Trickest, Inc.’s Post

🚀 Handling Operations in a Single Endpoint: Best Practices https://lnkd.in/dXc9W2CR #racecondition #idempotency #bestpractices

Delve into the world of lightweight #MQTT with wolfMQTT 1.19.0! 🚀 This release introduces pivotal features, including an enhanced stress test module for resilience under high loads and seamless CMake integration for CI testing. Explore the possibilities! Learn more 🐺 🔐

Key management 101: rotate your keys regularly and set Allowed HTTP Origins to prevent misuse of your API keys! Both operations can be automated via API - see the API keys API documentation for details: https://buff.ly/4aXKQEc

Take a closer look at the benefits of adding leak detection and memory usage analysis to your CI process. https://bit.ly/38JBjPQ #continuousintegration #leakdetection

In Part 3 of our monitoring series, we've successfully integrated events and alerts into our application using Prometheus. 🔍 We explored how to emit events from our Flask app and set up alerts based on these events and key metrics. This proactive approach allows us to detect issues early and ensure the reliability of our services. 📊 Next up, in Part 4, we'll dive into the world of logs and their role in enhancing our monitoring strategy. Stay tuned for more insights! If you missed it, check out https://lnkd.in/gA6XsqbU where we discussed metrics and Prometheus integration with Kubernetes.

What's your automation strategy for TLS certificates? A new discussion has started at the CA/Browser Forum over a draft ballot proposal tabled by Apple which proposes to reduce the allowed validity periods of public trust TLS certificates. Today, TLS certificates may be issued with validity of up to 398 days. Under the proposal that maximum validity would shrink to 200 days by September 2025, 100 days by September 2026, and 45 days by April 2027. Although the TLS Baseline Requirements (BR) never mention ACME or automation, clearly such rapid certificate replacement cycles would only be achievable through widespread adoption of certificate lifecycle automation. The ballot also proposes a requirement that CAs revalidate domain control information more frequently. Currently CAs may cache domain control validation for up to 398 days; this would shrink to 10 days under the ballot. It is unclear how this would affect other certificate types, such as S/MIME, which currently leverage the domain validation methods of the TLS BR particularly for Enterprise RAs. Even corporate identity information contained in the SubjectDN of TLS certificates would be revalidated more frequently, shrinking from every 825 days to just 366 days. It seems likely that these constraints and timelines will shift during the discussion of the ballot in the CA/Browser Forum, but after much speculation on shrinking certificate validity periods, this is the first time we've seen a concrete ballot brought forward. The proposal goes even further than the 90-day maximum validity envisioned in Chrome's "Moving Forward, Together" vision for TLS.

When implementing an async runtime, you may want to add a worker to the pool to ensure efficient job consumption. Additionally, incorporating a 'priority task' feature can be valuable. This allows tasks to be added to different queues based on their priority, optimizing execution order. This post is the second in a series on custom async runtime implementation. https://lnkd.in/gZ_eEw7v

Are all secrets scanners the same? In a word: no. Legit Secrets Detection & Prevention stands apart with: ✔️ AI-powered accuracy and noise reduction ✔️ The ability to find every secret, everywhere -- from source code to Git history to build logs to shared workspaces ✔️ The power to easily scale to meet the needs of even the largest development environments ✔️ Automation and orchestration to fix fast and prevent future risk Get details in our new 3-page data sheet: https://hubs.ly/Q02Ymr6w0 #LegitSecurity #ASPM #secretscanning

Max. 45 days validity for TLS certs? Here is a good opportunity to discuss automation strategies.