I was recently debugging a nasty issue in one of our backend services and needed to view the exact HTTP request & response being sent to an authentication server. Fortunately, Go’s standard library provides http.RoundTripper, httputil.DumpRequestOut & httputil.DumpResponse, which are great for dumping the exact out-bound request & the response. But since an authentication request contains credentials and a response contains a security token, it would have been insecure to record credentials & tokens in our logging systems. How could I securely exfiltrate the information I needed, while maintaining security and not requiring a whole lot of changes to my codebase or deployment environment?
Ready. Set. GoLang. AWS, Kubernetes, Docker… Whatever platform or language you’re developing, these blog articles from zvelo provide developer insights into building a better prototype, go-to-market product, or revision. Specifically for router engineers, hardware developers, sysAdmins, CISOs, CTOs, and Cyber Threat Intelligence teams. Device manufacturer’s rejoice—have a seat in the Developer’s Corner.
In my last post, we explored reasons why we would want to use the container orchestration tool kubernetes to manage deployment of our applications. Of the numerous choices of tools available to deploy Kubernetes, we’ve chosen kops because it works really well with Amazon Web Service (AWS).
For little over a year now, zvelo has been transitioning our infrastructure to the Kubernetes Platform. Developed by Google, Kubernetes is an open-source system for automating deployment, scaling, and management of containerized applications. Using Kubernetes allows us extreme flexibility with our applications, both horizontally and vertically.
zvelo On The Go: An Interview With Our Principal Engineer, Joshua Rubin We recently caught up with Joshua Rubin, our Principal Engineer, who provided some great insight into Go (Golang), one of the tools the engineers use here at zvelo. Why use Go instead of the the “older/mature” languages like C++ or even Java for…
The Journey of Building a Next-generation SOA Data Services Platform. Several years ago, zvelo systems and cloud infrastructure was completely overhauled—leveraging machine learning and cloud computing to improve web content categorization, our URL database, and other systems. This is story.
Building a Data as a Service Platform for AI – Q&A with a zvelo Engineer With the recent release of zveloDP™, zvelo’s Data as a Service platform, we thought it was an excellent opportunity to ask some questions about the platform and get some insight into the technology behind the curtain. Q: First things first,…
I attended one of the Black Hat training sessions titled “Advanced C++ Source Code Analysis.” It was quite fascinating! Looking through source code for bugs seems to be a different mindset from writing software.
A renewed sense of urgency to secure information, networks and electronic devices in order to thwart advanced hacking techniques loomed over the 2013 RSA conference floor in San Francisco. The harsh realization that traditional security measures simply don’t cut it anymore was confirmed by various keynotes and casual hallway conversations between peers.
I had the privilege of discussing the state of mobile phone payments systems, like Google Wallet, on a local radio station show called “Backbone Radio” in mid-February, 2012, which is co-hosted by Joshua Sharf. The segment aired on 710-AM KNUS in Denver and 1460-AM KZNT radio out of Colorado Springs.
They always independently verify that their client is the best. Well, independent tests these days are a joke.