Zeno

🔔 Announcement

We're thrilled to announce Humans Behind Code!

Humans Behind Code (HBC) is a project by FAUN, where developers meet other developers and learn about the people behind the tools, libraries, frameworks, and other projects they use to build their applications.

We interview developers and ask them about their projects, their motivations, their struggles, and their successes. It's about sharing knowledge and helping each other grow.

👉 If you're a Developer or a maintainer of a widely adopted Open Source project and you think it's worth talking about it and your experiences in building it, join Humans Behind Code!

Best,
Aymen from FAUN.

If you have any questions, just hit the reply button!

Sponsor FAUN and reach developers where they are, not where you want them to be.

Download our mediakit.

On 6th October 2022 new CVE was released for critical vulnerability with the identifier CVE-2022-41852. This vulnerability affects a Java library called Apache Commons JXPath, which is used for processing XPath syntax. All versions (including latest version) are affected by this vulnerability.

According to NIST the vulnerability score is 9.8 CRITICAL with CVSS:

Currently, there is no official fix for this vulnerability, but we might have a solution that should protect the application, however, it will disable the use of functions in all XPaths completely.

Check out this article to understand if you're vulnerable and understand the vulnerability using a PoC.

By @tutorialboy24

NordVPN 68% Black Friday discount is here!

👉 Access anything online without restrictions
👉 Add extra layers of security to your digital life
👉 Get the best online protection tools along with your NordVPN service.
👉 Get 3 months FREE with the 2-year plan

This blog post describes a new DevSecOps adoption framework (created by Vanessa Jackson and Lyndsi Hughes) that guides the planning and implementation of a roadmap to functional CI/CD pipeline capabilities.

This article presents how to detect and respond to different security events in Azure and DevOps platforms using Microsoft Sentinel

A collection of kernel and userland settings one can change to improve the security and usability of a Linux system. Targeted at Arch, but should work for other distros too.

The mission to run any containerized application on any infrastructure makes security a challenge on Kubernetes.

Secrets that can be exploded to the internet include Slack tokens, Database credentials, cloud access, secret keys and developer tokens.

When a secret makes its way to a Git repository, it stays there forever, sitting in one or more of your commits, waiting to be found and used against you. Developers often forget that Git-based repository history is never deleted.

Many tools in the market can scan your repository, or commits before pushing, to ensure that no secrets are stored or pushed to the remote origin.

FAUN's Job Board offers an exceptional platform to connect with skilled developers, DevOps professionals, and software engineers who are eager to contribute to the success of your organization.

Post your job openings on FAUN's Job Board today and watch your talent pool grow.

Get started now .

✅ Encrypted file storage and sharing
✅ Access your files from any device
✅ Get access to all our services

Discount available until December 5th.

A curated list of software and architecture related design patterns.

Tool for Django Developers to setup full stack EKS Kubernetes with all necessary tools including DevSecOps in 40 minutes

Jube is open-source transaction and event monitoring software. Jube implements real-time data wrangling, artificial intelligence, decision making and case management. Jube is particularly strong when implemented in fraud and abuse detection use cases.

Lookup an IP address to find out which public cloud it originates from