In this blog post, I will show how you can install the OWASP training tools WebGoat, WebWolf and JuiceShop on your local laptop using Vagrant.
Architecture
Measure the Quality of your Source Code!
Quality is something which is hard to define. Different areas of expertise use their own definitions of what quality is. Without an objective standard which carries weight, anyone can claim to provide a quality product or service according to some standard. This makes it difficult to compare products and to […]
The Release Formula: R = ΔF + ΔNF + ΔQ
TL;DR: a software release introduces changes in three areas: functional, non-functional and quality. Each change should contribute to identified objectives – and the contribution should be measurable. Product teams should strive for release statements that identify the changes, the objective they contribute to and the metric used for measuring their […]
The True Cost of a Feature–Kill your darlings
TL;DR: the true cost of a software feature includes a long tail of operational and maintenance cost that should be taken into consideration when first implementing the feature. The continuance or deprecation of features should be evaluated periodically, based on the actual usage and true value of the feature – […]
How to build an Oracle Database application (that supports APEX, Java, React or any other front-end) (1)
What’s in a name? A title is important and I hope that it describes well what I do want to share with you in this series of articles. It is not so much about how to use the back-end part (Oracle Database) or the front-end (Oracle APEX, Java, Node, React […]
How to build an Oracle Database application (that supports APEX, Java, React or any other front-end) (6)
Last time in “How to build an Oracle Database application (that supports APEX, Java, React or any other front-end) (5)”, I told you about Git, Subversion, Maven and Flyway. In this final article, I will discuss the following tools & methods: Oracle SQL Developer, utPLSQL, SonarQube, Perl, Ant and DevOps. Oracle […]
How to build an Oracle Database application (that supports APEX, Java, React or any other front-end) (5)
Last time in “How to build an Oracle Database application (that supports APEX, Java, React or any other front-end) (4)”, I told you about the Oracle SQL Developer Data Modeler. This time I will discuss the following tools: Git, Subversion, Maven and Flyway. Flyway The first tool I would like to […]
How to build an Oracle Database application (that supports APEX, Java, React or any other front-end) (4)
Last time in “How to build an Oracle Database application (that supports APEX, Java, React or any other front-end) (3)”, I told you about the Oracle Database and Oracle APEX. This time I will discuss Oracle SQL Developer Data Modeler. Oracle SQL Developer Data Modeler A book I can recommend is Oracle […]
How to build an Oracle Database application (that supports APEX, Java, React or any other front-end) (3)
Last time in “How to build an Oracle Database application (that supports APEX, Java, React or any other front-end) (2)”, I did show you the database structure. This time I will elaborate on the base tools, the Oracle Database and Oracle APEX. Oracle Database How to use it? I can tell […]
How to build an Oracle Database application (that supports APEX, Java, React or any other front-end) (2)
Last time in “How to build an Oracle Database application (that supports APEX, Java, React or any other front-end) (1)”, I gave you an introduction. This time I will elaborate on the database structure. Project folder layout The following top level directories may exist for every database application project: Directory Description […]
The Prototype Pitfall
TL;DR Prototyping is an essential way to determine the technical feasibility and functional desirability of features of a software system. There is a clear and present danger that the prototype is considered to be professional code, peer reviewed and production ready. This risk must be mitigated and anyone involved needs […]
Using one-time upload URLs in AWS with S3 versioning
In this blog, I will show how you can use the SAM (Serverless Application Model) to get a presigned upload URL to AWS S3 that can be used exactly once [1]. In AWS it is possible to use a presigned URL to upload files, but the URL is valid for […]
Using one-time upload URLs in AWS with Memcached
In this blog I will show how you can use the SAM (Serverless Application Model) to get a presigned upload URL to AWS S3 that can be used exactly once [1]. In AWS it is possible to use a presigned URL to upload files, but the URL is valid for […]
Using one-time upload URLs in AWS using DynamoDB
In this blog, I will show how you can use the SAM (Serverless Application Model) to get a presigned upload URL to AWS S3 that can be used exactly once [1]. In AWS it is possible to use a presigned URL to upload files where the URL is valid for […]
Some end-of-year remarks about the AWS Shop Example
It is the end of the year: time to look back, time to look forward. In the past year, I had a lot of extra time because of the Corona measures. I spent most of that time creating blog articles about AWS, starting with a series about the AWS shop […]
Performance problems, the Whys.. and Hows.. around them
Introduction Over the last years, as part of my consultancy experience, I had the chance to work on several assignments tackling IT performance problems. In this post I will try to share my experiences on that topic, considering performance problems that I have faced on several (on-premise, cloud, hybrid) and […]
AWS Lambda: shared libraries (and SAM)
In June I wrote a blog series about the AWS Shop Example. In this series, I also wrote about X-Ray [1]. I like X-Ray: you can see how much time each step in a whole concattenation of AWS services takes and how much time it costs to send the response […]
AWS blog series part 5: Start PowerShell script after a reboot when Windows fails to do so
You might have wondered in the second blog of this series [1], why I mentioned the possibility that the Task Scheduler didn’t start after a reboot in the “on-premise” (Hyper-V) environment, but I didn’t do so in the AWS environment. Well, that’s because I used a “trick”, where AWS will […]
Windows Failover Cluster on AWS part 4: Construction of the CloudFormation scripts
Introduction If you follow along in this blog series [1], I can imagine that if you deployed the CloudFormation scripts, that you think “wow, how does it work”. In this blog, I try to answer that question. 1. Windows Failover Clustering Nested stacks When you start the CloudFormationFailover.yml script, you […]
AWS Migration part 3: The technique behind Windows Failover Cluster on AWS
Introduction In the previous two blogs [1], I showed that it is is possible to implement a Windows Failover Cluster in AWS. In this blog, I will explain the differences between a Failover Cluster on-premise and a Failover Cluster in AWS. 1. How does a Windows Failover Cluster work on-premise? […]
AWS Migration part 1: how to migrate Windows Failover Clustering servers to AWS?
Introduction In this series, I will look at the migration from on-premise Windows Failover Clusters to AWS. What is the difference in recovery times between the application on-premise, the 1:1 migration of a Failover Cluster to AWS and the commonly used pattern of an Auto Scaling Group with one node? […]
Heeft kwetsbaarheid verholpen….
Alleen al dit jaar zijn er meer dan 70 ‘adviezen’ geformuleerd door het Nationaal Cyber Security Centrum. Ondanks deze adviezen lezen we met enige regelmaat over grote IT-hacks en of verstoringen. Ze gaan vaak gepaard met grote financiële en of maatschappelijke gevolgen.
Anchore Engine: Container image vulnerability scanning
Applications nowadays, are usually deployed inside containers. A container consists of libraries and tools which allow the application to run inside. Since there can be exploitable vulnerabilities, it is not only important to take security into account for your application, but also for the container it runs in. There are […]
AWS Shop example: unit tests
Introduction In the last six blogs [1], I showed you an application that used AWS to process the sales from a cashing machine. This series continues with tests for this application. Some objects of our solution cannot be tested: we cannot test the API gateway, the SNS topics or DynamoDB […]
AWS Shop example: the API Gateway (1)
Introduction You might have noticed that we skipped the API Gateway up to now [1]. I will write two blogs about the API Gateway. In this one, we follow the simplest route: from sending the message to the API gateway, and let the API Gateway deliver the message at the […]
Example application in AWS using Lambda
Introduction I have to admit: I love serverless. Serverless computing is using the cloud as it is supposed to be used: it scales up when you need more capacity, it scales down to zero when you don’t need resources. That is really good when you have, for example, a shop […]
Migrating an old (10.2.0.4) database to Oracle Cloud with minimal downtime
Unlike most of our posts this post will contain almost no code or examples. But it hopefully will help somebody who ends up to be in the same situation we landed on: migrating data from very old versions to a new environment. Recently we were tasked with the migration of […]
Setup and use of oVirt on CentOS7
Today, I’ll explain how to install and use oVirt: a nice virtualization tool for Linux, which is based on KVM. I installed the current production version 4.3.8 on a test machine, a Medion machine with an extra SSD drive. As usual, you’ll find the installation file for pxe that I […]
Calling an Oracle DB stored procedure from Spring Boot using Apache Camel
There are different ways to create data services. The choice for a specific technology to use, depends on several factors inside the organisation which wishes to realize these services. In this blog post I’ll provide a minimal example of how you can use Spring Boot with Apache Camel to call […]
Collective Data Set and Equal Data Position between B2B Partners in Data Sharing Ecosystems – enter: Blockchain
Many organizations collaborate in one or more ecosystems: groups of organizations that work together in vertical chain or share common interests sometimes even despite being competitors. Examples are research environments (health, climate, agriculture, environment), supply chains & logistics, insurance industry, government agencies, pension funds, traffic management. Note that within large, […]
IoT is silo integration using Azure Reference Architecture
In IoT, we bridge the gap between the physical world and the enterprise IT systems to unlock the data and create real business value.
Changing views on integration – from Enterprise Service Bus to API Gateway, Serverless and iPaaS
If your tool is a hammer, every problem looks like a nail. Many of us have seen situations where this tunnel vision over time took hold. And for many of us involved in integration, this also has happened. In this article I want to briefly draw your attention to changing […]
How to securely access remote content without using a VPN: Use a proxy server accessed through an SSH tunnel
There are numerous occasions that I was limited in my work because of connectivity which could not be trusted. For example; I could not download large installers due to a proxy anti virus tool which manipulated downloads causing files to become corrupted. I needed to visit a website to find […]
Getting started with Spring Boot microservices. Why and how.
In order to quickly develop microservices, Spring Boot is a common choice. Why should I be interested in Spring Boot? In this blog post I’ll give you some reasons why looking at Spring Boot is interesting and give some samples on how to get started quickly. I’ll shortly talk about […]
Industrial IoT Strategy, The Transference of Risk by using a Digital Twin
The Internet of Things (IoT) is all about getting in-depth insight about your customers. It is the inter-networking of physical devices, vehicles (also referred to as “connected devices” and “smart devices”), buildings, and other items embedded with electronics, software, sensors, actuators, and network connectivity which enable these objects to collect […]
SSL/TLS: How to choose your cipher suite
For SSL/TLS connections, cipher suites determine for a major part how secure the connection will be. A cipher suite is a named combination of authentication, encryption, message authentication code (MAC) and key exchange algorithms used to negotiate the security settings (here). But what does this mean and how do you […]
Materials for Workshop Microservices Choreography with Kubernetes, Docker, Kafka and Node.JS
Thursday June 1st – yet another community event at AMIS. This one dedicated to Microservices. What are microservices, why do we think they are interesting? How are they different? How can they be implemented and how do you deploy them? What is a microservices platform and what generic capabilities should […]
Docker, Oracle Images and Cloud
Overview Oracle is embracing Docker – just like many other companies – as the de-facto standard in Container technologies. It has resulted in the certification of various Oracle products for running in Docker containers and even Oracle supported Docker images are available. Furthermore, Oracle offers 2 Cloud Service around containers: […]
Development and Runtime Experiences with a Canonical Data Model Part I: Standards & Guidelines
Introduction In my previous blog I’ve explained what a Canonical Data Model (CDM) is and why you should use it. This blog is about how to do this. I will share my experiences on how to create and use a CDM. I gained these experiences at several projects, small ones, […]
Development and Runtime Experiences with a Canonical Data Model Part II: XML Namespace Standards
This blog is about XML namespace standards. Primary for using them in a Canonical Data Model (CDM), but also interesting for anyone who has to define XML data by creating XML Schema files (XSD). This blogpost is the second part of a trilogy about my experiences in using and developing […]