The Weekly Dev - 202213

Running your code, secure and at scale

It takes a lot of work, to build code that is theoretically able to scale globally, and apparently it takes much less to take it down, if you're not up-to-date with the latest threats and related mitigations, if only from a technical point of view.

That is - of course - only part of the story, but one we're deeply in.

API development

A funny story, by its own means:

CORS is not meant to secure an API endpoint

Source: nikofischer.com

"A microservice application with an uptime percentage of 99.9% can be considered highly available, but a downtime of 0.1% quickly becomes pronounced as volumes increases. Per 1000 requests, there might be only one failure, but per million requests? That’s 1000 failures."

How to Design Reliable Microservices

Source: levelup.gitconnected.com

Data-Intensive Systems

"It shares some of the same goals of programs like launchd, daemontools, and runit. Unlike some of these programs, it is not meant to be run as a substitute for init as “process id 1”. Instead it is meant to be used to control processes related to a project or a customer, and is meant to start like any other program at boot time." Supervisor: A Process Control System

Source: supervisord.org

Approaches to Migrate SQL Applications to Apache Cassandra

Source: thenewstack.io

Boring Security

Some useful information about Security Headers in your web application.

Source: securityheaders.com

Mostly in line with the infos on OWASP website: OWASP Secure Headers Project

Source: owasp.org

Also very valuable if you want to check the headers by yourself on the command line with this project:

hsecscan

Source: github.com/riramar



Keywords: [ security ] [ api ] [ cassandra ]

Share: