It's that time of year where I poll my friends to see what kind of cool downloads and resources they found in 2021. Hopefully, you'll see something you like. I'll start things off with my favorite download...
Sr. Director of Content, JupiterOne
It's interesting how Epic Games is trying to compete with EA. EG has to play a different game (pun intended).
In 2021, EG started offering a free download a week of one of their games. I was able to grab Sid Meir's Civilization VI! During the holiday season, they offered a new game everyday for 15 days.
This week, they are offering all three Tomb Raider games as free downloads, but be quick about it. It only goes through January 6, and then there will be a new one.
Value Stream Architect, DoD Platform One
Last week, Bryan flashed a picture of his bookshelf during an online discussion. It seems his online reading list is as prolific as his book collection. (As you'll see, Bryan is a big Dave Farley fanboi.)
- Want to get everyone at every level aligned on the goals for implementing CD and DevOps?
- What it means to be a professional software engineer.
- Dave Farley's CD Youtube channel is a treasure trove of knowledge
- Want to improve your entire organization?
- Need to improve your workflow? How about your org structure?
Sr. Director Cyber Security,Target
During the pandemic, leading teams has become maybe harder but definitely different. A lot of my introspection has been on leadership and I love Adam Grant's "Work Life" podcast... this episode was really powerful for me.
Chief Strategy Officer, Cobalt.io
Each year, we publish The State of Pentesting Report to provide a detailed overview of vulnerabilities and identify the trends and hazards that impact the cybersecurity community. We gathered data from over 1,500 pentests performed in 2020 to learn about the assets getting tested and the vulnerabilities discovered, along with interviewing over 600 security practitioners to learn how that data changes across different industries, company sizes, and more.
Also, this video has GOT to make any best of 2021 list.
So many things to recommend but how about this image? It looks completely different on Apple vs. non-Apple devices.
In tests by BleepingComputer, on macOS Big Sur 11.6, the latest version of Chrome web browser (96.0.4664.110 (x86_64)) rendered the text in the image as 'HELLO WORLD'. But, viewing this page on Safari, or the image alone in Mac's 'Preview' app shows 'HELLO APPLE.'
DevSecOps Transformation, Contrast Security
A podcast is a "download", right? In this episode, Larry discusses what he is currently working on at Comcast, the importance of adding security into the DevOps process, how to motivate developers to adopt security, how he measures programs going forward, what are the greatest security challenges that we are facing, what inspired his young entrepreneurship, and his toughest lesson learned.
You can't do DevSecOps without DevOps and you can't do DevOps without a robust integration/functional/e2e test suite so I like this, "Fast fixes for slow tests: How to unclog your CI pipeline".
I also love this piece from Lance Knight, Building DevSecOps With Value Stream Management, as it relates to DevSecOps.
VP Infrastructure & Developer Operations, VillageMD
Oh damn dude. Where do I start? DevOps tools?
Have you ever wanted to integrate custom functionality into your code commit and push workflows without using IDE plugins, hacks, or gnarly scripts? We have, and that's why we developed Hookz. Hookz allows us to do a ton of commit tasks before our code even hits our branches. As you commit and push code to a git based source repository, Hookz will trigger scripts, run tasks, or do just about anything for you.
The best thing? We don't care what IDE you use to develop, what your back end source control system is, or what languages you program in. Operating System? We don't care. We wrote this in Go and have compiled it for every OS and architecture you'd ever want.
Solutions Architect, GitLab
Two resources stand out for me:
Epic Women in Cyber by Sonya Moisset. A great resource for finding, following and supporting women in cyber
OWASP Devslop. An educational and technical Sunday show covering a range of topics across Security and DevOps
Director, SRE Education, Google
The Secure Reliable Systems book could be a good one. A pdf download is available at SRE.google/books
CEO/Founder, Techstrong Group
For me the best download I had all year was the Spark email program for Mac.
I am a multi-email, multi-cloud email user (abuser). I also am a Mac user for the most part. Outlook for Mac just wasnâ€™t doing it for anymore after years of battling that beast. I don't like the gmail web interface and didn't want 3 or 4 different web interfaces for each mailbox.
I went on a quest for a great Mac email program. I wanted something with team capabilities as well. Spark has been great for me. It allows my admin to share email with me and assignments. It works not just on my Mac, but my iPhone and iPad as well.
No windows yet :-(