Being a better leader

Crisp Summary of to dos for leaders

At most workplaces a worker or a leader needs to manage 5 important factors in order to succeed. These are customers, subordinates, supervisors, coworkers and self growth. Important guiding principles for each factors are listed below:

Customers: Customer views first, or reiterate customer views and present pros and cons.

Subordinates: Respectfully assertive to subordinates. Explain the reasons and be open to suggestions and accept responsibility. 

Supervisor: Understand preferred style (visual, auditory, feeling)

Coworkers: Push (Logic, Carrot and Stick) or Pull (Consult, values, life goals)

Self Development: Continued education and training  

Runtime Application Self Protection, your applications self defense

A security technology that is built into an application and can detect and then prevent real-time application attacks is known as Runtime application self-protection (RASP). This introduces self protection without human intervention in case of threats or attacks. RASP prevents attacks by reconfiguring automatically without human intervention in response to attacks.

RASP causes the program to monitor itself and detect malicious input and behavior at runtime i.e when the application is executed. This is a paradigm shift from security only at the perimeter of the network to self defense by the application itself. This is achieved by analyzing both the application’s behavior and the context of the behavior in real time providing a continuous security analysis which also responds immediately in case an attack is identified.

How it works

A RASP agent, sits in the runtime environment, and monitors application program flow in real-time.
It uses contextual insight to identify, validate and stop attacks in production applications.
This detailed view into the actions of the system – including insight into application logic,
configuration and data and event flows – improves accuracy and minimizes false positives. In
addition, RASP can easily be applied to web and non-web applications, and doesn’t affect the
application design.

An example of a condition that could trigger a RASP response is execution of instructions that
access a database (which might cause a SQL injection exploit). The technology could either
be in diagnostic mode and simply sound an alarm regarding an attack, or it could be in selfprotection
mode and stop a potentially malicious execution.

Web application firewalls also inspect traffic and content and make decisions to terminate sessions.
But a RASP can also see how traffic is being processed by the applications. Where WAFs put up a wall in front of the application, RASP protects the application from the inside out. When a client makes a function call containing malicious data that might cause harm to the web application, RASP intercepts the call at runtime – logging or blocking the call, depending on the configuration. This method of protecting a web application differs fundamentally from a WAF.

Microservices the Ball-Bearings Running IOT

The IOT Advent

If each atom of earth is assigned an IPv6 address we will be still left with enough addresses to cover 100 earths.  As of today, every 'Thing' on the planet which can be assigned an IPv6 address for unique identification and transfer of data over network is 'Internet of Things'. It can be your shoe, hat, bed, dog, cat etc. Together this system of interrelated computing devices, working to provide varying data/information/solutions is called IOT or Internet of Things.

It is important to note only four important characteristics are needed to qualify for the world of IOT:

--It has to be a thing 😀

--It should have a unique identifier

--It should have over the network data transfer capability

--Removal of humans from the default data generation and transmission

The birth of IOT has been a result of the happy marriage between the Internet and wireless technologies. This marriage aims to build the fancy IOT world removing humans with micro-electromechanical systems (MEMS) and let them interact using Microservices. Unstructured machine generated data gets analyzed using Information Technology and gets converted/transmitted to an input required by another 'thing' on the internet, setting up a chain of connected 'Internet of Things'. So the walls between Operational Technology (OT) and Information Technology (IT) are removed in the IOT world.

Why Microservices fit in IOT World

Why Microservices for IOT, when SOA was already there? SOA proposed in nineties and flourishing until recently began to look insufficient with the advent of big data and could. Now with cloud and big data being a common solution, a new architecture was needed to fulfill new requirements. Hence microservices were adapted as a solution to the new challenges of distributed household computing requirements. The complexity of distributed yet collaborated computing could be reduced by features of Microservices architecture, such as each service is independent process, self-sufficient, deployable anywhere on the network, having data driven interfaces with minimal input and output. By design data management becomes decentralized as each microservice will have its own suitable data and data store. These features also make granular governance of microservices possible.

It’s growing with its pros and cons

While the advantages of microservices are making it popular in IOT implementations but challenges/concerns also remain. For example each microservice in a platform can be developed in a different language – C, Java, C++, Python, etc; but interoperability among vendors remain a concern. With ever increasing number of interfaces, security is another major concern for microservices which needs to be addressed in the ever growing world of IOT.

Python Code Coverage

Coverage.py is a tool for measuring code coverage of Python programs. It monitors your program, noting which parts of the code have been executed, then analyzes the source to identify code that could have been executed but was not.

Its a simple tool to measure code coverage but is slightly buggy and it can be tricky if version issues are not taken care of. 

Coverage 4.3.1 installed from here with Pyhton 2.7 constantly gave 'file has no statistics' error. Seems like if file path has spaces then it gives this error. However for me I had no spaces in the file path or in the PyDev project. After some time I figured out that the problem was with the coverage module version. For some strange reasons/issue it works with coverage version less than 4.0.0.

So this is what solved the problem for me: python -m pip install "coverage < 4.0.0"

After this it worked like a charm. You can even drag and drop the folders which you want to analyze for code coverage. Isn't it cool??