2021-02-05|By Stanisław Szymański|In Security

How people hack themselves with dotgit?

In the twisted times of modern technology era it is often unsafe to assume, that you're safe. Today's topic is .git - one of the primary examples, how you can accidentaly hack yourself by an extremely simple, even trivial, overlook. We will explain, what is .git directory, how it can be used by the attacker to run away with a copy of your code, how to spot such vulnerabilities in your infrastructure, and what should be done to keep the danger away. What is .git ? .git [1] is a directory, native to Git [2] , the most popular version control system to date. Put simply, Git uses .git…

Continue reading

2021-02-01|By Kamil Zabielski|In Column

What were the higlights of pandemic year?

What were the highlights of pandemic year? The last year was the very first year for sysdogs, and we were so... lucky to get right into the pandemic. According to the Central Statistic Office in Poland [ 1 ][ 2 ][ 3 ], over thirty percent of companies fail in the very first year of operation. Our company works in the IT / IT Security sector, so naturally, we love metrics. Data, especially when properly interpreted, is something that tells you that you're either moving in a right or wrong direction. Sincerely, it is the only truly objective source of feedback about your performance, possible…

Continue reading

2020-10-19|By Kamil Szczygieł|In Code

Are there any Terraform tools worth using?

Testing your code, adherence to agreed standards, and verification of compliance towards security guidelines, is crucial for building high-quality infrastructures. You should apply these principles to infrastructure code, to keep it predictable and reliable. In this article, we will go through tools for continuous integration and local development that we, at sysdogs, use daily, and we highly recommend you to incorporate them into your workflow. Continuous Integration Continuous Integration is an essential part of code development. Terraform is not a special citizen - it should be validated…

Continue reading

2020-10-12|By Kamil Szczygieł|In Code

How to structure Terraform code for scale?

Terraform is one of the most popular tools to describe infrastructure as code. Being able to incorporate typical software development patterns into infrastructure results in better predictability, higher quality, and lowers the chance of a human error. You can implement continuous integration pipelines that will ensure that the infrastructure code is properly structured, follows all coding guidelines and security compliance requirements in your organization. To go even further, you can develop unit tests to increase the chance of finding an error before it will be applied to the real…

Continue reading