Static analysis is a powerful technique for catching security issues. But tools that depend on compilation aren’t always easy, especially if you don’t have the right dependencies or you’re stuck on Apple Silicon with legacy code.
So I built Oct 3, 2025
DevOps, Security, and Getting It Right First Time
New Zealand's small size is our superpower. With tight-knit teams and limited resources, we can't afford to get things wrong. Security and reliability aren't just nice-to-haves, they're essential. Our national identity is built on making things work with what we've got, and that means getting software delivery right the first time.
DevOps and strong security practices help us punch above our weight. Smaller budgets and teams mean we must be smarter, faster, and more secure from day one.
Posts
I ran into this issue a couple of times recently, so here’s my notes on the matter.
I’ve needed to make a YAML pipeline on Azure DevOps, using ADO Git hosting. It’...
( this post carries on from Securikube Part 0) It’s all good to secure your servers, be they Kubernetes or anything else. Sometimes the applications make that job harder: the applications will break if you stop them doing insec...
How much did our household spend on power last year? I wish I had an app that would parse all my bank statements and tell me what it costs just to stay alive, but my bank doesn’t do integrations well. In fact, given that my power company sunset their consumer API, things seem to be even less ...
I’ve been avoiding unnecessary outings because of COVID cases in our household. This is a perfect opportunity to do some research. I’ve done plenty with Docker: I’ve found it great for externalizing dependencies in development environments. I have also done security work around the edges of <...
OK, the real saying is
the fish rots from the head down: if your CEO allows awful behaviours to happen at work without intervention, then they should take the blame when those behaviours become normalised in the organisation that they r...
I’ve had an Infrastructure-as-Code repo since around 2005. That used to be Puppet code, and included config for bind, apache/nginx, dovecot IMAP, and postfix. There were a few years of apathy in which I hosted DNS elsewhere: this cascaded into all sorts of pain.
I’ve since pulled ne...
Static analysis tools help people write better software, by telling them how they goofed. SAST tools are the evolution of static analysis: tools that point out the security goofs in your code. No tool is perfect, or the ...
I’ve had a little time to clean up this website. There were a few issues:
- The site still had stylesheets loading for Bulma, which I stopped using in favour of my own minimal CSS. I also had references to Bulma classes because the stylesheet was still there.
- I hadn’t...
I’m currently working in the 5th venture funded organisation in my career. It’s almost 10 years since I started working with Neo4j: I was consulting for them around the 3rd quarter of 2011, and then joined full-time for the next few years. Here’s some idle thoughts around startups:
<...
subscribe via RSS
DevOps New Zealand