Feature Flags as Business Enablers

Introduction Deploying code while working in a team can be tricky. If you have multiple developers working on the same repository orchestrating the feature release becomes problematic. Teams usually ask themselves whether a they can deploy to production their current dev branch and whether such a deploy process will be safe and won’t break existing features and/or introduce non working untested new features to the production environment. Features flags can be a mechanism that allow safe deployment of entire branches thus reducing the lead time of features from the developer’s laptop to …

A Detailed Guide to Big Data Architecture

Introduction In recent years, big data has taken the world by storm. Legacy relational database storage on premises has been transformed into complex cloud systems with multiple databases, NoSQL databases, ingestion engines, and so forth. In this post, I’ll explain big data architecture and how it differs from legacy database architecture and describe the different types of big data architectures. What Is Big Data? Legacy Systems Big data refers to extremely large and complex data sets that cannot be effectively processed or analyzed using traditional data processing tools and techniques. When we …

Distributed Database Architecture: What Is It?

Databases power all modern applications. They’re behind your Angry Birds mobile game as much they’re behind the space shuttle. In the beginning, databases were hosted on a signal physical machine. Basically, it was a computer running only one program: the database. Then we moved to running databases on virtual machines, where resources are shared among multiple operating systems and applications. In recent years we moved to running databases in the cloud. And we no longer use a single database instance to store the data. Modern database systems are spread across multiple computers …

The Most Effective SQL Server Activity Monitor Strategy

Databases power all modern applications, from banking and ATM software to space shuttle systems and your Angry Birds game. Wherever you go, you will find databases. The most common databases used today are relational or SQL databases, where data is stored in interconnected tables. In turn, you can query those tables using a query language that resembles plain English, Standard Query Language (SQL). To get the most value of the SQL databases you use as a developer, system administrator, or database administrator, it’s vital that you have visibility into what’s going on. …

Server Management Software: 5 Tools to Check Out

Introduction Around 30 years ago, a server was usually a standalone PC or mainframe that provided only one service. Think of a dedicated mainframe for emails, for instance. Things evolved from this to single standalone hardware that provides multiple services (email, http, ftp combined, for example) through virtual machines that can host multiple operating systems running dozens of services, and up to today, where servers are software defined and can run on anything from your washing machine to a drone. What Is Server Management Software? Even in the scenario of a single …

What Exactly Does An Engineering Manager Do? A Candid Look

Introduction Engineering is the department in the organization that actually builds the product that the enterprise sells. In the world of the knowledge worker, employees don’t stand near the assembly line tightening screws. The modern knowledge worker is a software developer who creates products using code. The role of the engineering manager, likewise, doesn’t resemble the worker of an overseer or foreman in a factory. This post is about what an engineering manager does and what exactly their role is in the department in particular and in the enterprise in general. Beginnings …

Spring Excessive Data Exposure: Examples and Prevention

An API is essentially a tool to provide an interface for the client with the software—that’s what they do. Some of the API methods modify application state and some return data to the client. Further, some methods can do both. Once we return data to the client, we need to make sure that we return only what’s necessary and don’t expose any sensitive information. This post will cover excessive data exposure in APIs with examples and prevention methods. The examples will be given in the context of the Java Spring framework. REST …

Types of Test Data You Should Use for Your Software Tests

Testing is an integral and vital part of creating software. In fact, test code is as important as your production code. When you create test code, you need to generate test data for your code to work against. This post is about the different types of test data that are used in software testing. I’ll elaborate on each type and explain what test types are used in which scenarios. Types of Test Data Valid Data As the name implies, this is the data that your program expects and should operate on. You …

Spring Broken Object Level Authorization Guide: Examples and Prevention

If a malicious user gains access to functionality that only system administrators should have access to, there can be dire consequences. This post is about a specific type of vulnerability called broken object level authorization, or BOLA. This happens when an attacker gains access to API methods that should be restricted. In addition to talking about what this is, I’ll discuss ways to mitigate this attack in general, and specifically in Java Spring Boot. Broken Object Level Authorization Defined Back-end APIs are basically a set of functions that return answers to requests. …

Spring Broken Authentication Guide: Examples and Prevention

Broken authentication vulnerability was recognized as one of the OWASP’s top 10 vulnerabilities. Broken authentication vulnerability essentially is when an attacker gains unsolicited access to restricted data and/or functionality. It can lead to identify theft, data leakage and, in worst-case scenarios, give total control of the compromised system to the attacker. This post will cover broken authentication vulnerability in general and in Java Spring in particular. What Is Broken Authentication Vulnerability? Broken authentication means an attacker can gain access to restricted data by pretending to be a different user. The attacker provides …