View Blog Post

Automate Container Security Scans in Your CI/CD Pipeline with AWS ECS

Many enterprises attempt to drive software development and delivery towards a DevOps mindset. Likewise, organizations struggle with increasing security challenges while adopting these innovative software practices. Embedding security within the deployment lifecycle is non-negotiable. Therefore, integration of security into CI/CD workflows need be done cautiously to meet an ever-evolving technology landscape. DevSecOps is an important Read more…

View Blog Post

Validating AWS CloudFormation templates with cfn_nag and mu

Stelligent cfn_nag is an open source command-line tool that performs static analysis of AWS CloudFormation templates. With cfn_nag you can check for: Static code analysis of AWS CloudFormation Block undesirable resource specifications Proactive preventative control – stop before creating resources Enforceable in a deployment pipeline Here are some examples of the types of checks cfn_nag Read more…

View Blog Post

NetFlix Unleashes Chaos Monkey – The First in its Simian Army

Today, NetFlix announced its first open source release in its Simian Army – the Chaos Monkey. The Chaos Monkey assumes that everything will fail…eventually. The Chaos Monkey runs, by default, on your Amazon Web Services’ (AWS) infrastructure and randomly terminates instances in Auto Scaling Groups. We wrote about some of the benefits of treating instances Read more…