This year we made a comparison of different tools. Our author Markus describes how we proceeded with the evaluation and what our takeaways were.
English
Open Source Tools for Software Supply Chain Security
In this article we show how you can improve the security of your software supply chain without spending money for software licenses. For this, we present useful open-source tools for automated dependency updates, vulnerability scanning of dependencies, license scanning, SBOM generation, secret detection and scanning of infrastructure as code for vulnerabilities and misconfiguration.
Software Supply Chain Security with Google Software Delivery Shield
Our authors Pascal and Bastian investigated the Google Software Delivery Shield which is Google’s fully managed solution for software supply chain security. In this article they describe how software supply chain security can be achieved during the different steps of the software development lifecycle with the Google Software Delivery Shield.
Introduction to Software Supply Chain Security
Our author Daniel gives an introduction into Software Supply Chain Security in software development processes and highlights its importance. The article stresses how neglecting security in the software development process can lead to successful attacks, compromising users‘ data and systems. It also provides tips on achieving Software Supply Chain Security, including scanning for vulnerabilities, updating dependencies, and secret detection.
Women in Data Science Conferences 2023 in Zurich and Villach
This year our colleague Anna participated in two Women in Data Science conferences, in Zürich and Villach. She shares her experience with us in this blog post.
Tracing: Effective Observability for Distributed Applications in the Cloud
There are three main types of telemetry data – often referred to as pillars of observability – that are typically gathered: metrics, logs and traces. Here we focussed on tracing which enables visualizations making it possible to understand the performance characteristics of a distributed system.
In praise of Kotlin. A modern programming language.
In the swiftly changing world of software development, the choice of programming language plays a crucial role. To emphasize this, our colleagues Lukas and Georg effectively developed a Microservice Architecture in Kotlin for one of the largest direct banks in Germany. With numerous years of expertise in Java, this project marked their most extensive exploration of Kotlin. Join them on their fascinating voyage as they explain why Kotlin proved to be a superior choice over Java.
Local Kubernetes Clusters: A Comparison for Local Development and CI
This article compares different Kubernetes frameworks and evaluates their usability. It also features a youtube video of Senior Developer Josef Brandl having a talk on this subject.
Monitoring of certificate expirations
Expiring certificates impose a continuous threat to service interruptions if they are not properly managed. In this article, Senacor Senior Developer Fabian Kohlmann presents a solution to monitor expiry dates of certificates directly inside the deployed applications using standard application monitoring frameworks.
KotlinConf 2023: Unveiling the Power and Potential of Kotlin
KotlinConf finally took place again this year – and it was a blast! Our colleague Lukas was on site. Filled with many new insights and the motivation to get to know the Kotlin ecosystem better, he summarizes the workshops and conference talks he attended.