July 2020 Summaries
2 posts from StackHawk
Filter
Month:
Year:
Post Summaries
Back to Blog
A small startup utilizing LogNet's SpringBoot GRPC library for internal communications faced a challenge due to the lack of native Micrometer support, which GRPC itself does not expose to Spring. To address this, they implemented a basic setup to integrate Micrometer with their GRPC services for metrics collection, adding dependencies in their build file and exposing endpoints for HTTP metrics and Prometheus scraping. Operating within Kubernetes, they configured Prometheus to discover and scrape service pods, enabling monitoring of method timings through standard Spring/Micrometer practices and enhancing exception metrics by integrating a Micrometer registry counter within their GRPC exception handler. This setup, which involves annotating methods for timing and incrementing counters for exceptions, allowed the team to collect and analyze metrics like average GRPC call lengths and exception occurrences using Prometheus and PromQL.
Jul 30, 2020
595 words in the original blog post.
Last week, a discussion with Sherif Koussa, Founder and CEO of Software Secured, focused on enhancing security in production applications by integrating application security testing into the CI pipeline. The conversation explored how to incorporate security checks using GitHub Actions, specifically through Dynamic Application Security Testing (DAST), Static Application Security Testing (SAST), and Secrets Detection. A video was provided to detail the process of adding these security measures, and further information on implementing StackHawk with GitHub Actions can be found in the related documentation.
Jul 29, 2020
80 words in the original blog post.