I’ve thought of doing pen testing (later on in my career), but I’ve come to realize that it is better if users just started using privacy-respecting FOSS software like Signal, because if you give a hacker enough time, patience, and the right resources, they could hack into anything.
Your idea of pentesting is so far from what it looks like in reality that it's probably not a path for you, at least not now. Let me explain: how am I going to protect my banking app using Signal? How will I know if our JSON unmarshalling library used by transaction service isn't vulnerable or exploitable? What FOSS software shows me live dashboards of deployed software in container and their security risk?
everybody still needs them and they’re not going away any time soon.
Bank is a civilization old concept, it has always been here and will be. Banks are so durable, they will run after our civilization ends.
Noticed that Hibernate session (DB ORM session) was leaking to Jackson (JSON marshalling), potentially causing infinite n+1 problem. Changing a few lines of code to lazy loading and fixing the session leak reduced our daily data transfer from DB from 5.6Gb to 170Mb.
Not sure if this was the biggest optimisation, but definitely the dumbest issue.
All (doesn't seem like MsSQL supports it, I thought that's a pretty basic feature) databases have special configuration that warn or throw error when you try to UPDATE or DELETE without WHERE. Use it.
I have this on my to-do list, but sorry, can't promise when I'll make a working demo. afair the trick was to use something like "podman in-podman", like dind works in GitLab runners and then some env-vars manipulation so TC thinks it runs in docker, something like
DOCKER_HOST=unix:///run/user/1000/podman/podman.sock and I use alpine as gitlab-ci helper image:
I got it all working on self hosted kubernetes and crossplatform builds with buildah. What's your problem exactly? For TC you need to use some env vars to configure ports in .gitlabci
It compiles = it goes to prod!