Forem: Nizar Nassar

Security as code

Nizar Nassar — Mon, 26 Apr 2021 13:39:16 +0000

Hi, all :)

Securing cloud infrastructure can sometimes impact a team's agility. The community is looking for different ways to secure cloud infrastructure with the DevOps mindset. Security as Code and shifting left security might provide such agility.

In this podcast we talk to Ahmed Badran, CTO & Co-founder of Magalix, we explore the challenges and problems within the cloud infrastructure and the rise of Security as code.

Listen to Podcast here: https://anchor.fm/sac-magalix/episodes/What-is-Security-as-Code-euurrv

Kubernetes #SAC #Shiftleft #Securityascode #devops"

Shifting Security Left in the DevOps Era

Nizar Nassar — Tue, 19 Jan 2021 11:21:37 +0000

In the world of cloud-native applications, innovation, and fast go-to-market plans, unicorn companies - such as Google, Netflix, and Amazon - are doing tens, hundreds, even thousands of container builds and deployments a day.

The traditional way of injecting security at the tail-end of the software development process has hindered releases and created adversarial relationships between the DevOps and the security teams, bringing your hard-earned agility to a halt.

Here is where SecDevOps comes in. SecDevOps offers a new security model by incorporating a security-based mindset into DevOps workflows, sharing security responsibility across all teams, and shifting visibility to the left.

In this webinar, you will learn:

The security drawbacks in the cloud-native space
The rise of SecDevOps
3 key elements to successfully shift your security left
How to create alignment between traditional Dev and Sec Team

Submit your attendance here: https://www.magalix.com/shifting-security-left-in-the-devops-era

The Best Kubernetes Tutorials

Nizar Nassar — Sun, 14 Jun 2020 12:11:31 +0000

We have been looking for the best Kubernetes tutorials out there and thought of sharing some of what we found interesting to get started with Kubernetes,

Check full article here: https://hubs.ly/H0qY2q-0

The Official Kubernetes.io Tutorials
It is more of a collection of the existing content on Kubernetes.io. It focuses more on introducing the general concepts and constructs of Kubernetes. But it doesn’t provide necessary lessons that build upon each other. Covered Topics.

• The Basics

https://kubernetes.io/docs/tutorials/#basics
• Configuring Kubernetes 
https://kubernetes.io/docs/tutorials/#configuration
• Stateless Applications 
https://kubernetes.io/docs/tutorials/#stateless-applications

DigitalOcean Tutorials
It is a collection of articles that are nicely written and well organized. They are sometimes focused on Running Kubernetes on top of DigitalOcean however. But you are still going to learn a lot of Kubernetes basics that are applicable to any other infrastructure. Some of the notable topics are:

• An Introduction to Kubernetes

https://www.digitalocean.com/community/tutorials/an-introduction-to-kubernetes
• An introduction to Kubernetes DNS Services 
https://www.digitalocean.com/community/tutorials/an-introduction-to-the-kubernetes-dns-service
• An introduction to Helm, the package manager for kuberenetes
https://www.digitalocean.com/community/tutorials/an-introduction-to-helm-the-package-manager-for-kubernetes 

Google Kubernetes Engine Tutorials
Google tutorials are mostly focused on specific use cases more than teaching you the basic Kubernetes concepts. Examples of such tutorials are: create a guestbook with Redis and PHP on GKE, or Using Persistent Disks with WordPress and MySQL. Google depends mainly on Kubernetes.io as the main source of knowledge about Kubernetes since Google engineers are most contributors to these tutorials. Main covered topics:

• Deploying Applications

https://cloud.google.com/kubernetes-engine/docs/tutorials/hello-app
• Configuring cluster networking 
https://cloud.google.com/kubernetes-engine/docs/tutorials/http-balancer
• Continuous Integration and delivery 
https://cloud.google.com/solutions/jenkins-on-kubernetes-engine-tutorial

Check the full article and clear indication and direction to the tutorials URL's: Here, https://hubs.ly/H0qY2q-0

Create A CI/CD Pipeline With Kubernetes And Jenkins

Nizar Nassar — Thu, 21 May 2020 15:41:55 +0000

CI/CD stands for Continuous Integration/Continous Delivery and/or Deployment.
A team that does not implement CI/CD will have to pass through the following stages when it creates a new software product:

1- The product manager (representing the client’s interests) provides the needed features that the product should have and the behavior it should follow.

The documentation must be as thorough and specific as possible.

2- The developers with the business analysts start working on the application by writing codes, running unit tests, and committing the results to a version control system (for example, git).

3- Once the development phase is done, the project is moved to QA. Several tests are run against the product, like User Acceptance Tests, Integration Tests, performance tests among others. During that period, there should be no changes to the code base until the QA phase is complete. If there should be any bug, they’re passed back to the developers to fix them and hands the product back to QA.

4- Once QA is done, code is deployed to production by the operations team.

There is a number of shortcomings for the above workflow:

-- First, it takes so long from the time the product manager makes her request until the product is ready for production.

-- It’s harder for developers to address bugs in code that has been written since quite a long time like a month or more ago. Remember, bugs are only spotted after the development phase is over and QA phase starts.

-- When there’s an urgent code change like a serious bug that needs a hotfix, the QA phase tends to be shortened due to the need to deploy as fast as possible.

-- Since there’s little collaboration between different teams, people start pointing fingers and blaming each other when bugs occur. Everybody starts caring only about his/her own part of the project and lose sight of the common goal.

Full article here: https://hubs.ly/H0qCnJ90