NIS2 is on the horizon, but what should you or your organization do? Which measures need to be taken? Unfortunately the exact guidelines are not known and leave us in a state of uncertainty. The Dutch Ministry of Justice and Security is working on translating NIS2 into the Cybersecurity Act, which will replace the current Network and Information Systems Security Act (Wbni). The new law was initially scheduled end of 2024 and required all companies and organizations to take steps to comply. The start date has been postponed to early 2025.

When Maven needs to download artifacts from a remote repository, it logs the progress of the download. This can lead to a lot of noise in the output. Luckily, we can suppress the logging of the download progress. Since Maven 3.6.1. we can use the command-line option --no-transfer-progress to disable the logging of the download progress. There is also a short version of the option: -ntp.

In a previous blog post we learned about the default input sources that are used by Helidon SE. The list of input sources is different based on which artifacts are on the classpath of our application. When we write tests for code in our application that uses the default configuration created by Config.create() we must take into account that different input sources are used. Also here it is based on the artifacts that are on the classpath. That means that different files with configuration data are loaded, eg. a file application-test.conf when we have the artifact helidon-config-hocon and a file application-test.yml if the artifact helidon-config-yaml is on the classpath.

Blogtober, een jaarlijks terugkerend initiatief waarin onze collega’s elke (werk)dag in oktober (veelal technische) blogs delen! Echt iets voor onze developers, mensen vanuit de inhoud, die hun kennis op deze manier met de wereld delen. Tot vorige week mijn collega Erik Pronk als ‘geintje met een seintje’ liet vallen dat hij nog wacht op een blog van mij. Mijn eerste gedachte: grappig, niks voor mij. Mijn tweede gedachte: challenge accepted!

In my previous blog post Prompt Engineering: Tool or Threat to Software Engineering?, I discussed what Prompt Engineering is and how it can be used to help us as software engineers. In this follow-up blog I will dive into Claude 3, the latest AI from Anthropic, and how it can impact us as software engineers.

In this two-part blog post, we’ll explore how data exfiltration to GitHub can be carried out from a Windows 10 workstation and how to investigate such incidents. Part 1 focuses on how data can be exfiltrated using Git and GitHub. In Part 2, we’ll dive into forensic techniques to retrieve evidence of data exfiltration and determine what was sent from the workstation.

Misclicked and stumbled on this blog? I can relate, every time using the UI of a cloud provider I’m always nervous I make errors in configuring my resources. In answer to this DevOps is embracing GitOps, DevOps taking development best practices and applying them to infrastructure automation.

If you run multiple batch updates in postgres, you may run into deadlocks.

We’ll look into why this happens and how we can prevent it.

There are many ways to analyse and write down business needs and hand them over to developers for implementation.

In many cases knowledge and information gets lost in translation and/or developers don’t understand exactly what to build and come up with their own solutions and the scope gets bigger and bigger, also called scope creep.

So, how can we get to a shared understanding of the business needs and prevent scope creep?

This is where the combination of EventModeling and ShapeUp comes in play.