Could the Equifax Hack Have Been Prevented by a Microservices Architecture?

David Pitt Architecture, DevOps, Java, Microservices, Opinion, Security Leave a Comment

When I heard that the Struts Open Source framework played a role in the recent Equifax hack, I wanted to do some research to understand how it happened. Struts is a commonly-used Java framework that I have applied in the past. And I’m not alone in that: it is reported that in 65% of Fortune 500 companies currently implement Struts in some way.

So, I did a little digging and performed a thought experiment asking myself the following question: “If Equifax had a pure-play Microservices Architecture in place, would it have solved the problem?”

Using Docker + AWS to Build, Deploy and Scale your App

Brandon Klimek AWS, DevOps, Docker, Spring, Spring Boot, Tutorial 8 Comments

I recently worked to develop a software platform that relied on Spring Boot and Docker to prop up an API. Being the only developer on the project, I needed to find a way to quickly and efficiently deploy new releases. However, I found many solutions overwhelming to set up.

That was until I discovered AWS has tools that allow any developer to quickly build and deploy their application.

In this 30 minute tutorial, you will discover how to utilize the following technologies:
– AWS CodeCommit – source control (git)
– AWS Code Build – source code compiler, rest runner
– AWS Codepipeline – builds, tests, and deploys code every time the repo changes
-AWS Elastic Beanstalk – service to manage EC2 instances handling deployments, provisioning, load balancing, and health monitoring
-Docker + Spring Boot – Our containerized Spring Boot application for the demo

Once finished, you will have a Docker application running that automatically builds your software on commit, and deploys it to the Elastic beanstalk sitting behind a load balancer for scalability. This continuous integration pipeline will allow you to worry less about your deployments and get back to focusing on feature development within your application.

Adventures In Modernization: Strategy + Example Converting COBOL To Java

Dallas Monson COBOL, Consulting, Development Technology, DevOps, Java, Keyhole Creations, Modernization, Programming, Tutorial Leave a Comment

We have consultants who specialize in moving old to new, renovating dilapidated code bases, and designing brighter futures for enterprises who have been vendor-locked for most of their existence. We have come across some repeated patterns and strategies for how to approach modernization of legacy systems. In this blog, we will cover a strategy that is very popular right now, Re-Platforming.

The basic flow of this post will be:

Introduction to Modernization
High-level definition of the Re-Platforming Strategy for Modernization
Sample of Re-Platforming using Keyhole Syntax Tree Transformer, COBOL –> Java
Additional thoughts on the value/risk of this strategy

Let’s get started…

Education Scheduled: Microservices And DevOps In Action​

Lauren Fournier Company News, DevOps, Microservices Leave a Comment

Keyhole Software has announced that it will host a Microservices and DevOps educational Breakfast Boost event on January 25, 2017. This presentation will demonstrate an actual Microservices application implementation, with a live showing of a durable, stable, and elastic Microservices platform automated with DevOps tooling. This free, educational opportunity is open to the public and is specifically geared toward those participating in enterprise development.

To get more information and reserve your free tickets, please visit….

Blood, Sweat, and Writing Automated Integration Tests for Failure Scenarios

Billy Korando DevOps, Java, Opinion, Programming, Spring, Tutorial 2 Comments

I introduce the process I went through to diagnose the bug and determine the correct integration test solution to fix it the right way. In doing so, I had to create a test that accurately reproduced the scenario my service was experiencing in PROD. I had to create a fix that took my test from failing to passing. And finally, I worked to increase confidence in the correctness of code for all future releases, which is only possible through automated testing.