Skip to main content

Posts

Showing posts from 2021

At a glance: Azure Load Tests Service

Quality metrics are important and need to be measured when we build and deploy a new system version. Resilience, response time, scalability, and application performance are not easy to test when creating a cloud solution.  Today's post talks about how you can run a performance test on top of Azure using Azure Load Testing. This service provided by Microsoft gives us the possibility to run large performance, scalability or application quality tests in a controlled and easy manner.  With the Azure Load Testing service, a developer or tester can configure and run a load test in just a few minutes, collect the output, and identify the system's bottleneck. Azure Load test components 4 main components are built around Azure load and performance capability: (1) Azure Monitor – used to collect information from Azure services (2) Azure Application Insights – used to collect application data and to provide an easy way to display and track application metrics (3) Azure Container In...

COVID-19 is a cloud security catalyst

Almost two years ago, we had to accept that the world as we know it had changed. Most of the companies migrated their workforce to remote working. Nowadays hybrid work model is part of the normality. Companies started to invest more in their digitalisation and cloud adoption programs. In this article, we talk about the current state of security and the top 10 security things that we need to invest in when we do a cloud adoption (cloud migration).  Cloud adoption and remote working changed how we build IT Solutions and how we tackle security. From my point of view, COVID-19 was and is a security incentive, exposing us to new digital risks and making us more aware of IT and cloud security.  Security Impact To understand the real impact of the current situations, let's take a look at some statistics :  Global adoption of digitalisation has increased to 55% in the last seven years 48% of the companies had to accelerate the cloud migration programs during the pandemic 60% of t...

[Post Event] Microsoft Tech Day 2021

I am excited to be part of the team that delivered sessions at TECH DAY 2021 , organized by Microsoft.  On the 25th of November, I talked about secure development and what a cloud developer needs to consider. It was a session where the main focus was on hands-on experience. I had 10 slides and the rest of the time was only hands-on experience inside Azure Portal and other cloud tools. I hope that you enjoyed my session! You can find below the slide deck Title :  Secure Application Development Abstract :  This session aims to identify the tools that help us build secure applications and environments for Azure during the development journey. The focus is on the developers and the tools we can use to ensure that our code is secure and aligned with all the available best practices and recommendations. It’s a hands-on session, limited to 10 slides and a lot of demos. Deck :  Secure Application Development from Radu Vunvulea

Address data processing outside the data sovereignty region (GDPR)

 The high level of cloud adoption brings closer and closer to us the day to day problems that were easily solved using on-premises solutions. The data regulations related to data sovereignty and specific region and country regulations like GDPR add an extra complexity layer to the application we are building inside the cloud. We have an imaginary organization called Osotnoc that is active in Australia, the US, UK and the EU. Each country has strict data regulations that require Osotnoc to store customers data inside each region.  Microsoft Azure has a strong presence in each region, so the team is building a solution on Azure SQL and App Service. The solution is deployed in all 4 regions, fully compliant with all local requirements but pretty expensive. Except for the database and computation layer, 4 different instances of Azure Application Gateways are deployed with WAF on top of them.  Besides this, more than 30% of active users requires access data from other regions....

WFH and Technical Certifications

Working in the IT industry can be fun and challenging at the same time. Each day can bring a new challenge that you need to conquer. We all know that technology is changing fast, but the ways of working, concepts and the SDP (Software Development Processes) are evolving at a slower speed. I see certifications as a way how we can increase productivity and ensure that the pillars of a specific topic are well known by the teams . Yes, sometimes the certification process and content might not be perfect for all of us. Nevertheless, most of the time there is a good match between specific roles and the certification curricula.  Top Certifications Global Knowledge publishes what are the most trending certifications at this moment in time. As we expect the cloud ones (AWS, Azure, GCP), Security and DevOps are in high demand. Except for technology, we should ensure that are also keep an eye on ITIL, TOGAF or similar certifications and knowledge.  Biggest challenge One of the biggest ch...

[Post Event] Transylvania Cloud, Nov 2021

  On the 22nd of November, I was invited by Transylvania Cloud Community to deliver a session about cloud migration. During the event, I discovered a community that is active, full of energy and vibe. More details about my session can be found below: Title : Everything you need to know about cloud migration Abstract : It is not easy to migrate to the cloud. It sounds simple initially, but during the migration, you realize that you forgot about things like governance, landing zone, and after a while, running costs are out of control. Join this session if you want to find how Cloud Adoption Framework can help us migrate our solutions to Microsoft Azure. The session is full of real-life examples and hands-on materials. Deck :  Everything you need to know about cloud migration(Build Stuff 2021) from Radu Vunvulea

[Post Event] js.talks 2021();

Last weekend I had the great opportunity to deliver a session during js.talks . The hybrid conference was hosted in Sofia Tech Park and took place on November 19 and 20, 2021.  The session that I delivered was covering the overengineering topic from the cloud point of view. Yes, we do overengineering also at the cloud level, from what services we are using, how we design and how we build our cloud solutions. More about the session you can find below. Title : The monster under the bed - Overengineering the cloud Abstract : How many times you had the feeling that you were using too many cloud services? Solutions, where we do overengineer, are common nowadays because spinning a new service is at a click distance. Join this session if you are ready to confess your mistakes. During the session, I share examples of cloud solutions where cloud overengineering almost killed the quality attributes and delivery date. Deck : The monster under the bed - Overengineering the cloud ...

[Post Event] Build Stuff 2021

On the 19th of November, I had the opportunity to deliver a session about Cloud Migration during Build Stuff 2021.  I had a great time and I hope that you enjoyed my session. If you have questions or you want to chat with me on this topic, drop me a line on Twitter or LinkedIn. You can check the presentation deck. Title : Everything you need to know about cloud migration(Build Stuff 2021) Abstract : It is not easy to migrate to the cloud. It sounds simple initially, but during the migration, you realize that you forgot about things like governance, landing zone, and after a while, running costs are out of control. Join this session if you want to find how Cloud Adoption Framework can help us migrate our solutions to Microsoft Azure. The session is full of real-life examples and hands-on materials. Deck : Everything you need to know about cloud migration(Build Stuff 2021) from Radu Vunvulea

[Post Event] ITDays 2021

 This week I had the great opportunity to be invited to ITDays to deliver a session about cloud security and COVID. It was a pleasure to join the conference, especially because it was the first time in the last 1.5y when I delivered the session from a studio and not from my home. You can find more information about my session below: Title : COVID-19 are a cloud security catalyst Abstract : The pandemic brought an increasing number of cyberattacks in the last 18 months (e.g. phishing attacks increased by 350%). The rush to become a cloud-first business combined with remote work and digitalization made companies vulnerable to cyber threats. Failing to embed cloud security inside the business can be seen in the newspapers every day. In this session, we learn together what we should do to make our cloud IT solutions better from the security point of view, or at least to track what a cyber intruder was able to steal or do. Slides :  COVID-19 are a cloud security cataly...

[Post Event] DevCon 2021

 On the 4th of October, I had the opportunity to deliver a session at DevCon . My session was about security and what are the most important features that we shall be aware of when we build a native cloud solution on top of Azure. Details from my session are available below. You can contact me on Twitter (@RaduVunvulea) or Linkedin if you have questions or you want to talk with me on this subject. Title : Top 13 best security practices for Azure Abstract : Security nowadays is just a buzzword. Even so, by joining this session, we discover together what are the most important security best practices from a .NET developer point of view that we need to take into considerations when we develop an application for Microsoft Azure Slides : Top 13 best security practices for Azure from Radu Vunvulea

Automation Rules inside Azure Sentinel

 Nowadays, automation is part of our day-to-day life. To be able to react to security incidents, it is not enough to detect them. We need a mechanism that can trigger an action when an incident is detected.  Azure Sentinel is a cloud-native SIEM (security information and event manager) that analyze what is happening inside your organization and can detect a possible security breach. Azure Sentinel can automatically raise an alert when an incident occurs. This is not enough, and to increase the SOC efficiency, reduce the response time and the no. of resources that you have available, you need to be able to implement SOAR (Security Orchestration, Automation and Response) on top of it.  Automation is the keyword here; we can now do it inside Azure Sentinel using Automation Rules.  Except for an alert and running a playbook the automation rules allow us to react to multiple analytics rules at once and automatically assign or close incidents. It is a mechanism that enable...

Azure Key Vault Governance using Azure Policy

 The right tool to ensure that you have control of your cloud environment and resources is Cloud Governance. Today's post talks about how we can govern our Azure Key Vault instance(s) using Azure Policy.  Azure Key Vault : is a cloud service for securely storing and accessing secrets. A secret is anything that you want to tightly control access to, such as API keys, passwords, certificates, or cryptographic keys. Azure Policy  is a service in Azure that allows you to create policies that enforce and control the properties of a resource. When these policies are used, they enforce different rules and effects over your resources, so those resources stay compliant with your IT governance standards. Starting today, the integration of Azure Policy with Azure Key Vault (KV) is in GA (General Availability), meaning that we can use it for production environments from all public Azure Regions. How Azure Policy can help us? Imagine that you are part of an organization where Azure Ke...

[Post Event] Ada Lovelace Hackathon 2021

On 10th of October I had the opportunity to talk about AI, Cloud and the future of AI during Ada Loverlace Hackathon.  Title: My session is about what we should DO MORE to have success in AI & IT. Abstract: Do you love computers OR home automation, OR AI? I assume YES, and during high school and university years, you have the opportunity to build a strong foundation for tomorrow's specialist. Let's talk about what you should NOT IGNORE and what you should DO MORE during this period of your life. It partially worked for ME, and I am sure that would help YOU. See you on Sunday from 15:30. Servus, Radu Vunvulea!

Azure Front Door custom domain quote limit and solutions

When you reach the quotes of Azure Services you need to roll up your sleeves and go back to the design board.  Business context A company has around 20-50 products that are available in the EU, APAC and all US states. Each product can have around 5-15 different presentation web site (including custom domain) in each country.  Technical constraint The customer is using Azure and one of the technical objectives is to use only Azure Services, without any other 3rd party providers. Azure Front Door is in front of their API, used to map all the custom domains redirection to the main domain and to manage the security rules. The security rules are changed often (every day) - at least 3-4 rules per day, making the WAF component of Azure Front Door a goldmine for the operational team. US: 20 products X 10 custom domains X 50 US states =10000 web site and 1 000 custom domains              EU: 20 products X 10 custom domains X 10 EU countries =2000...

[Post Event] DevOps Stage 2021

 On the 24th of September, I had the amazing opportunity to be invited as a speaker at DevOps Stage.  I decided to talk about cloud security and what was the impact on the cybersecurity of the COVID-19 outbreak.  It was a joy to be part of this event and found many session interesting and challenging. Congratulations to all the people that were behind the scene. You have done a great job! Talk : COVID-19 are a cloud security catalyst Abstract : The pandemic brought an increasing number of cyberattacks in the last 18 months (e.g. phishing attacks increased by 350%). The rush to become a cloud-first business combined with remote work and digitalization made companies vulnerable to cyber threats. Failing to embed cloud security inside the business can be seen in the newspapers every day. In this session, we learn together what we should do to make our cloud IT solutions better from the security point of view, or at least to track what a cyber intruder was able to steal ...

HOW MUCH WOULD COST ME TO BUILD A SYSTEM TO RUN ON TWO CLOUD VENDORS SIDE-BY-SIDE?

 One common question that I hear lately is:  HOW MUCH WOULD COST ME TO BUILD A SYSTEM TO RUN ON TWO CLOUD VENDORS SIDE-BY-SIDE? It is a simple question that a business person has. Nevertheless, the response is not simple. Without running a workshop and invest time to understand the business requirements, the current technology stack and expected quality attributes, providing a cost of building the same solution on another CSP (Cloud Service Provider) is hard. There are tools on the market that provide the mechanism to assess costs on each CSP or what would be the cost of running the same on-premises payloads inside a CSP. Analogies and mapping between different CSP services can be made, making running cost estimation an easy job. Useful tools: Azure Pricing Calculator AWS Pricing Calculator Total Cost of Ownership (TCO) Calculator AWS to Azure service mapping The challenge is not the running cost! It is THE EFFORT COST to make a system run on another CSP. It is possible? How m...

Differences between GA, Private and Public Preview on Azure Services and Features

 Let's talk about what are the main differences between Private Preview, Public Preview and General Availability (GA) of Azure Services and Features. This topic is important when you run your workloads in production OR you manage sensitive data in production. Remember that you SHALL NEVER use non-GA services and features for production workloads .  The purpose of Private and Public Preview is only for evaluation purposes. Except for the lack of SLA and formal support, there might be other issues that haven't been discovered or fixed yet. Think about the #ChaosDB vulnerability, which was caused by a CosmosDB feature that was in Public Preview.  Below you can find a list of things that you might want to take into consideration: Area Private Preview Public Preview General Availability SLA        NO     NO YES         ...

[Post Event] Data Platform Summit 2021

This week I had the great opportunity to deliver a session during  Data Platform Summit . It is impressive how the team was able to build a similar experience with the physical one, including the lobby, hall and all other things using VR and 3D rendering.  The session that I delivered during the event was focusing on Azure security best practices and the tools that can be used to secure our cloud solutions. More about the session that I delivered can be found below. Title : Top 13 best security practices for Azure Abstract : Security nowadays is just a buzzword. Even so, by joining this session, we discover together what are the most important security best practices that you need to have in mind when you work inside the cloud – inside Microsoft Azure. Slides:  Top 13 best security practices from Radu Vunvulea