in the field of software development to provide people control over their data and experiences. Users' experiences are improved when they can build unique queries using user-controlled sources, which also gives them a sense of control and flexibility. This strategy has a lot of advantages, but it also has its share of drawbacks and potential problems.
Why I was encouraged to learn Rust (Comparing Rust and Python
It is been 8 years in my Job career as an infrastructure/DevSecOps engineer, I am much satisfied. But in the corner of my heart, I had the urge to learn programming so that I can relate my daily job to the developer program easily.
Part:0 - Few facts about Rust programming language
This is the very first write-up of our Rust journey. In this part, we will learn a few interesting facts about Rust programming language. This will give us an overview of how and what of Rust at a high level.
Cross-Site Scripting (XSS) Vulnerability and Mitigation in Web Applications
Security has been a very key consideration in modern application architecture. When we talk about cloud-native application architecture, people tend to think about security a lot. That is why all the cloud providers have a bunch of features to make your application more secure and robust. For example, Azure provides various gateways like Network security groups, Application gateway, Azure front-door. These azure services provide a secure connection either by introducing a firewall or validating SSL.certificates.
Securing Meshery Installation: The best practices
We are delighted that you are loving Meshery, so it is our sole responsibility to make sure that you are in safe hands. The below few lines will describe how can you harden your security for accessing meshery so that you make eventually keep all your infrastructure sharing the same network are safe.
Uncontrolled Data Used in Path Expression: A Cyber Security Threat
In today's interconnected world, web applications rely on various external services to provide dynamic content and functionality. However, this dependence on external resources can also create security vulnerabilities, one of which is Server-Side Request Forgery (SSRF). SSRF is a type of attack where an attacker manipulates a web application to send unauthorized requests to internal or external resources. In this blog, we will delve into the concept of SSRF, its potential impact on your Java applications, and discuss strategies to mitigate this critical security risk.
Shell script to Migrate Azure Container Registry
When someone asks to migrate an ACR from one Azure subscription to another azure subscription, it feels like a tedious task. Because you must migrate Image repositories and all the image tags that are in those repositories.
Uncontrolled Data Used in Path Expression: A Cyber Security Threat
Path expressions are used in a variety of software applications to construct file paths. However, if these expressions are not properly validated, they can be used by attackers to gain unauthorized access to sensitive data or systems.
Cross-Site Scripting (XSS) Vulnerability and Mitigation in Web Applications
In the realm of web security, Cross-Site Scripting (XSS) stands as one of the most prevalent and hazardous vulnerabilities. With its ability to manipulate the interaction between a web application and its users, XSS can lead to unauthorized data exposure, session hijacking, and even malware distribution. This article delves into the concept of XSS, highlighting its potential impact and providing insight into securing applications against this threat.
Imposing mandatory http(s) security headers in NGINX ingress in Kubernetes
Making an application up and running does not qualify as a full-fledged product. It is particularly important to have security measure in the Product. Now in the ever-increasing digital revolution, security flaws are really risk for an organisation as-well as the users. Though we cannot eliminate all the risks, we can always try to address most of them and the important CVEs.
Tale of Dependencies (Vendor lock-in, vendor neutrality and Managed Services)
Once upon a time in the software industry, Big companies looked for reliable partners (aka vendors) to manage their services. Meanwhile, these vendors focused on retaining existing clients and offering tailored solutions or products directly. In this process Organizations of all sectors were investing double, even sometimes five or ten times the amount to support a product/service. This sparked a global interest in service offerings, igniting a revolution in the software industry.
SBOM: Know the Software's source of truth
Over the years, our focus has been on enhancing our software's functionality and striving for vendor neutrality. We've integrated various freely available modules from diverse sources to expand our applications. However, we inadvertently overlooked verifying the authenticity of these sources.
