Am Anfang ist viel Geld da und plötzlich muss gerechnet werden. Viele Start-ups entlassen dann erst mal Leute, dabei gibt es bessere Sparmöglichkeiten. Ein Erfahrungsbericht von Florian Gamper (Start-up, Wirtschaft)
Quelle: Golem
Fast jedes Unternehmen braucht einen Datenschutzbeauftragten. Doch welches Konzept ist für diese Aufgabe am besten geeignet? Ein Bericht von Friedhelm Greis (Datenschutz für Sysadmins, Datenschutz)
Quelle: Golem
Die 800p-Auflösung ist oft einer der prominenten Kritikpunkte des Steam Deck. Mit dem DeckHD-Display kann dieser Punkt ausgebessert werden. (Steam Deck, Display)
Quelle: Golem
Microsoft and Elastic partnered together in 2020 to build an Elastic Cloud (Elasticsearch)—An Azure Native ISV Service to create cloud native deeply integrated experiences for all Azure and Elastic customers to power their digital transformation. Since general availability, thanks to you, this service is growing rapidly while improving efficiency for all its customers.
Case in point is that Mr. Turing’s cognitive intelligence software as a service (SaaS) product “Alan”, greatly benefited from the native Elasticsearch offering on Azure and deep integration between products like Azure, GitHub, and Visual Studio Code, as elaborated in their story here:
“On Microsoft Azure, Alan is twice as fast and less costly to operate compared to when he was running on our previous cloud provider. In addition, because of the strong integration between Azure, GitHub, and Visual Studio Code, we can deliver new features faster than we could before.”—Marcelo Noronha, Chief Executive Officer of Mr. Turing (October ’2022).
Microsoft and Elastic are continuously striving to bring more delightful experiences to our customers and enable newer capabilities to usher an era of superfast speed, massive scale, and trustworthy reliability.
Better together with Azure and Elastic Cloud
The core setup of Elastic Cloud (Elasticsearch)—An Azure Native ISV Service makes it simpler for developers and IT administrators to manage their Elastic deployments right from Azure. Users no longer must go through multiple manual steps to integrate Azure with Elastic or manage their own infrastructure.
While this is immensely beneficial, the true power relies on when we can continue to bring Elastic’s newer capabilities natively for Azure customers.
Here are a few of the newest capabilities added since announcing general availability:
Elastic 8.X version support
The Elastic 8.X versions bring enhancements to Elasticsearch’s vector search capabilities, native support for natural language processing models, increasingly simplified data onboarding, and a streamlined security experience. This helps people and teams connect quickly and search enterprise content to find relevant information and insights, enable observability to keep mission critical applications and infrastructure running, and protect entire digital ecosystems from increasingly sophisticated cyber threats. New Elastic deployments created using the Azure native service are automatically set up with the latest Elastic version, so that customers can leverage these enhanced capabilities easily out of the box.
Cluster and user management
Setting up Elastic clusters using the Azure native service ensures provisioning of the right configuration as part of deployment itself. Apart from automated cluster provisioning, we have also enabled user management capabilities where the primary owner or creator of the initial cluster can now add multiple users from the organization to manage the deployments. This helps ensure easy management of production workloads, even when the primary owner changes roles or moves out of the organization.
Private link
For customers who are interested in sending Azure resource and subscription logs to Elastic clusters setup at private link endpoint inside an Azure VNet, we have enabled easy configuration to set this up from right within the native experience. Users have the ability to set traffic filters for Azure private links, to manage how Elastic deployments can be accessed.
Observability resource types
We are constantly working to support all resource categories on Azure Monitor to ship logs to Elastic. For customers who have setup monitoring tag rules in an Azure subscription, new resource types and categories get automatically enrolled for logs shipping, without the need for customers to manually do any changes to enable new resource types. As of now, the Azure native service supports logs shipping from 126 resource types to flow to Elastic.
Region expansion
Azure and Elastic teams have been continuously partnering to add additional regions support, to be available closer to where customers need the native offering and data residency. As of now, we support 16 Azure regions (including four new regions—South Africa North, Central India, Brazil South and Canada Central) for the Elastic Cloud (Elasticsearch)—An Azure Native ISV Service, and we are on the path to grow to additional regions.
Looking at the future
Here are some of the key capabilities that Microsoft and Elastic teams are working together to bring to you in the next six months:
Elastic version selection
Currently, the Elastic Cloud (Elasticsearch)—An Azure Native ISV Service automatically takes care of setting up Elastic with the right configuration and the latest cluster version. We heard from customers that there might be situations where the user consciously wants to create new resources leveraging an older Elastic version to support compatibility with their overall technology architecture. We are planning to address that by offering the flexibility to customers to select the Elastic version from right within the Azure portal experience.
Billing visibility enhancements
Given that today we support Elastic deployments to be set up across multiple Azure subscriptions—while still retaining the ability for customers to receive a unified bill—we are planning multiple enhancements on the native offering experience to bring visibility and transparency to billing resource and deployments that the usage and billing correspond to, so that customers can correlate better, optimize costs, or raise requests for support in case something is out of place.
Native experience for Elastic customers on standard Azure marketplace listing
Customers who started using Elastic on Azure by subscribing to the standard marketplace offer before the native offering went live, are missing out on the deep integration capabilities that the native Elastic Cloud (Elasticsearch service) brings to the table. Microsoft and Elastic teams are working together to migrate these customers to the Azure native service seamlessly, so that customers can get the added integration benefits.
There are many more exciting capabilities being planned for customers beyond the next six months, stay up to date with the latest news on the Microsoft Azure blog.
Next steps
Subscribe to the Elastic Cloud (Elasticsearch)—An Azure Native ISV Service from Azure marketplace.
To learn more about the Elastic Cloud (Elasticsearch)—An Azure Native ISV Service, check out our documentation on the Elastic integration with Azure.
Watch the Microsoft Ignite session The Elastic on Microsoft Azure Native Integration Story: Helping Customers Turn Challenges to Advantages presented by Elastic.
Share additional information about how you use resource and subscription logs to monitor and manage your cloud infrastructure and applications by responding to this survey.
The post New and upcoming capabilities with Elastic Cloud (Elasticsearch)—An Azure Native ISV Service appeared first on Azure Blog.
Quelle: Azure
Early in my career, I worked as a developer and system administrator. I loved my teams and projects and noticed that many of the things engineers talked about when we were really getting work done (“being productive”) just didn’t make it to the weekly or monthly reports our management seemed to care about. For example, the reports only captured a few things, like the tests we had executed in burndown charts and the number of bugs closed. And while those things were important, they missed the rest of the important work we did that really contributed to our projects shipping and our systems staying online, like being able to focus, working well with teams, and solving hard problems. To reflect our renewed focus on the overall developer experience, I am excited to share that we are rebranding Developer Velocity Lab to Developer Experience Lab. And that’s just the start.
The SPACE framework and new joint research with Vista Equity Partners to help developers
Metrics that only look at activities, or purely focus on speed and volume don’t capture the important capabilities required to make a project successful. They also miss the ways that tools, culture, and processes intersect to help or hinder the code’s journey to the customer. I realized that by focusing on output instead of outcomes, organizations were only getting a partial view of what it means to make an impact building systems and software; this is truer today than ever before with increasingly complex systems and changing market and customer demands.
This led me to a line of research that became my first book, Accelerate: the Science of Lean Software and DevOps. Exploring these ideas further with Microsoft and GitHub, we released the SPACE framework, which presents a holistic framework to evaluate developer productivity using five dimensions: Satisfaction, Performance, Activity, Communication, and Efficiency. We also investigated ways to help developers have better days more consistently and found the developer experience is a central factor in not only personal productivity, but also well-being and satisfaction; the Good Day Project shares our findings and continues to influence teams and projects.
Today, Microsoft and GitHub are expanding this vision by applying our research to help build tools and environments that help developers do what they do best: create. As part of this effort, we’re announcing new research with Vista Equity Partners, a leading global asset manager with more than two decades of experience investing exclusively in enterprise software, data, and technology-enabled organizations.
Beyond velocity: A holistic way to understand software developers
Productivity in the software world can’t be boiled down to lines of code written, commits made, or pull requests completed. Often, fewer lines of elegant, easy-to-read code are better than large, complex blocks.
There is much more to developers’ work than just writing code, too. Developers contribute to the success of their teams by doing work that doesn’t show up in traditionally-measured activity metrics. For example, there are stand-up meetings and collaborations that help a software project stay on course, we contribute to project docs and architectural diagrams, and there are times you just grab coffee to mentor or stop by to help debug some code. How do we fold these intangibles into the productivity discussion?
We also know there’s a strong correlation between process efficiency and job satisfaction. Streamlining tasks and processes can help facilitate developers’ abilities to find their flow state and string together those good, productive days.
By shifting the name of Microsoft and GitHub’s joint research lab from the Developer Velocity Lab to the Developer Experience Lab, we’re putting developers and their experience at the center of this discussion and focusing on a holistic approach that considers the individual, organizational, and community outcomes that really matter. The SPACE framework was developed to make sense of this complexity; beyond that, the SPACE framework gives us a multi-dimensional blueprint for creating fulfilling experiences that recognize support developer happiness and well-being are key components of work and productivity.
The new Developer Experience Lab
The goals for our work at Microsoft and GitHub through the Developer Experience Lab are to remove friction in the developer experience, advance DevOps practices, and resolve the technical and real-world inefficiencies that keep code from reaching the cloud.
As part of that, this week we’re announcing new research with Vista Equity Partners that provides a deeper look into what developers want and need.
As expected, our research found that the capabilities and user experience of development tools play a huge role in developers’ ability to focus and innovate—and the importance of tools goes beyond just providing a place to code. Over the past few years, remote and hybrid work has become the norm, and developers rely on their tools to facilitate the collaboration, connection, and work processes that are so critical to building software.
Findings like these are guiding how we think about supporting developers in the field. The Developer Experience Lab is connecting what we’re learning about developer happiness to our policy guidance and to Microsoft’s next generation of developer tools, including some groundbreaking work with AI.
AI as your copilot
Along with the monumental shift to hybrid work, AI is making headlines across industries. We’re already seeing its impact on software development, and we’re imagining ways to pair AI tools with human programmers to amplify developers’ abilities and help spark innovation.
To this end, we’ve developed and released GitHub Copilot, an AI assistant across GitHub apps. As the name implies, Github Copilot is a tool that works alongside people to augment and assist their work. For developers, that means handling tasks that would typically cause an interruption, such as locating a code library, building repetitive infrastructure, or spotting bugs. Native GitHub Copilot integrations simplify everything from pull requests to code reviews, and they’re delivered through an engaging, streamlined interface.
Looking ahead, we’re also thinking about how we can use AI to help organizations evaluate their level of skill, productivity, and developer happiness within the context of SPACE. By helping organizations find the most useful metrics for their environment and applying advanced analytics, we can make it easier for them to optimize processes and engage with developers.
Developers, too, have long found value in tracking their own productivity, both to assess their own skills and methodologies, and to improve collaboration. We’ll continue to innovate here as well, exploring how to deliver high-value insights so developers can get the most of out their days.
Providing the right experience to build better code
As the demand for software innovation continues to boom, there is increasing pressure on developers tasked with building the future. Studying their complex world of code, products, policies, communities, and culture is a passion of mine.
I’m excited to be a researcher here at Microsoft, where we can reimagine and research the future of the developer experience. The Developer Experience Lab team is a group of experts from a variety of backgrounds conducting socio-technical research. This allows us to ask deep, interesting questions about the developer experience and how to best enable it, and then amplify those findings through new tools, technologies, and best practices.
Learn more about the Developer Experience Lab
We are still in the early stages of this journey, and we hope you’ll join us on the ride. You can stay up to date on everything we’re working on at Developer Experience Lab.
The post Navigating the SPACE between productivity and developer happiness appeared first on Azure Blog.
Quelle: Azure
In the first blog of our series on Azure Security, we delved into our defense-in-depth approach for tackling cloud vulnerabilities. The second blog highlighted our use of variant hunting to detect patterns of vulnerabilities across our services. In this installment, we will introduce our game-changing bets that will enable us to deliver industry-leading security architectures with built-in security for years to come, ensuring a secure cloud experience for our customers. We will discuss our focus on secure multitenancy and share our vision for harnessing the power of Confidential Compute and the Rust programming language to protect our customers’ data from cyber threats. By investing in groundbreaking security strategies, such as Secure Multitenancy, Confidential Compute, and the Rust programming language, Azure provides customers with robust, built-in security measures that not only protect their data but also enhance the overall cloud experience, giving customers the confidence to innovate and grow their businesses securely.
Secure multitenancy with robust compute, network, and credential isolation
In our first blog, we touched on the benefits we’ve seen from improvements in compute, network, and credential isolation. Now, we want to dive deeper into what this means. For compute isolation, we’re investing heavily in hardware-based virtualization (HBV), the foundation of running untrusted code in Azure. Traditional Virtual Machines are at the core of many Azure Services hosting customer workloads. Our current bounty of up to USD250,000 on Microsoft Hyper-V vulnerabilities demonstrates our strong defense and highlights the importance of this boundary.
Our innovations with HBV extends beyond traditional virtual machines (VMs). Azure Container Instances (ACI) serve as our platform for running container workloads, utilizing HBV to isolate container groups from each other. ACI container groups take advantage of the same HBV that powers Azure Virtual Machines, but they offer a platform tailored for modern container-based applications. Numerous new and existing services are moving to ACI as a simple, high-performance model for secure multitenancy. Building services atop secure foundations like ACI enables us to address many isolation problems centrally, allowing multiple services to benefit from fixes simultaneously. Furthermore, we’re excited to introduce HBV to Kubernetes workloads via industry-standard Kata Container support in Azure Kubernetes Service. Similar to ACI container groups, Kata Container pods utilize HBV for robust isolation of untrusted workloads. In the coming months, we’ll share more about our efforts to bring this approach to WebAssembly hosting, boasting single-millisecond overhead compared to hosting WebAssembly without HBV. For network isolation, we’re shifting services towards dedicated virtual networks per tenant and ensuring support for Private Links which enable our services to communicate directly with customer-managed virtual networks. Shared networks have proven error-prone, with mistakes in network Access Control Lists or subnets leading to inadequate network isolation between tenants. Dedicated virtual networks make it difficult to accidentally enable connectivity between tenants that should remain separate.
Credential isolation, on the other hand, involves using credentials scoped to the resources of a single tenant whenever possible. Employing credentials with minimal permissions ensures that even if vulnerabilities are discovered, credentials providing access to other tenants’ data aren’t readily available.
Through significant investments in HBV and a focus on compute, network, and credential isolation, Azure is providing customers with enhanced security and isolation for their workloads. By developing innovative solutions such as Azure Container Instances, and bringing HBV to Kubernetes and WebAssembly hosting, we are creating a robust and secure multitenancy environment that protects data and improves the overall cloud experience. As we continue to strengthen Azure’s security foundation, we are also exploring new opportunities to further enhance our defense-in-depth approach. In the next section, we will discuss the role of Confidential Compute in adding an extra layer of protection to our customers’ data and workloads.
Confidential Compute: A new layer of defense
Since the dawn of cloud computing in Azure, we’ve recognized the crucial role of HBV in running customer workloads on VMs. However, VMs only protect the host machine from malicious activity within the VM. In many cases, a vulnerability in the VM interface could allow a bad actor to escape to the host, and from there they could fully access other customers’ VM. Confidential Compute presents a new layer of defense against these attacks by preventing bad actors with hosting environment access from accessing the content running in a VM. Our goal is to leverage Confidential VMs and Confidential Containers broadly across Azure Services, adding this extra layer of defense to VMs and containers utilized by our services. This has the potential to reduce the blast radius of a compromise at any level in Azure. While ambitious, one day using Confidential Compute should be as ubiquitous as other best practices have become such as encryption in transit or encryption at rest.
Rust as the path forward over C/C++
Decades of vulnerabilities have proven how difficult it is to prevent memory-corrupting bugs when using C/C++. While garbage-collected languages like C# or Java have proven more resilient to these issues, there are scenarios where they cannot be used. For such cases, we’re betting on Rust as the alternative to C/C++. Rust is a modern language designed to compete with the performance C/C++, but with memory safety and thread safety guarantees built into the language. While we are not able to rewrite everything in Rust overnight, we’ve already adopted Rust in some of the most critical components of Azure’s infrastructure. We expect our adoption of Rust to expand substantially over time.
Our unwavering commitment
Our commitment to secure multitenancy, Confidential Compute, and Rust represents a major investment that we’ll be making in the coming years. Fortunately, Microsoft’s security culture is among the strongest in the industry, empowering us to deliver on these ambitious bets. By prioritizing security as an integral component of our services, we are helping our customers to build and maintain secure, reliable, and scalable applications in the cloud, while ensuring their trust in our platform remains steadfast.
Learn more
Read the previous two blogs in this series to learn how Azure leverages a defense-in-depth security approach and cloud variant hunting to learn from vulnerabilities and layer protection throughout every phase of design, development, and deployment.
Explore the built-in security features in our cloud platforms and technologies that help you be secure from the start.
Join Azure Security engineering experts at Microsoft Build to engage in live Q&A around Azure’s robust defense-in-depth strategies, the intriguing world of cloud variant hunting, and maintaining secure multitenancy. Don’t miss this chance to enhance your skills and remain at the forefront of the ever-changing cybersecurity landscape.
The post Microsoft Azure security evolution: Embrace secure multitenancy, Confidential Compute, and Rust appeared first on Azure Blog.
Quelle: Azure
As we look forward to Microsoft Build 2023, I am inspired by the innovation coming from our ISV partners and SaaS providers building on the Microsoft Cloud.
In the past year, we’ve seen large-scale, generative AI models support the creation of new capabilities that expand our vision of the possible, improve productivity, and ignite creativity. The general availability of Azure OpenAI Service is helping developers apply these models to a variety of use cases such as natural language understanding, writing assistance, code generation, data reasoning, content summarization, and semantic search. With Azure’s enterprise-grade security and built-in responsible AI, the rate of innovation is growing exponentially.
Making new strides in AI
The Microsoft commercial marketplace makes it possible for customers to find, purchase, and deploy innovative applications and services to drive their business outcomes. At Microsoft Build 2023, we’re proud to highlight several partners with AI solutions available in the marketplace:
Orkes empowers developers to easily build reliable and secure AI applications, tools, and integrations on Azure with the Conductor open source microservices orchestration platform. With built-in elastic scaling and reliability, teams can more quickly bring applications to market.
Run:ai helps companies deliver AI faster and bridge the gap between data science and computing infrastructure by providing a high-performance compute virtualization layer for deep learning, which accelerates the training of neural network models and enables the development of large AI models to help organizations in every industry accelerate AI innovation.
Statsig allows any company to experiment like big tech at a fraction of the cost. With advanced feature management tools such as automated A/B testing and integrated product analytics, developers can use data insights to learn faster and build better products.
Explore security solutions with our partners
As AI is experiencing rapid growth, security has never been more important. Companies of all sizes and across every industry are increasing their investments in cybersecurity. Partners specializing in security solutions that run on the Microsoft Cloud help customers reduce costs, close coverage gaps, and prevent even the most sophisticated attacks.
At Microsoft Build 2023, we’re excited to feature select partners with security solutions offered in the marketplace:
Anjuna is a multi-cloud confidential computing platform for complete data security and privacy, featuring a unique trusted execution environment that leverages hardware-level isolation to intrinsically secure data and code in the cloud so enterprises can run applications inside Azure Confidential Computing instances in minutes without code changes.
Kovrr transforms cyber security data into actionable, financially quantified cyber risk mitigation recommendations to manage enterprise cyber risk exposure, inform which security controls to invest in, and provide insights into how to optimize cyber insurance and capital management strategies.
Noname Security protects APIs from attacks in real-time while detecting vulnerabilities and misconfigurations before they are exploited, offering deeper visibility and security than API gateways, load balancers, and well architected frameworks (WAFs) without requiring agents or network modifications.
Manage your cloud portfolio with the Microsoft commercial marketplace
The Microsoft commercial marketplace continues to grow and is becoming customers’ preferred method for managing their entire cloud portfolio.
Through the marketplace, customers can search across thousands of applications and services in a single catalog, creating a one-stop destination for all cloud needs including AI, security, data, infrastructure, and more. Solutions available on the marketplace are validated for compatibility with Microsoft applications, ensuring that customers can buy with confidence and deploy seamlessly on Azure.
For customers with enterprise agreements, purchases can be added directly to an Azure bill, simplifying the purchasing process and reducing the number of vendors to be paid separately. For organizations with a cloud consumption commitment, the entire purchase can count towards remaining commitment. Thousands of applications in the marketplace are eligible to count towards an Azure commitment, including the solutions highlighted above—Orkes, Run:ai, Statsig, Anjuna, Kovrr, and Noname Security. With the Microsoft commercial marketplace, customers can get the innovative solutions needed to stay ahead in a competitive market while maximizing the value of cloud investments.
The post Microsoft Build 2023: Innovation through Microsoft commercial marketplace appeared first on Azure Blog.
Quelle: Azure
Derzeit gibt es Death Stranding und weitere hochkarätige PC-Spiele kostenlos – vollständig und für immer oder zumindest zum Ausprobieren. (Death Stranding, Steam)
Quelle: Golem
Twitter soll ernsthafte Konkurrenz durch Instagram bekommen. Nun ist erstmals zu sehen, wie das aussehen könnte. (Twitter, Soziales Netz)
Quelle: Golem
Berichten zufolge wurde kriegswichtige Mikroelektronik von Deutschland über Umwege nach Russland geliefert, wo sie in den Händen russischer Waffenbauer gelandet sein könnte. (Militär, Ukrainekrieg)
Quelle: Golem
