Flux7 Blog

As the industry gears up for the annual RSA Conference this week, Dell Technologies announced that it will sell the RSA security business to Symphony Technology Group for $2.075 billion. And, in other pre-RSA DevOps news, StackRox announced findings of its State of Container and Kubernetes Security Report. In it, they report that human error and misconfigurations are the primary causes of Kubernetes security issues.

According to the report, almost half of those surveyed delayed moving an application into production due to containers or Kubernetes security concerns. Sixty-one percent are most concerned about misconfigurations while 27% flagged vulnerabilities as a top concern. Only 12% listed an attack as their chief worry. 

DevOps News

• GitLab 12.8 was released. The new version features Log Explorer, NuGet, and Compliance. The new Log Explorer aggregates Kubernetes Pod Logs, helping you filter, time pick, and search full-text. NuGet is a repository that gives teams writing code in C# and .NET a built-in place to manage and share project binaries. And, a new Compliance Dashboard provides a view of recent merge requests for each project in a Group. While the new dashboard allows you to manage auditing of code changes from one place, Expect more compliance news from GitLab.
• The Linux Foundation has teamed with Harvard’s Laboratory for Innovation Science and Core Infrastructure Initiative to measure the breadth and depth of open source software in use. They unveiled their preliminary findings this week with an inventory of the top-used OSS. That list includes Async, Inherits, Isarray, Kind-of and Lodash. And, on the non-JavaScript package list, com.fasterxml.jackson.core:jackson-core, com.fasterxml.jackson.core:jackson-databind, com.google.guava:guava, commons-codec and commons-io. They note in the report, “Far from being the final word on critical FOSS projects, this census effort represents the beginning of a larger dialogue on how to identify crucial packages and ensure they receive adequate resources and support.”
• Codefresh introduced what it’s calling, the world’s first CI/CD live debugging tool. According to a blog, the live debugging CI/CD pipeline tool allows developers to place stop/resume breakpoints and inspect live pipelines in the same way that they would debug an application.

AWS News 

• AWS Firewall Manager now supports AWS CloudFormation. The new support allows you to manage all Firewall Manager policy types and resources with CloudFormation stack templates. Firewall Manager enables operators to manage AWS WAF, AWS Shield Advanced, or VPC security groups across the entire AWS Organization.
  
• Our AWS consulting team is pleased to see this AWS IAM news. The service introduced a new control that allows you to control access for requests made on your behalf.
• AWS unveiled Ruby 2.7 support in AWS Lambda. Developers can develop AWS Lambda functions with Ruby 2.7. New features include pattern matching, argument forwarding, and numbered arguments. To get started, specify a runtime parameter value of ruby2.7 when creating a Lambda function.
• Amazon introduced Microsoft Azure Active Directory support for Amazon Redshift. This new support allows you to sign-on to Redshift without duplicating AD identities in Redshift.

Flux7 News

• Each week AWS features innovative cloud architectures from its partners and customers in a video feature it calls, This is My Architecture. We’re excited to share that a new episode features our very own DevOps Engineer, Arthur Mandel, and David Fluck from Toyota Research Institute. In the episode, they highlight how two technologies — AWS P3 GPU instances and AWS Service Catalog — enable TRI data scientists to more quickly progress their research.
• No matter how you think of digital business transformation, it can be tempting to embrace it by building digital things. Yet, this approach misses a big piece of the puzzle. Read our latest blog on how to address customer and business needs with a digital business platform.
  

Toyota Research Institute: On-Demand Self-Service Portal for Data Scientists to Process Data Sets

Watch the Episode

Written by Flux7 Labs

Flux7, an NTT DATA Company, is the only Sherpa on the DevOps journey that assesses, designs, and teaches while implementing a holistic solution for its enterprise customers, thus giving its clients the skills needed to manage and expand on the technology moving forward. Not a reseller or an MSP, Flux7 recommendations are 100% focused on customer requirements and creating the most efficient infrastructure possible that automates operations, streamlines and enhances development, and supports specific business goals.