Category: SRE

View on sreweekly.com A message from our sponsor, StackHawk: Check out the latest from StackHawk’s Chief Security Officer, Scott Gerlach, on why security should be part of building software, and how StackHawk helps teams catch vulns before prod. https://sthwk.com/cloudnative Articles Computers are the easy part What’s so great about this incident write-up is the way… Continue reading SRE Weekly Issue #285

View on sreweekly.com A message from our sponsor, StackHawk: Trying to scale AppSec across engingeering is no joke. Check out the 3 main reasons developers struggle with AppSec and how to make it better. https://sthwk.com/3-reasons Articles Kill It With Fire This is a review of Marianne Bellotti’s Kill It With Fire a book about modernizing… Continue reading SRE Weekly Issue #286

View on sreweekly.com A message from our sponsor, StackHawk: Trying to figure out how to keep your APIs secure? You’re not the only one. See how DataRobot is automating API security testing with StackHawk. https://sthwk.com/DataRobot Articles Industry Interviews: Colm Doyle, Incident Commander at Slack Lots of details about how Slack does incident response in this… Continue reading SRE Weekly Issue #287

View on sreweekly.com A message from our sponsor, StackHawk: Want to see what’s new with automated security tooling? Tune in on September 30 to see how StackHawk and Semgrep are making it possible to embed security testing in CI/CD. https://sthwk.com/whats-new-webinar Articles Tammy Bryant Butow on SRE Apprentices Faced with a difficult hiring market for SREs,… Continue reading SRE Weekly Issue #288

View on sreweekly.com A message from our sponsor, StackHawk: With StackHawk’s new GitHub Action, you can integrate AppSec testing directly into your GitHub CI/CD pipeline. See how: http://sthwk.com/appsec-github-action Articles Why It Should Be Service, Not Site Reliability It really should! Even Google is much more accurately described as a “service” than a “site”. Chris Riley… Continue reading SRE Weekly Issue #255

View on sreweekly.com A message from our sponsor, StackHawk: Need to run a standalone Kotlin app as a fat jar in a Gradle project? Check out how we handled that! http://sthwk.com/kotlin-with-gradle Articles Coinbase Incident Post Mortem: January 6–7, 2021 This one’s juicy. At one point, the front-end was blocked up, so the back-end saw less… Continue reading SRE Weekly Issue #254

View on sreweekly.com A message from our sponsor, StackHawk: How do you know if your GraphQL API is secure? Watch StackHawk CSO Scott Gerlach walk through how to run application security tests for GraphQL-backed apps. http://sthwk.com/graphql-webinar Articles May 30 SSL incident TLS can be such a headache. This was an interesting situation. There was a… Continue reading SRE Weekly Issue #253

View on sreweekly.com A message from our sponsor, StackHawk: Interested in how you can automate application security testing with GitHub Actions? Check out this on demand webinar from StackHawk and Snyk and see how simple it is to get started. https://sthwk.com/stackhawk-snyk Articles Building On-Call Culture at GitHub Their on-call started out as four 24 hour… Continue reading SRE Weekly Issue #252

View on sreweekly.com A message from our sponsor, StackHawk: Register now for the first-ever ZAPCon taking place March 9th. The free event will focus on OWASP ZAP and application security best practices. You wont want to miss it! http://sthwk.com/zapcon-sre-weekly Articles Slack’s Outage on January 4th 2021 Here’s a blog post from Slack giving even more… Continue reading SRE Weekly Issue #256

View on sreweekly.com A message from our sponsor, StackHawk: Keeping your APIs secure requires thoughtful design and testing. Learn how to protect your REST, SOAP and GraphQL APIs from security vulnerabilities with StackHawk http://sthwk.com/api-protection Articles Sometimes alerts have inobvious reasons for existing This one really got me thinking. Make sure you document why an alert… Continue reading SRE Weekly Issue #257