Deploying your applications in the Cloud, and using the services it provides, is one good way to mitigate the possibility of future attacks.
Two months ago I didn’t give much thought to controlling a program’s access to the Internet. Then Log4Shell happened. This post looks at three ways that you can control what an in-VPC application is allowed to talk to.
Building a holiday light display for his own home spurred Al Iacovella’s interest in microcontrollers, data, and the internet of things.
It’s been a week since CVE-2021-44228, a remote code execution vulnerability in Log4J 2.x, hit the world. Hopefully by now everybody reading this has updated their Java deployments with the latest Log4J libraries. But no doubt there’s another vulnerability, in some popular framework or library, just waiting to make its presence known. This post is about Cloud features that act to minimize the blast radius of such vulnerabilities.
Amazon Redshift’s launch in 2012 was one of the “wow!” moments in my experience with AWS. Here was a massively parallel database system that could be rented for 25 cents per node-hour. Here we are in 2021, and AWS has just announced Redshift Serverless, in which you pay for the compute and storage that you use, rather than a fixed monthly cost for a fixed number of nodes with a fixed amount of storage. And for a lot of use cases, I think that’s a great idea. So I spent some time kicking the tires, and this is what I learned.
Amazon Athena is a service that lets you run SQL queries against structured data files stored in S3. It takes a “divide and conquer” approach, spinning up parallel query execution engines that each examine only a portion of your data. The performance of these queries, however, depends on how you consolidate and partition your data. In this post I compare query times for a moderately large dataset, looking for the “sweet spot” between number of files and individual file size.
Clickstream data – the behavior data collected from a user’s path through a website or app – is often used for business intelligence reports. It helps many companies answer questions like, ‘which of my products are people adding to their cart?’ or ‘What does our online purchase funnel look like?’ But our AWS Practice Lead, … Read More
In my last post I discussed how an artifact server is the best way to publish locally-developed Python packages. In this post, I show you how to set up the AWS CodeArtifact service and use it with pip and Poetry.
Different numbers of availability zones are appropriate for different workloads. This post helps you pick an appropriate number for your needs.
Sujan Kapadia and Ken Rimple talk Rust news, AWS’ OpenSearch, HTTP SEARCH, and using console.log() like a pro.