Welcome to curated list of handpicked free online resources related to IT, cloud, Big Data, programming languages, Devops. Fresh news and community maintained list of links updated daily. Like what you see? [ Join our newsletter ]

Admins wonder if the cloud was such a good idea after all

Categories

Tags cloud management miscellaneous cio

After an initial euphoric rush to the cloud, administrators are questioning the value and promise of the tech giants’ services. According to a report published by UK cloud outfit Civo, more than a third of organizations surveyed reckoned that their move to the cloud had failed to live up to promises of cost-effectiveness. Over half reported a rise in their cloud bill. By Richard Speed.

In the IT world, there is an expectation that bang for buck increases as time goes by, but in this example, prices are rising faster than the rate of inflation, and what customers receive for their money remains unchanged. Cost control, based on operating datacenters at massive scale, was part of the early sales pitch and in the intervening 15 years, it had proven out – cloud product costs were stable, and either went down in price or more features were added at the same price.

So, are prices increasing? The answer has to be yes. How much of those rises are down to the major vendors opportunistically adding of a few percentage points versus an increase in fixed costs, such as electricity, is pretty much irrelevant. The advice remains the same: the cloud is here to stay although its luster has dulled over time. Interesting read!

[Read More]

Can your developers benefit from platform engineering?

Categories

Tags devops performance app-development cio management

Will designing tools and workflows to bring self-service to software development help developers work more efficiently? A growing number of adopters think so. By John Edwards.

Platform engineering focuses on tasks designed to help application developers work more efficiently, such as setting up staging environments, readying CI/CD pipelines, and configuring infrastructure as code (IaC) to automate cloud resource provisioning.

With a renewed focus on cost efficiency, organizations have come to realize that significant value can be derived from improved developer productivity and engineering effectiveness, especially in making R&D dollars go further. Platform engineering’s primary benefit is giving developers an experience that features the same ease-of-use intended for business users and consumers, ultimately making them more productive.

Since platform engineering draws from DevOps and CI/CD practices, a good way to begin is to become adept in managing DevOps tools, frameworks and technologies. As platform engineering tends to align with cloud computing, microservices, and orchestration, organizations should focus on building a portfolio focused on automation in AWS, Azure, or Google Cloud Platform. Good read!

[Read More]

Data streaming technologies overview

Categories

Tags streaming big-data cloud event-driven software

The ability to process high volumes of data (big data) in real-time has become crucial for many organizations, and this is where data streaming technologies come into the picture. These technologies allow large amounts of data to be processed in real-time or near real-time as it is generated, enabling businesses to gain immediate insights and make time-sensitive data-driven decisions. By Darryn Campbell.

At the heart of these technologies is the concept of data streams, also known as event streams. Data streams are sequences produced by various sources, such as social media feeds, Internet of Things (IoT) devices, log files, scientific data sets, and more. These streams of data are then ingested and processed by data streaming technologies. The blog post then explains:

  • Basic concepts of data streaming technologies
  • Data streaming architecture
  • Data consistency
  • Tools for data streaming technologies

Data consistency is a significant concern in data streaming. Data streaming technologies use various techniques such as event ordering, exactly-once processing, and fault tolerance to ensure consistency. These techniques ensure that the data is processed in the correct order, no data is lost or processed multiple times, and the system can recover from failures without data loss. Nice one!

[Read More]

React is (becoming) a full-stack framework

Categories

Tags nodejs javascript app-development frontend web-development

React, with its addition of Server Components and Server Actions, is evolving into a full-stack framework. Once the most popular frontend framework, it has now successfully bridged the gap between frontend and backend to reign over both sides of the chasm. By Robin Wieruch.

In recent years, TypeScript has emerged as the industry standard, providing frontend developers with a typed and more robust programming language. Once developers embraced TypeScript, there was no turning back. It’s fascinating how a relatively small change in code can have such a significant impact on both a personal and industry-wide level.

The real breakthrough for me came with Server Components and Server Actions in 2024, which bridged the gap to the server by not only calling it, but by being able to implement and execute code on the other side. Server Components allow us to execute React components on the server, enabling direct access from data sources (e.g. databases) before returning the UI with JSX.

React itself provides only the primitives and specifications for Server Components and Server Actions. Meta frameworks built on top of React can bridge the gap with their bundler which interprets the directives (i.e. ‘use client’ and ‘use server’) between client and server. Good read!

[Read More]

Google now uses Open Graph title tag (og:title) for title links

Categories

Tags search miscellaneous software google

Google adds og:title to sources for generating search result titles, expanding use of Open Graph data beyond social media. By Matt G. Southern.

The article explains:

  • Google now considers og:title for search result titles
  • Open Graph tags gain broader significance beyond social media
  • Best practices for title creation remain unchanged

The og:title tag allows you to specify a title for your content that may differ from the traditional HTML title tag. This can be useful for optimizing how a page appears when shared on social networks or, now, in search results. While it’s used to control how content appears on social media platforms, Google’s inclusion of this tag in its title link sources indicates a broader use of Open Graph data. Good read!

[Read More]

What is AI security?

Categories

Tags infosec ai ibm cloud software-architecture cio

Short for artificial intelligence (AI) security, AI security is the process of using AI to enhance an organization’s security posture. With AI systems, organizations can automate threat detection, prevention and remediation to better combat cyberattacks and data breaches. By Annie Badman, Matthew Kosinski.

Organizations can incorporate AI into cybersecurity practices in many ways. The most common AI security tools use machine learning and deep learning to analyze vast amounts of data, including traffic trends, app usage, browsing habits and other network activity data.

The article deals with:

  • Why AI security is important
  • Benefits of AI security
  • Potential vulnerabilities and security risks of AI
  • AI security use cases
  • AI security best practices
  • Related solutions

To balance AI’s security risks and benefits, many organizations craft explicit AI security strategies that outline how stakeholders should develop, implement and manage AI systems. Nice one!

[Read More]

Wasm vs. Docker: Performant, secure, and versatile containers

Categories

Tags containers devops cloud docker javascript

Docker and WebAssembly (Wasm) represent two pivotal technologies that have reshaped the software development landscape. You’ve probably started to hear more about Wasm in the past few years as it has gained in popularity, and perhaps you’ve also heard about the benefits of using it in your application stack. This may have led you to think about the differences between Wasm and Docker, especially because the technologies work together so closely. By Savannah Ostrowski, and Sohan Maheshwar.

Wasm is a compact binary instruction format governed by the World Wide Web Consortium (W3C). It’s a portable compilation target for more than 40 programming languages, like C/C++, C#, JavaScript, Go, and Rust. In other words, Wasm is a bytecode format encoded to run on a stack-based virtual machine. The article then deals with:

  • What’s Wasm?
  • Why use Wasm?
  • Docker vs. Wasm: How are they related?
  • Benefits of using Docker and Wasm together
  • How to enable Wasm on Docker Desktop
  • How Docker supports WebAssembly

WebAssembly is continuously evolving, so you’ll need a tight pulse to keep up with ecosystem developments. One recent advancement relates to how the new WebAssembly Component model will impact shims for the various container runtimes. At Docker, we’re working to make it simple for developers to create Wasm containers and enhance the developer experience. Good read!

[Read More]

Identity threat detection and response solution guide

Categories

Tags infosec devops cloud software-architecture learning cio

Identity Threat Detection and Response (ITDR) has emerged as a critical component to effectively detect and respond to identity-based attacks. Threat actors have shown their ability to compromise the identity infrastructure and move laterally into IaaS, Saas, PaaS and CI/CD environments. Identity Threat Detection and Response solutions help organizations better detect suspicious or malicious activity in their environment. By The Hacker News.

Further you will learn about:

  • Human and non-human identities
  • Core ITDR capabilities
  • Identity threat use cases
  • Questions an effective ITDR solution should answer
    • Identity inventory and access management
    • Risk assessment and anomaly detection
    • Authentication and access patterns
    • Activity monitoring and change tracking
    • Incident correlation and response

To effectively safeguard against identity attacks, organizations must choose an ITDR solution with advanced capabilities to detect and mitigate attacks. Good read!

[Read More]

How to use ChatGPT to write code: What it can and can't do for you

Categories

Tags ai programming teams big-data miscellaneous

Can ChatGPT replace programmers? What programming languages does ChatGPT know? We answer these and your other generative AI coding questions. By David Gewirtz.

One of the more intriguing discoveries about ChatGPT is that it can write pretty good code. I first tested this out last year when I asked it to write a WordPress plugin my wife could use on her website. ChatGPT did a fine job, but it was a very simple project. So, how can you use ChatGPT to write code as part of your daily coding practice? Here’s a quick summary:

  • ChatGPT can produce both useful and unusable code. For best results, provide clear and detailed prompts
  • ChatGPT excels in assisting with specific coding tasks or routines, rather than building complete applications from scratch
  • Use ChatGPT to find and choose the right coding libraries for specific purposes, and engage in an interactive discussion to narrow down options
  • Be cautious about the ownership of AI-generated code and always verify the code’s reliability. Don’t blindly trust the generated output
  • Treat interactions with ChatGPT as a conversation. Refine your questions based on the AI’s responses to get closer to the desired output

There are two important facts about ChatGPT and coding. The first is that the AI can, in fact, write useful code. The second is that it can get completely lost, fall down a rabbit hole, chase its own tail, and produce unusable garbage. Good read!

[Read More]

Why (and how) APIs and web applications are under siege

Categories

Tags infosec devops apis restful

Attackers are increasingly targeting web applications and APIs, with a nearly 50% year-over-year growth in web attacks, driven by the increased adoption of these technologies, which significantly expanded organizational attack surfaces, according to an Akamai report. By Mitch Mayne.

A total of 108 billion API attacks were recorded from January 2023 through June 2024. This relentless assault reflects a dramatic increase in attempts by threat actors to gain access to valuable data. Indeed, several high-profile data breaches in recent months have been linked to API abuse or exploitation of API vulnerabilities.

Web applications, and the APIs that enable them, are redefining customer experiences, streamlining business operations, and fueling economic growth. At the same time, they are creating new avenues of potential entry into your digital fortress.

The blog post then explains:

  • Key findings of the SOTI report
  • API attacks on the rise
  • Industries at higher risk
  • Defending web applications and infrastructure

Web applications and APIs will continue to proliferate, fuel innovation, and deliver the experiences that define our modern world. Recognizing their potential vulnerabilities and taking steps to fortify your applications is the key to repelling the cyberthreat siege. Nice one!

[Read More]