Threat Stack Blog and Cloud Security News

Continuous security monitoring for your cloud.

Considerations for Moving Services to AWS Lambda

by Tom McLaughlin , posted in Python, Flask, AWS Lambda

AWS Lambda Blog Banner.png

You’re an Ops person who’s ready to take a dip into AWS Lambda and this whole serverless thing. But where do you start? You’ve gone from deploying a monolith to deploying microservices. Now how do you go from deploying a microservice to deploying functions?

We want to take something that was originally written to run on an EC2 instance and run it on Lambda. How do we get there? In this post, we’ll explore this question by looking at the threatstack-to-s3 service that we’ve discussed in other blog posts.

Read More [fa icon=long-arrow-right"]

Apr 27, 2017 11:13:59 AM

[fa icon="comment"] 0 Comments

Python Flask Exception Handling In A Secure Manner

by Tom McLaughlin , posted in Cloud Security, Exception Handling, Python, Flask, Python Flask Exception Handling

Python Flask Blog Banner2-1.png

In our last Python Flask blog post, we walked through building a simple application to take in a Threat Stack webhook and archive the alert to AWS S3. In this post, we’ll dive into Python exception handling and how to do it in a secure manner.

The code in the last post was written to be as simple and readable as possible. However, what happens if something goes wrong in our application? There’s no error or exception handling. If something goes wrong — for example, we hit a bug or receive bad data — there’s nothing we can do about it in the application. Instead of returning a parseable JSON response, the app will just spit a backtrace embedded in an HTML document back. The entity sending the request to our service is then left trying to figure out what may have gone wrong.

Read More [fa icon=long-arrow-right"]

Feb 9, 2017 2:02:31 PM

[fa icon="comment"] 0 Comments

Writing a Web Service Using Python Flask

by Tom McLaughlin , posted in Cloud Security, Security, Web Services, Python, Flask, Establishing Security, Python Flask Web Service

Python Flask Blog Banner.jpg

Many of our customers are building useful services using our webhook feature — but unfortunately, others are not. Often we hear that no one on their team is proficient enough to write a service that can ingest a webhook payload and do something with the data. That leaves them either hoping to get cycles from their development team (unlikely) or continuing to do without.

But what if you could write your own web services? How many routine tasks that involve taking data from system A and inputting it into system B could you automate? 

Learning to code well enough can be a major skill in your tool chest and a major asset for optimizing security processes in your organization.

So in this post, I’m going to walk you through a tutorial that will get you started on the road to writing your own web services using Python Flask.

Read More [fa icon=long-arrow-right"]

Jan 26, 2017 11:32:09 AM

[fa icon="comment"] 0 Comments

Subscribe via email:

Posts by Topic

see all
REGISTER NOW

-->