YouTube : https://youtu.be/sY1_WjsXPPs
SELECTED UPDATES FOR Microsoft Azure
1. Native Azure Active Directory authentication support in point-to-site VPN (Preview)
2. Azure Bastian
3. Azure security center
4. Just in time vm access
IglooConf 2020: Best practices of securing web applications running on Azure ...Karl Ots
The multitude of security controls and guidelines for both Kubernetes and Azure can be overwhelming. Based on real-life experiences from securing web applications running on Azure Kubernetes Service, Karl has compiled a list of best practices that bring them together.
In this session, you will learn how to build, operate and develop secure web applications on top of Azure Kubernetes Service. After this session, you will know which security controls are available, how effective they are and what will be the cost of implementing them.
CloudBurst Malmö: Best practices of securing web applications running on Azur...Karl Ots
The multitude of security controls and guidelines for both Kubernetes and Azure can be overwhelming. Based on real-life experiences from securing web applications running on Azure Kubernetes Service, Karl has compiled a list of best practices that bring these worlds together.
In this session, you will learn how to build, operate and develop secure web applications on top of Azure Kubernetes Service. After this session, you will know which security controls are available, how effective they are and what will be the cost of implementing them.
DevSum - Top Azure security fails and how to avoid themKarl Ots
As presented at the DevSum19 conference in Stockholm, Sweden.
Karl Ots has assessed the security of over 100 solutions built on the Microsoft Azure cloud. He has found that there are 6 key security pitfalls that are common across all industry verticals and company sizes. In this session, he will share what these security pitfalls are, why do they matter and how to mitigate them.
IT Camp 19: Top Azure security fails and how to avoid themKarl Ots
As delivered at the IT Camp 19 in Cluj-Napoca, Romania.
Karl Ots has assessed the security of over 100 solutions built on the Microsoft Azure cloud. He has found that there are 6 key security pitfalls that are common across all industry verticals and company sizes. In this session, he will share what these security pitfalls are, why do they matter and how to mitigate them.
YouTube : https://youtu.be/sY1_WjsXPPs
SELECTED UPDATES FOR Microsoft Azure
1. Native Azure Active Directory authentication support in point-to-site VPN (Preview)
2. Azure Bastian
3. Azure security center
4. Just in time vm access
IglooConf 2020: Best practices of securing web applications running on Azure ...Karl Ots
The multitude of security controls and guidelines for both Kubernetes and Azure can be overwhelming. Based on real-life experiences from securing web applications running on Azure Kubernetes Service, Karl has compiled a list of best practices that bring them together.
In this session, you will learn how to build, operate and develop secure web applications on top of Azure Kubernetes Service. After this session, you will know which security controls are available, how effective they are and what will be the cost of implementing them.
CloudBurst Malmö: Best practices of securing web applications running on Azur...Karl Ots
The multitude of security controls and guidelines for both Kubernetes and Azure can be overwhelming. Based on real-life experiences from securing web applications running on Azure Kubernetes Service, Karl has compiled a list of best practices that bring these worlds together.
In this session, you will learn how to build, operate and develop secure web applications on top of Azure Kubernetes Service. After this session, you will know which security controls are available, how effective they are and what will be the cost of implementing them.
DevSum - Top Azure security fails and how to avoid themKarl Ots
As presented at the DevSum19 conference in Stockholm, Sweden.
Karl Ots has assessed the security of over 100 solutions built on the Microsoft Azure cloud. He has found that there are 6 key security pitfalls that are common across all industry verticals and company sizes. In this session, he will share what these security pitfalls are, why do they matter and how to mitigate them.
IT Camp 19: Top Azure security fails and how to avoid themKarl Ots
As delivered at the IT Camp 19 in Cluj-Napoca, Romania.
Karl Ots has assessed the security of over 100 solutions built on the Microsoft Azure cloud. He has found that there are 6 key security pitfalls that are common across all industry verticals and company sizes. In this session, he will share what these security pitfalls are, why do they matter and how to mitigate them.
Securing your AWS Deployments with Spinnaker and Armory EnterpriseDevOps.com
Customers are challenged today by a constant struggle between velocity and governance. What they want is consistent, secure, and scalable software deployments, but their security teams also need to be able to identify possible issues early in the development process to allow for proactive modification to the deployment process to ensure compliance in the cloud.
Join us for a webinar on “Securing AWS Deployments with Spinnaker and Armory Enterprise” to learn:
How to experiment while still enforcing deployment policies
How to build reusable modules that reduce the number of stages needed for deployment
How lockable pipelines enforce continuous delivery to release orchestration best practices
Building an Enterprise-Grade Azure Governance ModelKarl Ots
As presented at the CloudBrew 2019 conference in 13.12.2019.
When proper governance model is followed, your Azure application development teams are operating in a secure and compliant Azure environment during design, development and operations. In this "lessons learned" type of session, Karl will will share practical tips on how to build a comprehensive Azure governance model, based on real-life experiences from working with multi-billion dollar corporations.
After this session, you should have a better understanding of Azure governance best practices and in-house team roles & responsibilities. You will also have an overview of the technical fundamentals of a comprehensive Azure Governance.
Want to know how others enterprise customers are using cloud? This deck lists some real life examples of how enterprise customers are using public and private.
Leveraging AWS for your business provides a catalyst for security programs as customers inherit a faster pace of security innovation simply by using AWS. This session highlights design and architecture patterns customers can employ to measurably improve the security of their organization. In this session, customers explore design patterns for data security using encryption, strong access controls, and least privilege; for implementing detective security controls, such as logging and monitoring, at scale; and for implementing a defense-in-depth network security architecture.
Scaling Security in the Cloud With Open SourceCloudVillage
The programmability of the cloud has revolutionized infrastructure deployments at scale and, at the same time, has enabled the automation of both the attack and defense of these deployments. In this talk, I will discuss the open-source tools and the techniques that my organization has used to scale security in the cloud to keep pace with our deployments. I’ll also cover how we’ve used automation to adapt security processes to cloud strategies such as immutable servers. Some topics include: temporal leasing of API access keys and database credentials, automation of patching groups and scans, and automated enforcement of configuration policy.
Incapsula D3 - A Single Source of Truth for Security Issues - Pushing Siem L...Tirza DiOro
It can be challenging for security teams to cut through the clutter of SIEM logs in order to analyze security information and alerts. In this session, Bryan Jones, Senior Security Engineer, walks you through the 5 major configuration steps needed to help you better manage security issues across your entire tech stack.
Using Splunk/ELK for auditing AWS/GCP/Azure security postureJose Hernandez
In this talk Rod Soto and I propose a common set of categories use to audit the security posture of multiple cloud providers. Then we proceed to show how we have implemented the security checks using cs-suite using ELK and Splunk.
MongoDB World 2019: Lift & Shift MongoDB to AtlasMongoDB
Managing and scaling the infrastructure for critical business data can be a real pain. To handle this massive scale of data effectively, thousands of users of MongoDB from all around the world have migrated their large and small databases to MongoDB Atlas.
By the end of this talk, you'll have a better understanding of the “how” and “why” of it, and will be able to leverage it in your organisation with elevated confidence. I'll demo the migration of a realtime application using MongoDB from existing cloud infrastructure to MongoDB Atlas.
If you're a developer, DBA or a business stakeholder, and your organisation is using/planning to use MongoDB on-premise or with any other cloud vendor, this talk will help you to gain insights into the best way to run MongoDB.
>>> View this presentation online at http://github-service-universe.kimminich.de/ <<<
PDF version of the slide deck for my JavaLand 2015 talk "All-round careful Software Development with GitHub Services"
Tools for unit testing, building applications, analyzing software quality and planning release scopes are an essential aspect of modern software development. With GitHub and "pluggable" external services there are lots of options to move these aspects into "the Cloud". For open source projects this is a viable alternative to on-premise solutions. In this talk I will present and demonstrate the CI lifecycle of some of my recent projects hosted on GitHub where I tried to integrate modern tools (e.g. Gradle, npm, bower) and external services (e.g. Travis-CI, Code Climate, Coveralls, HuBoard, AmazonSNS, NMA). The benefits and limitations of those services will be honestly illuminated. I am not affiliated with any of the providers mentioned, so this talk will not end up as a marketing show! Instead, the audience is supposed go out of this talk with some new things to try out with their own GitHub projects while hopefully being able to avoid some of the ramp-up difficulties.
Securing your AWS Deployments with Spinnaker and Armory EnterpriseDevOps.com
Customers are challenged today by a constant struggle between velocity and governance. What they want is consistent, secure, and scalable software deployments, but their security teams also need to be able to identify possible issues early in the development process to allow for proactive modification to the deployment process to ensure compliance in the cloud.
Join us for a webinar on “Securing AWS Deployments with Spinnaker and Armory Enterprise” to learn:
How to experiment while still enforcing deployment policies
How to build reusable modules that reduce the number of stages needed for deployment
How lockable pipelines enforce continuous delivery to release orchestration best practices
Building an Enterprise-Grade Azure Governance ModelKarl Ots
As presented at the CloudBrew 2019 conference in 13.12.2019.
When proper governance model is followed, your Azure application development teams are operating in a secure and compliant Azure environment during design, development and operations. In this "lessons learned" type of session, Karl will will share practical tips on how to build a comprehensive Azure governance model, based on real-life experiences from working with multi-billion dollar corporations.
After this session, you should have a better understanding of Azure governance best practices and in-house team roles & responsibilities. You will also have an overview of the technical fundamentals of a comprehensive Azure Governance.
Want to know how others enterprise customers are using cloud? This deck lists some real life examples of how enterprise customers are using public and private.
Leveraging AWS for your business provides a catalyst for security programs as customers inherit a faster pace of security innovation simply by using AWS. This session highlights design and architecture patterns customers can employ to measurably improve the security of their organization. In this session, customers explore design patterns for data security using encryption, strong access controls, and least privilege; for implementing detective security controls, such as logging and monitoring, at scale; and for implementing a defense-in-depth network security architecture.
Scaling Security in the Cloud With Open SourceCloudVillage
The programmability of the cloud has revolutionized infrastructure deployments at scale and, at the same time, has enabled the automation of both the attack and defense of these deployments. In this talk, I will discuss the open-source tools and the techniques that my organization has used to scale security in the cloud to keep pace with our deployments. I’ll also cover how we’ve used automation to adapt security processes to cloud strategies such as immutable servers. Some topics include: temporal leasing of API access keys and database credentials, automation of patching groups and scans, and automated enforcement of configuration policy.
Incapsula D3 - A Single Source of Truth for Security Issues - Pushing Siem L...Tirza DiOro
It can be challenging for security teams to cut through the clutter of SIEM logs in order to analyze security information and alerts. In this session, Bryan Jones, Senior Security Engineer, walks you through the 5 major configuration steps needed to help you better manage security issues across your entire tech stack.
Using Splunk/ELK for auditing AWS/GCP/Azure security postureJose Hernandez
In this talk Rod Soto and I propose a common set of categories use to audit the security posture of multiple cloud providers. Then we proceed to show how we have implemented the security checks using cs-suite using ELK and Splunk.
MongoDB World 2019: Lift & Shift MongoDB to AtlasMongoDB
Managing and scaling the infrastructure for critical business data can be a real pain. To handle this massive scale of data effectively, thousands of users of MongoDB from all around the world have migrated their large and small databases to MongoDB Atlas.
By the end of this talk, you'll have a better understanding of the “how” and “why” of it, and will be able to leverage it in your organisation with elevated confidence. I'll demo the migration of a realtime application using MongoDB from existing cloud infrastructure to MongoDB Atlas.
If you're a developer, DBA or a business stakeholder, and your organisation is using/planning to use MongoDB on-premise or with any other cloud vendor, this talk will help you to gain insights into the best way to run MongoDB.
>>> View this presentation online at http://github-service-universe.kimminich.de/ <<<
PDF version of the slide deck for my JavaLand 2015 talk "All-round careful Software Development with GitHub Services"
Tools for unit testing, building applications, analyzing software quality and planning release scopes are an essential aspect of modern software development. With GitHub and "pluggable" external services there are lots of options to move these aspects into "the Cloud". For open source projects this is a viable alternative to on-premise solutions. In this talk I will present and demonstrate the CI lifecycle of some of my recent projects hosted on GitHub where I tried to integrate modern tools (e.g. Gradle, npm, bower) and external services (e.g. Travis-CI, Code Climate, Coveralls, HuBoard, AmazonSNS, NMA). The benefits and limitations of those services will be honestly illuminated. I am not affiliated with any of the providers mentioned, so this talk will not end up as a marketing show! Instead, the audience is supposed go out of this talk with some new things to try out with their own GitHub projects while hopefully being able to avoid some of the ramp-up difficulties.
Source code: Just put it in git, right? Scale? Github! 1000's of repos? No problem! Bitbucket Server! Now: Add PCI & SOX.. Audit. SSO. SSH key management. DR. Geo diversity. This starts where the vendor stop- workflows to keep work moving, security & audit to ensure code integrity.
Talk presented at DevopsDays Boston 2016.
Anthos Security: modernize your security posture for cloud native applicationsGreg Castle
In this talk we describe a high-level workflow for securing Kubernetes clusters across GKE, Anthos on AWS, and Anthos On-Prem. There's a lot to cover: about 30 products and features across 3 platforms!
(From 2018) Kubernetes and Istio provide a great foundation for orchestrating, monitoring, and scaling your apps. They're open source and work great in your data center or in any major cloud. Meanwhile, the serverless development model has empowered devs to build software faster than ever by eliminating concerns like scaling, networking, load balancing, OS patching, etc.
Come learn how you can combine the power of Kubernetes with the ease of use of serverless to create new, powerful and flexible development experiences.
See me give this talk in 2018 at https://www.youtube.com/watch?v=bYxOx9tcYDE&ab_channel=Devoxx
----
About Bret McGowen
Bret is a Developer Advocate for Serverless on the Google Cloud Platform team at Google, focusing on serverless products like Google Cloud Functions, App Engine, Firebase, machine learning APIs, and more. He's currently an aspiring Node.js developer. Prior to Google, Bret worked as a software engineer in the cloud industry at Rackspace. Before that, he led engineering teams at e-commerce and non-profits and tried his hand at creating two startups. He's often on the running trail, volleyball court or kickball field.
Bret earned a bachelor’s degree in computer science from Texas A&M University.
Reach Bret on Twitter at @bretmcg
Introducing the New Features of AWS Greengrass (IOT365) - AWS re:Invent 2018Amazon Web Services
With AWS Greengrass, you can bring local compute, messaging, data caching, sync, and machine-learning inference capabilities to edge devices. Join us in this session to learn about new features that extend the capabilities of AWS Greengrass devices.
A Tale of Two Pizzas: Accelerating Software Delivery with AWS Developer ToolsAmazon Web Services
Software release cycles are now measured in days instead of months. Cutting-edge companies are continuously delivering high-quality software at a fast pace. In this session, we will cover how you begin your DevOps journey by sharing best practices and tools by the "two pizza" engineering teams at Amazon. We will showcase how you can accelerate developer productivity by implementing continuous integration and delivery workflows. Here to share their story is FamilySearch, a large nonprofit customer, deploys 1700 code implementations a day using native AWS tools. This allows them to improve feature sets, provide better member experience, and improve their ability to deliver improved functionality quickly. FamilySearch has been doing DevOps in the cloud longer than any of our PS customers and their expertise in this field is unmatched. In this session, they'll provide deep insight into managing the challenges of migrating to a DevOps model, using cloud services to differentiate a business, and improving an organization's ability to do more with less.
Top 3 reasons why you should run your Enterprise workloads on GKESreenivas Makam
This deck covers top 3 reasons why Google Kubernetes engine is best suited to run containerized workloads. The reasons covered are Security, Observability and Maturity.
Security issues, dependency vulnerabilities, misconfigurations... All of those can make or break your Open Source projects. Also, you want to make sure you adhere to the best practices, especially when you use more complex tools like Kubernetes.
Let's see how we can use the tools that GitHub and Datree provide (most are Open Source too!) to secure your project and make sure that no misconfiguration ever reaches the deployment targets!
A brief overview of what we do at Gruntwork. Learn what we mean by "DevOps as a Service" and how you can get your entire infrastructure, defined as code, in about a day. https://www.gruntwork.io/
Similar to Cluj.DevOps Meetup - GitHub Enterprise (20)
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
3. GitHub for business.
GitHub Enterprise is the on-premises version of GitHub.com. With flexible
deployment options, centralized permissions, and hundreds of integrations.
GitHub Enterprise operates on your infrastructure with your existing information
security controls - from firewalls and VPNs, to IAM and monitoring systems.
12. Prerequisites
Github User ID
Github Enterprise license
AWS account capable of launching EC2 instances and EBS volumes
Basic git knowledge
Two 3.0 GHz CPU cores (or virtual equivalent)
14-16 GB (minimum dependent on selected platform)
Disk:
80 GB VM root partition
100 GB data partition
Editor's Notes
Buna tuturor, numele meu este Alexandru Sabau, si in prezent lucrez la Modus Create in calitate de QA Engineer. Inainte de asta am lucrat in mare parte ca si suport tehnic, si sys admin.
Astazi am propus sa povestim putin despre github enterprise si beneficiile pe care le aduce acesta intr-o companie care are nevoie de un nivel ridicat de securitate.
O mica introducere.
Mai departe ne vom uita putin la o comparatie intre varianta gratuita si cea enterprise.
Github Enterprise este similar cu serviciile publice ale Githubului, dar este proiectat pentru developmentul enterprise la scara mai mare, unde se vrea hostarea repositoriurilor poate in spatele unui firewall, sau pur si simplu pe intranet, fara access la internet.
Dar cand ne uitam la security features aici vedem avantajele clare ale variantei enterprise.
La fel aici, pe partea de hostare, varianta gratuita are o singura optiune de gazduirea, adica la github pe servere. Iar varianta enterprise in schimb se poate gazdui atat in centrul de date propriu al companiei, cat si pe cloud.
In ceea ce priveste administrarea, aici avem iara o sumedenie de avantaje. Notabile cred ca ar fi accesul SSH si posibilitatea de monitoring inainte de toate. Dar cu siguranta si restul featururilor sunt la fel de importante.
Iar supportul 24 din 24 cred ca este mai mult decat bine venit cand vine vorba de date critice.
In mare, cam astea ar fi beneficiile unei variante enterprise a githubului.
Mai departe m-am gandit sa povetim putin despre instalarea githubului enterprise pe AWS.