Skip to main content

Posts

Showing posts from November, 2021

Address data processing outside the data sovereignty region (GDPR)

 The high level of cloud adoption brings closer and closer to us the day to day problems that were easily solved using on-premises solutions. The data regulations related to data sovereignty and specific region and country regulations like GDPR add an extra complexity layer to the application we are building inside the cloud. We have an imaginary organization called Osotnoc that is active in Australia, the US, UK and the EU. Each country has strict data regulations that require Osotnoc to store customers data inside each region.  Microsoft Azure has a strong presence in each region, so the team is building a solution on Azure SQL and App Service. The solution is deployed in all 4 regions, fully compliant with all local requirements but pretty expensive. Except for the database and computation layer, 4 different instances of Azure Application Gateways are deployed with WAF on top of them.  Besides this, more than 30% of active users requires access data from other regions....

WFH and Technical Certifications

Working in the IT industry can be fun and challenging at the same time. Each day can bring a new challenge that you need to conquer. We all know that technology is changing fast, but the ways of working, concepts and the SDP (Software Development Processes) are evolving at a slower speed. I see certifications as a way how we can increase productivity and ensure that the pillars of a specific topic are well known by the teams . Yes, sometimes the certification process and content might not be perfect for all of us. Nevertheless, most of the time there is a good match between specific roles and the certification curricula.  Top Certifications Global Knowledge publishes what are the most trending certifications at this moment in time. As we expect the cloud ones (AWS, Azure, GCP), Security and DevOps are in high demand. Except for technology, we should ensure that are also keep an eye on ITIL, TOGAF or similar certifications and knowledge.  Biggest challenge One of the biggest ch...

[Post Event] Transylvania Cloud, Nov 2021

  On the 22nd of November, I was invited by Transylvania Cloud Community to deliver a session about cloud migration. During the event, I discovered a community that is active, full of energy and vibe. More details about my session can be found below: Title : Everything you need to know about cloud migration Abstract : It is not easy to migrate to the cloud. It sounds simple initially, but during the migration, you realize that you forgot about things like governance, landing zone, and after a while, running costs are out of control. Join this session if you want to find how Cloud Adoption Framework can help us migrate our solutions to Microsoft Azure. The session is full of real-life examples and hands-on materials. Deck :  Everything you need to know about cloud migration(Build Stuff 2021) from Radu Vunvulea

[Post Event] js.talks 2021();

Last weekend I had the great opportunity to deliver a session during js.talks . The hybrid conference was hosted in Sofia Tech Park and took place on November 19 and 20, 2021.  The session that I delivered was covering the overengineering topic from the cloud point of view. Yes, we do overengineering also at the cloud level, from what services we are using, how we design and how we build our cloud solutions. More about the session you can find below. Title : The monster under the bed - Overengineering the cloud Abstract : How many times you had the feeling that you were using too many cloud services? Solutions, where we do overengineer, are common nowadays because spinning a new service is at a click distance. Join this session if you are ready to confess your mistakes. During the session, I share examples of cloud solutions where cloud overengineering almost killed the quality attributes and delivery date. Deck : The monster under the bed - Overengineering the cloud ...

[Post Event] Build Stuff 2021

On the 19th of November, I had the opportunity to deliver a session about Cloud Migration during Build Stuff 2021.  I had a great time and I hope that you enjoyed my session. If you have questions or you want to chat with me on this topic, drop me a line on Twitter or LinkedIn. You can check the presentation deck. Title : Everything you need to know about cloud migration(Build Stuff 2021) Abstract : It is not easy to migrate to the cloud. It sounds simple initially, but during the migration, you realize that you forgot about things like governance, landing zone, and after a while, running costs are out of control. Join this session if you want to find how Cloud Adoption Framework can help us migrate our solutions to Microsoft Azure. The session is full of real-life examples and hands-on materials. Deck : Everything you need to know about cloud migration(Build Stuff 2021) from Radu Vunvulea

[Post Event] ITDays 2021

 This week I had the great opportunity to be invited to ITDays to deliver a session about cloud security and COVID. It was a pleasure to join the conference, especially because it was the first time in the last 1.5y when I delivered the session from a studio and not from my home. You can find more information about my session below: Title : COVID-19 are a cloud security catalyst Abstract : The pandemic brought an increasing number of cyberattacks in the last 18 months (e.g. phishing attacks increased by 350%). The rush to become a cloud-first business combined with remote work and digitalization made companies vulnerable to cyber threats. Failing to embed cloud security inside the business can be seen in the newspapers every day. In this session, we learn together what we should do to make our cloud IT solutions better from the security point of view, or at least to track what a cyber intruder was able to steal or do. Slides :  COVID-19 are a cloud security cataly...

[Post Event] DevCon 2021

 On the 4th of October, I had the opportunity to deliver a session at DevCon . My session was about security and what are the most important features that we shall be aware of when we build a native cloud solution on top of Azure. Details from my session are available below. You can contact me on Twitter (@RaduVunvulea) or Linkedin if you have questions or you want to talk with me on this subject. Title : Top 13 best security practices for Azure Abstract : Security nowadays is just a buzzword. Even so, by joining this session, we discover together what are the most important security best practices from a .NET developer point of view that we need to take into considerations when we develop an application for Microsoft Azure Slides : Top 13 best security practices for Azure from Radu Vunvulea

Automation Rules inside Azure Sentinel

 Nowadays, automation is part of our day-to-day life. To be able to react to security incidents, it is not enough to detect them. We need a mechanism that can trigger an action when an incident is detected.  Azure Sentinel is a cloud-native SIEM (security information and event manager) that analyze what is happening inside your organization and can detect a possible security breach. Azure Sentinel can automatically raise an alert when an incident occurs. This is not enough, and to increase the SOC efficiency, reduce the response time and the no. of resources that you have available, you need to be able to implement SOAR (Security Orchestration, Automation and Response) on top of it.  Automation is the keyword here; we can now do it inside Azure Sentinel using Automation Rules.  Except for an alert and running a playbook the automation rules allow us to react to multiple analytics rules at once and automatically assign or close incidents. It is a mechanism that enable...