What is Log4j Vulnerability ??

Log4j vulnerability was disclosed on December 9, 2021. It is a serious vulnerability in the java-based logging utility from Apache Software Foundation.This issue was discovered by Chen Zhaojun of Alibaba Cloud Security Team.The flaw has also been dubbed as “Log4Shell,”, and has the highest possible severity rating of 10Log4j is a very popular logging framework used … Continue reading What is Log4j Vulnerability ??

Mount volumes to persist data in local & initialize database in Docker

When a docker container is deleted, relaunching it from the image will start a fresh new container without any of the changes made in the previously running containerThis happens because when we create a new container from an image, we add a new writable layer on top of the underlying stack of layers present in … Continue reading Mount volumes to persist data in local & initialize database in Docker

Key Docker Commands

Pull docker image from repository to local : docker pull <imageName> example docker pull busyboxRun a docker container : docker run <imageName> example docker run busyboxIf there is nothing to execute docker will exit when the process terminatesTo view all containers in local : docker ps -a To view all running containers: docker psTo stop … Continue reading Key Docker Commands

What is a Data Mesh ??

Data mesh is an architectural paradigm about how you think and organize data and its services, similar to microservices which is an architectural pattern for designing and building applications.Microservices based architecture helps to solve the challenges which prevents an organization to be agile and respond quickly to changes like delay in introducing new features, long … Continue reading What is a Data Mesh ??

A/B Testing vs Canary Release vs Blue Green Deployment

A/B Testing In simple terms A/B testing is a way to compare two versions of something to determine which performs better .In an A/B test, some percentage of your users automatically receives “version A” and other receives “version B.It is a controlled experiment process. To run the experiment user groups are split into 2 groups. … Continue reading A/B Testing vs Canary Release vs Blue Green Deployment

Data warehouse vs Data Mart Vs Data Lake

Data warehouse Aggregation of data collected from multiple sources to a single central repository that unifies the data quality and format.Highly curated data that serves as the central version of the truthMeant to store structured data.Mostly used for BI, Analytics, Data mining, Artificial Intelligence(AI) and machine learningExample of use cases - Big data integration, NLP, … Continue reading Data warehouse vs Data Mart Vs Data Lake

Client Credentials Grant Type in OAuth

The Client Credentials grant type is used by applications/services to obtain an access token outside of the context of a user.It is used when applications request an access token to access their own resources, not on behalf of a user. Example you have 2 APIs one for maintaining the users and one for sending notifications … Continue reading Client Credentials Grant Type in OAuth

Implicit Grant Type in OAuth

In an Implicit Grant Type, client requests access token directly, without the need for an Authorization Code which was a step in Authorization Code flow Therefore the word "implicit" comes from the implicit authorization which we get from the from the /authorize endpoint, instead of exchanging auth code for token from /token endpointThe Implicit grant … Continue reading Implicit Grant Type in OAuth

Authorization Code Flow in OAuth

Authorization Code Flow, aka 3 Legged returns an Authorization Code to the Client, which can then be exchanged for an ID Token and an Access Token directly.Once the user authorizes the request to access protected resource , the request is redirected back to a registered endpoint to get the Authorization Code.Authorization code is then exchanged … Continue reading Authorization Code Flow in OAuth