View Blog Post

Continuous Delivery for AWS Secrets Rotation

One of the biggest challenges with managing usernames, passwords, API keys, and other secrets is balancing the need to make it simple for authorized accounts, databases, and APIs to securely access these secrets while adhering to the principle of least privilege. Simply put, most everyone knows not to store sensitive configuration information in plain text Read more…

View Blog Post

Automate Container Security Scans in Your CI/CD Pipeline with AWS ECS

Many enterprises attempt to drive software development and delivery towards a DevOps mindset. Likewise, organizations struggle with increasing security challenges while adopting these innovative software practices. Embedding security within the deployment lifecycle is non-negotiable. Therefore, integration of security into CI/CD workflows need be done cautiously to meet an ever-evolving technology landscape. DevSecOps is an important Read more…

View Blog Post

Run AWS CloudFormation tests from CodePipeline using TaskCat

The AWS QuickStart team open sourced a project they use for automated testing of CloudFormation templates called TaskCat. With TaskCat, you can run automated tests to learn of and fix any errors that arise in your CloudFormation templates. If you have been using CloudFormation for any period of time, you will learn that even if Read more…

View Blog Post

Automate Encryption in Transit with AWS Certificate Manager

Traditionally, managing transport layer security (TLS) digital certificates that are used for encrypting data in transit between clients and servers has been a very manual process. In 2016, Amazon Web Services began offering the AWS Certificate Manager (ACM) – a service for managing these digital certificates. By using AWS CloudFormation and AWS CodePipeline, you can Read more…

View Blog Post

Deploy Managed Config Rules using CloudFormation and CodePipeline

“AWS Config provides AWS managed rules, which are predefined, customizable rules that AWS Config uses to evaluate whether your AWS resources comply with common best practices.” (Source) There are over 100 Managed Config Rules that AWS provides for all types of checks including Analytics, Compute, Database, Machine Learning, Security, Identity & Compliance, and Storage – Read more…

View Blog Post

Continuous Compliance on AWS with CodePipeline and CloudFormation

Whether it’s in or out of the cloud, most IT compliance usually comes in the form of a multitude of checklists – like the one you see below. It might be a spreadsheet, website, or other “digital” tool but, in the end, it’s still checklists that software teams must comply with by filling out forms Read more…

View Blog Post

Continuous Compliance on AWS Workflow

It’s 7:37 AM on a Sunday. You’re in the Security Operations Center (SOC) and alarms and emails are seemingly being triggered everywhere. You and a colleague are combing through dashboards and logs to determine what is causing these alerts. After running around with your “hair on fire” for around 30 minutes, you finally determine that Read more…

View Blog Post

Value Stream Mapping with Mock Pipeline

Value stream mapping (VSM) is a technique for modeling process workflows. In software development, one of the key reasons for creating a VSM is determining the bottlenecks slowing down the delivery of value to end users. While VSM is used in many different industries (mostly related to physical goods), the topic of this post is Read more…

View Blog Post

Continuous Compliance on AWS using AWS Config Rules

How does compliance work in many organizations? From what I’ve seen, it might look something like this: ‘Internal compliance is conducting an audit in three weeks, we need to make sure we’re compliant with all of our internal policies’. What ensues is a heroic effort of people discovering or creating documents and other artifacts indicating what Read more…

View Blog Post

Measuring DevOps Success with Four Key Metrics

Over the years at Stelligent, we’ve used many metrics and have debated on which are best for our customers. Therefore, it’s extremely beneficial to finally have a canonical source for the relevant metrics that matter to organizations that is backed by data and analysis – if for no other reason then to stop wasting time on debating the finer points of certain metrics. Read more…