Cloud security is the combination of tools and procedures that form a defense against unauthorized data exposure by securing data, applications, and infrastructures across the cloud environment and by maintaining data integrity. To read more about the basic principles of cloud security, check out our previous article on the subject. Cloud security is a constant concern for R&D teams, and more and more methodologies are being introduced to help teams achieve their goals.

Logging is a key requirement of any production application. .NET Core offers support for outputting logs from your application. It delivers this capability through a middleware approach that makes use of the modular library design. Some of these libraries are already built and supported by Microsoft and can be installed via the NuGet package manager, but a third party or even custom extensions can also be used for your .NET logging.

I have been noticing that a lot of folks are often confused between event logging and tracing. In terms of building out a generic SD for devs to report on observability data, should Event APIs be distinct from Trace APIs? Is an Event just a single Trace Span ? If you look at Honeycomb’s implementation, an Event seems to be equivalent to a single span trace. The middleware wrapper creates a Honeycomb event in the request context as a span in the overall trace.

Open source contributions are foundational to Elastic — from Elasticsearch’s Apache Lucene core to the addition of open source Logstash and Kibana to form the Elastic Stack you’ve come to know and love. Over the years, the Elastic community has created over 90 Beats, shared use case tutorials like those from Volvo, T-Mobile, and Microsoft, and presented at hundreds upon hundreds of meetups.

Kubernetes is a container orchestration tool, but its functionality extends far beyond just orchestrating containers in a narrow sense. It offers a range of additional features that—to a limited extent—address needs such as load balancing, access control, security policy enforcement, and even logging and monitoring. Indeed, Kubernetes’s broad functionality has led some folks to call it an “operating system” in its own right.

Oftentimes, security attacks that were clearly recorded in logs go unnoticed. They are obscured by a large sea of log data created by most modern cloud environments. In some cases, like during a DDoS attack, there will be a huge spike in logs so it will be very clear what happened. In other situations, just a few logs will document the attack. Finding these logs can be like finding a needle in a hay stack. But if you know what to looks for, it doesn’t need to be so hard to spot these attacks.

We are excited to partner with AWS in launching AWS Bottlerocket, a container optimized operating system. Bottlerocket gives DevOps teams speed, efficiency and security in containerized environments.