life, Sport

Favorites Books And (Virtual) Ironman 2020

It’s been a challenging year.
A year that caused lots of misery and the long term implications are still going to be discovered in the future. Nevertheless, I’m trying to focus on the hope we see just around the corner.

As for books and running/biking and swimming, it was all ‘virtual’ events. The Ironman race I was registered to do at Santa Rosa was first ‘pushed’ to ‘later this year’ and a after few months it was canceled.
As we learned during this year, it’s best to have patience (and endurance). Looking backward, there were quite a lot of new events that we managed to do. Both Strava and Zwift saw their platform taking an uplift. The new (or old) way to do a group ride: Zwift and Discord is quite cool. It won’t replace the real thing, but with the ‘new norm’, it’s quite a nice option.

Virtual Races

This year moved ‘everything’ into ‘virtual’. Sports events are just one example.
Since all the official races were canceled I did some virtual ones.

Continue reading
Standard
life

Reading Recommendations From @naval

A list from @naval talks/podcasts and tweets.
It’s mainly for my personal usage when I’m buy new books (or ordering some from the library).

  • Poor Charlie’s Almanac: The Wit and Wisdom of Charles T. Munger. This one is the biggest book (for real) you will have in your library. Find a special and strong shelf for it.
  • Sapiens: A Brief History of Humankind by Yuval Noah Harari. I wrote about here in the past.
  • The Power of Now: A Guide to Spiritual Enlightenment by Eckhart Tolle (@EckhartTolle)
  • The Sovereign Individual: Mastering the Transition to the Information Age by James Dale Davidson
  • Incerto Series by Nassim Nicholas Taleb (@nntaleb): All 5 books are great but not an easy read. I had to re-read some parts in the books again and again and I’m still not sure I got to the bottom of the idea(s).
Continue reading
Standard
life

Are You Doing COVID-19 Research?

“World War II was the defining moment of our parents’ generation. In a similar way, the COVID-19 pandemic—the first modern pandemic—will define this era.” – Bill Gates said it in his last post yesterday.

One of the interesting aspects of his observations is the need to collaborate our efforts on treatments, vaccines, testing and contact tracing.
We all want to help fight Covid-19. At JFrog we are helping developers be more productive with their work by harnessing the power of DevOps best practices (and tools).
Are you working on IoT to medical devices?
Here is one example on how to improve your process to ship better code in a faster way.

There are many more examples like that but bottom line, we want to help any organization that is fighting Covid-19.
You can apply here: https://jfrog.com/covid19/

Continue reading
Standard
cloud, JavaScript

Integrate JFrog Xray with Slack

The need to protect your software and to be updated about vulnerabilities is getting stronger. JFrog Xray is unique in its capabilities to perform analysis of all the binaries you are consuming in your project. It works with Artifactory to perform a deep analysis of binary components at any stage of the application lifecycle. Xray provides great visibility into issues lurking in components anywhere in your organization and there are many cases where you wish to get notified on a security violation (or a license breach) directly to Slack.

Getting Started

We will use Xray’s Webhooks to define our server’s and base on the policies/rules our Webhook will be notified with the alerts about violations (security or licenses).

Continue reading
Standard
Business

Stress Test: Reflections on Financial Crises (and the current one) – Quick Review

After the last few weeks, it clear we are in the biggest financial crisis in our generation. I read “Stress Test” a few months ago and there are several perspectives that are good to be remembered. Especially during these crazy days where the market shows ‘no bottom’.

“The fundamental causes of this crisis were familiar and straightforward,” Geithner writes. “It began with a mania — the widespread belief that devastating financial crises were a thing of the past, that future recessions would be mild, that gravity-defying home prices would never crash to earth.”

The causes of the crisis, in other words, were the same old-fashioned madness of crowds and extraordinary popular delusions responsible for every panic dating back to the Dutch mania for tulip bulbs. The entire society — including all the big banks and some nonbank financial firms, like the insurance company A.I.G. — simply ignored risk.

Continue reading
Standard
cloud, JavaScript

Export Violations From JFrog Xray to CSV

The trend of #DevSecOps is growing fast and it is no longer just part of your security team. More and more organizations wish to integrate their security team in all the phases of development and operations. To achieve it, there are cases where you need to export data from JFrog Xray (in our case to a CSV format) so you can ingest it to your current logging/monitoring system. 

What is Xray?

In a nutshell, JFrog Xray works with JFrog Artifactory to perform a deep analysis of binary components at any stage of the application lifecycle. It provides full transparency that leads to more trust in your software. 

By scanning binary components and their metadata, recursively going through dependencies at any level (think on the layers you have in any Docker container), JFrog Xray provides great visibility into issues lurking in components anywhere in your organization.

Xray API

One of the best parts is that JFrog Xray is also fully automated through a rich REST API. We will use it to create this Exporter. Please feel free to clone/fork the code below and use it, but remember you might need to add pagination and a watchdog for a real system.

Continue reading
Standard
Business, life

Improve Your Decisions

I find the topic of decisions making to be a fascinating one.
In the past few years, I wrote about it several times and this is the post I keep returning as the ‘checklist’.
However, it’s great to have quick and simple rules that you can use.

Three rules to improve your decisions (that I ‘borrowed’ from @naval):

  • If you can’t decide, the answer is no – It might be a bit tricky in cases where you don’t have a Yes/No decision. However, the idea (IMHO) is that you should have a hunch on what will be the right path and if you can’t feel it, try to base the decision on the best data you can find.

  • If two equally difficult paths, choose the one more painful in the short term (pain avoidance is creating an illusion of equality) – This is a clever one, as it’s pointing you in the direction of
    ‘Easy choices → Hard life. Hard choices → Easy life’.
    I’m not sure, this rule will be valid in all cases, but even if it’s holding for 80% it’s a good one to remember.

  • Choose the path that leaves you calmer in the long term – Smart way to validate which is the better decision for a given challenge.

Also, it’s good to remember that
“It’s extremely hard to make good decisions in a poor environment.”

So do your best to improve the environment (e.g. company, friends) before taking important decisions.

The original tweet:

Have a great weekend.

Standard
cloud

Continuous Software Updates With JFrog Pipelines

“Liquid Software” release practices are rapidly becoming the standard in many companies. However, as software shapes digital transformation, DevOps teams are feeling challenged to manage their growing influence on corporations’ success or failure. In a talk I gave last week, we looked into the growing pains that most enterprises (many of them JFrog customers) face when adopting and consolidating DevOps at scale, and how these challenges are being mitigated with end-to-end platform solutions. We also wrap up with some DevOps best practices that will help you address emerging trends that your bosses’ bosses care about.

The slides

Continue reading
Standard