perox_

It's interesting to see CISA add procedures, commands, and behaviors into their IOC section. It's probably a good approach as many just ask for IOCs and anticipate atomic IOCs, like IP Addresses, but this could help atomic IOC based organizations evolve to focusing on behaviors. https://t.co/OlZDZucSdF

How do companies ship code to production? The method to download the high-resolution PDF is available at the end. The diagram below illustrates the typical workflow. Step 1: The process starts with a product owner creating user stories based on requirements. Step 2: The dev team picks up the user stories from the backlog and puts them into a sprint for a two-week dev cycle. Step 3: The developers commit source code into the code repository Git. Step 4: A build is triggered in Jenkins. The source code must pass unit tests, code coverage threshold, and gates in SonarQube. Step 5: Once the build is successful, the build is stored in artifactory. Then the build is deployed into the dev environment. Step 6: There might be multiple dev teams working on different features. The features need to be tested independently, so they are deployed to QA1 and QA2. Step 7: The QA team picks up the new QA environments and performs QA testing, regression testing, and performance testing. Steps 8: Once the QA builds pass the QA team’s verification, they are deployed to the UAT environment, where the QA team, dev team, and even the product owner perform UAT testing. Step 9: If the UAT testing is successful, the builds become release candidates and will be deployed to the production environment on schedule. Here we might not want to deploy to all the users in one go to mitigate the change risks, so some techniques like feature toggle, canary deployment can be used. Step 10: SRE (Site Reliability Engineering) team is responsible for prod monitoring. They leverage a bunch of log-analyzing tools and process-tracing tools like ELK stack, Prometheus, and Skywalking. They report production issues to QA and dev teams, and teams need to fix them based on defined priority. – Subscribe to our newsletter to download the 𝐡𝐢𝐠𝐡-𝐫𝐞𝐬𝐨𝐥𝐮𝐭𝐢𝐨𝐧 𝐏𝐃𝐅. After signing up, find the download link on the success page: https://t.co/0v29X0VLNt