Platform engineer

Software developers have been putting badges on their repositories for a long time. Since they’re easily recognizable and have high information density, badges make it simple for developers to signal (or understand) things like code quality, test status and coverage, version, framework, or adherence to various standards.

All over the globe, teams are scrambling right now to triage the impact of the recently announced Log4j vulnerability on their services and applications. Rather than reinvent the wheel, here’s a snippet from an informative Cloudflare blog post that puts CVE-2021-44228 in context:

Applications, products, and systems have become more and more complex. Microservices, dependencies, and external services provide greater functionality and improved reliability.

A security vulnerability was published on December 12th, 2021 by the NIST for Log4J version 2.14.1 or earlier, dubbed CVE-2021-4422. OpsLevel does not use Java in its technology stack and is not affected by this security advisory.

Event-driven architecture (EDA) is more scalable, responsive, and flexible than its synchronous counterpart. That’s because it processes and distributes information as it arrives instead of storing it for processing when a client requests it.

Improving your microservice security isn’t like improving the security of a monolith application. Microservices provide lots of flexibility for application developers.

Engineering organizations often look for ways to improve their engineering teams’ efficiency. The more efficient the team, the faster they can ship new features and products to their customer base. From this need for efficiency, combined with developer empathy, we’ve seen the rise of DevOps and site reliability engineering across the industry.

When you’re designing a microservice architecture, there are a lot of questions you have to answer. Some of them make themselves apparent very early in the process.

Snyk is rapidly becoming the de facto standard for businesses that want to build security into their continuous software development processes. And with their developer-first tooling and best-in-class security intelligence, it’s no surprise.