Jo Lin’s Post

CrowdStrike is looking for DevOps Engineers now, it seems the world understands our importance 😍 CrowdStrike, a cybersecurity giant, recently faced a massive disruption due to an update gone wrong. Thousands of Microsoft Windows machines were down, and the impact was huge (and still is). 🤯 Now, they're posting job updates to hire DevOps engineers to prevent this from happening again. Honestly, I'm not surprised. A strong DevOps team is like having a superhero on call, always ready to save the day with cultural practices for successful tests, builds and releases. 🦸♀️ This incident is a harsh reminder of DevOps's importance for business continuity. It's not just about tech; it's about preventing chaos and keeping things running smoothly. So, to all the DevOps engineers out there, your work is more important than ever! 👏 What are your thoughts on the same? Let me know in the comments #DevOps #cybersecurity #CrowdStrike

🚨 𝗛𝗼𝘄 𝗮𝗻 𝗔𝗰𝗰𝗶𝗱𝗲𝗻𝘁𝗮𝗹 𝗗𝗶𝘀𝗰𝗼𝘃𝗲𝗿𝘆 𝗦𝗮𝘃𝗲𝗱 𝘁𝗵𝗲 𝗜𝗻𝘁𝗲𝗿𝗻𝗲𝘁 𝗳𝗿𝗼𝗺 𝗮 𝗠𝗮𝘀𝘀𝗶𝘃𝗲 𝗖𝘆𝗯𝗲𝗿 𝗔𝘁𝘁𝗮𝗰𝗸 🌐 I recently came across an inspiring story about how an software engineer, Andres Freund, prevented a potential global cyber attack. 🛡️ It all started when Andre noticed an unusual spike in his CPU load 📈. What he initially thought was a bug turned out to be a backdoor planted by hostile forces 🕵️♂️. This backdoor, if left unchecked, could have spread globally, giving attackers control over millions of servers 💻. For DevOps professionals, this incident is a powerful reminder of the critical role that automation, monitoring, and security play in safeguarding infrastructure. The quick detection of abnormal system behavior, as Andre did, reflects the observability practices central to DevOps. Without real-time monitoring and effective incident management, such vulnerabilities can escalate quickly. Thanks to Andre's quick action ⚡, he identified the malicious code and alerted the Debian security team, averting a major crisis. This attack was a masterclass in social engineering 🎭, likely carried out by state-sponsored hackers. It also highlights how vital collaboration between open-source maintainers, DevOps engineers, and security teams** is in defending against such threats. 𝗞𝗲𝘆 𝘁𝗮𝗸𝗲𝗮𝘄𝗮𝘆𝘀: - 🔑 Open-source software is foundational to the internet and crucial for DevOps teams managing infrastructure at scale. - 🧩 Even small, unnoticed changes in code can have massive implications, making code review and security checks essential parts of the CI/CD pipeline. - 🚨 Security is always a top priority for open-source maintainers and DevOps engineers alike. - 👥 We all have a role to play in securing our digital infrastructure, especially in DevSecOps practices, where security is integrated throughout the development cycle. Andre’s quick thinking and dedication saved us from a catastrophe. For those of us in DevOps and security roles, this is a reminder that supporting the open-source community and integrating strong observability and security practices into our workflows is essential for the safety of our digital world 🌎💡. #CyberSecurity #OpenSource #Linux #DataProtection #CyberAttack #TechNews #AndresFreund #DevOps #Microsoft

When I was working as a DevOps Engineer, SRE, or SysAdmin, both for other companies and my own projects, managing SSL certificate expiration was always a challenge. It's something so simple, yet it often doesn’t get the attention it deserves—and it can become painful quickly. (Raise your hand if you've ever let a certificate expire!) Many times, I found myself writing scripts to collect certificate info, integrating them with Zabbix or other external tools. However, those tools only monitor online certificates, leaving internal ones untracked. And as for more comprehensive tools like Datadog or SolarWinds, you practically need to sell an organ to afford them. Certificate expiration isn’t just a small issue—it's affected even the biggest companies, including Microsoft, Spotify, Cisco, Google Voice, and Equifax, leading to: - Network outages - Loss of customer trust - Brand damage - Poor user experience - Increased exposure to vulnerabilities These issues can result in millions in lost revenue. That’s why I’m building SSL Guardian, a centralized monitoring platform for your SSL/TLS certificates across diverse technologies and environments. With Keymon, our soon-to-be-released open-source agent, we’ll cover everything—including internal certificates. Plus, you’ll have flexible alerting options, from simple integrations like Telegram Messenger, Slack, and Microsoft Teams, to more robust solutions like PagerDuty, #OpsGenie, and VictorOps. I'd love to connect with you to learn how you're currently handling certificate monitoring and how we can build a tool that brings value to you and your team. #DevOps #SRE #SysAdmin #Cybersecurity #SSLGuardian #SSLCertificates #CertificateMonitoring #Keymon #OpenSource #ITSecurity #TechInnovation #NetworkSecurity #CloudSecurity #OpsGenie #PagerDuty #Slack #MicrosoftTeams #Automation #MonitoringTools

CrowdStrike is looking for DevOps Engineers now, it seems the world understands our importance 😍 CrowdStrike, a cybersecurity giant, recently faced a massive disruption due to an update gone wrong. Thousands of Microsoft Windows machines were down, and the impact was huge (and still is). 🤯 Now, they’re posting job updates to hire DevOps engineers to prevent this from happening again. Honestly, I’m not surprised. A strong DevOps team is like having a superhero on call, always ready to save the day with cultural practices for successful tests, builds and releases. 🦸♀️ This incident is a harsh reminder of DevOps’s importance for business continuity. It’s not just about tech; it’s about preventing chaos and keeping things running smoothly. So, to all the DevOps engineers out there, your work is more important than ever! 👏 What are your thoughts on the same? Let me know in the comments! #DevOps #CrowdStrike #Cybersecurity #Tech #BusinessContinuity #DevOpsEngineers #Hiring #TechCareers #Innovation #Teamwork

#hiring *Associate Site Reliability Engineer (US Citizens)*, San Jose, *United States*, fulltime #jobs #jobseekers #careers #SanJosejobs #Californiajobs #MiningOilGas *Apply*: https://lnkd.in/gR3fpCsN Zscaler (NASDAQ: ZS) accelerates digital transformation so that customers can be more agile, efficient, resilient, and secure. The Zscaler Zero Trust Exchange is the company's cloud-native platform that protects thousands of customers from cyberattacks and data loss by securely connecting users, devices, and applications in any location. With more than 10 years of experience developing, operating, and scaling the cloud, Zscaler serves thousands of enterprise customers around the world, including 450 of the Forbes Global 2000 organizations. In addition to protecting customers from damaging threats, such as ransomware and data exfiltration, it helps them slash costs, reduce complexity, and improve the user experience by eliminating stacks of latency-creating gateway appliances. Zscaler was founded in 2007 with a mission to make the cloud a safe place to do business and a more enjoyable experience for enterprise users. Zscaler's purpose-built security platform puts a company's defenses and controls where the connections occur-the internet-so that every connection is fast and secure, no matter how or where users connect or where their applications and workloads reside. 6000 - REIS Reliability Engineering and Infrastructure Services Infrastructure Services & Reliability Engineering 4440 - Professional Services - Take Off Teams

#hiring *Associate Site Reliability Engineer (US Citizens)*, San Jose, *United States*, fulltime #jobs #jobseekers #careers #SanJosejobs #Californiajobs #MiningOilGas *Apply*: https://lnkd.in/gVsNKTdx Zscaler (NASDAQ: ZS) accelerates digital transformation so that customers can be more agile, efficient, resilient, and secure. The Zscaler Zero Trust Exchange is the company's cloud-native platform that protects thousands of customers from cyberattacks and data loss by securely connecting users, devices, and applications in any location. With more than 10 years of experience developing, operating, and scaling the cloud, Zscaler serves thousands of enterprise customers around the world, including 450 of the Forbes Global 2000 organizations. In addition to protecting customers from damaging threats, such as ransomware and data exfiltration, it helps them slash costs, reduce complexity, and improve the user experience by eliminating stacks of latency-creating gateway appliances. Zscaler was founded in 2007 with a mission to make the cloud a safe place to do business and a more enjoyable experience for enterprise users. Zscaler's purpose-built security platform puts a company's defenses and controls where the connections occur-the internet-so that every connection is fast and secure, no matter how or where users connect or where their applications and workloads reside. 6000 - REIS Reliability Engineering and Infrastructure Services Infrastructure Services & Reliability Engineering 4440 - Professional Services - Take Off Teams

Growing as an engineer: What’s privacy infrastructure? I usually describe my job as building privacy infrastructure – my goal is to let people do what they are good at (e.g. let the infra engineers launch their new load balancer, let the product engineers launch their new features etc.) without having to worry about questions like: - Can I log this data? Do I need to encrypt it in transit? - Can I copy this data across regions? - Should I talk to legal? Do I need their explicit approval? - Etc. In general the idea is that if engineers can merge their code without having CI/CD complain that some policies will be broken, they should be good to go. In practice, building privacy infrastructure is like crafting standard infrastructure but with a focus on shifting left for everything tied to privacy/compliance – the goal is to bake some of the invariants we want to enforce deep in the stack such that engineers can’t bypass it and don’t have to worry about it as long as they use standard infrastructure. I work closely with other infra teams as my work usually sits on top of their infrastructure – I’m also one of their close allies as I get to wave a stick to move some infrastructure projects a bit faster for privacy/compliance/security requirements. If you have experience building large scale infrastructure, we are hiring staff software engineers (and above) in Amsterdam (also in the US in San Francisco/Seattle) – reach out if you’re interested! #softwareengineering #privacy #infrastructure #compliance #security

🔒 Why Developers and DevOps Teams Shouldn’t Have Complete Access to Company Resources🔒 In today’s tech-driven world, access control is crucial. While developers and DevOps teams are the backbone of innovation and operations, giving them unrestricted access to all tech resources can lead to serious vulnerabilities. I’ve seen firsthand how dangerous this can be. In one of the companies I worked with, we faced a major crisis: a developer had full access to production resources, including databases and AWS infrastructure. Unfortunately, this led to a catastrophic situation where the developer changed production credentials and AWS resources, resulting in the loss of critical data and business operations. To make matters worse, after the hack was discovered, a program was executed that sent mass emails to shock and alarm the company and its clients. The aftermath? A significant loss of data, trust, and revenue. 👨💻 Here’s why we need to rethink access control: 1. Internal Threats: Not all threats come from outside. Developers or DevOps engineers with malicious intent or those making mistakes can inadvertently or deliberately cause major disruptions. 2. Principle of Least Privilege: By limiting access based on job roles, companies can reduce the risk of a single person bringing down a system or causing irreversible damage. 3. Auditing and Monitoring: Always ensure actions taken on production systems are monitored, logged, and auditable. This protects both the company and the developers. 4. Separation of Duties: Developers should build and test in isolated environments, and only specific, authorized personnel should be able to push changes to production. The lesson is clear: security should never be an afterthought. No single person should have unfettered access to your entire tech stack. Let’s build a culture of responsible access and protect what we’ve worked so hard to create. 💼🔐 #TechSecurity #DevOps #AccessControl #CloudSecurity #DeveloperSecurity #DataProtection

CrowdStrike Caper: When Updates Turned Offices into Soap Operas (But We Learned Valuable Lessons) This Patch Tuesday, the tech world took a dramatic turn worthy of an Oscar-worthy documentary. CrowdStrike's update delivered more drama than a daytime soap opera, with blue screens replacing water cooler gossip. Social media became a keyboard warriors' coliseum, with everyone – from clickbait bloggers to your uncle sharing dubious life hacks – suddenly an expert. While the memes were epic, the real heroes were the IT folks, fueled by caffeine and determination. Here are some key takeaways for everyone involved: For DevOps, System Admins, and Network Engineers: Testing is King: Patch thoroughly in a controlled environment before unleashing it on production systems. Plan for the Unexpected: Have a rollback plan in place to mitigate issues. Communication is Key: Keep everyone informed during outages and provide clear ETAs for resolution. For Developers: Secure Coding Practices: Write secure code to minimize vulnerabilities that updates might exploit. Stay Informed: Keep yourself updated on the latest security patches and their potential impact. For Security Experts: Balance Security with Usability: Security updates shouldn't cripple user productivity. Transparency is Key: Communicate potential risks and mitigation strategies clearly. For Managers: Invest in Training: Regularly train your team on IT best practices like patch management. Recognize Your Heroes: Acknowledge the vital role your IT team plays in keeping things running smoothly. For Students: Learn from the Past: These incidents are valuable learning experiences. Research the CrowdStrike incident and understand what went wrong. Prepare for the Future: The tech landscape is constantly evolving. Stay curious and keep learning about cybersecurity. The takeaway? Patch Tuesdays can be tricky, but with proper planning, effective communication, and a healthy dose of humor (seriously, those memes were gold!), we can navigate them smoothly. Remember, even superheroes (like CrowdStrike) have their off days. #CrowdStrike #PatchTuesday #ITLife #WeLearnedOurLesson #DevOps #SystemAdministration #Network #Security #Manager #Organizations #Developers #Testing #Patching

Hi Every one hope you are doing well i have urgent opening on Security engineer position at remote (usa) Role: :Security engineer with #DevSecOps // #Microsoft #Azure #security Center #Securityclearance We are looking for security engineer with devsecops experience.  Proficiency in one of the programming languages: #shell scripting, powershell, python, c#, #javaGIT Actions: GitHub Actions, used for automating workflows in the GitHub repository. GITHUB Self-hosted Runners: Custom runners for executing GitHub Actions workflows. OpenShift: A container platform for deploying and managing containerized applications. Docker: Used for containerization, allowing applications to be packaged and run in isolated environments. Kubernetes: Used for container orchestration, managing the deployment, scaling, and operation of containerized applications. Nice to have:Archer: a governance, risk, and compliance (GRC) platform. #PRISMACloud: used for cloud security and compliance.Steampipe: Open-source tool for querying cloud infrastructure, providing visibility into cloud resources. #TFSec: A static analysis tool for Terraform code, used for identifying security issues in infrastructure as code. Azure Defender for Cloud: Part of Microsoft Azure Security Center, used for protecting Azure resources and workloads. Knowledge of #ATO/NIST 800-53 controls. if any one interested in this role reach out to me hear i can assist you