Creating An Aks Private cluster with Istio and Application Gateway

Security has been a very key consideration in modern application architecture. When we talk about cloud-native application architecture, people tend to think about security a lot. That is why all the cloud providers have a bunch of features to make your application more secure and robust. For example, Azure provides various gateways like Network security groups, Application gateway, Azure front-door. These azure services provide a secure connection either by introducing a firewall or validating SSL.certificates.

Know More 👀 →

Battle of Programming Language: Statically Typed Vs Dynamically Typed ?

In this Blog we will Understand what is Statically-typed and Dynamically typed programming languages Comparing to a real time example. We will discuss on Which language is suited in Which Use Case .

Know More 👀 →

Why I was encouraged to learn Rust (Comparing Rust and Python

It is been 8 years in my Job career as an infrastructure/DevSecOps engineer, I am much satisfied. But in the corner of my heart, I had the urge to learn programming so that I can relate my daily job to the developer program easily.

Know More 👀 →

Configuring Meshery behind ISTIO and ingress gateway

Accessing Workloads behind a ingress-gateway always has been a industry standard practice in Kubernetes setup. It facilitate single entry point for all your services deployed in a production grade Kubernetes. This setup also allows you to leverage the service-mesh functionality of implementing policies and have a better authz and authn to the deployed services. Meshery is no different, you can configure it to be accessed through ingress gateway. Let’s see how can we configure it

Know More 👀 →

Imposing mandatory http(s) security headers in NGINX ingress in Kubernetes

Making an application up and running does not qualify as a full-fledged product. It is particularly important to have security measure in the Product. Now in the ever-increasing digital revolution, security flaws are really risk for an organisation as-well as the users. Though we cannot eliminate all the risks, we can always try to address most of them and the important CVEs.

Know More 👀 →

Securing Meshery Installation: The best practices

We are delighted that you are loving Meshery, so it is our sole responsibility to make sure that you are in safe hands. The below few lines will describe how can you harden your security for accessing meshery so that you make eventually keep all your infrastructure sharing the same network are safe.

Know More 👀 →

Parameters to Consider while choosing an Open-Source tool.

When deciding on an open-source tool for a specific purpose, there are several key parameters you should consider to ensure the tool meets your needs and is a good fit for your project. Here are some important parameters to keep in mind.

Know More 👀 →

Gen AI tools made my college days alive

This blog is a good read if you are still poking in to your mobile to read some interesting and relatable Tech stories. Here I share my Experience which resembles the way Generative AI is behaving these days.

Know More 👀 →

Shell script to Migrate Azure Container Registry

When someone asks to migrate an ACR from one Azure subscription to another azure subscription, it feels like a tedious task. Because you must migrate Image repositories and all the image tags that are in those repositories.

Know More 👀 →

Building a Dynamic Data Pipeline from Scratch with Snowflake and Python

Data Pipelines are very crucial to data modeling and training. Inthis blog we will design a pipeline from very scratch using Python , snowflake and numpy.

Know More 👀 →

SBOM: Know the Software's source of truth

Over the years, our focus has been on enhancing our software's functionality and striving for vendor neutrality. We've integrated various freely available modules from diverse sources to expand our applications. However, we inadvertently overlooked verifying the authenticity of these sources.

Know More 👀 →

Cross-Site Scripting (XSS) Vulnerability and Mitigation in Web Applications

In the realm of web security, Cross-Site Scripting (XSS) stands as one of the most prevalent and hazardous vulnerabilities. With its ability to manipulate the interaction between a web application and its users, XSS can lead to unauthorized data exposure, session hijacking, and even malware distribution. This article delves into the concept of XSS, highlighting its potential impact and providing insight into securing applications against this threat.

Know More 👀 →

Shell script to Remove history from a git Branch

There are various instances where we decide to remove the history from a git repository. Let's see a script action.

Know More 👀 →

Uncontrolled Data Used in Path Expression: A Cyber Security Threat

In today's interconnected world, web applications rely on various external services to provide dynamic content and functionality. However, this dependence on external resources can also create security vulnerabilities, one of which is Server-Side Request Forgery (SSRF). SSRF is a type of attack where an attacker manipulates a web application to send unauthorized requests to internal or external resources. In this blog, we will delve into the concept of SSRF, its potential impact on your Java applications, and discuss strategies to mitigate this critical security risk.

Know More 👀 →

Physics in Product Metaphor: Navigating Momentum Through Pivot

Let's Understand what is Pivot in a Product and business by corelating it to Physics Metaphor. We look in to various Use cases with regards to the key Influences which cause the pivot. What exactly a product team can Adapt

Know More 👀 →

Part 1: Variable and DataTypes in Rust

Variables are the basic building blocks of a programming language. It holds data in the computer memory during runtime. The data that a variable hold can be different types. Like other languages, Rust has 2 kinds of high-level data types. Scalar and Compound . Scalar contains a single value whereas Compound holds multi-value data in the memory during run time.

Know More 👀 →

Which service to Use Azure Kubernetes Services or Azure App service (A curated topic)

Getting started with Azure App-service is quite easy and a best place to start with. configuration through Azure dashboard with few click is the most liked feature of this Azure service. But when we talk about a production grade application and an infrastructure for the same , App service lacks in various perspective. This article highlights all the pros and cons of using App-service for a application hosting and Azure Kubernetes with facts.

Know More 👀 →

Part:0 - Few facts about Rust programming language

This is the very first write-up of our Rust journey. In this part, we will learn a few interesting facts about Rust programming language. This will give us an overview of how and what of Rust at a high level.

Know More 👀 →

Part-2: Recursive Search with Rust

In this blog lets talk about the recursive search In Rust programming, We will understand it from the algo with and try to build a small command line utility to practice that.

Know More 👀 →

Uncontrolled Data Used in Path Expression: A Cyber Security Threat

Path expressions are used in a variety of software applications to construct file paths. However, if these expressions are not properly validated, they can be used by attackers to gain unauthorized access to sensitive data or systems.

Know More 👀 →

Uncontrolled Data Used in Path Expression: A Cyber Security Threat

It is essential in the field of software development to provide people control over their data and experiences. Users' experiences are improved when they can build unique queries using user-controlled sources, which also gives them a sense of control and flexibility. This strategy has a lot of advantages, but it also has its share of drawbacks and potential problems.

Know More 👀 →

The System Design for Various Usecase Fully Automated

We will explore two key pipeline designs: one focusing on DevSecOps automation for containerized environments and the other on Infrastructure as Code (IaC) pipelines for managing Kubernetes clusters. Both pipelines help automate various stages of security checks, image verification, and deployment, making operations more efficient and secure.

Know More 👀 →