Today’s economy has created a new class of worker: the IT consultant. This lone warrior often manages multiple websites, responding to anything from outages to update requests and every code debug in between. If one can manage the never ending onslaught of servers, API calls and transactions these sites rely on each day, it’s a pretty decent living. The key is removing all the menial work that overwhelms and stifles productivity.
While there are plenty of articles aiming to instruct newbies on “how to become a DevOps engineer”, none of them answer a simple question – should you become one to start with? For me, it’s been a long and winding journey to becoming what is called a Site Reliability Engineer (SRE). The journey was unplanned, and for each step, I had to figure out what I want my next challenge to be and how to achieve it.
In the past few days, a new vulnerability was disclosed in a widely used component – jQuery File Upload plugin. A change in Apache’s Web Server security setting handling, exposed users of this plugin to an unrestricted file upload flaw. Let’s dig in on how to detect jQuery File Upload vulnerability (CVE-2018-9206) using Falco.