DevSecOps

Background I started my career in the glass industry as a SysAdmin, specifically in a glass factory crafting fragrance bottles and bottles for pharmaceutical industries in the north of France. Since then, I’ve focused on IT security and cloud computing. After many full-time positions for Microsoft, French Logistic Railroad, and IT consulting firms, I decided to run my AWS consulting boutique by myself 5 years ago. Just at the beginning of the pandemic, what a visionary… ...

Purpose Recently, I was working on a centralized explicit proxy service for one of my customers using a well-known Squid Internet proxy. The infrastructure is built on top of a shared AWS account hosting all standard infrastructure services, such as Internet Proxy, SOCKS5 Proxy, DNS Resolvers, ADDC, Centralized logging, and much more. Consumers are using the Internet Proxy service from multiple child AWS accounts and regions within the client AWS Organization thanks to AWS PrivateLink. ...

Following a post from my friend Julien Delange (Tech Ramblings) on software over-engineering, I want to share my thoughts about over-architecting in my preferred field of Public Cloud Architecture. Background I have been doing Cloud Architecture for more than ten years and have seen many different scenarios and use cases, from startups to GAFAM and multiple company verticals, from TV audience measurement to Gambling and Energy Producers. I also frequently challenge my fellow architects’ decisions. ...

This post was co-authored by Teddy Ferdinand. Who is working as Cloud Security Architect 🐻 Introduction In this series, we will talk about the emergence of the DevSecOps movement, and more especially, what the benefits are of introducing a DevSecOps approach to your existing CI/CD Pipelines. CI/CD Pipeline To give you some context, you will find in the diagram below a standard DevOps CI/CD Pipeline. DevSecWhat? DevSecOps could be defined as a shift from a central internal security team to the inclusion of security practices in the existing DevOps teams: DevSecOps 🎉 ...

In this article, I will describe my current pet projects. These are mainly excuses to learn something new, or exercises to go deeper into particular technologies, but could be (I hope) useful for you too. Don’t hesitate to issue enhancements, bug fixes (PR), or just give it a try and share your thoughts. Instance Watcher :construction_worker: Tech: Lambda, Python, Serverless Application Model (SAM), SES This app will scan your AWS Account against all EC2 regions worldwide and notify you by email when you have some running EC2 instances. It’s useful for non-production environments that you need to monitor. Use case: labs/training, sandbox accounts. ...