A few weeks ago I passed my AWS Certified Developer Associate (DVA-02) exam and I thought it would have been nice to document how heck I accomplished to do it on a first try, and of course provide some hints to whoever wants to do the same. 🧑🏻💻👨🏻💻»
In today’s digital landscape, developing software with a security-oriented mindset is no longer an option – it’s a top priority.
I’ve had the opportunity to attend the Secure Software Development Fundamentals Course by the Open Source Security Foundation, and I found it enlightening and a must for passionate Software Engineers.
So today, I’m going to talk about a set of widely recommended Security Design Principles that serve as invaluable rules of thumb for developing software with security-first in mind.
Let’s start! 🚀
I often read tweets, threads and posts about a weird practice called Pair Programming, full of complaints. But I find this usually due to a lack of understanding and improper implementation.
I’d like to clarify why those complaints are misleading and why you shouldn’t write pair programming off completely.
As an Extreme Programmer I used to jumping often into different engagements, each of them has challenges I need to overcome and problems I need to solve.
This time I jumped into an engagement with a legacy codebase composed mainly by AWS lambdas written in Typescript. Language and technology I’ve never used before.
How can I learn the language and at the same time being able to quickly deliver value?
The answer in my head was clear: let’s create some tests, the rest will follow!
Have you ever wondered how to deliver good Software As A Service? Nowadays, as developers, we spend most of our time delivering software as a service, but it brings a lot of uncertainties about how to do it properly. Do you know that we already have 15 tips that can help us to achieve that visionary goal?
I’ve been reading a lot about it, and I decided to summarise them in a small article. Let’s dig deeper and find more about this methodology and the fifteen factors which belong to it…
Recently I’ve seen a thread on Twitter regarding distributed tracing systems. I recognise that sometimes it’s an underestimated topic, so I thought to write a short and introductory article about it…»
Often I read that for simple tasks Rust is not a good choice. Go is more adopted when we need to create a small script to automatize our jobs. But is it true?»
One of the hottest topics of the moment in Big Data is undoubtedly the Data Mesh, but what is it? Why is this better than the solutions we had before? Do we need it? Should we adopt it?»
Ah shit, here we go again. Another year passed, and another Hacktoberfest is over. I’ve just received my swag, and I can’t be more excited!»
I’ve finally found the time to customise my Github’s profile. It shows some interesting stats about my activities, without any external browser extension, how?»
Today I’ve talked with ItalianCoders about my experience abroad as a Software Developer. With me other five developers who are working around the world, talking about their experiences and why/how they decided to move abroad.»
I always liked the
your codebase is like a garden metaphor, it says that writing software is like gardening, you have to take care of your garden in many ways and from time to time you have to move plants around relative to each other, consider how to take advantage of the wind, rain and sunlight to help your plants grow and stay healthy. Every day you have to monitor them and make adjustments as needed. Like your code. But how can we do it in practice and become good gardeners?
During our journey as developers, we often have to use external APIs, integrate our systems with them and be sure that everything works smoothly, sometimes it becomes difficult because suddenly the systems we are interacting with change their behaviour, breaking our integration.
How to prevent it?
Migrating a database is one of the most sensitive things that can happen to do at some point in our career, sometimes it is easy, sometimes it is not. Let’s see how to use the expand/contract pattern to be able to do it in both cases ~»
My usual post of the year about the Hacktoberfest is back! Even this year I participated in it and gained some swags and an amazing t-shirt ~»
Another week is over, here in ThoughtWorks Barcelona but this time it was different from the others, it was full of new ideas and teams, at the end of it that was even a prize, a winner and a celebration. Are you wondering what’s going on, right?»
What’s an incident? What to do in case of an incident? How to be a great incident commander? Are you a good incident responder? This is what I discover during my Incident Management workshop in @ThoughtWorks this week, let’s take a look!»
Last year, as the previous one I partecipated to the Hacktoberfest and of course I received a lot of swag, do you want it too? ~»
I release a simple golang package named IsGoogle useful to check if a certain ip address belongs to Google.»
Today I started to work on a Scala project, I spend most of my time using vim (or in this case neovim) so I started to looking for plugins to write Scala using [neo]vim.»
I release a simple golang package named IsWadmin useful to check if a process is running as administrator on Windows.»
I release a simple golang package named IsDocker useful to check if the process is running inside a Docker container.»
For a tons of personal reasons I don’t use Whatsapp, I prefer Telegram instead but often I need to listen some audio files from Whatsapp that are in OPUS so to listen it I need to convert it, so boring, isn’t it? So I wrote a Telegram’s bot to convert it for me but better.»
Using more than one device often I need to move some links or some datas from to another one, I need a simple and clean way to do that without logins, emails, codes and hard to remember links so I thought how to solve my problem using golang…»
The first phase in security assessment is focused on collecting as much information as possible about a target application. One tool to do that is Goofile, it allows to search a specify filetype in a specify domain using Google…»
One of the worst things that can be happens to a twitter user is surely to be unfollows but how to discover who unfollow you ? To solve this problem I create an ad-hoc offline and commandline tools to do that.»
For academic purpose I have to interface the F401RE NUCLEO board with the HY-SRF05 ultrasonic sensor, it uses the sonar principle to allow to measure the distance to an obstacle.»
For academic purposes I have to work with BLE, a new technology often used nowadays, with a NUCLEO-F401RE board and the NUCLEO-IDB04A1 BLE extension board by ST»
For academic purposes now I own a NUCLEO-F401RE board by ST Microeletronics, it works with STM32 microcontrollers, it is arduino compatible, supported by MBED, it has 3 leds and 2 pushbuttons on board; Obviously is fully programmable… but how ? Let’s do it!»
I saw on github a nice tool to test my applications under certain networks and system condition to prove that my tests never fail…»
I use Telegram, whatsapp alternative messaging application, it contains more features than whatsapp and many benefits, one of these is the possibility to create bots and to try it I decided to make one just for fun.»
Walking around the city I found a cheap nunchuck and obviously I felt the need to do something. This time I chose to interface my raspberry pi with it.
Let’s see how!
At some point who is interested to become a programmer spend some time on the underground part of the field: the security field, in fact at least one time we played with exploits, bugs and vulnerabilities, at least one time we wanted to be a security professional.»
A few weeks ago I saw a Facebook application that allows to get a coupon to receive a “free nail varnish”, it’s very simple and clear: Put a “like”, insert yours data and done, you will receive your coupon and your free nail varnish, but there is a limitation: You can take it only once…. maybe.»
I was advised about a nice site that allows to organize my thoughts using many hierarchical lists, every programmer should try it!»
The steganography1 is a technique that allows to “hide” information inside an image or an audio files, it’s a very interesting security field, I can hide “secrets” into an image, pass it to my friend, and he, using a decoder can read what I wrote. Very useful to keep my “secrets” secret; so I wrote a simple C library to hide words into a bitmap images using the OpenCV libraries just for fun and profit…»
In the previous article we saw a little library to semplify my work, today I’m going to talk about a software that allows to track any color and at the same time tell other softwares which colour we have chosen»
In the previous article I introduced you my exam project about computer vision, now I’m going to explain to you how it works but first let me introduce a small header file I wrote to reuse useful functions and structs.»
I’m very fascinated about the possibility to give sight to a machine so for my final high school exam I made a computer vision project…»
I found a cool library online to interface my pc with any usb joystick I have in my house… so why not to move my cursor pointer with a joystick ?»
I have a raspberry pi, I love electronics so which best example of make 2LEDs blinks using a small pushbutton ?»