Security is actually pretty simple:
1. Ensure that the data is secure
2. Ensure that any third-party libraries/packages you're using in your code are secure
Well... since that's 100% of security, I guess security isn't all that simple lol
06.05.2025 17:03 β π 0 π 0 π¬ 0 π 0
Ohhh, I have to hear more. I have a finished basement that I haven't done anything with since I bought my house and I've been thinking of doing this exact same thing.
06.05.2025 13:39 β π 1 π 0 π¬ 0 π 0
1. Continuous monitoring of networks.
2. Tie specific malicious behavior to an IP address to see where it originated.
Both of these really fall under the vulnerability assessment category.
06.05.2025 13:03 β π 0 π 0 π¬ 0 π 0
One of the biggest pieces to remember with CDR is how data is being traversed and who has access to what.
Network Detection and Response (NDR) provides two primary capabilities:
06.05.2025 13:03 β π 0 π 0 π¬ 1 π 0
This could be larger cloud-based environments like Azure, Google Cloud Platform (GCP), and Amazon Web Services (AWS), or smaller clouds like Vultr and Digital Ocean (DO).
The primary goal of a CDR is to have a deep understanding of the environment.
(cont)
06.05.2025 13:02 β π 0 π 0 π¬ 1 π 0
Cloud Detection Response (CDR) and Network Detection Response (NDR) π
Cloud Detection and Response (CDR) focuses purely on cloud environments.
(cont)
#kubernetes #devops #platformengineering
06.05.2025 13:02 β π 0 π 0 π¬ 1 π 0
That means the apps/tools you're running locally to reach the k8s Service won't be able to reach it either.
01.05.2025 13:39 β π 0 π 0 π¬ 0 π 0
That means if you're trying to access the resource locally (for example, connecting to the DB running in k8s), you have to do it from your local terminal.
If you try it from a cloud shell or something that isn't local, you won't be able to hit it via localhost.
(cont)
01.05.2025 13:39 β π 0 π 0 π¬ 1 π 0
An important reminder when using `port-forward` with Kubernetes.
If you run something like `kubectl port-forward svc/service_name portnumber:port:number`
You're bringing the traffic from the Kubernetes to your local computer.
(cont)
#kubernetes #devops #platformengineering
01.05.2025 13:38 β π 0 π 0 π¬ 1 π 0
I updated KoaPerf to include:
1. AWS Support! You can get recommendations for containerized apps running in AWS now.
2. A better UI (more visually appealing)
Check it out at the link below π
koaperf-apeseqd2cehnhjgh.z03.azurefd.net
#kubernetes #devops #platformengineering
27.04.2025 17:46 β π 1 π 1 π¬ 0 π 0
Here are a few tips when thinking about what platforms to use, how to use them, and what to think about when managing them.
21.04.2025 19:42 β π 0 π 0 π¬ 0 π 0
For any organization, big or small.
Enterprise or startup.
Figuring out the workflow of how environments should be deployed, managed, and most importantly, what should be deployed and managed is the make or break.
(cont)
#kubernetes #devops #platformengineering
21.04.2025 19:42 β π 0 π 0 π¬ 1 π 0
And the goal is to add AWS EKS and AWS ECS.
KoaPerf is a scanner that tells you based on performance, cost, and resource needs where you should deploy a containerized workload.
20.04.2025 19:23 β π 0 π 0 π¬ 0 π 0
The current recommendations it gives you are between:
β
Azure Kubernetes Service (AKS)
β
Azure Container Apps (ACA)
β
Azure Container Instance (ACI)
20.04.2025 19:23 β π 0 π 0 π¬ 1 π 0
Instead of scanning a Kubernetes Manifest to tell you the best place to deploy, it'll read a description that you add in or an architecture doc you upload.
20.04.2025 19:23 β π 0 π 0 π¬ 1 π 0
I built a free tool to tell you the best place to deploy containerized workloads.
koaperf-apeseqd2cehnhjgh.z03.azurefd.net
(cont)
#kubernetes #devops #platformengineering
20.04.2025 19:22 β π 0 π 0 π¬ 1 π 0
After planning and deploying a Kubernetes environment, you're left with:
β
Performance optimization
β
Monitoring and observability
β
Upgrades
and a few other specifics that are necessary to ensure k8s is running as expected.
#kubernetes #devops #platformengineering
17.04.2025 17:03 β π 2 π 0 π¬ 0 π 0
Keeping The Lights On: Pipeline Differentiations for CICD
However, before using ArgoCD, it has to be deployed to the cluster.
CICD pipelines are still the best way to get workloads and infrastructure initially deployed in an automated fashion.
I break down my thoughts about it in the link below.
buff.ly/3GWl2wy
16.04.2025 15:18 β π 1 π 0 π¬ 0 π 0
Keeping The Lights On: Pipeline Differentiations for CICD
The tool needs to be deployed before it can be used.
ArgoCD is a great example of this.
Argo is implemented for workloads in k8s to be deployed automatically based on an interval instead of having to run a bunch of `kubectl apply -f` commands locally or in a pipeline.
(cont)
16.04.2025 15:18 β π 1 π 0 π¬ 1 π 0
Optimizing AWS Elastic Kubernetes Service (EKS)
As you develop environments, infrastructure, and orchestration platforms (like k8s), you'll begin to notice that there are several directions to go in. There's a joke that goes something like "line up...
I was recently on a consulting project and the goal was to optimize AWS EKS.
It came down to a few key aspects including:
1. Workload isolation
2. Multi-az
3. Cluster security around multi-tenancy
4. Performance optimization
(cont)
15.04.2025 14:33 β π 1 π 0 π¬ 1 π 0
Therefore, security really just ensures that there are people on the team who know the system/platform/application exceptionally well.
If they do, they can secure it.
14.04.2025 18:23 β π 0 π 0 π¬ 0 π 0
More importantly - security, and I mean proper cyber security, can only occur when you know a system/platform/application VERY well.
You must know the ins and outs in every capacity.
(cont)
14.04.2025 18:23 β π 0 π 0 π¬ 1 π 0
I never thought about security as a specialty.
i.e - DevOps Security, Cloud Security, Network Security, etc.
The reason is that security should be embedded in all of our jobs.
(cont)
14.04.2025 18:22 β π 0 π 0 π¬ 1 π 0
You're not late to learning Cloud/DevOps/Platform Engineering, you're right on time.
Open up that new DevOps course.
Learn Kubernetes and why orchestration is important.
Understand networks, systems, and design.
You'll never reach a point where you "know it all".
12.04.2025 13:37 β π 5 π 0 π¬ 0 π 0
It'll turn into:
1. Tech debt
2. No one will know how to troubleshoot
3. No one will know how to add specific functionality for your edge cases
And worse, everyone that finds a bug will have ZERO knowledge on how to actually fix it.
11.04.2025 14:33 β π 1 π 0 π¬ 0 π 0
In the world of AI programming with things like Cursor...
If you don't spend the time now getting really good at programming, you're going to fail drastically.
If you let "the AI thing" do it all for you without you understanding what's happening underneath the hood...
(cont)
11.04.2025 14:32 β π 1 π 0 π¬ 1 π 0
All Kubernetes implementations start with:
β
Proper planning and architecture
β
Security
β
Teamwork
Ensure you know exactly what's being deployed, managed, and by whom.
#kubernetes #devops #platformengineering
10.04.2025 12:54 β π 0 π 0 π¬ 0 π 0
Staff Security Researcher @datadoghq | DEF CON/Black Hat USA main stage speaker | he/him | OSCP OSWE | I turned hacking AWS into a career | Tweets are my own | Created https://hackingthe.cloud
Azure Architect, pilot of planes (PA28 @ EGSR), drinker of beer, watcher of F1 and dog dad.
Blog: https://blog.davesdomain.co.uk
Infra nerd working with the Microsoft Stack, Terraform, DevOps & Cloud. Newbie product owner, lover of dank memes. Poster of tech content mostly. I make lots of typos.
ππ€ποΈπ¦
Microsoft Azure MVP π | MS Learn & Startup Advocate π | Patterns & Practices & Cloud Native π€ | ISM Service Delivery Lead, HSO | Coffee-Driven βοΈ
My views are my own. He/Him.
https://luke.geek.nz/
MPFE Consultancy Ltd provide DevOps, Cloud and Infrastructure services with a particular focus on businesses that are leveraging a Microsoft technology stack such as applications deployed on Windows Server, Containers or .NET.
~ high priestess of naps ~
~ cyber security leader & builds tech stuff ~
~ shamelessly promoting womenβs sports ~
~ polymath, polyglot, polyvalent ~
Product lead for Azure SDK at Microsoft; Queen of Corner Cases; Purdue & Stanford alum; Space gEEk and Future Astronaut
Artist, engineer & dad. Collaborating on a different kind of world. Collective art, activism, therapy, open source nerdy stuff
Distinguished Architect at Red Hat. Developer, Maintainer, Innovator. Sports and Travel Junkie
#Microsoft365 & #Azure #AI solution architect, Microsoft Certified Master/MCSM Charter SharePoint, MCT, MVP, etc.
Head of Tech at Patriot Software. Guitarist.
Enjoys talking about Nuxt, k8s, Platform, infra, o11y, Linux, Rust, .NET, and leadership ideas.
Husband&dad.
Your real-world engineering source for all things Cloud Native, Kubernetes, DevOps, and Platform Engineering. Hosted by Kristina Devochko and Michael Levan.
Head of Tech β’ Knowit Experience Sweden β’ Sustainable Technology β’ Trustworthy and Responsible AI β’ Microsoft MVP x3 β’ Umbraco MVP x6 β’ Azure AI Engineer
Blog: https://adolfi.dev
Principal Consultant at @scalefactory.com
@HashiCorp.com Ambassador | @openuk.bsky.social Ambassador | AWS Community Builder
Wanderer. Cloud, automation and Open Source geek. Public speaker.
he/him
A podcast about software engineering with a focus on quality.
Co-hosts: @alemoreira.bsky.social, Royalee Martin and Veronika Pliusnina.
Connect with us: engineeringqualitypodcast.com/
π₯DevRel | @cncf.io Ambassador | @opentelemetry.io End User SIG Maintainer | @geekingoutpod.bsky.social host | π #Observability | #bouldering | #running | π§π·π¨π¦
Gettinβ shit done, and keepinβ it real.
Find me: https://bento.me/adrianamvillela
I help others create amazing technology. responsiveX founder. Azure and AI MVP. Microsoft Regional Director. Azure SQL DB book author. Guitar player. Husband. Dad.
Founder of @c8labs.tech β’ Programming for 20+ years β’ Talented Generalist β’ Volunteer β’ π³οΈβπ
mya.sh
DevRel Leader building credible developer-focused community participation | Ex-CTO | Platform Engineering aficionado | Industry Analyst | Devopsdays Organizer
