Fortifying your Azure Landing Zone: 6 key security considerations
As organisations move more of their sensitive workloads to the cloud, the issue of security becomes increasingly important, particularly as they implement DevSecOps to formalise defences. Here are our top six security considerations as you strengthen your protections in the Microsoft Azure cloud.
DevOps & IaC Maturity Assessment: Helping clients to adopt efficient Azure DevOps & IaC processes
We help clients to fill capability and experience gaps to accelerate Cloud and DevOps strategies bringing IP (e.g. designs, patterns, frameworks) to speed up deployments. With this engagement, customers will get a foundational view of their Azure DevOps and IaC maturity highlighting business problems, objectives and drivers.
YakChat - Episode 3: App modernisation on Azure
YakChat’s third podcast episode is now available. In our new episode, Ollie Gayton, Head of Professional Services, and BlakYaks CEO, Dirk Anderson, discuss application modernisation on Azure and the critical role that platform modernisation and automation plays in modernising business services to support digital transformation.
YakChat - Episode 2: Enterprise Containers on Azure
YakChat’s second podcast episode is now available. In our second episode, Stuart Anderson, Chief Engineer, and BlakYaks CEO, Dirk Anderson, discuss the evolving landscape of container technology and why businesses are turning to container technologies to bolster their digital transformation and application modernisation strategies.
YakChat - Episode 1: Modern Cloud Operations
Launching YakChat, a podcast by BlakYaks. In our first episode ‘Modern Cloud Operations’, Neil Allgood, Cloud Engineering and Operations Lead, and BlakYaks CEO, Dirk Anderson, explore the changing nature of cloud technology operations and how businesses can realise the full potential of their cloud deployments.
Optimising our customers’ Azure platform operations 24x7
Our SpecOps team represents a forward-looking service function explicitly crafted to support the dynamic landscape of cloud platforms, workloads, and services. We understand the pivotal role that cloud technology plays in shaping the future of businesses. Our team takes on the responsibility of meticulously managing all Azure platforms, employing Infrastructure as Code (IaC) to harness the full potential of Azure.
Platform engineering vs. DevOps: Bridging the gap
Explore the transformative concept of Platform Engineering, bridging the gap between innovation and DevOps. It simplifies infrastructure provisioning, allowing developers to concentrate on code, but it's not a one-size-fits-all solution. While it offers simplicity, it complements, rather than replaces, DevSecOps strategies.
Azure Application Gateway for Containers - First Look
Microsoft has taken AKS ingress to the next level with the latest addition to its Application Gateway family. With its advanced traffic distribution, SSL termination, and MTLS capabilities, Azure Application Gateway for Containers ensures seamless and secure traffic routing, optimising and simplifying app delivery for Azure customers. Read our new technical blog by Craig Hurt, Cloud and DevOps Lead at BlakYaks, to discover how this update not only aligns perfectly with Azure and AKS but also elevates your cloud native platforms to new horizons.
AKS Network
Short blog article on a couple of noteworthy features in Azure Kubernetes Service (AKS) that recently became generally available: Azure CNI Overlay & Azure CNI Powered by Cilium.
Using Azure Workload Identity on AKS
Having used Azure AD Pod Identity for the last couple of years, Microsoft have now made the replacement product - Azure AD Workload Identity (AZWI) - generally available. With the GA release of AZWI, Azure AD Pod Identity has been deprecated, and will officially stop receiving security patches in September 2023. If you're using the legacy solution in production, now would be a good time to start planning its replacement.
DevOps vs DevSecOps
Security is a top priority for organisations in today's rapidly evolving threat landscape. That's why DevSecOps has gained traction as a critical approach to building secure software products. Unlike traditional DevOps, DevSecOps incorporates security practices right from the development phase, addressing security issues as they happen. In this blog, we delve into the nuances of DevSecOps and explore why organisations should consider adopting this approach.
AKS & Flux via Terraform
A technical guide on how to bootstrap Flux onto an existing Azure AKS cluster using Terraform. This step-by-step article covers the full installation process, from checking your requirements, set-up deploy keys and using our Flux configuration to bootstrap the cluster with Terraform. We also delve into some examples of using Flux to deploy your resources.
Managing large-scale cloud infrastructure platforms with code
If you are running large-scale cloud infrastructure platforms you should manage them with code throughout their entire life cycle and make sure that these IaC code libraries are integrated into mature DevSecOps processes and CICD pipelines. Some key business benefits of managing with code are platform stability and risk management improvements, speed to market with new services and cost reduction and optimisation.
Why it’s important to design DevSecOps from the start
DevSecOps should be designed and implement from the start – Why?
Deconstructing Azure Red Hat OpenShift Deployment
A technical blog that discusses moving the deployment of Azure Red Hat OpenShift from imperative to declarative code.
BlakYaks solutions now live on Microsoft Azure Marketplace!
We are happy to announce that our key services and solutions are now listed and made available for purchase on the Microsoft Azure Marketplace, making our solutions more transparent and accessible for our current and future customers and partners.
K8s policy with Kyverno
Kubernetes is a complex beast and any best practice or security guide you read will hit you with dozens of best-practice rules your clusters should adhere to in order to make them manageable and secure. In most situations the reality is that the rules are only worth their salt if they are at least audited and, ideally, enforced. Kubernetes policy allows you to define your policy as code, then audit and enforce the rules as you see fit.