Welcome to curated list of handpicked free online resources related to IT, cloud, Big Data, programming languages, Devops. Fresh news and community maintained list of links updated daily. Like what you see? [ Join our newsletter ]

Memory management in Python


Tags python programming software apps apis

This article describes memory management in Python 3.6. If you are interested in GC details, you can read my article about Garbage collection in Python. By Artem Golubin.

Everything in Python is an object. Some objects can hold other objects, such as lists, tuples, dicts, classes, etc. Because of dynamic Python’s nature, such approach requires a lot of small memory allocations. To speed-up memory operations and reduce fragmentation Python uses a special manager on top of the general-purpose allocator, called PyMalloc.

The content of article:

  • Small object allocation
  • Block
  • Pool
  • Arena
  • Memory deallocation

Note: Python’s small object manager rarely returns memory back to the Operating System. Great read!

[Read More]

How to run Scrum in data science teams


Tags agile teams software software-architecture

Haydar Özler wrote this piece about his hands-on experience tips on team structure, skills, cross functionality, product backlog items, sprint lengths, difficulties and benefits when using scrum framework on a data project.

The author worked in an agile tribe composed of 7 teams and 58 people established to deliver AI functionality to existing products of the bank. One of the teams is architectural team and the others are delivery teams.

The article covers:

  • Business case examples
  • Team structure
  • Product backlog items & what to present in sprint reviews?
  • Sprint length
  • Difficulties

Let’s accept it — scrum is a great way of working. Nevertheless, until all team members get used to its methodology, get ready for some challenges, e.g.: people who prefer working alone start complaining about the time spent for rituals and communications; it takes time to learn the art of creating thin vertical product backlog items for a data science project; writing acceptance criteria is also more complicated than software development cases, etc.

Excellent read accompanied by schemas and detailed explanations. Well done!

[Read More]

Maximizing your security posture with Azure ATP


Tags cloud security devops azure software-architecture

Interesting article from Chris Hallum from Microsoft. Their customers spend a lot of time and money on security solutions and very few of them are taking full advantage of the solutions they’ve deployed. Even fewer of them are deploying or maintaining these solutions correctly. Based on this it’s not surprising to see stats like “93% of all breaches could have been avoided if basic cyber hygiene had been in place” (Online Trust Alliance).

The industry and even our customers have been overly focused on finding technological solutions with the hope they’ll will address the people and process issues that are the root cause of so many incidents.

The article then deals with:

  • Using Microsoft Secure Score to amp your security posture for identity
  • Top 5 most impactful improvement actions to prioritize
  • How to install Azure ATP Sensor on all domain controllers
  • How to set a honeytoken account
  • How to configure VPN integration
  • How to configure Microsoft Defender ATP Integration
  • Fixing advanced audit policy issues

Excellent and straight to the point article – a quick tour of the top improvement actions for Azure ATP. As you can likely tell from the list, implementing them will have no negative impact on your users and each of them can be quickly enabled. Nice one!

[Read More]

A Git-Flow explainer & how to tutorial


Tags programming frontend software web-development

The guide for anybody developing with help of Git written by Marc Backes. When someone talks about Git-Flow, it could mean two things: a successful branching model (theory) or a set of terminal commands that extend the regular git command set (practice).

As a developer, Git is probably part of your daily work. You develop new features, you merge them later, then you release them, and finally, you fix potential bugs.

If there is no clear way of doing all these things – especially as a team – you get in trouble really fast. That’s why Git-Flow is here: It provides you with a clear work-“flow” to handle day-to-day Git business.

The article then covers:

  • The theory, including
  • Main branches
  • Supporting branches
  • Feature branches
  • Release branches
  • Hotfix branches
  • The practice

You will get schemas and set of commands how to implement git flow. The author even wrote some scripts that make it easier to work with git-flow, or even git in general, and linked them to an alias in my terminal. You can check the project out from GitHub. Nice and consistent information!

[Read More]

Creating a full-stack MERN app using JWT authentication


Tags nodejs javascript software web-development

Praveen Kumar wrote this piece about authentication using JSON Web Token (JWT). The author demonstrates how he went about building a React frontend that talks to a .NET Core API Server. The authentication mechanism has been built on JWT on the .NET side of the project.

He implemented the JWT authentication on the frontend using React. You will also get:

  • What is JWT?
  • JWT flow
  • Creating an Express.js server
  • Generating JWT on the server
  • Choosing the right library!
  • Implementing the encoding function
  • Decoding and validating JWT

.. and more. It also deals with LogRocket – a frontend logging tool that lets you replay problems as if they happened in your own browser.

In addition to logging Redux actions and state, LogRocket records console logs, JavaScript errors, stacktraces, network requests/responses with headers + bodies, browser metadata, and custom logs. Nice one!

[Read More]

How Windows Defender Antivirus integrates hardware-based system integrity for informed, extensive endpoint protection


Tags cloud security azure machine-learning software

Microsoft Defender ATP Research Team interesting article about inner workings of Windows Defender. Detecting and stopping attacks that tamper with kernel-mode agents at the hypervisor level is a critical component of the unified endpoint protection platform in Microsoft Defender Advanced Threat Protection.

Recently, the Microsoft Defender ATP research team found a malicious system driver enabling a token swap attack that could lead to privilege escalation. In this blog, we’ll share our analysis of the said attack and discuss how Windows Defender Antivirus uses its unique visibility into system behaviors to detect dangerous kernel threats.

The further reading contains:

  • Hardware-based root of trust
  • Detecting token theft attacks
  • Device integrity for broader security

Architecturally, the solution is collectively referred to as the Windows Defender System Guard runtime monitor and consists of the following client-side components:

  • The VTL-1 runtime assertion engine itself
  • VTL-0 kernel-mode agent
  • VTL-0 process we call the ‘broker’ to host the assertion engine

Links to various security resources included. Very insightful!

[Read More]

Indexing and searching NuGet.org with Azure Functions and Search


Tags javascript web-development serverless nodejs azure

An article by Maarten Balliauw about parsing publicly available JSON data with Azure Functions (serverless). NuGet is the package manager for .NET. The NuGet client tools provide the ability to produce and consume packages.

In this blog post, author takes you though building a “reverse package search” that helps finding the correct NuGet package based on a public type. We will create a highly-scalable serverless search engine using Azure Functions and Azure Search that performs 3 tasks:

  • Listening for new packages on NuGet.org (using a custom binding)
  • Indexing packages in a distributed way
  • Exposing an API that accepts queries and gives our clients the best result

This blog post is accompanied with conference talk “Indexing and searching NuGet.org with Azure Functions and Search”. In case you prefer watching and listening, you can use the recording (captured at NDC Oslo 2019).

Long and detailed resource for anybody interested in serverless. Great read!

[Read More]

State management in React


Tags javascript web-development programming nodejs

The State is an important concept in React that stores data and displays the behavior of a component. People choose different approaches for managing State in React. The article delve into the basics of React State and different ways to manage it. By Vrushali Bhosale.

Updating the State of a component is easy. But what if you want to update it in child component? This is where it becomes tricky.

The article then explains in some depth:

  • What is State? And why do you need to manage it?
  • Tools of State management
    • Services
    • Redux
    • Mobx
    • Context API
    • Hooks

Complex applications lead to complex State management. Cases where multiple components need to be handled and could increase in time, you may choose any of the React State management tools. Since a simple and easy application is always desired, avoiding State management would be advised. Nice one!

[Read More]

Agile metrics: the ultimate guide


Tags programming agile monitoring miscellaneous servers

This guide has everything you need to know about agile metrics. So if you want to understand all the different metrics you can measure and how to use them, you’re in the right place. By leontranter.

This guide is broken them up into five categories:

  • Metrics from Agile Project Tools -– these track the items your team are working on
  • Lean Kanban metrics -– these might come from Agile project tools or from other places
  • Metrics from Source Control tools -– these track the commits that developers make to a codebase
  • Metrics from Continuous Integration (CI) and Continuous Delivery (CD) Tools – these track the frequency and quality of builds and automated tests and deployments
  • Business Intelligence Metrics -– these tell you how customers are using your software, how your business is growing, what customers think of your products, and so on

Please remember that these should be chosen and used wisely. And remember –- not everything that can be counted counts, and not everything that counts can be counted. Insightful!

[Read More]

Golang tutorial for Node.js developers: Getting started


Tags programming software-architecture functional-programming

A tutorial series, which covers the basics of getting started with the Go language, while building an app and exposing it through a REST, GraphQL and GRPC API together. By Tamas Kadlecsik (@tamaskadlecsik); CEO of RisingStack.

Another drawback is that because Go is statically typed and lacks generics, you cannot use basic functional programming niceties such as map, filter, reduce, unless you write them for each type or generate the code for them.

The article covers:

  • Golang Setup
  • net/http with Go
  • Encoding/json
  • Dependency management
  • Build tooling

The source code for the article is also available in GitHub repo.

Go features very nice concurrency primitives and provides excellent speed if used right. However, the number of libraries compared to other platforms is small, and they tend to be young. Good read!

[Read More]