Tag: cloud native
-
Bill of Materials CKS Refresher
A Software Bill of Materials (SBOM) is like the ingredients list on your food package—it reveals what components, libraries, and dependencies go into building the final software. Just as checking food labels helps you understand nutritional content and potential allergens, an SBOM provides transparency into third-party components, helping identify vulnerabilities early in the software supply…
-
Prompt Flow Running Exa AI
Promptflow is an open-source development tool created by Microsoft to streamline the end-to-end development lifecycle of LLM-based AI applications. When building agentic workflows, having a good foundation of the workflow you’ll want something that is modular, reusable and provides visibility. To effectively utilize this tool, it’s important to understand its key concepts, which can be…
-
Simulating Kubernetes Attacks with Detection of Falco + Tetragon
Microsoft recently released an open-source repository designed to simulate attacks on Kubernetes clusters, showcasing the detection capabilities of Defender for Cloud sensors. However, this tool can also be extended to work with other Intrusion Detection Systems (IDS) for monitoring Kubernetes environments. As with any detection solution, it is crucial to rigorously test various attack scenarios…
-
Azure AI Foundry
Introduction This week at Microsoft Ignite, Azure AI Foundry was unveiled as the rebranded successor to “Azure AI Studio.” This marks a significant step toward unifying AI development tools under one cohesive platform. Azure AI Foundry provides a streamlined toolchain and an SDK designed for efficient consumption of AI models, supporting both OpenAI and Mistral…
-
RouteLLM Unlocking Cost Effective LLM Routing
Introduction Costs associated with using closed-source large language models can add up in the use cases of complex tasks due to the nature of how tokens are priced for using APIs. RouteLLM is a open-sourced project that creates a method to determine based on the query a user sends which LLM to choose based on…
-
Batch Jobs in Azure OpenAI
Introduction In the existing landscape of Generative AI, optimizing API submissions is crucial for both cost and performance. Whether you’re fine-tuning token usage or streamlining context-aware requests using Retrieval-Augmented Generation (RAG), finding the right tools can make a significant difference. One of the most promising solutions is the Azure OpenAI Batch API, designed specifically for…
-
Mutability of FIPS on AKS
Introduction Your in compliance and tasked with identifying which microservice supported supports Federal Information Processing standards. Operations are dynamic and can change from supporting a business unit that might have this requirement, so what are you options if you have to revert and keep the cluster? Currently in Azure Kubernetes Service this has been capable…
-
Artifact Registry VEX in GCP
Introduction Vulnerability Exchange (VEX) or Vulnerability Exploitability eXchange is a communication format that is used to share detailed information about the exploitability of vulnerabilities in software products. VEX documents provide essential details about vulnerabilities, focusing on whether they are exploitable in the specific context of the software or environment in which they are found. Given…
-
Retina by Microsoft OSS
KubeCon 2024 in Europe has recently wrapped up this past week with some major announcements from various vendors one that stood out to me is the use of Retina. Microsoft released a open-source cloud-agnostic Kubernetes Network Observability platform this can provide a path to customizable telemetry. This telemetry has multiple options on where you’d like…
-
KubeArmor Explored
KubeArmor is a cloud-native runtime security enforcement system that works with restricting behavior (this resides with execution, file access, and network operations) of pods, containers, and nodes (VM’s) at the system level. The way this tool works is by using Linux Security Modules which to no surprise are enamored in the Certified Kubernetes Security Specialist…