automation – Noise

How to automate incident response for Amazon EKS on Amazon EC2

Jonathan Nguyen — Tue, 20 May 2025 16:53:57 +0000

Triaging and quickly responding to security events is important to minimize impact within an AWS environment. Acting in a standardized manner is equally important when it comes to capturing forensic evidence and quarantining resources. By implementing automated solutions, you can respond to security events quickly and in a repeatable manner. Before implementing automated security solutions, […]

How we simplified NCMEC reporting with Cloudflare Workflows

Mahmoud Salem — Fri, 11 Apr 2025 14:00:00 +0000

We transitioned to Cloudflare Workflows to manage complex, multi-step processes more efficiently. This shift replaced our National Center for Missing & Exploited Children (NCMEC) reporting system.

Accelerate Serverless Streamlit App Deployment with Terraform

Kevon Mayers — Wed, 09 Oct 2024 05:07:23 +0000

Graphic created by Kevon Mayers. Introduction As customers increasingly seek to harness the power of generative AI (GenAI) and machine learning to deliver cutting-edge applications, the need for a flexible, intuitive, and scalable development platform has never been greater. In this landscape, Streamlit has emerged as a standout tool, making it easy for developers to […]

New whitepaper available: Building security from the ground up with Secure by Design

Bertram Dorn — Thu, 12 Sep 2024 16:58:26 +0000

Developing secure products and services is imperative for organizations that are looking to strengthen operational resilience and build customer trust. However, system design often prioritizes performance, functionality, and user experience over security. This approach can lead to vulnerabilities across the supply chain. As security threats continue to evolve, the concept of Secure by Design (SbD) […]

Implementing a compliance and reporting strategy for NIST SP 800-53 Rev. 5

Josh Moss — Tue, 11 Jun 2024 17:06:18 +0000

Amazon Web Services (AWS) provides tools that simplify automation and monitoring for compliance with security standards, such as the NIST SP 800-53 Rev. 5 Operational Best Practices. Organizations can set preventative and proactive controls to help ensure that noncompliant resources aren’t deployed. Detective and responsive controls notify stakeholders of misconfigurations immediately and automate fixes, thus […]

No version left behind: Our epic journey of GitLab upgrades

Grab Tech — Fri, 03 May 2024 00:10:10 +0000

In a tech-driven field, staying updated isn’t an option—it’s essential. At Grab, we’re committed to providing top-notch technology services. However, keeping pace can be demanding. At one point in time, our GitLab instance was trailing by roughly 14 mo...

Terraform CI/CD and testing on AWS with the new Terraform Test Framework

Kevon Mayers — Tue, 02 Apr 2024 23:45:18 +0000

In this blog post, we will show you how to validate Terraform modules and how to automate the process using a Continuous Integration/Continuous Deployment (CI/CD) pipeline.

Autonomous hardware diagnostics and recovery at scale

Jet Mariscal — Mon, 25 Mar 2024 13:00:33 +0000

Operating hardware in 310 cities in 120 countries means that hardware can break anywhere and anytime. Detecting and managing server failure at scale requires automation. Here's how we automated

The Next Step in Personalization: Dynamic Sizzles

Netflix Technology Blog — Wed, 08 Nov 2023 20:56:53 +0000

Authors:Bruce Wobbe, Leticia KwokAdditional Credits:Sanford Holsapple, Eugene Lok, Jeremy KellyIntroductionAt Netflix, we strive to give our members an excellent personalized experience, helping them make the most successful and satisfying selections f...

How to communicate like a GitHub engineer: our principles, practices, and tools

Ben Balter — Wed, 04 Oct 2023 17:00:29 +0000

Learn more about how we use GitHub to build GitHub, how we turned our guiding communications principles into prescriptive practices to manage our internal communications signal-to-noise ratio, and how you can contribute to the ongoing conversation.

The post How to communicate like a GitHub engineer: our principles, practices, and tools appeared first on The GitHub Blog.

Perform continuous vulnerability scanning of AWS Lambda functions with Amazon Inspector

Manjunath Arakere — Mon, 31 Jul 2023 19:34:07 +0000

This blog post demonstrates how you can activate Amazon Inspector within one or more AWS accounts and be notified when a vulnerability is detected in an AWS Lambda function. Amazon Inspector is an automated vulnerability management service that continually scans workloads for software vulnerabilities and unintended network exposure. Amazon Inspector scans mixed workloads like Amazon […]

Forward Zabbix Events to Event-Driven Ansible and Automate your Workflows

Aleksandr Kotsegubov — Wed, 21 Jun 2023 10:51:45 +0000

Zabbix is highly regarded for its ability to integrate with a variety of systems right out of the box.…

The post Forward Zabbix Events to Event-Driven Ansible and Automate your Workflows appeared first on Zabbix Blog.

AWS Security Hub launches a new capability for automating actions to update findings

Stuart Gregg — Tue, 13 Jun 2023 17:57:49 +0000

If you’ve had discussions with a security organization recently, there’s a high probability that the word automation has come up. As organizations scale and consume the benefits the cloud has to offer, it’s important to factor in and understand how the additional cloud footprint will affect operations. Automation is a key enabler for efficient operations […]

Get custom data into Amazon Security Lake through ingesting Azure activity logs

Adam Plotzker — Tue, 30 May 2023 20:18:55 +0000

Amazon Security Lake automatically centralizes security data from both cloud and on-premises sources into a purpose-built data lake stored on a particular AWS delegated administrator account for Amazon Security Lake. In this blog post, I will show you how to configure your Amazon Security Lake solution with cloud activity data from Microsoft Azure Monitor activity […]

DevSecOps with Amazon CodeGuru Reviewer CLI and Bitbucket Pipelines

Bineesh Ravindran — Fri, 28 Apr 2023 15:25:37 +0000

DevSecOps refers to a set of best practices that integrate security controls into the continuous integration and delivery (CI/CD) workflow. One of the first controls is Static Application Security Testing (SAST). SAST tools run on every code change and search for potential security vulnerabilities before the code is executed for the first time. Catching security […]

Building GitHub with Ruby and Rails

Adam Hess — Thu, 06 Apr 2023 18:05:43 +0000

Since the beginning, GitHub.com has been a Ruby on Rails monolith. Today, the application is nearly two million lines of code and more than 1,000 engineers collaborate on it daily. We deploy as often as 20 times a day, and nearly every week one of those deploys is a Rails upgrade. Upgrading Rails weekly Every […]

Publish Amazon DevOps Guru Insights to ServiceNow for Incident Management

Abdullahi Olaoye — Tue, 28 Mar 2023 22:06:12 +0000

Amazon DevOps Guru is a fully managed AIOps service that uses machine learning (ML) to quickly identify when applications are behaving outside of their normal operating patterns and generates insights from its findings. These insights generated by Amazon DevOps Guru can be used to alert on-call teams to react to anomalies for mission critical workloads. […]

Enabling branch deployments through IssueOps with GitHub Actions

Grant Birkinbine — Thu, 02 Feb 2023 18:03:36 +0000

What if developers want to leverage branch deployments but don't have a full ChatOps stack integrated with their repositories? We wanted to set out to find a way for all developers to be able to take advantage of branch deployments with ease, right from their GitHub repository, and so the branch-deploy Action was born!

AWS Local Zones and AWS Outposts, choosing the right technology for your edge workload

Sheila Busser — Thu, 01 Dec 2022 18:25:40 +0000

This blog post is written by Joe Sacco, Senior Technical Account Manager. The AWS Global Cloud Infrastructure includes 30 Launched Regions, 96 Availability Zones (AZs), 410+ Points of Presence with 400+ Edge Locations, and 13 Regional Edge Caches. With over 200 AWS services, most customer workloads can run in the AWS Regions. However, for some […]

Analyze Amazon Cognito advanced security intelligence to improve visibility and protection

Diana Alvarado — Mon, 17 Oct 2022 17:03:19 +0000

As your organization looks to improve your security posture and practices, early detection and prevention of unauthorized activity quickly becomes one of your main priorities. The behaviors associated with unauthorized activity commonly follow patterns that you can analyze in order to create specific mitigations or feed data into your security monitoring systems. This post shows […]