Xebia

article thumbnail

API Security is More Than Testing

Xebia

API Security doesn’t start with penetration testing. This isn’t to say testing isn’t important – it is! And at multiple phases. It isn’t always feasible to cover every single security scenario, but the most important ones should be considered. This is why it’s important for the business to understand what can go wrong, when, and how to get ahead of these issues as early as possible.

Testing 130
article thumbnail

Platform Engineering Essentials: 5 Key Learnings Before You Start

Xebia

Are you starting on your platform engineering journey? Are you looking at how to create a successful platform with lasting value? Do you want to get people to come along on the journey? Platform engineering can help organizations reduce cognitive load for development teams, and create a significant improvement in developer experience (DevEx) as well as several other areas.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

The Cost Paradox Of The Cloud

Xebia

Against all odds, some organizations are migrating back from the Cloud to their on-premises servers, as the Cloud turns out to be too expensive for them. We notice some of our clients migrate back too. This is unexpected because, theoretically, operating your landscape in the cloud ought to be cheaper. Unexpected Cost Developments Cost is an important factor when migrating to the cloud.

Cloud 130
article thumbnail

How To Configure FQDN Firewall Rules In Google Cloud

Xebia

Filtering web traffic is easy with Cloud Firewall , a cloud-first NGFW with advanced threat protection. How easy? A single policy allows or denies traffic to a domain name and applies as fine-grained as tags or service accounts. Looking for more examples? Check out the GitHub repository. Allowing egress to xebia.com The following policy allows all hosts to access xebia.com : resource "google_compute_network_firewall_policy_rule" "allow_xebia" { project = var.project_id firewall_p

Firewall 130
article thumbnail

The software delivery tool trap

Xebia

If you’ve worked in software development for any amount of time, you’re probably used to working in a certain way, and have been in the situation where a new tool forces you to change your way of working. Some may also think that using tool X automatically means following process Y. For example, "We’re using ArgoCD, therefore we’re doing GitOps, right?

Tools 147
article thumbnail

AWS Lambda Benchmarking

Xebia

In this blog post, we examine the relative costs of different language runtimes on AWS Lambda. Many languages can be used with AWS Lambda today, so we focus on four interesting ones. We made the complete project available on GitHub because any benchmarking claims we make are frivolous without the supporting code for potential peer review. Meet the contestants Rust : According to StackOverflow, Rust has been developers’ most loved programming language since 2016.

Lambda 130
article thumbnail

Secure your Compute Engine by blocking project-wide SSH keys

Xebia

Best practice for handling SSH keys in Google Cloud When you are using the Compute Engine in Google Cloud, you might wonder what’s the best way to handle SSH keys for your Virtual Machines (VMs) ? We’ve also got some questions from our customers. There are several ways to implement and store SSH keys into your Google Cloud environment, but you might wonder what the best way to do so?