Notes From My Swarm to Kubernetes Migration

Luke Patterson Architecture, Development Technologies, Kubernetes Leave a Comment

In this post, I’ll discuss how I’m currently working to migrate a suite of apps from Docker Swarm to Kubernetes. The client chose this migration to align with more contemporary standards of container deployment and gain a more comprehensive feature set. Also, some products that they recently purchased were best supported as a Kube package. So you have a fuller …

Jamstack: Azure Serverless Functions App With React

Jamstack: Azure Serverless Function App With React

Matt McCandless Architecture, Azure, Development Technologies, Node.js, React Leave a Comment

A new trend of creating applications is emerging called Jamstack. No, this isn’t slapping together your favorite flavor of jelly (grape is the best) with peanut butter and two pieces of bread. The intent is an architecture that is faster, more secure, and easier to scale. It focuses on pre-rending and decoupling. This way, the solutions created are more reliable and resilient than before.

Pre-rendering comes by the way of using a static website via a CDN for high availability and security. No more serving your React app via web server like we’ve become accustomed to. It reduces cost and complexity by eliminating the regular maintenance and configuration of traditional servers.

Also, the idea of APIs and the ability to move them to things like Serverless functions creates more cost savings, elimination of traditional servers, and use of features only when they are requested. For more information, check out the Serverless website.

Application Security

Top Security Mistakes to Avoid in AppDev

Zach Gardner Architecture, Security Leave a Comment

Developing custom applications is one of the hardest professional endeavors, and making them secure is even harder. Malicious actors are constantly changing tactics and strategies, which, unfortunately, makes it impossible to completely eliminate any security threat.

There needs to be a balance between delivering features quickly to meet business objectives and mitigating security risks. Thankfully, these two goals are not mutually exclusive. This blog post dives into the top mistakes that can be made while developing custom applications.

These recommendations are different from what would commonly be seen in an OWASP list, and they should be used in addition to whatever security practices and procedures are already in place by an organization’s infosec department. These recommendations are also written from an application architect’s (rather than an enterprise infrastructure) perspective, so most of them aren’t covered by existing security checklists.