InfoQ Homepage News
-
Cloud Security Posture Management Now Available in Vulnerability Scanner Trivy
The open source vulnerability scanner Trivy has been recently extended to support cloud security posture management (CSPM) capabilities. While initially available only for AWS, Trivy will soon get support for other cloud providers, says Aqua Security.
-
Trusted Advisor Priority Capability Now Available for Enterprise Support Customers
Recently, AWS announced the general availability of a new capability for their Trusted Advisor service with Trusted Advisor Priority, allowing Enterprise Support customers prioritized and context-driven recommendations manually curated by the AWS account team based on their knowledge of the customer’s environment and the machine-generated checks from AWS Services.
-
Microsoft Dev Box Now in Public Preview
Azure recently announced the public preview of Microsoft Dev Box, a workstation in the cloud targeted to developers. Integrated with Windows 365, the new service supports any developer IDE, SDK, or tool that runs on Windows and simplifies onboarding of new developers.
-
Google Releases CameraX 1.2 Beta with MLKit Integration
Now available in beta, CameraX 1.2 brings out-of-the-box integration with some of MLKit vision APIs and a new feature aimed to reduce shutter button lag when taking pictures.
-
Slack Implements Circuit Breakers to Improve CI/CD Pipeline Availability
Slack recently published how it implemented the Circuit Breaker pattern to improve its CI/CD pipeline availability. Before this project, engineers at Slack saw challenges as peak request volumes in internal tooling caused cascade failures in dependent systems. Since completion, engineers saw increased service availability and fewer bad developer experiences like flakiness from failing services.
-
AWSGoat Open-Source Project for Pen Testing AWS Cloud Solutions
AWSGoat is a vulnerable-by-design infrastructure on AWS, featuring the latest released OWASP Top 10 web application security risks (2021) and other misconfiguration based on services such as IAM, S3, API Gateway, Lambda, EC2, and ECS. It mimics real-world infrastructure with additional flaws and uses a black-box approach, including multiple escalation paths.
-
Programming Observability: Measuring the Maturity of Observability as Code
Observability can be programmed and automated with observability as code. A maturity model can be used to measure and improve the adoption of observability as code implementation. Yury Niño Roa, cloud infrastructure engineer at Google, spoke about programming observability at InfoQ live August 2022.
-
Google Published Results on How ML-Enhanced Code Compilation Could Improve Developers’ Productivity
The rapid advances in natural language processing (NLP) opened a new direction to use deep learning models in providing smarter suggestions for developers while writing software codes. Google AI has recently published results on ML-enhanced code compilation and how it improved developers’ productivity considering different metrics.
-
Google Cloud Blocks Largest Layer 7 DDoS Attack
Google claims to have recently fended off the largest ever HTTPS-based distributed denial of service attack, which peaked at 46 million requests per second. According to the cloud provider, the DDoS attack was quickly detected and stopped at the edge of Google’s network, and the customer was not impacted.
-
Amazon Announces New Capabilities on Local Environments for SageMaker Canvas and Pipelines
Amazon is announcing multiple capabilities for SageMaker, including expanded capabilities to better prepare and analyze data for machine learning, faster onboarding with automatic data import from local disk in SageMaker Canvas, and the testing of machine learning workflows in local environments for SageMaker Pipelines.
-
Berkeley Researchers Announce Robot Training Algorithm DayDreamer
Researchers from University of California, Berkeley, recently announced DayDreamer, a reinforcement-learning (RL) AI algorithm that uses a world model, which allows it to learn more quickly without the need for interacting with a simulator. Using DayDreamer, the team was able to train several physical robots to perform complex tasks within only a few hours.
-
Discover, Copy, and Share Common Code with the New AWS Serverless Snippets Collection
Recently, the AWS Serverless Developer Advocate team released the Serverless Snippets Collection. This new Serverless Land page makes it easier to find, copy, and share common code that can enhance productivity in serverless application development.
-
Processing Data with Kotlin Dataframe Preview
Kotlin DataFrame, available as a first public preview, is a new library for processing data from any source, such as CSV, JSON, Excel and Apache Arrow files. The DataFrame works together with Kotlin data classes and hierarchical data schemas by using a Domain Specific Language (DSL).
-
Java News Roundup: JDK 19-RC1, Multiple Spring Updates, Micronaut, Helidon, Payara
This week's Java roundup for August 15th, 2022, features news from JDK 19, JDK 20, Spring Boot versions 2.7.3 and 2.6.11, Spring Authorization Server versions 1.0.0-M1 and 0.4.0-M1, Spring Security versions 5.7.3 and 5.6.7 and 5.8.0-M2, Spring Cloud Dataflow 2.9.5, Spring Shell 2.1.1, Payara Platform 5 Community Edition, Micronaut 3.6.1, Helidon 3.0.1 and Apache Camel 3.14.5.
-
Spring Authorization Server 1.0 Planned for November 2022
Spring Authorization Server 1.0 is planned for a GA release in November 2022, after starting the project two years ago. The Spring Authorization Server project replaces the, already End of Life, Spring Security OAuth project. The project is led by the Spring Security team and delivers support for OAuth 2.1 Authorization Server for Spring applications.