Articles

As modern applications grow more complex and valuable, their security becomes increasingly critical. Yet many organizations still operate with a flat security model—one breach and attackers gain access to everything. This approach is like building a house with a reinforced front door but paper-thin walls. How can you improve your application security to reduce your risk of attack? Use isolation zones. Isolation zones aren’t just a best practice—it’s the difference between a minor security incident and a catastrophic breach that makes headlines.

Both you and your cloud provider have a critical role in keeping your application safe. It’s a principle of security known as the Principle of Shared Responsibility. It describes a model for assigning ownership of various security aspects between the cloud provider and you.

The software development landscape has shifted dramatically. In 2024, a whopping 62% of professional developers use AI in their development process. This has done wonders for the productivity of an average software developer, and has led many people to assume this means that either we need fewer software developers or, more likely, we can get more and better software developed with existing staff.

Cloud-native applications make heavy use of services and microservice architectures. Distributed applications provide many benefits to modern application development processes and lend themselves particularly well to applications deployed in the public cloud.

In my previous article, I discussed five best practices for managing configurations in cloud-native applications. This article expands those recommendations by giving strategies for how to manage large scale configuration systems for large modern applications.

Managing configuration information in a complex, cloud-native application can be daunting. There is seemingly configuration everywhere.

Software architects hold a unique and influential position in the product development lifecycle, guiding technical decisions that shape the product's future.

Ready to pull the ripcord on VMWare? On Nov 6, join my friends over at CAST and AWS to learn how software intelligence can speed up and derisk the move to best-fit cloud services. Register today!

In world of software development, the role of a software architect often appears to stand at the top of the technical leadership ladder. With that responsibility comes an even greater need for continuous learning and adaptation. As someone who's spent years in the trenches of cloud architecture, I can tell you that the moment you stop learning is the moment you start becoming obsolete.

Migrating to the cloud can be daunting, especially when dealing with complex applications, which can have a life of their own. These applications can act in seemingly random ways when exposed to unexpected stimuli, such as moving from a stable data center environment to a more chaotic cloud environment. This inherent complexity makes migrating to the cloud risky, but there are ways to mitigate the risk.

As the world of software development continues to evolve at a rapid pace, organizations are increasingly turning to tools such as Kubernetes to deploy, scale, and manage their containerized applications. Kubernetes and containers have, in particular, revolutionized how we build and deploy applications, but with this power comes the responsibility of ensuring our systems' health, performance, and reliability. This is where effective monitoring comes into play.

As someone who has spent decades at the forefront of the tech industry, I've seen firsthand how emerging technologies can disrupt the status quo. With the rapid advancement of artificial intelligence (AI), it's natural to wonder about its potential impact on the job market, particularly for roles that rely on uniquely human skills. However, I believe that most human-centric jobs, including writers, actors, and lawyers, will not only survive but thrive in the age of AI.

In the rapidly evolving world of artificial intelligence (AI), getting caught up in the hype is easy. After all, computer intelligence appears poised to surpass human intelligence in every domain.

The world of artificial intelligence (AI) is undergoing a profound transformation, and at the heart of this change is the rise of open-source AI models. According to Stanford University's AI Index report for 2024, a remarkable 65.7% of the 149 foundation models released in 2023 were open-source, up from 44.4% in 2022 and 33.3% in 2021. This shift towards open-source AI is not just a passing trend; it's a movement that is redefining the very nature of AI development and deployment.

In all the different ways we know in order to migrate an application to the cloud, the lift-and-shift strategy is often the first method organizations attempt. It’s a simple concept: take your existing applications and move them, as is, to the cloud. But simplicity can be deceptive. I’ve seen firsthand how this approach can lead to a host of issues, particularly when it comes to the underutilization of dynamic cloud resources.

GitHub has published research on the growth and impact of AI on software development. Among their findings is that developers write code “55% faster” when using the GitHub Copilot code automation tool.

Consider the following story:

In the dynamic world of software development, complexity is often viewed as the arch-nemesis of productivity and efficiency. Yet, here lies the paradox: embracing complexity can actually pave the way to simplicity.

Don’t be fooled into thinking your site is highly available when it isn’t.

Are you planning an application migration? Perhaps you are moving your on-premise application to the cloud, or perhaps you are modernizing an older application to a more appropriate application architecture.

Your application is large. You have many customers, and they make good use of your many features and capabilities. You have a large catalog of products, and your store is big and feature-rich. You are doing well.

Cloud computing has changed the fundamental structure of the enterprise IT department. While the benefits of cloud computing are well understood, effectively integrating the fundamental changes required to support cloud-native architectures properly is not as universally well-known.

In the dynamic landscape of modern business, the adoption of cloud-native technology has become a cornerstone for achieving unprecedented scale and agility. For organizations devoted to harnessing the full potential of cloud-native applications, the establishment of a Cloud Center of Excellence (CCoE) is a common first step in this cloud-native journey. In the past, I’ve written about why building a CCoE will help your organization perform the necessary transformations. But once you’ve decided to build a CCoE, how do you actually do it?

First, there was DevOps. Then, ModernOps and CloudOps. Now, there is ScaryOps.

In the past few years, cloud computing has become a dominant trend in enterprise IT. The benefits of moving to the cloud are clear: lower costs, increased flexibility, and improved scalability. But as more companies move their infrastructures into public clouds such as AWS or Azure, they face a challenge that is often overlooked: How do they transform an organization from a typical on-premises company to a cloud-native, cloud-centric organization?

​Low code has received a lot of press recently. There seems to be quite a debate about whether the use of low code makes the application development process better or if it interferes with the development process, resulting in inferior applications.

Some time ago when I was living in Silicon Valley, I often drove by a curious-looking structure called the Winchester Mystery House every day on my way to work. The Winchester Mystery House is a San Jose mansion that was once the home of Sarah Winchester, the widow of William Winchester, and the heir to the Winchester Rifle fortune. Originally purchased in 1884 as an unfinished eight-room farmhouse, it was expanded over the course of 36 years to an overall footprint of 24,000 square feet.  

Migrating to the cloud is a commitment. It’s a commitment of time, resources, and corporate energy.

Managing configuration information in a complex, cloud-native application can be daunting. There is seemingly configuration everywhere.

Cloud-native applications make heavy use of services and microservice architectures. Distributed applications provide many benefits to modern application development processes and lend themselves particularly well to applications deployed in the public cloud.

In the fast-paced world of software development, buzzwords and trends often dominate discussions around application architecture. One term that has garnered significant attention and, at times, confusion is microservice. 

In the software world, identity is the mapping of a person, place, or thing in a verifiable manner to a software resource. Whenever you interact with nearly anything on the internet, you are dealing with identities:

​

Architecting modern applications is a tough job, and architecting a solid data model for modern applications is one of the toughest, yet most important, parts of modern application architecture.

Consider the following story:

Software Architecture Insights is a regular newsletter providing insights into architecting your modern applications at scale. Modern digital businesses continually struggle with building new and innovative applications that also maintain high availability at cloud-scale.