Different vendors have different features, different approaches to administration, different tie-ins to their own services, etc. View in browser »
The New Stack Update

ISSUE 209: Superlatives for All

Talk Talk Talk

“You have to create an ecosystem in which the individual companies, the individual players, all have an opportunity to create positive business outcomes.”

Add It Up
SonicWall Graphic

Antivirus software and firewalls are the most widely adopted security technologies and have been so for years. They reduce risk, but are taken for granted. Recent news in the non-tech world reminds us that media attention on the topic du jour is deleterious if it detracts from continuing efforts to address long-standing concerns. In other words, while emerging threats like nation-state cyberattacks and novel technology approaches like zero trust are worth addressing, don’t forget the efficacy of long-standing approaches to information security.

Only 2% of cybersecurity professionals expect an antivirus project to be their main focus regarding data breach protection, according to Cynet’s “State of Breach Protection 2020.” In that same study, 87% of enterprises use antivirus (AV) software, which usually fits into a broader anti-malware category that also addresses threats like worms, bots and ransomware. As previously reported, enterprises can become overconfident that they have the controls and technology in place to effectively manage security risks. Has this happened with anti-malware software?

While the AV market is passe and mature, security vendors have not necessarily been complacent. They continue to monitor for new threats and have embraced a broader category, endpoint detection and response (EDR), that combines elements of anti-malware with newer tools that provide real-time anomaly detection, forensic analysis and remediation capabilities. Unsurprisingly, EDR is poised for rapid growth. Although only 28% of the Cynet survey respondents use the technology, 57% said that EDR is the breach protection project they expect to concentrate on this year.

There are some indications that malware threats are abating. For example, the volume of malware attacks observed by SonicWall Capture Labs threat researchers actually declined 6% to a measly 9.9 billion. Furthermore, according to Google’s Transparency Report, the number of websites suspected of distributing malware is at its lowest point since 2007. Unfortunately, this decline has been accompanied by a dramatic increase in websites that phish for personal information without requiring a visitor to download something.

What's Happening

Service mesh technologies have emerged as a reliable way to manage observability, security and traffic management in microservices environments, typically with the use of Kubernetes for container orchestration. Specific use cases and needs for service meshes also vary.

The New Stack recently completed a survey about service mesh use cases. While one-third of those surveyed said their organizations already use service meshes to control traffic between microservices and Kubernetes environments, adoption rates and use varied significantly among the respondents. Sixteen percent of respondents said that their organization broadly uses service mesh in production environments and 17% said service meshes have limited use in production environments, for example.

In this latest episode of The New Stack Analysts podcast, analyst Lee Calcote, founder of service mesh provider Layer5, and Brian “Redbeard” Harrington, a principal product manager for OpenShift service mesh at Red Hat, discussed the many nuances of what the survey numbers really mean.

Episode: 195 - What a Mesh w/ Lee Calcote and Brian “Redbeard” Harrington

Superlatives for All

This week, we’d like to call your attention to an excellent post contributed by Karen Bruner from StackRox, where she examines what the three major cloud providers offer in the way Kubernetes services.

For us, it was perfect timing. We’ve been talking about doing a comparison of various services across the different cloud providers for awhile. It can be a challenge in that they do not lend themselves, perhaps intentionally on their part, to apples-to-apples comparisons. Different vendors have different features, different approaches to administration, different tie-ins to their own services, etc. 

Bruner, for instance, pointed out that all three K8s providers are pretty comparable for recently added Kubernetes features, like Windows containers and GPUs. The major difference has to do with the administrative services each provides. It may come down to whether a business is a Microsoft shop, as we used to say, or have more engineers comfortable with the Google or AWS way of doing things.

She also notes that service limits are handled differently across providers: Limits are per account using Amazon Web Services Elastic Kubernetes Service, per subscription using Azure Kubernetes Service, and per project using the Google Cloud Engine. Interestingly, she notes that Amazon Elastic Kubernetes Service offers something the other Kubernetes providers don’t — a financially backed service-level agreement (disclosure: AWS is a sponsor of The New Stack).

With all these comparison pieces, we almost inevitably get feedback concerning other entrants that may have been included but, for time or fiscal or sanity restraints, just weren’t. Where’s IBM? DigitalOcean? Good ideas, all. But such pieces are not meant to be comprehensive, but rather provide one more point-of-view into the vastly complex world of cloud native computing. And we are always looking for more perspective along these lines, so if you have your own thoughts to share, by way of a contributed post, hit us up at

Frustration Mounts over Python 3 Migrations

The final version of Python 2 is now passing through its beta and Release Candidate phase, with the very last production release of Python 2.7.18 expected in April of 2020. While most everyone in the Python community agrees that Python needed an overhaul — not the least for the much needed and long-overdue Unicode support. But many with years of perfectly-working Python 2 code are nonetheless feeling the frustration. We hear from LinkedIn, Mercurial and others in this round-up of the internet’s evaluation of production-grade Python 3 migrations.

Beyond Kube-Proxy: Project Calico Harnesses eBPF for a Faster Data Plane

Thanks to the power of the newly-introduced eBPF in the Linux kernel, Tigera has been able to outfit its Kubernetes-focused Calico network management software with a new data plane mode, one that can speed pod-to-pod data communication and eliminate the dependency on Kubernetes’ kube-proxy for traffic management.

Kublr Brings Rolling Updates to Kubernetes

The newly-released Kublr 1.16, a tool that facilitates deploying enterprise-grade Kubernetes clusters, is the first multicloud and multiplatform Kubernetes platform to offer rolling updates for the open source container orchestration engine, the company behind the technology claims. Read about it here!

On The Road
APRIL 15 // Virtual Conference // Online


Join us for AllTheTalks! It’s the 23.999-hour virtual fundraising tech conference on all things DevOps, Development & Security, hosted by our good friends at Snyk. It’s five tracks of awesomeness: DevOps/DevSecOps; security; JavaScript; Java and cloud native/container discussions. Tickets are FREE, donations gladly accepted. Register now!
The New Stack Makers podcast is available on: — Pocket CastsStitcher — Apple PodcastsOvercastSpotifyTuneIn

Technologists building and managing new stack architectures join us for short conversations at conferences out on the tech conference circuit. These are the people defining how applications are developed and managed at scale.
Copyright © 2020 The New Stack, All rights reserved.

Want to change how you receive these emails?
You can update your preferences or unsubscribe from this list

Email Marketing Powered by Mailchimp