Posts

Showing posts from 2022

Observability Done Right: Best Practices and Anti-Patterns for Effective System Monitoring

Image
  WHAT Observability is a concept that refers to the ability to gain insights into the behavior and performance of complex systems. In the context of software engineering, observability involves the collection, analysis, and visualization of data from software applications, infrastructure, and other components of a system. In the animal kingdom, observability plays a critical role in survival, allowing animals to monitor their surroundings, detect threats, and find food. Dolphins use echolocation to observe their surroundings. They emit high-frequency sounds that bounce off objects, allowing them to create a 3D map of their environment. Thanks for reading Knowledge Cafe! Subscribe for free to receive new posts and support my work. Subscribed WHY In today's era, architectures are becoming increasingly large, complex, and fast-paced due to the faster development and deployment of software by distributed teams with the help of DevOps, continuous delivery, and agile development methodo...

App Security | OWASP 2021- New Entries

Image
  What is OWASP? OWASP (Open Web Application Security Project) is an international non-profit organization dedicated to improving software security through open source initiatives and community education. OWASP Supports the building of impactful projects, Develops & nurtures communities through events and chapter meetings worldwide and Provides educational publications & resources What is OWASP top 10? The OWASP Top 10 is a regularly-updated report outlining security concerns for web application security, focusing on the 10 most critical risks. read more in detail at official site:  https://owasp.org/Top10/ Which are new entry in 2021 list of top 10 1. Insecure design: “insecure design” are those vulnerabilities that exist due to lack of security implementation in an application at the time of development. When security best practices are not considered during application design phase it might result in this vulnerability. Secure design of an application contains the e...

Chaos Engineering | Type of Attacks

Image
  Today’s advance distributed software systems must be tested for potential weaknesses and faults. Chaos engineering is the process of testing a distributed computing system to ensure that it can tolerate unexpected disruptions. It relies on concepts underlying chaos theory, which focus on random and unpredictable behavior. If you are interested in knowing more about Chaos Engineering and History please refer this article from Gremlin  In this article we will discuss about various categories of attack and some usecases.  Resource Attack Generate load across CPU, Memory and Storage devices Help in preparation for sudden load change, validating auto scaling, test monitoring and alerting config. Its like preparing our system for Black Friday sale in advance.  CPU Attack CPU attack sends heavy traffic on system which can help to identify stability and performance undrer stress. We can also validate auto scaling and alerting mechanism.  Memory Attack Memory leak is t...

Chaos Engineering : Game Day

Image
  What is chaos engineering: Chaos engineering is a methodology that helps developers attain consistent reliability by hardening distributed services against failures in production. Another way to think about chaos engineering is that it's about embracing the inherent chaos in complex systems and, through experimentation, growing confidence in your solution's ability to handle it. A common way to introduce chaos is to deliberately inject faults that cause system components to fail. The goal is to observe, monitor, respond to, and improve your system's reliability under adverse circumstances. Why Chaos Engineering? Contrary to what the name may indicate, chaos events are not performed in a chaotic fashion. The goal of chaos engineering is to identify weakness in a system through controlled experiments that introduce random and unpredictable behavior. A main benefit of chaos engineering is that organizations can use it to identify vulnerabilities before a hacker does or befor...