AquaSec CNAPP & trivy

A Cloud-Native Application Protection Platform (CNAPP) is an integrated security solution designed to provide comprehensive visibility and protection for cloud-native applications throughout their lifecycle, from development to production. It integrates multiple security capabilities, such as CSPM (Cloud Security Posture Management), CWPP (Cloud Workload Protection), and others like CIEM and API security, into a single solution to simplify management, … Continue reading AquaSec CNAPP & trivy

Cosign vs Kyverno

brew install cosign mshaik@rafis-MacBook-Pro ~ % docker pull nginx Using default tag: latest latest: Pulling from library/nginx d7ecded7702a: Pull complete 266626526d42: Pull complete 320b0949be89: Pull complete d921c57c6a81: Pull complete 9def903993e4: Pull complete 52bc359bcbd7: Pull complete e2f8e296d9df: Pull complete Digest: sha256:1beed3ca46acebe9d3fb62e9067f03d05d5bfa97a00f30938a0a3580563272ad Status: Downloaded newer image for nginx:latest docker.io/library/nginx:latest docker images REPOSITORY TAG IMAGE ID CREATED SIZE … Continue reading Cosign vs Kyverno

GitHub Actions 

GitHub Actions is a continuous integration and continuous delivery (CI/CD) platform that allows you to automate your build, test, and deployment pipeline. Events that trigger workflows https://docs.github.com/en/actions/reference/workflows-and-actions/events-that-trigger-workflows https://docs.github.com/en/actions/reference/workflows-and-actions/events-that-trigger-workflows https://docs.github.com/en/actions/how-tos/write-workflows/choose-when-workflows-run/trigger-a-workflow https://github.com/google-github-actions/example-workflows ex: https://github.com/google-github-actions/example-workflows/tree/main/.github/workflows Advantages over jenkins No Need to configure webhook if we use Github Actions Easy to write yaml based instruction rather using Jenkins  DSL (Domain-Specific … Continue reading GitHub Actions 

Dynatrace

Dynatrace Managed is a self-hosted deployment option of Dynatrace, offering comprehensive monitoring capabilities within a customer's own data center.  The core components of Dynatrace Managed include: Dynatrace Server (Cluster): This is the central processing and analysis engine of Dynatrace. It stores and processes all monitoring data (metrics, logs, events, traces), provides the web user interface for dashboards, … Continue reading Dynatrace

SAML vs OAuth vs OIDC vs SSO

Security Assertion Markup Language OAuth OIDC OpenID Connect (OIDC) builds on OAuth 2.0 Imagine you're going to Airport to travel. When you arrive, the staff will check two things before letting you in: your ID and your ticket. First, they'll look at some form of government-issued identification (license/Passport) to ensure you are who you claim … Continue reading SAML vs OAuth vs OIDC vs SSO

RAG Retrieval-Augmented Generation And Design Patterns

Retrieval-augmented generation (RAG) is a technique that enables large language models (LLMs) to retrieve and incorporate new information The concept of Retrieval-Augmented Generation (RAG) was introduced by  Patrick Lewis and his team of researchers from Facebook AI (now Meta), University College London, and New York University in a research paper published in 2020.  RAG improves large language models (LLMs) by incorporating information retrieval before … Continue reading RAG Retrieval-Augmented Generation And Design Patterns

PIP VS UV

Package Installer for Python https://github.com/astral-sh/uv 🚀 A single tool to replace pip, pip-tools, pipx, poetry, pyenv, twine, virtualenv, and more. uv is a newer, faster Python package and project manager that aims to be a drop-in replacement for pip, pip-tools, and venv, offering significant speed improvements and integrated features.  In contrast, pip is the traditional package installer that relies on separate tools like venv for managing virtual environments. uv handles both package … Continue reading PIP VS UV

npx vs npm

npm (Node Package Manager) npx (Node Package Execute) npm is a package manager for installing and managing project dependencies, while npx is a package executor for running packages without permanently installing them npm (Node Package Manager) Function: Manages project dependencies by installing, updating, and deleting packages locally or globally. Dependency Management: Keeps a record of project dependencies in the package.json file, ensuring consistency for … Continue reading npx vs npm

Model Context Protocol (MCP)

https://www.anthropic.com/ https://en.wikipedia.org/wiki/Anthropic Anthropic PBC is an American artificial intelligence (AI) startup company founded in 2021. It has developed a family of large language models (LLMs) named Claude. The company researches and develops AI to "study their safety properties at the technological frontier" and use this research to deploy safe models for the public https://github.com/modelcontextprotocol AI applications or agents: MCP provides access to an ecosystem of … Continue reading Model Context Protocol (MCP)