Managing Non-IT Risks
License Compliance
Introduction
As a business that builds proprietary applications, no doubt you’ll already be using open source components. Or maybe you are using an application that 9 times out of 10 will contain open source components.
How do we know?
GitHub security researcher Maya Kaczorowski cites data that suggests between 85–97% of enterprise software codebases come from open source components. And the average project now has 203 dependences, according to GitHub’s 2020 State of the Octoverse survey.
The growth in the number of people using open source and the ways in which they can participate, means more and more ways for companies and people to get…
Cybersecurity
How to increase your Javascript security
Goodbye and Good Riddance
Last year was a wild ride, no question about that. Although most people who look back will probably think about pandemics and leadership crisis. However, a lot happened on the IT stage as well.
Within the JavaScript ecosphere a lot happened last year and the sheer speed of development is staggering. We’ve seen news regarding a couple of areas that I believe we all need to become a bit better at understanding. Better at understanding how it affects us from the perspective of the developer as well as from the perspective of the enterprise. …
Javascript security
Javascript pitfalls and how to avoid them
Build it better and safer, using these 10 best practices
In this post we’ll look at some best practises that my team and I believe in when building for the JavaScript ecosphere, whether you’re in a fast growing start-up or a larger organisation. We will look at how to best avoid our top-10 potential pitfalls so that you can build with confidence on the success of others!
Vulnerabilities, Licenses, Dependencies…
Nowadays dependency management, as well as security and license compliance, are all issues that need to be a priority for any team or organization.
Practical DevOps
Should be easy, right? Well, it’s not. Here’s how I did it.
So we had an EC2 instance that outlived itself, keys were lost (read about how we recovered the contents here) and needed to replace it.
Instead of reinstalling a whole new EC2 server for it, I thought, hey, why not just make a small docker container and deploy it on Fargate, it should be simple enough, right?
Well, it turns out that there were actual two complications, one of which I will talk about here and the other is a topic for another post: Hint, it will involve Bytesafe using a locked down/ freezed registry.
The other challenge, at first…
Practical DevOps
Have you ever misplaced your private keys?
TL;DR;
A quick and easy way to recover your data even though you have lost your private keys.
How did we get here?
Practical Photography
Add a punch to your photo with that lens flare effect
TL;DR;
Three practical tips for getting that sunburst effect in to you landscape photography
1. Timing
When shooting landscapes, especially when shooting the “last/first rays
of the day” timing and equipment selection is critical. Below are 3 photos I shot above the clouds on the picturesque island of La Palma, for my coffee table book, each only 2 minutes apart:
The sequence was, at the time, unintended, but now it makes a good illustration of one of the challenges when shooting these kind of photos. Finding the spot, waiting for the right moment.
💡 Thinking that…
Practical DevOps
Using AWS Cloudfront to reduce the cost of your other expensive SaaS services
It can be expensive to scale out, here’s how you can save a bit of money reducing your 3rd party transfer costs
TL;DR;
Reducing SaaS transfer costs using AWS Cloudfront with a Origin Request Lambda function. With just a little code you can create a proxy that takes load of your 3rd party services. If there’s a large enough gap between the transfer pricing of the two services, this might save you some money.
Some background…
Ok, well you might not be saving thousands of dollars unless you are running a lot of traffic. We did however manage to save a couple of hundred dollars per month and we have a modest amount of traffic. We’re using a service that we really enjoy for image…
Practical Machine Learning
How to use your SQL Database with XGBoost to solve Multiclass classification problems with AWS Sagemaker
TL;DR;
In this article I share some learnings from a recent ML multiclass classification setup I recently deployed for a client. I hope that this real-life example born from cross-breeding the two schools of: good enough™ and time-to-market™️ will bring an extra dimension compared to all theoretical posts out there analysing data sets of irises and digits with no time or budget contraints😁.
Using Github actions to build and publish npm packages
Manual and, let’s face it, often quite tedious tasks can easily be automated with modern tools such as Github Actions. When combined with a private registry we can facilitate collaboration and increase quality by keeping better track of our code supply pipeline.
Full disclosure: I’m one of the founders behind the product Bytesafe (https://bytesafe.dev/) that offers free, secure and highly available private NPM registries.
Below I’ll describe, step by step, an easy workflow to setup, used for building and publishing Javascript npm packages. We will use a private registry which can be used as sandbox before releasing code into the…
Long gone are the times when web sites were built from the ground up (anyone remember CGI-BIN?) It’s no secret that the fast-paced, interactive web of today is built on modular technology, websites often use hundreds if not thousands of Javascript packages. What happens when someone or something breaks?
Full disclosure: I’m one of the founders behind the product Bytesafe (https://bytesafe.dev/) that offers free, secure and highly available private npm registries.
Today, most developers out there only touch a fraction of the code required to run the web sites they build. This is of course a wonderful thing: to be…
Niclas Gustafsson
Entrepreneur by heart. IT by profession. Photography by passion. Founder of https://bytesafe.dev/
