Setting up applications in a remote VPS server nowadays is not a tough job. There are many stack available in the software industry to setup our web applications in a VPS. We have selected the stack NextJs, FastApi and Traefik to host our web application in VPS. Setup VPS There are many hosting providers in the market. Buy a VPS that matches your need. If you need to host a web application then it is worth considering purchasing a domain name.

Falco is an open source runtime security tool which interpret the linux system calls and verify it against the rule engine and generate alert if any violations are identified. Architecture of Falco Falco works on linux user space and kernal space. The kernal space component interpret the system calls and send it to the user space component for analysis. The analyzer gives it to the rule engine to check it against the rules configured in the yaml file.

kube-bench is an opensource go-lang application contributed by aquasecurity to check the secure deployment of the kubernetes. kube-bench implements the CIS Kubernetes Benchmark, so that running the kube-bench command gives us a detailed report on CIS kubernetes best practice recommendations. Install & Run Kube-Bench We could install kube-bench different ways such as installing the binary directly in the node or run it as a container. Run binary directly in the node $ wget https://github.

Trivy is an open source tool from Aquasecurity to scan images, configurations, projects to find out the vulnerabilities. It could be included in the build pipeline to prepare production ready components and containers which are less vulnerable to the attacks. It can scan the Git repositories, container images, report issues in the configuration files such as dockerfile, kubernets, terraform files.

Seccomp (Secure computing mode) is a linux kernal feature used to restrict the system calls of an application to the kernal. Why do we need this feautre? An application doesn’t need access to all system calls which linux kernal provides, so if we keep access to other system calls then we are widening the attack surface.

How to disable or enable a bean based on the deployment environment was the question we had back in 2015 when implementing a retail banking project. Now also most of the spring developers would like to know how to conditionally enable the spring beans. I would scribble down the way how we had achieved this in the banking project by setting up a sample project.

A traveller who walks through a forest places some marks on the trees to avoid being lost in the forest. Similarly programmers add logs in order to get some help when tracing an issue. Logs are the excellent source of information if we could place it at the appropriate places in our code. As a programmer and an architect, I have been involved in many production deployments and have to look into the logs to identify the problems.

An automatic PO is created either when received goods exceed the ordered quantity or when the vendor was asked to supply goods without raising a PO. A purchase order is automatically created when a goods receipt is posted (MIGO). The following are the prerequisites for an Automatic PO creation via MIGO.

Business Scenario : PO quantity was for 100 liters. However, 120 liters were delivered. This larger quantity needs to be received in the system.