March 22-2? Moscow, OpenHack on containers and micro services from Microsoft

March 22-2? Moscow, OpenHack on containers and micro services from MicrosoftI am now at Microsoft in the engineering team responsible for supporting projects with containers and micro services on Azure. In the process of communicating with partners and customers, there are a lot of questions. Often the very first question is why we need containers. My favorite answer, if you do not need containers, you do not need containers :) But still I offer several classic container applications. The second question is whether containerization is a transition to a microservice architecture. The general answer, of course, is not. A simple example is the transfer of a monolith entirely ...
+ 0 -

SOC are people. Downloading the EXPO or how to become an analyst at 20 level

SOC are people. Downloading the EXPO or how to become an analyst at 20 levelIn the previous article it was about finding and training engineers for the first line of the monitoring and response center for cyberattacks. Today we will talk about the search and training of personnel for the second line - analysts who investigate atypical incidents and work with the content of the SIEM system, as well as engineers for the operation of the GIS, responsible for configuring the protection, attack analysis and development of custom signatures.
 
 
If we ask what requirements we are applying to the candidates, the answer may seem very trivial: certain technical competencies...
+ 0 -

Z̴a҉̠͚l͍̠̫͕̮̟͕g͚o̯̬̣̻F̮̫̣̩͓͟u̯z̡͉͍z̪͈̞̯̳̠i̴̜̹̠͇n̰g͕̫̹͉͓: use of non-standard methods of blurring of pieloads

Z̴a҉̠͚l͍̠̫͕̮̟͕g͚o̯̬̣̻F̮̫̣̩͓͟u̯z̡͉͍z̪͈̞̯̳̠i̴̜̹̠͇n̰g͕̫̹͉͓: use of non-standard methods of blurring of pieloads  
 
The use of non-standard techniques for obfuscating the payload (payload) during testing for the penetration of web applications can allow to bypass the filtering of protective means and facilitate the implementation of the attack vector. In this article I will talk about the so-called. Z̴a҉̠͚l͍̠̫͕̮̟͕g͚o̯̬̣̻F̮̫̣̩͓͟u̯z̡͉͍z̪͈̞̯̳̠i̴̜̹̠͇n̰g͕̫̹͉͓ as a method of obfuscation (blurring) of peyloadov.
 
HackerOne ).
 
 
These methods can be either separate application vectors or specific ones related to the specifics of an application, for example, AngularJS:
 
 
{{'a'[{toString:[].join...
+ 0 -

Building a network for storage systems SMB sector: Part 1. Selection of network equipment

There are various methods for organizing a centralized data storage system.
 
Nevertheless, most of these techniques one way or another can be reduced to one of three directions
 
www.dellemc.com/ru-ru/index.htm
 
[2]The site of the product "Polybayt" polybyte.rf /en
 
[3]Page of IBM Pure Systems on the IBM site www.ibm.com/ibm/puresystems/ru/ru
 
[4]The site of the company Zyxel www.zyxel.ru
 There are various methods for organizing a centralized data storage system. Nevertheless, most of these techniques one way or another can be reduced to one of three directions  www.dellemc.com/ru-ru/index.htm  The site of the product "Polybayt" polybyte.rf /en  Page of IBM Pure Systems on the IBM site www.ibm.com/ibm/puresystems/ru/ru  The site of the company Zyxel www.zyxel.ru  ...
+ 0 -

Validation of rows with validate.it.js

Validation of rows with validate.it.jsIf you recall all the TK with descriptions of field validation - they always looked like this:
 
 
must not be shorter than 6 characters
 
must not exceed 12 characters
 
It should include only Latin characters, numbers and an underscore
 
 
Requirements often come in a set of simple single-valued phrases. And we programmers translate these requirements into code.
 
You can turn them into one ultimatum regular expression, like
 
const validateLogin = login => /^[a-zA-z_d]{?12} $ /. Test (login);
 

But better than write more simple functions that are easier to read and bind to direct TK:


 
  ...[/a]
+ 0 -

Mobile 3D game on Unity3D in less than 90 hours

Mobile 3D game on Unity3D in less than 90 hours Greetings! Today, I will tell you about my experience developing the game on Unity for the Android platform, in less than 90 hours, on the example of creating a simple "runner". In the course of the narrative, I will touch upon some details and key stages, describing all possible pitfalls and methods for their solution. This story describes the process of creating a game for mobile platforms, from concept to finished product. I hope it inspires you to create your own project, or it will help shed light on some features of the Unity engine. Without further ado, let's get down to business!
 
...
+ 0 -

PCI DSS hosting: what you need to know

Recently we in IT GRAD successfully recertified cloud infrastructure for compliance with the requirements of the PCI DSS standard and obtained a PCI DSS Managed Service Provider certificate, it means that we can provide hosting services for PCI DSS. Next, we'll tell you what it is and introduce you to the existing services: co-location, IaaS Basic, IaaS Advanced.
 
 
PCI DSS hosting: what you need to know

 
/photo Neil Turner ...
+ 0 -

Testing service API and RSpec

Sometimes there is a need to write a small IPA service, often in the form of a prototype. And often this prototype then remains in the originally written form following the principle of "works - do not touch." Rewriting even a relatively small service involves the possibility of making an error or an occasional insignificant change in behavior, which is not immediately apparent. To help here comes testing ...
+ 0 -

Revelations of an employee of large IT companies[в Кремниевой долине]

This letter came to me via e-mail. I just edited it a bit to remove some personal data. The story is long, so I hide it under the cut:
 
 

Prehistory


 
[Ранее]I joined Google as a technical director. I think that this happened after Larry either proposed, or personally tried to dismiss all project managers, because he considered that only a few of their actions can be considered productive.
 
 
At this time, a lot of people were pestering the company's thresholds. Quite a few of them, after careful checks and mandatory passage of "intelligence tests", were able to get inside. The main slogan was: ...[/h]
+ 0 -

What does the program have between the lines

What does the program have between the lines

 
Knowledge of the rules of the chess game does not yet make a person a grandmaster, knowledge of the programming language does not yet make a person a programmer. And what is missing in both cases? We are looking for answers to both questions from recognized masters and trying to illustrate our own examples.
 
"- And what is it, comrades, an idea? The idea, comrades, is a human thought, clothed in a logical chess form. Even with insignificant forces you can master the whole board. Everything depends on each individual individually. For example, that blond guy in the third row. Suppose he plays well
 
The b...
+ 0 -