Monthly notes 56

Issue 56, 26.2.2021

Work life

Researchers identify four causes of "Zoom fatigue" and their simple fixes
"Those video calls are likely tiring you out." tl;dr;

  • Excessive amounts of close-up eye contact is highly intense.
  • Seeing yourself during video chats constantly in real-time is fatiguing.
  • Video chats dramatically reduce our usual mobility.
  • The cognitive load is much higher in video chats.

Maximizing Developer Effectiveness
"It’s all about tight feedback loops." (from Weekend Reading)

Information security

OWASP Top 10 for Web
"Inspired by real-world vulnerabilities and case studies, we have created a series of interactive application security training modules to help developers understand, identify and mitigate security vulnerabilities in their applications."

3 Ways to Mitigate Risk When Using Private Package Feeds
"Microsoft whitepaper on best practices to follow to reduce risks against substitution attacks." (from Cloud Security List)

How to use Docker Security Scan Locally
"Docker and Snyk recently entered into a partnership to provide container vulnerability scanning to official images on Docker Hub. Additionally, Docker has integrated scanning directly into Docker for Desktop clients." (from Cloud Security List)

Cloud

Introducing GKE Autopilot: a revolution in managed Kubernetes
"Autopilot is a new mode of operation in Google Kubernetes Engine (GKE). Autopilot clusters are pre-configured with an optimized cluster configuration that is ready for production workloads. This streamlined configuration follows GKE best practices and recommendations for cluster and workload setup and security." You can achieve "the same" by manually ticking the right options.

AWS Account Setup Guide
A guide for configuring new AWS accounts with an emphasis on security, including customizable templates. (from Cloud Security List)

Microservices

A Practical Guide to Writing Secure Dockerfiles
How to write secure Dockerfiles, and how to automate security checks as codified policies and validate them against the Dockerfiles to identify potential security risks before deploying them into production. (from Cloud Security List)

Learning

Tackling TypeScript: Upgrading from JavaScript
"For JavaScript developers looking to learn TypeScript." (from Weekend Reading)

How they SRE
A curated collection of publicly available resources on how technology and tech-savvy organizations around the world practice Site Reliability Engineering (SRE) (from Hacker Newsletter)

Tools of the trade

skan
"sKan is a Kubernetes configuration files and resources scanner that enables developers and devops team members to check whether their work is compliant with security & ops best practices." (from Cloud Security List)

Something different

Calvin and Hobbes search engine
(from Hacker Newsletter, comments)

Leave a Reply

Your email address will not be published. Required fields are marked *