A founder asked me recently a simple question:
“How many security tools do we actually need to be protected like an enterprise?”
I gave him the honest answer.
Six to ten different platforms. Minimum.
There was a pause.
Then his face dropped.
Because in that moment, he realized what many SMB founders eventually discover the hard way: modern cybersecurity was never designed for companies like theirs.
Continue reading
Setting up Nginx on Ubuntu (18+) with Let’s Encrypt SSL ensures that your website or application is secure and accessible over HTTPS, providing a safe browsing experience for your users. This process not only includes the installation of the Nginx web server but also entails configuring the server to handle SSL certificates issued by Let’s Encrypt, enabling automatic renewal of these certificates to maintain uninterrupted security. By following best practices for security and performance, you can optimize your server’s settings to ensure fast loading times and reliable uptime, which are crucial for retaining visitors and improving search engine rankings. Additionally, implementing SSL helps to build trust with your audience, as it demonstrates a commitment to protecting their data and enhancing their online safety.
In this guide, we will:
Let’s get into it…
Continue reading
JavaScript is the backbone of modern web development. TypeScript (TS)—its statically typed super-set — has rapidly gained traction in professional environments.
Whether you’re an aspiring developer or a seasoned programmer, this guide will help you level up your skills. It will assist you in navigating the learning path for JS and TS.
We’ll share various resources and courses to suit different learning styles. We will finish with three exciting project ideas to put your knowledge into practice.
Before diving into TypeScript, it’s crucial to have a solid understanding of JavaScript fundamentals.
Here are some steps and resources to get you started:
Continue reading
Docker has fundamentally transformed the way developers build, test, and deploy applications by introducing a consistent, lightweight, and portable runtime environment. With its ability to package applications and their dependencies into isolated containers, Docker has eliminated the age-old challenge of “it works on my machine” while enabling seamless deployment across various environments. The part of “It’s working for me” used to be funny or sad depends on the day and the hour…
Whether you’re developing locally, testing in a CI/CD pipeline, or deploying to production, Docker provides the flexibility and scalability to streamline these processes. In this guide, we’ll explore the foundational concepts of Docker, dive into its practical uses, and demonstrate how you can harness its power to simplify workflows and achieve greater efficiency in your development and operations pipelines. Whether you’re a beginner or looking to refine your Docker skills, this walkthrough will equip you with the knowledge you need to use Docker effectively.
Continue reading
Dependency Injection (DI) is a software design pattern that addresses the problem of managing dependencies between objects in a program. In traditional programming, objects are often tightly coupled, meaning they directly create or reference other objects they depend on.
This can lead to rigid, hard-to-maintain code that is difficult to test or reuse.
Dependency Injection solves this problem by separating the creation and configuration of dependent objects from the objects that use them.
It is a design pattern where a class receives its dependencies from external sources rather than creating them internally. Think of it as “outsourcing,” the creation and management of objects that your class needs to work on.
Instead of directly instantiating or referencing its dependencies, an object receives them through its constructor, methods, or properties.
This decoupling makes the code more flexible, testable, and maintainable.
In large-scale projects, Dependency Injection becomes especially important as the codebase grows in complexity. With many interdependent components, DI helps manage the web of dependencies, making it easier to swap out implementations, replace third-party libraries, and test individual components in isolation.
This improves the overall modularity and scalability of the system.
“It is not the strongest of the species that survives, not the most intelligent that survives. It is the one that is the most adaptable to change.”
-Darwin
Here are the top 10 companies (from 1980-2005) that were once prominent but are no longer in business:
Ok, so it’s important to be agile.
Adaptability and rapid response to change are crucial in today’s fast-paced business environment. The pace and speed have increased by 10x (or more) with the new AI wave.
Agile methodology has emerged as a crucial approach for organizations looking to remain competitive and innovative. In this blog post, we will explore the importance of Agile, its main benefits, how to implement it effectively and provide a macro plan for executives. We will also delve into product strategy, goals, Objectives, and Key Results (OKRs) and offer eight practical tips for newcomers to Agile. Additionally, we’ll highlight some tools (that I used and liked) that can facilitate your Agile journey.
Agile is a methodology centered around flexibility, collaboration, and customer-centricity. Unlike traditional project management approaches that rely on rigid, linear processes, Agile allows teams to adapt quickly to changes and deliver value incrementally. Btw, here is a good discussion on Agile Vs Waterfall.
Here are some reasons why Agile is essential:
Continue reading
Engineering teams are the backbone of any tech-driven organization, and effective leadership is crucial to maximizing their productivity. As an engineering leader, you have the power to shape the direction of your team and drive their efficiency. In this blog post, we’ll delve into 15 essential strategies that can empower you to lead your engineering team to success.
You are probably thinking: “Why 15?”
So the easy answer is: “Why not?” but a longer one is that after the time with Google, Netflix, and Meta – These are a collection of ideas I’ve collected.
Continue reading
The Linux shell, also known as the command-line interface (CLI), has been a cornerstone of Linux-based operating systems since their inception. It provides developers a powerful and efficient way to interact with the system, execute commands, and perform various tasks. It’s one of the main factors that made Linux the most popular OS worldwide.
In this post, we’ll briefly discuss the history, explore its advantages and disadvantages, and discuss how developers can leverage its potential to streamline their work and enhance productivity.
The roots of the Linux shell trace back to the early days of computing. The concept of a command-line interface predates graphical user interfaces (GUIs) and originates in the mainframe era.
I still remember the first time (At Tel Aviv University) we wanted to interact with a computer (mainframe) back in the day. It was with this black terminal. That was the only interface you had. We are talking here in mid-1980.
Even before that, in 1969, Ken Thompson developed the first Unix shell, the Thompson shell, which laid the foundation for future shell implementations.
Over the years, various shells were introduced, each offering unique features and improvements. In the mid-1980s, the Bourne shell (sh) became the standard shell for Unix-based systems, inspiring the Bourne-Again Shell (bash) development in 1989.
Today, bash remains one of the most widely used shells in the Linux ecosystem.
Ahh… if you are on MacOS, you can taste the same shell.
Continue reading
The trend of #DevSecOps is growing fast and it is no longer just part of your security team. More and more organizations wish to integrate their security team in all the phases of development and operations. To achieve it, there are cases where you need to export data from JFrog Xray (in our case to a CSV format) so you can ingest it to your current logging/monitoring system.
In a nutshell, JFrog Xray works with JFrog Artifactory to perform a deep analysis of binary components at any stage of the application lifecycle. It provides full transparency that leads to more trust in your software.
By scanning binary components and their metadata, recursively going through dependencies at any level (think on the layers you have in any Docker container), JFrog Xray provides great visibility into issues lurking in components anywhere in your organization.
One of the best parts is that JFrog Xray is also fully automated through a rich REST API. We will use it to create this Exporter. Please feel free to clone/fork the code below and use it, but remember you might need to add pagination and a watchdog for a real system.
Continue reading
It was a fun weekend project I did with my kids. We started with a new Pi Zero and in a few hours (of many ‘paths’ to nowhere) we got into the point of having a useful security camera. The useful part is when the camera sends you alerts (email or Telegram messages) when it detects movements.
We open the package and connected the Pi Zero to a USB power, a keyboard, a mouse and monitor. We cut a bit a corner by buying an SD card with NOOBS on it but it wasn’t working (nothing was coming up on the screen when we boot the Pi). So we downloaded a new version from Raspian Jessie 4.4 from NOOBS and install it. Now when we boot the Pi we got a new screen. We open the terminal and typed:
Continue reading
Ido Green 