Comparison of Linux Distributions on AWS EC2

How do various Linux distributions implement a operating system for use in virtualized or cloud environments? One proxy for size and complexity is the number of packages installed. While not a perfect comparison, in general, less is more. In Amazon’s US-WEST-1 region, I fired up the a number of Linux distributions and counted the number of packages installed.

Faster Secure Software Development with Continuous Deployment

First presented at PHDays on May 24, 2013 in Moscow, Russia. Why don’t developers care about security issues? Why isn’t security training effective? Why do basic application security problems continue to exist? One reason is that long release cycles disenfranchise developers from caring or even knowing about security or operational issues. Continuous Deployment helps address this by small, but frequent, changes to the production environment. At first, this would seem less stable and less secure, however continuous deployment is a lot more than “pushing code”.

Fixing Security by Fixing Development using Continuous Deployment

First presented at Security Development Conference on May 14, 2013 in San Francisco, USA. Do you have an effective release cycle? Is your process long and archaic? Long release cycle are typically based on assumptions we haven’t seen since the 1980s and require very mature organizations to implement successfully. They can also disenfranchise developers from caring or even knowing about security or operational issues. Attend this session to learn more about an alternative approach to managing deployments through Continuous Deployment, otherwise known as Continuous Delivery.

DevOps The Internal User Growth Team

PuppetLabs invited me to guest-write for their blog. I thought about the future of DevOps and what it means after you get done automating basic infrastructure. The end result is DevOps: The Internal User Growth Team, which was the last blog post of year. Special thanks to Michelle Carroll for outstanding copy-editing.