Code Complexity Metrics When a professional software developer writes code, they measure the complexity of the code they write. The contrapositive holds true as well that those who don’t measure the complexity of their code are not professional. There are a variety of code complexity metrics available to the professional developer. The “better” metrics are Read more…
This blog post will be part one of a three-part series on Visual Studios Code Remote – Containers. Prior knowledge of Visual Studios Code editor is recommended to better understand the items discussed in this series; more information can be found here. Part one will explain the general concepts of utilizing VS Code Remote – Read more…
Introduction The cfn_nag tool is a static analysis tool for finding obvious security weaknesses in CloudFormation templates. The core product includes rules that apply universally across environments and enterprises. That said, the product supports the development of custom rules to allow enterprise-specific rules for compliance and security controls. For more information on developing custom rules Read more…
One of the biggest challenges with managing usernames, passwords, API keys, and other secrets is balancing the need to make it simple for authorized accounts, databases, and APIs to securely access these secrets while adhering to the principle of least privilege. Simply put, most everyone knows not to store sensitive configuration information in plain text Read more…
We had over 40 people from Mphasis and Mphasis Stelligent at the AWS re:Invent 2019 conference in Las Vegas, NV. There were 77 product launches, feature releases, & services announced at the conference (and many more at “pre:Invent” in November). Of this, there were several DevOps-related features announced at re:Invent or during pre:Invent. The theme Read more…
Many enterprises attempt to drive software development and delivery towards a DevOps mindset. Likewise, organizations struggle with increasing security challenges while adopting these innovative software practices. Embedding security within the deployment lifecycle is non-negotiable. Therefore, integration of security into CI/CD workflows need be done cautiously to meet an ever-evolving technology landscape. DevSecOps is an important Read more…
The AWS QuickStart team open sourced a project they use for automated testing of CloudFormation templates called TaskCat. With TaskCat, you can run automated tests to learn of and fix any errors that arise in your CloudFormation templates. If you have been using CloudFormation for any period of time, you will learn that even if Read more…
It’s 7:37 AM on a Sunday. You’re in the Security Operations Center (SOC) and alarms and emails are seemingly being triggered everywhere. You and a colleague are combing through dashboards and logs to determine what is causing these alerts. After running around with your “hair on fire” for around 30 minutes, you finally determine that Read more…
While AWS is making computing easier, it can be challenging to know how to effectively use encryption. In this screencast, we provide an overview of the encryption landscape on AWS. This includes services like AWS Certificate Manager, AWS Key Management Service, and the Encryption SDK, which provide encryption in transit and at rest. In addition, Read more…
This article will walk you through the process necessary to create a wrapper gem with custom rules for cfn_nag. Read more…