Infrastructure as Code, Patterns and Practices
Infrastructure as Code, Patterns and Practices teaches you to automate infrastructure by applying changes in a codified manner. You'll learn how to create, test, and deploy infrastructure components in a way that's easy to scale and share across an entire organization. The book is full of flexible automation techniques that work whether you're managing your personal projects or making live network changes across a large enterprise. A system administrator or infrastructure engineer will learn essential software development practices for managing IaC, while developers will benefit from in-depth coverage of assembling infrastructure as part of DevOps culture. While the patterns and techniques are tool agnostic, you'll appreciate the easy-to-follow examples in Python and Terraform. Infrastructure as Code is a set of practices and processes for provisioning and maintaining infrastructure using scripts, configuration, or programming languages. With IaC in place, it's easy to test compo ...
Infrastructure as Code, Patterns and Practices teaches you to automate infrastructure by applying changes in a codified manner. You'll learn how to create, test, and deploy infrastructure components in a way that's easy to scale and share across an entire organization. The book is full of flexible automation techniques that work whether you're managing your personal projects or making live network changes across a large enterprise. A system administrator or infrastructure engineer will learn essential software development practices for managing IaC, while developers will benefit from in-depth coverage of assembling infrastructure as part of DevOps culture. While the patterns and techniques are tool agnostic, you'll appreciate the easy-to-follow examples in Python and Terraform. Infrastructure as Code is a set of practices and processes for provisioning and maintaining infrastructure using scripts, configuration, or programming languages. With IaC in place, it's easy to test compo ...
SQL Antipatterns, Volume 1
SQL is the ubiquitous language for software developers working with structured data. Most developers who rely on SQL are experts in their favorite language (such as Java, Python, or Go), but they're not experts in SQL. They often depend on antipatterns - -solutions that look right but become increasingly painful to work with as you uncover their hidden costs. Learn to identify and avoid many of these common blunders. Refactor an inherited nightmare into a data model that really works. Updated for the current versions of MySQL and Python, this new edition adds a dozen brand new mini-antipatterns for quick wins. No matter which platform, framework, or language you use, the database is the foundation of your application, and the SQL database language is the standard for working with it. Antipatterns are solutions that look simple at the surface, but soon mire you down with needless work. Learn to identify these traps, and craft better solutions for the often-asked questions in this bo ...
SQL is the ubiquitous language for software developers working with structured data. Most developers who rely on SQL are experts in their favorite language (such as Java, Python, or Go), but they're not experts in SQL. They often depend on antipatterns - -solutions that look right but become increasingly painful to work with as you uncover their hidden costs. Learn to identify and avoid many of these common blunders. Refactor an inherited nightmare into a data model that really works. Updated for the current versions of MySQL and Python, this new edition adds a dozen brand new mini-antipatterns for quick wins. No matter which platform, framework, or language you use, the database is the foundation of your application, and the SQL database language is the standard for working with it. Antipatterns are solutions that look simple at the surface, but soon mire you down with needless work. Learn to identify these traps, and craft better solutions for the often-asked questions in this bo ...
The Enterprise Path to Service Mesh Architectures
Planning to build a microservice-driven cloud native application or looking to modernize existing application services? Consider using a service mesh. A service mesh approach can help you create robust and scalable applications, but it also introduces new challenges. This updated report answers common questions regarding service mesh architectures through the lens of a large enterprise. Author Lee Calcote, founder and CEO of Layer5, shows developers, operators, architects, and IT leaders how to evaluate your organization's readiness for using a service mesh-and provides a clear path to help you adopt one. You'll evaluate several factors when deciding which applications should be built from the ground up and which can be converted with a new service mesh architecture. This updated edition discusses several service meshes available and the tools you need to implement them. You'll explore: - Service mesh concepts, architecture, and components, such as control planes and data planes ...
Planning to build a microservice-driven cloud native application or looking to modernize existing application services? Consider using a service mesh. A service mesh approach can help you create robust and scalable applications, but it also introduces new challenges. This updated report answers common questions regarding service mesh architectures through the lens of a large enterprise. Author Lee Calcote, founder and CEO of Layer5, shows developers, operators, architects, and IT leaders how to evaluate your organization's readiness for using a service mesh-and provides a clear path to help you adopt one. You'll evaluate several factors when deciding which applications should be built from the ground up and which can be converted with a new service mesh architecture. This updated edition discusses several service meshes available and the tools you need to implement them. You'll explore: - Service mesh concepts, architecture, and components, such as control planes and data planes ...
Hacking APIs
An Application Programming Interface (API) is a software connection that allows applications to communicate and share services. Hacking APIs will teach you how to test web APIs for security vulnerabilities. You'll learn how the common API types, REST, SOAP, and GraphQL, work in the wild. Then you'll set up a streamlined API testing lab and perform common attacks, like those targeting an API's authentication mechanisms, and the injection vulnerabilities commonly found in web applications. In the book's guided labs, which target intentionally vulnerable APIs. By the end of the book, you'll be prepared to uncover those high-payout API bugs that other hackers aren't finding, and improve the security of applications on the web. ...
An Application Programming Interface (API) is a software connection that allows applications to communicate and share services. Hacking APIs will teach you how to test web APIs for security vulnerabilities. You'll learn how the common API types, REST, SOAP, and GraphQL, work in the wild. Then you'll set up a streamlined API testing lab and perform common attacks, like those targeting an API's authentication mechanisms, and the injection vulnerabilities commonly found in web applications. In the book's guided labs, which target intentionally vulnerable APIs. By the end of the book, you'll be prepared to uncover those high-payout API bugs that other hackers aren't finding, and improve the security of applications on the web. ...
Practical Social Engineering
Even the most advanced security teams can do little to defend against an employee clicking a malicious link, opening an email attachment, or revealing sensitive information in a phone call. Practical Social Engineering will help you better understand the techniques behind these social engineering attacks and how to thwart cyber criminals and malicious actors who use them to take advantage of human nature. Joe Gray, an award-winning expert on social engineering, shares case studies, best practices, open source intelligence (OSINT) tools, and templates for orchestrating and reporting attacks so companies can better protect themselves. He outlines creative techniques to trick users out of their credentials, such as leveraging Python scripts and editing HTML files to clone a legitimate website. Once you've succeeded in harvesting information about your targets with advanced OSINT methods, you'll discover how to defend your own organization from similar threats. Fast-paced, hands-on, ...
Even the most advanced security teams can do little to defend against an employee clicking a malicious link, opening an email attachment, or revealing sensitive information in a phone call. Practical Social Engineering will help you better understand the techniques behind these social engineering attacks and how to thwart cyber criminals and malicious actors who use them to take advantage of human nature. Joe Gray, an award-winning expert on social engineering, shares case studies, best practices, open source intelligence (OSINT) tools, and templates for orchestrating and reporting attacks so companies can better protect themselves. He outlines creative techniques to trick users out of their credentials, such as leveraging Python scripts and editing HTML files to clone a legitimate website. Once you've succeeded in harvesting information about your targets with advanced OSINT methods, you'll discover how to defend your own organization from similar threats. Fast-paced, hands-on, ...
Moodle 4 Administration, 4th Edition
This updated fourth edition of the classic Moodle Administration guide has been written from the ground up and covers all the new Moodle features in great breadth and depth. The topics have also been augmented with professional diagrams, illustrations, and checklists. The book starts by covering basic tasks such as how to set up and configure Moodle and perform day-to-day administration activities. You'll then progress to more advanced topics that show you how to customize and extend Moodle, manage authentication and enrolments, and work with roles and capabilities. Next, you'll learn how to configure pedagogical and technical Moodle plugins and ensure your LMS complies with data protection regulations. Then, you will learn how to tighten Moodle's security, improve its performance, and configure backup and restore procedures. Finally, you'll gain insights on how to compile custom reports, configure learning analytics, enable mobile learning, integrate Moodle via web services, and su ...
This updated fourth edition of the classic Moodle Administration guide has been written from the ground up and covers all the new Moodle features in great breadth and depth. The topics have also been augmented with professional diagrams, illustrations, and checklists. The book starts by covering basic tasks such as how to set up and configure Moodle and perform day-to-day administration activities. You'll then progress to more advanced topics that show you how to customize and extend Moodle, manage authentication and enrolments, and work with roles and capabilities. Next, you'll learn how to configure pedagogical and technical Moodle plugins and ensure your LMS complies with data protection regulations. Then, you will learn how to tighten Moodle's security, improve its performance, and configure backup and restore procedures. Finally, you'll gain insights on how to compile custom reports, configure learning analytics, enable mobile learning, integrate Moodle via web services, and su ...
Jira 8 Essentials, 6th Edition
This new and improved sixth edition comes with the latest Jira 8.21 Data Center offerings, with enhanced features such as clustering, advanced roadmaps, custom field optimization, and tools to track and manage tasks for your projects. This comprehensive guide to Jira 8.20.x LTS version provides updated content on project tracking, issue and field management, workflows, Jira Service Management, and security. The book begins by showing you how to plan and set up a new Jira instance from scratch before getting you acquainted with key features such as emails, workflows, and business processes. You'll also get to grips with Jira's data hierarchy and design and work with projects. Since Jira is used for issue management, this book will help you understand the different issues that can arise in your projects. As you advance, you'll create new screens from scratch and customize them to suit your requirements. Workflows, business processes, and guides on setting up incoming and outgoing mail ...
This new and improved sixth edition comes with the latest Jira 8.21 Data Center offerings, with enhanced features such as clustering, advanced roadmaps, custom field optimization, and tools to track and manage tasks for your projects. This comprehensive guide to Jira 8.20.x LTS version provides updated content on project tracking, issue and field management, workflows, Jira Service Management, and security. The book begins by showing you how to plan and set up a new Jira instance from scratch before getting you acquainted with key features such as emails, workflows, and business processes. You'll also get to grips with Jira's data hierarchy and design and work with projects. Since Jira is used for issue management, this book will help you understand the different issues that can arise in your projects. As you advance, you'll create new screens from scratch and customize them to suit your requirements. Workflows, business processes, and guides on setting up incoming and outgoing mail ...
Managing Kubernetes Traffic with F5 Nginx
Microservices architectures introduce several benefits to the application development and delivery process. Microservices-based apps are easier to build, test, maintain, and scale. They also reduce downtime through better fault isolation. While container-based microservices apps have profoundly changed the way DevOps teams deploy applications, they have also introduced challenges. Kubernetes - the de facto container orchestration platform - is designed to simplify management of containerized apps, but it has its own complexities and a steep learning curve. This is because responsibility for many functions that traditionally run inside an app (security, logging, scaling, and so on) are shifted to the Kubernetes networking fabric. To manage this complexity, DevOps teams need a data plane that gives them control of Kubernetes networking. The data plane is the key component that connects microservices to end users and each other, and managing it effectively is critical to achieving s ...
Microservices architectures introduce several benefits to the application development and delivery process. Microservices-based apps are easier to build, test, maintain, and scale. They also reduce downtime through better fault isolation. While container-based microservices apps have profoundly changed the way DevOps teams deploy applications, they have also introduced challenges. Kubernetes - the de facto container orchestration platform - is designed to simplify management of containerized apps, but it has its own complexities and a steep learning curve. This is because responsibility for many functions that traditionally run inside an app (security, logging, scaling, and so on) are shifted to the Kubernetes networking fabric. To manage this complexity, DevOps teams need a data plane that gives them control of Kubernetes networking. The data plane is the key component that connects microservices to end users and each other, and managing it effectively is critical to achieving s ...
Game Hacking Academy
Hacking games requires a unique combination of reversing, memory management, networking, and security skills. Even as ethical hacking has exploded in popularity, game hacking still occupies a very small niche in the wider security community. While it may not have the same headline appeal as a Chrome 0day or a massive data leak, the unique feeling of creating a working aimbot for a game and then destroying a server with it is hard to replicate in any other medium. When I first started learning game hacking years ago, resources were spread out across several sites and were very sparse. Typically, you would find a section of code that linked to a broken site. You would then search around for some forum that would have some part of the broken site in a post and piece together the information. While this rewarded thorough searching, it was a massive time-sink. These days, there are several places where you can find a variety of information regarding game hacking. You can find boilerplate ...
Hacking games requires a unique combination of reversing, memory management, networking, and security skills. Even as ethical hacking has exploded in popularity, game hacking still occupies a very small niche in the wider security community. While it may not have the same headline appeal as a Chrome 0day or a massive data leak, the unique feeling of creating a working aimbot for a game and then destroying a server with it is hard to replicate in any other medium. When I first started learning game hacking years ago, resources were spread out across several sites and were very sparse. Typically, you would find a section of code that linked to a broken site. You would then search around for some forum that would have some part of the broken site in a post and piece together the information. While this rewarded thorough searching, it was a massive time-sink. These days, there are several places where you can find a variety of information regarding game hacking. You can find boilerplate ...
Kafka: The Definitive Guide, 2nd Edition
Every enterprise application creates data, whether it consists of log messages, metrics, user activity, or outgoing messages. Moving all this data is just as important as the data itself. With this updated edition, application architects, developers, and production engineers new to the Kafka streaming platform will learn how to handle data in motion. Additional chapters cover Kafka's AdminClient API, transactions, new security features, and tooling changes. Engineers from Confluent and LinkedIn responsible for developing Kafka explain how to deploy production Kafka clusters, write reliable event-driven microservices, and build scalable stream processing applications with this platform. Through detailed examples, you'll learn Kafka's design principles, reliability guarantees, key APIs, and architecture details, including the replication protocol, the controller, and the storage layer. ...
Every enterprise application creates data, whether it consists of log messages, metrics, user activity, or outgoing messages. Moving all this data is just as important as the data itself. With this updated edition, application architects, developers, and production engineers new to the Kafka streaming platform will learn how to handle data in motion. Additional chapters cover Kafka's AdminClient API, transactions, new security features, and tooling changes. Engineers from Confluent and LinkedIn responsible for developing Kafka explain how to deploy production Kafka clusters, write reliable event-driven microservices, and build scalable stream processing applications with this platform. Through detailed examples, you'll learn Kafka's design principles, reliability guarantees, key APIs, and architecture details, including the replication protocol, the controller, and the storage layer. ...