{
    "componentChunkName": "component---src-templates-blog-post-tsx",
    "path": "/blog/post/powered-by-lagoon-managing-countless-csp-violations",
    "result": {"pageContext":{"topLevelBlogData":{"tags":[{"slug":"news","name":"News","include_in_header":true},{"slug":"tips-tricks","name":"Knowledge Base","include_in_header":true},{"slug":"culture","name":"Culture","include_in_header":true},{"slug":"success-stories","name":"Success Stories","include_in_header":false},{"slug":"roadmap","name":"Lagoon Roadmap","include_in_header":false},{"slug":"events","name":"Events","include_in_header":true}],"availablePrismicBlogs":[{"slug":"women-in-tech-brittany-mitchell","title":"Women in Tech - Q&A with Brittany Mitchell, Platform Engineer"},{"slug":"multi-region-failover-explained-cross-cloud-resilience","title":"Multi-Region Failover: Cross-Cloud Resilience Explained"},{"slug":"women-in-tech-lauren-morris","title":"Women in Tech - Q&A with Lauren Morris, Head of Product"},{"slug":"women-in-tech-nicole-ritchie","title":"Women in Tech - Q&A with Nicole Ritchie, Customer Success Lead"},{"slug":"women-in-tech-bree-benesh","title":"Women in Tech - Q&A with Bree Benesh, Product Manager"},{"slug":"women-in-tech-deeksha-kini","title":"Women in Tech - Q&A with Deeksha Kini, Systems Support Engineer"},{"slug":"dependency-track-software-supply-chain-security","title":"Managed Dependency-Track: The 2026 Guide to Continuous Supply Chain Security"},{"slug":"drupal-dev-days-athens-2026-recap","title":"Drupal Dev Days Athens 2026: Vibe Coding, Ancient Hospitality, and the Future of Drupal"},{"slug":"byoc-bring-your-own-cloud-guide","title":"Bring Your Own Cloud (BYOC): The Hosting Architecture of Trust for 2026"},{"slug":"fault-tolerant-enterprise-hosting","title":"Fault-Tolerant Enterprise Hosting: From Self-Healing Infrastructure to Deployment Strategies That Never Fail"},{"slug":"ab-bark-road-playlist-2026","title":"Ab-bark Road – amazee.io Team Playlist 2026"},{"slug":"apm-and-observability","title":"APM and Observability: Essential Platforms for Modern Enterprises"},{"slug":"kitty-stardust-playlist-2025","title":"Kitty Stardust – amazee.io Team Playlist 2025"},{"slug":"fully-managed-secured-data-hosting-service","title":"Beyond Uptime: Why Fully Managed Secured Data Hosting is Your Best Defense Against Security Risks"},{"slug":"high-scalability-hosting-for-drupal-projects","title":"High Scalability Hosting for Your Enterprise Drupal Projects"},{"slug":"drupalcon-europe-2025-vienna-recap","title":"DrupalCon Europe 2025 - Vienna: Recap"},{"slug":"amazeeio-acquires-amazeelabs","title":"The amazee Reunion: amazee.io Acquires Amazee Labs, Reuniting Two Tech Powerhouses"},{"slug":"drupal-hosting-iso-27001-certification","title":"Your Enterprise Security Advantage: ISO/IEC 27001 Certified Drupal Hosting Excellence"},{"slug":"drupals-strategic-ai-initiative-our-commitment","title":"Our Commitment to Drupal’s Strategic AI Initiative"},{"slug":"introducing-brittany-bailey","title":"Welcome, Brittany Bailey, our new Delivery Manager"},{"slug":"introducing-lanette-miller","title":"Meet Lanette Miller, our new Technical Account Manager"},{"slug":"introducing-ryan-price","title":"Introducing Ryan Price, our new Technical Account Manager"},{"slug":"introducing-katywalsh","title":"Introducing Katy Walsh, our new Marketing Lead"},{"slug":"enterprise-drupal-migrations-done-right","title":"From Monoliths to Multi-Sites: Two Stories of Enterprise Drupal Website Migrations Done Right"},{"slug":"ddos-attack-mitigation-for-enterprises","title":"DDoS Attack Mitigation for Enterprises: Protect Your Digital Properties"},{"slug":"future-of-work-conference-2024-highlights","title":"Future of Work Conference 2024: Highlights and Key Takeaways"},{"slug":"headless-drupal-basics-for-enterprises","title":"Headless Drupal Basics For Modern Enterprises"},{"slug":"update-from-franz","title":"A personal update from Franz on stepping back from his role as CEO of amazee.io"},{"slug":"push-your-code-well-handle-the-rest","title":"Push Your Code. We’ll Handle The Rest."},{"slug":"data-pipelines-for-rag","title":"Data Pipelines for RAG"},{"slug":"building-a-private-llm-chatbot-learnings-insights","title":"Building a Private LLM Chatbot: Learning and Insights"},{"slug":"drupal-7-end-of-life","title":"Drupal 7 End of Life: How We Help"},{"slug":"introducing-dimitra-chatzichrysou","title":"Meet amazee.io’s new Platform Engineer, Dimitra Chatzichrysou"},{"slug":"welcome-karl-hepworth","title":"Welcome, Karl Hepworth, amazee.io’s new Platform Engineer"},{"slug":"lagoon-v220-release","title":"Lagoon V2.20 Release: New Features and Enhancements"},{"slug":"introducing-lauren-morris","title":"Welcome, Lauren Morris, Our New Product Manager at amazee.io!"},{"slug":"meet-glyn-davies","title":"Meet Glyn Davies, our new Platform Engineer!"},{"slug":"introducing-laura-caraker","title":"Introducing Laura Caraker, our new Sales Representative"},{"slug":"introducing-sailonlagoon","title":"Provision and Deploy Laravel on amazee.io - Introducing Sail:onLagoon"},{"slug":"building-a-private-llm-chatbot","title":"Building a Private LLM Chatbot from Technical Documentation: Challenges and Solutions"},{"slug":"what-is-green-web-hosting","title":"What is Green Web Hosting?"},{"slug":"cdn-waf-enhancing-protecting-your-website","title":"CDN + WAF: Enhancing and Protecting Your Website"},{"slug":"live-webinar-secure-at-speed-with-fastly-edge-delivery","title":"Webinar: Secure at Speed with Fastly - Edge Delivery Without Compromise"},{"slug":"automating-migrations-between-lagoon-clusters-and-embracing-managed-kubernetes","title":"Automating Migrations Between Lagoon Clusters, and Embracing Managed Kubernetes"},{"slug":"asynchronous-communication-in-a-globally-remote-team","title":"Asynchronous Communication in a Globally Remote Team"},{"slug":"a-new-home-and-platform-for-our-lagoon-documentation","title":"A New Home (and Platform) for Our Lagoon Documentation"},{"slug":"amazee-io-joins-aws-isv-accelerate-program","title":"amazee.io joins AWS ISV Accelerate Program to accelerate developer experience"},{"slug":"austin-sprint-week-recap","title":"Support for Native Kubernetes – Austin Sprint Week Recap"},{"slug":"amazeeio-now-available-in-aws-marketplace","title":"amazee.io – Now Available in AWS Marketplace"},{"slug":"amazee.io--a-worldwide-family","title":"amazee.io – a worldwide family"},{"slug":"amazee-io-joins-mirantis","title":"Taking steps to further improve the developer experience: amazee.io joins Mirantis"},{"slug":"amazee-io-recognized-with-aws-devops-software-competency","title":"amazee.io recognized with AWS DevOps Software Competency"},{"slug":"are-you-ready-for-drupalsouth-shorts","title":"Are you ready for DrupalSouth Shorts?"},{"slug":"amazee-io-virtual-birthday-panel","title":"Join us for amazee.io’s Virtual Birthday Panel!"},{"slug":"a-marketers-perspective-on-web-hosting","title":"A Marketer’s Perspective on Switching Hosting Providers"},{"slug":"5-key-reasons-more-businesses-are-relying-on-webops","title":"5 Key Reasons More Businesses are Relying on WebOps in 2022"},{"slug":"announcing-lando-integration-for-lagoon","title":"Announcing Lando Integration for Lagoon"},{"slug":"amazee-io-earns-high-performer-ranking","title":"amazee.io earns High Performer ranking in Web Hosting and Continuous Delivery on G2"},{"slug":"live-uncover-hidden-vulnerabilities-with-dependency-track","title":"Webinar: Uncover Hidden Vulnerabilities - Continuous Software Security with Dependency-Track"},{"slug":"sounds-like-team-spirit-playlist-2024","title":"Sounds Like Team Spirit – amazee.io Team Playlist 2024"},{"slug":"drupal-dxp-built-for-decoupled-enterprise-hosting","title":"Drupal: The DXP Built for Decoupled Enterprise Website Hosting"},{"slug":"why-enterprises-turn-to-private-ai-solutions","title":"Webinar: Why Smart Enterprises Are Turning to Private AI Solutions"},{"slug":"webinar-launch-drupal-ai-provider","title":"Webinar: Private Drupal AI Provider – From Demo to Launch"},{"slug":"drupalcon-na-2021-recap-the-amazee-io-sessions","title":"DrupalCon North America 2021 Recap: The amazee.io Sessions"},{"slug":"meet-brand-ambassador-jason-lewis","title":"Welcome Jason Lewis, our Brand Ambassador"},{"slug":"meet-matt-swann","title":"Meet Matt Swan, our new UX Product Designer"},{"slug":"welcome-jay-porter","title":"Meet Jay Porter, our Technical Account Manager"},{"slug":"webinar-recap-lagoon-insights","title":"Webinar Recap: Lagoon Insights"},{"slug":"say-hello-to-peter-wettstein","title":"Say hello to Peter, our new Technical Account Manager"},{"slug":"what-was-the-cwp-for-the-new-zealand-government-and-whats-next","title":"What was the CWP for the New Zealand Government — and what's next?"},{"slug":"lagoon-2-is-available-now","title":"Lagoon 2 is Available Now! Here’s What’s New"},{"slug":"welcome-bobby-our-new-technical-account-manager","title":"Meet Bobby Kindle, our Technical Account Manager"},{"slug":"webinar-recap-how-to-simplify-your-development-workflow","title":"Webinar Recap: How to simplify your development workflow with Lando and Lagoon"},{"slug":"were-going-to-drupalcon-global","title":"We’re going to DrupalCon Global — see you online!"},{"slug":"webinar-recap-blue-green-deployments-with-activestandby","title":"Webinar Recap: Blue-Green Deployments with Active/Standby on Lagoon"},{"slug":"get-to-know-a-tam-sean-hamlin","title":"Get to Know a Technical Account Management Lead: Sean Hamlin"},{"slug":"lagoon-insights-webinar","title":"Lagoon Insights webinar"},{"slug":"introducing-nicole-laine","title":"Introducing Nicole Laine, our Digital Marketing and Advertising Specialist!"},{"slug":"joint-webinar-recap-the-future-of-web-development","title":"Joint Webinar Recap: The Future of Web Development and Hosting"},{"slug":"joint-webinar-recap-advanced-lando-ing-with-lagoon","title":"Joint Webinar Recap: Advanced Lando-ing with Lagoon"},{"slug":"joint-webinar-devportal-as-a-service-enabled-by-amazeeio","title":"Joint Webinar - DevPortal as a Service, deployed wherever the customer needs it, enabled by amazee.io"},{"slug":"is-cloud-native-too-hard-to-hire-for","title":"Is cloud native too hard to hire for? amazee.io can help simplify the process. Here’s how."},{"slug":"drupalcon-europe-2020-speaker-video-replay","title":"DrupalCon Europe 2020 Speaker Video Replay"},{"slug":"welcome-to-the-team-jonathan-peter","title":"Welcome to the team, Jonathan Peter – our new IT LEAD!"},{"slug":"webinar-drupal-ai-private-by-design","title":"Webinar: AI for Drupal - Private-by-Design"},{"slug":"drupal-content-distribution-solutions","title":"Drupal Content Distribution Solutions"},{"slug":"composable-web-drupal-web-hosting-and-the-future-of-web-architectures","title":"Composable web: Drupal web hosting and the future of web architectures"},{"slug":"will-greener-hosting-help","title":"Will greener hosting help reduce my website’s carbon emissions?"},{"slug":"dedicated-cloud-an-introductory-guide","title":"Dedicated Cloud: An Introductory Guide to Hosting Drupal and Other Enterprise CMS Software"},{"slug":"join-us-in-welcoming-toby-bellwood--our-new-product","title":"Join us in welcoming Toby Bellwood – our new Product Lead!"},{"slug":"preparing-lagoon-for-drupal-9-launch-day","title":"Preparing Lagoon for Drupal 9 Launch Day"},{"slug":"lagoon-implements-active-standby-a-blue-green-deploy-solution","title":"Lagoon implements “Active/Standby” - A Blue-Green Deploy Solution"},{"slug":"badcamping-virtually-together","title":"BADCamping Virtually Together"},{"slug":"amazee-io-launches-agency-partner-program","title":"amazee.io launches first Agency Partner Program, creating reseller and referral opportunities for agencies around the world"},{"slug":"amazee.io-catalyst-cloud-sparks-panel-discussion","title":"Webinar Recap: How Governments Can Leverage Open Source and the Cloud"},{"slug":"join-amazee-io-at-new-zealand-techweek2021","title":"Join us at New Zealand Techweek2021"},{"slug":"webinar-data-sovereignty-enterprise-drupal-publishing-workflows","title":"Webinar: Drupal Publishing Workflows and Data Sovereignty"},{"slug":"webinar-recap-lagoon-2.0-deploy-into-kubernetes-and","title":"Webinar RECAP: Lagoon 2.0: Deploy into Kubernetes and more!"},{"slug":"meet-us-at-cloudfest-2022","title":"Meet Us At CloudFest 2022"},{"slug":"top-benefits-of-cicd-in-web-hosting","title":"Top benefits of CI/CD in web hosting - and what it means for developers"},{"slug":"the-best-hosting-solution","title":"The Best Enterprise Hosting Solution: Top 3 Things To Look For"},{"slug":"webinar-open-source-power-of-typo3","title":"Better Together: The Open Source Power of TYPO3 CMS and amazee.io"},{"slug":"if-spotify-can-go-down-is-anyone-safe","title":"If Spotify can go down, is anyone safe?"},{"slug":"composable-architecture-and-drupal","title":"Composable Architecture: Why Drupal should be part of your Solution"},{"slug":"introducing-blaize-kaye","title":"Introducing our new Developer Experience and CI/CD Engineer – Blaize Kaye"},{"slug":"smartsheet-dedicated-kubernetes-based-web-hosting","title":"Supporting enterprise SaaS demand with dedicated Kubernetes-based web hosting"},{"slug":"meet-our-new-bizops-lead-ingrid-talbot","title":"Meet Ingrid Talbot, our BizOps Lead"},{"slug":"acquia-site-factory-vs-amazee-io-paas","title":"Acquia Site Factory vs amazee.io PaaS: Why amazee.io has the multisite hosting advantage you need"},{"slug":"welcome-to-the-team-martin","title":"Meet Martin Schlögl, our Head of Sales"},{"slug":"taoti-creative-and-amazee.io-breaking-free-from-limits-to-deliver-more","title":"Taoti Creative - Delivering more for Customers | amazee.io"},{"slug":"lagoon-cli-an-essential-tool-for-managing-lagoon-sites","title":"Lagoon-CLI — an essential tool for managing Lagoon sites."},{"slug":"driven-by-a-global-pandemic-the-world-is-changing","title":"Supporting COVID-19 Response Efforts"},{"slug":"why-were-moving-to-managed-kubernetes","title":"Why we’re moving to Managed Kubernetes"},{"slug":"global-distributed-and-open-source","title":"Proud to be Global, Distributed, and Open Source"},{"slug":"say-hi-to-tobi-nehrlich","title":"Say hi to Tobi Nehrlich, amazee.io’s Platform Lead"},{"slug":"how-to-prepare-your-website-for-high-traffic-events","title":"Case Study: Züri Fäscht — How to Prepare Your Website for High-Traffic Events"},{"slug":"introducing-stephanie-ogozaly-solutions-marketing-manager","title":"Meet Stephanie Ogozaly, our Solutions Marketing Manager"},{"slug":"new-content-marketing-manager-sophia-harris","title":"Say hi to our new Content Marketing Manager – Sophia Harris"},{"slug":"joint-webinar---the-future-of-web-development-and-hosting","title":"Joint Webinar - The future of web development and hosting: how to build performance apps for the modern web"},{"slug":"how-a-global-pharma-company-cut-application-delivery-costs","title":"EKS Migration - Cut App Delivery Costs by 60% | amazee.io"},{"slug":"unlocking-the-power-of-platform-engineering","title":"What Is Platform Engineering | amazee.io"},{"slug":"talking-kubernetes-on-talking-drupal-podcast","title":"Talking Kubernetes on Talking Drupal Podcast"},{"slug":"gitops-vs-devops","title":"GitOps vs. DevOps - What they are and why they are better together"},{"slug":"survive-a-high-traffic-event","title":"7 Tips: How to Survive a High-Traffic Event"},{"slug":"we-are-going-to-drupalcon-north-america","title":"We’re going to DrupalCon North America, April 12–16"},{"slug":"supporting-students-during-uncertain-times","title":"Supporting Students During Uncertain Times"},{"slug":"what-is-zeroops","title":"What is ZeroOps? Solving Your DevOps Challenges"},{"slug":"were-sponsoring-drupalgov-2020-australia","title":"We're Sponsoring, Attending and Speaking at DrupalGov 2020 in Australia"},{"slug":"crank-it-up-the-amazee-io-2021-playlist","title":"Crank It Up: The amazee.io 2021 Playlist Has Arrived"},{"slug":"what-is-webops","title":"What is WebOps? How does it Solve your Hosting Problems?"},{"slug":"matterport-autoscaling-to-meet-peak-demand-with-amazee.io-support","title":"Matterport: Autoscaling to meet peak demand with amazee.io support"},{"slug":"how-one-saas-company-saved-70k-in-startup-costs","title":"How one SaaS company saved $70k in startup costs and went to market a year faster"},{"slug":"govcms-case-study-managing-increased-website-demand","title":"GovCMS Case Study: managing increased website demand during COVID-19"},{"slug":"upcoming-webinar-how-governments-can-leverage-open-source","title":"Upcoming Webinar: How Governments can Leverage Open Source and the Cloud"},{"slug":"html-to-pdf-with-gotenberg-hosted-on-lagoon","title":"HTML to PDF with Gotenberg Hosted on Lagoon"},{"slug":"uptime-monitoring-explained","title":"Uptime Monitoring Explained"},{"slug":"lagoon-2020-roadmap","title":"Lagoon 2020 Roadmap"},{"slug":"what-to-expect-in-lagoon-1-3-0","title":"What to expect in Lagoon 1.3.0"},{"slug":"platform-as-a-service-hitting-the-wall","title":"Platform-as-a-Service: Are you hitting the wall with your Enterprise Drupal Hosting?"},{"slug":"see-you-at-drupalsouth-shorts-2021","title":"We’ll see you at DrupalSouth Shorts 2021"},{"slug":"the-top-7-webops-questions-answered","title":"The Top 7 WebOps Questions Answered"},{"slug":"what-were-releasing-in-lagoon-1.6.0-not-just-drupal-9-compatibility","title":"What we're releasing in Lagoon 1.6.0 - (not just Drupal 9 compatibility)"},{"slug":"welcome-johnny-squardo","title":"Welcome our new Support Engineer, Johnny Squardo"},{"slug":"lagoon-examples-silverstripe-cms","title":"Lagoon examples - Silverstripe CMS"},{"slug":"a-large-credential-stuffing-attack","title":"A Large Credential Stuffing Attack - How We Respond and Mitigate"},{"slug":"simply-push-your-code","title":"“Simply push your code.” What does that mean, exactly?"},{"slug":"open-source-companies-navigating-challenges","title":"Open Source Companies: Navigating Challenges and Building a Business on Open Source"},{"slug":"a-day-in-the-life-inside-lagoon-a-step-by-step-tutorial","title":"A day in the life inside Lagoon: A step-by-step tutorial demo"},{"slug":"amazeeio-is-now-a-kubernetes-certified-service-provider","title":"amazee.io is now a Kubernetes Certified Service Provider (KCSP)"},{"slug":"what-we-released-in-lagoon-1.9----the-ones-before","title":"What we released in Lagoon 1.9  –  the one(s) before two"},{"slug":"white-paper-what-is-ci-cd","title":"What is CI/CD? A Primer on Continuous Integration and Continuous Delivery"},{"slug":"lando-and-lagoon-webinar","title":"Webinar: Simplifying your development workflow with Lando and Lagoon"},{"slug":"drupalgov-2020-sessions-recap","title":"DrupalGov 2020 Sessions Recap"},{"slug":"drupal-govcon-2020--here-we-come","title":"Drupal GovCon 2020 – Here We Come!"},{"slug":"a-warm-amazee.io-welcome-to-salvatore-pappalardo","title":"A warm amazee.io welcome to Salvatore Pappalardo – our new Systems Engineer"},{"slug":"amazee-io-as-your-composable-web-platform","title":"amazee.io as your composable web platform"},{"slug":"life-as-a-systems-engineer-at-amazee.io","title":"Life as a Systems Engineer at amazee.io"},{"slug":"lagoon-2.0-vision--what-were-working-on","title":"Lagoon 2.0 Vision – What We’re Working On"},{"slug":"joint-webinar-recap-developer-portals-as-a-service","title":"Joint Webinar Recap: Developer Portals as a Service, enabled by amazee.io"},{"slug":"see-you-at-drupalcon-europe-2020","title":"See You at DrupalCon Europe 2020"},{"slug":"our-new-partner-manager-bryan-gruneberg","title":"Meet our new Partner Manager — Bryan Gruneberg!"},{"slug":"meet-our-new-product-designer--ac-cowart","title":"Meet our new Product Designer – AC Cowart!"},{"slug":"powered-by-lagoon-managing-countless-csp-violations","title":"Powered by Lagoon: Managing countless CSP violations using amazee.io's platform flexibility"},{"slug":"recap-the-first-ever-lagooncon","title":"Recap – The first-ever LagoonCon"},{"slug":"podcast-joining-an-open-source-start-up-to-scale-growth","title":"Podcast: Joining an Open Source Start-Up to Scale Growth"},{"slug":"what-arrived-in-lagoon-1.8.x--a-release-in-three-movements","title":"What arrived in Lagoon 1.8.x – a release in three movements"},{"slug":"origins-of-lagoon-drupaleasy-interview-with-michael-schmid","title":"Origins of Lagoon - Interview with Michael Schmid on Drupal Easy"},{"slug":"developerweek-global-cloud-2021","title":"We’ll be at DeveloperWeek Global: Cloud, September 14-15"},{"slug":"our-drupalcon-global-recap","title":"Our DrupalCon Global Recap"},{"slug":"learn-containers-5-minutes-at-a-time-a-preview","title":"Learn containers 5 minutes at a time: A preview"},{"slug":"office-hours","title":"Office Hours"},{"slug":"lagoon-hacktoberfest-2020-call-for-more-examples","title":"Lagoon Hacktoberfest 2020  – call for more examples!"},{"slug":"what-were-releasing-in-lagoon-1.7.0","title":"What we're releasing in Lagoon 1.7.0"},{"slug":"ceo-franz-karlsberger-takes-the-reins","title":"CEO Franz Karlsberger takes the reins"},{"slug":"webinar-how-to-run-blue-green-deployments-with-active-standby-on-lagoon","title":"Webinar: How to Run Blue-Green Deployments with Active/Standby on Lagoon"},{"slug":"why-we-use-and-recommend-lens-for-kubernetes","title":"Here’s why we use and recommend Lens for Kubernetes"},{"slug":"women-in-tech-spotlight-interview-witb-dania-gerhardt-co-founder-of-amazee-group","title":"Women in Tech Spotlight: Interview with Dania Gerhardt, Co-Founder of Amazee Group"},{"slug":"gitlab-contribution","title":"GitLab Contribution"},{"slug":"webinar-on-lagoon-2-0-deploy-into-kubernetes-and-more","title":"Webinar on Lagoon 2.0 — Deploy into Kubernetes and more!"},{"slug":"exploring-self-managed-kubernetes-heres-what-to-consider","title":"Exploring Self-Managed Kubernetes? Here’s what to consider:"},{"slug":"what-we-released-in-lagoon-1.5.0","title":"What we released in Lagoon 1.5.0"},{"slug":"what-we-released-in-lagoon-1.4.0-and-1.4.1","title":"What we released in Lagoon 1.4.0 (and 1.4.1)"},{"slug":"how-can-we-preserve-developers-freedom","title":"How can we preserve developers’ freedom? And other questions with amazee.io"},{"slug":"what-are-the-benefits-of-using-open-source-software","title":"What are the benefits of using open source software? And other questions with amazee.io"},{"slug":"drupalcon-highlights-video-another-great-year-of-open-source-events","title":"DrupalCon Highlights Video: Another Great Year of Open Source Events"},{"slug":"part-2-how-secure-are-you-in-2022","title":"Part 2: How secure are you in 2022?"},{"slug":"welcome-to-the-team-nicole-ritchie","title":"Welcome to the team, Nicole Richie!"},{"slug":"after-ten-years-as-a-back-end-developer-alanna-decided","title":"A warm amazee.io welcome to Alanna Burke, our new expert on Documentation, Training, and Developer Relations!"},{"slug":"joint-webinar-advanced-lando-ing-with-lagoon","title":"Joint Webinar: Advanced Lando-ing with Lagoon"},{"slug":"what-you-need-to-know-about-open-source-software-and-webops","title":"What you need to know about open source software and DevOps"},{"slug":"meet-us-at-drupalcon-europe-2021","title":"Meet us at DrupalCon Europe 2021"},{"slug":"your-workflow-your-way","title":"Your workflow, your way: Leveraging the Lagoon API for custom CI/CD pipelines & development workflows"},{"slug":"say-hi-to-martina-augurio","title":"Meet Martina Augurio, our Client Engagement Manager"},{"slug":"visit-our-booth-at-drupal-govcon-2021","title":"Visit our booth at Drupal GovCon 2021"},{"slug":"welcome-chris-goodwin","title":"Meet Chris Goodwin, our Software Engineer"},{"slug":"what-is-dedicated-cloud-and-why-you-should-move-to-it","title":"What is Dedicated Cloud? And Why You Should Move to It"},{"slug":"our-highlights-from-new-zealand-techweek2021","title":"Our highlights from New Zealand Techweek2021"},{"slug":"what-is-a-content-delivery-network-cdn","title":"What is a Content Delivery Network (CDN) – and why do you need one?"},{"slug":"watch-now-amazee-io-at-drupalsouth-shorts-2021","title":"Watch Now: amazee.io at DrupalSouth ‘Shorts’ 2021"},{"slug":"introducing-rolando-scott","title":"Meet Rolando Scott, our Technical Account Manager"},{"slug":"welcome-to-amazee-io-mihaela","title":"Meet Mihaela Gheorghe, our Support Engineer"},{"slug":"celebrating-5-years-of-making-developers-lives-easier","title":"Celebrating 5 years of Making Developers’ Lives Easier"},{"slug":"welcome-ashleigh-king","title":"Meet Ashleigh King, our Client Engagement Manager"},{"slug":"join-our-drupal4gov-september-webinar","title":"Join our Drupal4Gov webinar on how to survive high-traffic events"},{"slug":"welcome-cezary-rataj","title":"Welcome Cezary Rataj, our new Delivery Lead at amazee.io!"},{"slug":"master-the-fundamentals-of-k8s","title":"Master the Fundamentals of K8s:\nKubernetes 101 video series with Jeff Geerling"},{"slug":"website-uptime-guarantees-explained","title":"Website Uptime Guarantees Explained"},{"slug":"how-to-scale-kubernetes-with-a-small-team","title":"How to scale Kubernetes with a small team"},{"slug":"welcome-to-discord-lagoon","title":"Welcome to Discord, Lagoon"},{"slug":"should-developers-have-to-do-kubernetes","title":"Should developers have to do Kubernetes?"},{"slug":"say-hi-to-bree-benesh","title":"Say hi to Bree Benesh – amazee.io’s new Sales Solutions Architect"},{"slug":"recap-2023-composablenow","title":"Recap 2023 – ComposableNow: The Future of the Open Web"},{"slug":"welcome-henk-beld","title":"Welcome our new Sales Solutions Architect, Henk Beld, to the amazee.io team"},{"slug":"why-developers-need-devops-as-a-service","title":"Why developers need DevOps-as-a-Service: A solution to Kubernetes management and developer burnout"},{"slug":"welcome-pedro-alagoa","title":"Welcome Pedro Alagoa, our newest Software Engineer"},{"slug":"welcome-deeksha-kini","title":"Meet amazee.io's new Systems Support Engineer – Deeksha Kini"},{"slug":"k8s-101-is-kubernetes-essential-for-developers","title":"K8s 101: Is Kubernetes essential for developers? Here’s how to start using it today"},{"slug":"how-to-get-support-from-amazee-io","title":"How to get support from amazee.io"},{"slug":"what-is-containerized-hosting","title":"What is containerized hosting?"},{"slug":"benefits-of-kubernetes-with-lagoon","title":"Reaping the Benefits of Kubernetes \n(with Lagoon)"},{"slug":"website-security-risks-in-2022","title":"Which website security risks do you really need to worry about in 2022?"},{"slug":"how-to-simplify-your-data-sovereignty-strategy","title":"How to simplify your data sovereignty strategy"},{"slug":"new-platform-engineer-brittany-mitchell","title":"Meet our new Platform Engineer – Brittany Mitchell"},{"slug":"annai-partnership-announcement","title":"amazee.io and ANNAI Inc. Partner to Bring Open Source PaaS to Japan"},{"slug":"drupaljam-2025-the-power-of-community","title":"Drupaljam 2025: Big Ideas, Bold Tech, and the Power of Community"},{"slug":"introducing-private-ai-at-drupalcon-atlanta","title":"Introducing Private AI at DrupalCon Atlanta"},{"slug":"ai-llm-data-privacy-protection","title":"AI and LLM Data Privacy and Data Sovereignty: Navigating the Challenges"},{"slug":"experience-the-power-of-drupal-ai-for-free","title":"Experience the power of Drupal AI for free"},{"slug":"drupalcon-barcelona-2024-team-recap","title":"DrupalCon Barcelona 2024 - Team Recap"},{"slug":"recap-drupal-govcon-2024","title":"Drupal GovCon 2024 Recap"},{"slug":"lagooncon-portland-2024-recap","title":"LagoonCon Portland 2024 Recap"},{"slug":"drupalcon-portland-2024-recap","title":"DrupalCon Portland 2024 in 1,800 Words"},{"slug":"soc2-type2-attestation-report-announcement","title":"amazee.io Achieves SOC 2 Type 2 Attestation - Our Ongoing Commitment to Enterprise-Level Security"},{"slug":"aws-tokyo-cloud-region","title":"amazee.io Launches New Tokyo Cloud Region on AWS"},{"slug":"amazee-io-bolsters-enterprise-level-security-with-iso-27001-security-standard-certification","title":"amazee.io Bolsters Enterprise-Level Security with ISO 27001 Security Standard Certification"},{"slug":"thriving-in-tech-removing-barriers-for-black-professionals","title":"Thriving in Tech: Removing Barriers for Black Professionals"},{"slug":"comparably-awards-honor-amazee-io","title":"Comparably awards honor our Perks and Benefits and Company Compensation at amazee.io"},{"slug":"drupalcon-amsterdam-2019-recap","title":"DrupalCon Amsterdam 2019 Recap"},{"slug":"aws-government-competency","title":"amazee.io Achieves AWS Government Competency"},{"slug":"soc2-type1-attestation-report-announcement","title":"amazee.io Proves Enhanced Enterprise-Level Security with SOC2 Type1 Attestation Report"},{"slug":"salsa-digital-and-amazee-io-secure-new-contract-with-the-australian-department-of-finance-for-govcms","title":"Salsa Digital and amazee.io secure new contract with the Australian Department of Finance for GovCMS"}]},"legacy":false,"slug":"powered-by-lagoon-managing-countless-csp-violations","data":{"title":"Powered by Lagoon: Managing countless CSP violations using amazee.io's platform flexibility","meta_title":"Managing countless CSP violations with Lagoon | amazee.io","posted_on":"Aug 22, 2023","author_name":"Sean Hamlin","author_image":"https://images.prismic.io/amazeeio/d38367cd-11ae-4ef6-972b-6b2bb999df7e_Sean-Hamlin.jpg?auto=compress%2Cformat","read_time":5,"tag":"Knowledge Base","faq":{"heading":null,"faq_items":[]},"body":[{"id":"392c8aec-defc-5bcd-b8e2-ab23f257acb0","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"\n    <p class=\" block-img\">\n      <img src=\"https://images.prismic.io/amazeeio/ca98541d-16b3-43c4-9134-e9c79a2b9531_CSP-violation-Blog.jpg?auto=compress,format\" alt=\"Powered by Lagoon: Managing countless CSP violations using amazee.io&#39;s platform flexibility\" copyright=\"\" />\n    </p>\n  ","raw":[{"type":"image","url":"https://images.prismic.io/amazeeio/ca98541d-16b3-43c4-9134-e9c79a2b9531_CSP-violation-Blog.jpg?auto=compress,format","alt":"Powered by Lagoon: Managing countless CSP violations using amazee.io's platform flexibility","copyright":null,"dimensions":{"width":1120,"height":675},"id":"ZOcvqRAAACYAcJV2","edit":{"x":0,"y":0,"zoom":1,"background":"#fff"}}],"text":""}}},{"id":"2f6b843b-1b93-59e7-9af2-221de9c1f17a","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"<p>If you&#39;ve ever dealt with web security, you&#39;ve probably heard of CSP (Content Security Policy). It&#39;s the unsung hero of the web, silently guarding sites against malicious attacks. However, imagine managing tens of millions of CSP violations <strong><em>every month.</em></strong> Sounds like a monstrous task, right? Let’s dive into how we supported a customer tackling this challenge in a lightweight, super scalable way.</p><p></p><h2>What even is a CSP?</h2><p></p><p>For those new to the CSP world, let’s quickly demystify it. Content Security Policy (CSP) is a web standard designed to control what resources a user’s browser can load on a page. Think of it as a security guard, looking for suspicious activities and preventing malicious attacks. </p>","raw":[{"type":"paragraph","text":"If you've ever dealt with web security, you've probably heard of CSP (Content Security Policy). It's the unsung hero of the web, silently guarding sites against malicious attacks. However, imagine managing tens of millions of CSP violations every month. Sounds like a monstrous task, right? Let’s dive into how we supported a customer tackling this challenge in a lightweight, super scalable way.","spans":[{"start":241,"end":253,"type":"em"},{"start":241,"end":253,"type":"strong"}]},{"type":"paragraph","text":"","spans":[]},{"type":"heading2","text":"What even is a CSP?","spans":[]},{"type":"paragraph","text":"","spans":[]},{"type":"paragraph","text":"For those new to the CSP world, let’s quickly demystify it. Content Security Policy (CSP) is a web standard designed to control what resources a user’s browser can load on a page. Think of it as a security guard, looking for suspicious activities and preventing malicious attacks. ","spans":[]}],"text":"If you've ever dealt with web security, you've probably heard of CSP (Content Security Policy). It's the unsung hero of the web, silently guarding sites against malicious attacks. However, imagine managing tens of millions of CSP violations every month. Sounds like a monstrous task, right? Let’s dive into how we supported a customer tackling this challenge in a lightweight, super scalable way.  What even is a CSP?  For those new to the CSP world, let’s quickly demystify it. Content Security Policy (CSP) is a web standard designed to control what resources a user’s browser can load on a page. Think of it as a security guard, looking for suspicious activities and preventing malicious attacks. "}}},{"id":"5f3af208-5097-57e4-9fe0-c1b10b393599","slice_type":"block_quote","slice_label":null,"primary":{"content":{"html":"<p><em>Content Security Policy (CSP) is an added layer of security that helps to detect and mitigate certain types of attacks, including Cross-Site Scripting (XSS) and data injection attacks. These attacks are used for everything from data theft to site defacement to malware distribution.</em></p><p>– <a target=\"_blank\" rel=\"noopener\" href=\"https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP\">https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP</a></p>","raw":[{"type":"paragraph","text":"Content Security Policy (CSP) is an added layer of security that helps to detect and mitigate certain types of attacks, including Cross-Site Scripting (XSS) and data injection attacks. These attacks are used for everything from data theft to site defacement to malware distribution.","spans":[{"start":0,"end":282,"type":"em"}]},{"type":"paragraph","text":"– https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP","spans":[{"start":2,"end":55,"type":"hyperlink","data":{"link_type":"Web","url":"https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP","target":"_blank"}}]}],"text":"Content Security Policy (CSP) is an added layer of security that helps to detect and mitigate certain types of attacks, including Cross-Site Scripting (XSS) and data injection attacks. These attacks are used for everything from data theft to site defacement to malware distribution. – https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP"}}},{"id":"d45beca1-fc46-5f14-a0bf-ef66bf8ff1a6","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"<h2>Our Australian CSP Adventure</h2><p></p><p>Enter the challenge. A significant government agency in Australia uses CSP on its site. Sounds pretty straightforward, but here&#39;s the twist: no matter how tuned a CSP is, it can only partially prevent violations. Why? Unpredictable elements, like browser extensions, often trigger some violations. </p><p></p><p>The agency&#39;s site, built on Drupal, could log CSP violations using the <a target=\"_blank\" rel=\"noopener\" href=\"https://www.drupal.org/project/seckit\"><strong>Seckit</strong></a> module. But with the astronomical number of violations, it was like we were asking a household vacuum to clean an entire beach! And before you ask, third-party tools were off the table due to the usual government security and procurement processes. </p><p></p><p>We needed to roll something lightweight and scalable.</p><p></p><h2>The Road to Golang and Lagoon</h2><p></p><p>So, how did we solve this mountain of a challenge? First, we ditched Drupal for logging these violations. Drupal is just too heavy for this volume.</p><p></p><p>Instead, we picked a zippy dedicated Golang binary that snugly fits into its own container within the amazee.io project and is easily deployed by Lagoon. The stars of this setup? </p><p></p><p>Firstly the go-CSP-collector streamlined the collection like a charm. </p><p></p><p>And secondly, <a target=\"_blank\" rel=\"noopener\" href=\"https://lagoon.sh\"><strong>Lagoon</strong></a> for deploying the application on the amazee.io platform.</p><p></p><p>Hosting this as a service in our Lagoon project was relatively quick. Lagoon is more than just the application deployment component for amazee.io. It’s also not just a dream for developers, ensuring congruent environments, 100% open source transparency, and top-notch web application delivery. It is also incredibly flexible! </p><p></p><p>We settled on using the `basic` service type from Lagoon, explicitly crafted for extended services like this scenario required. More about Lagoon service types can be found on the <a target=\"_blank\" rel=\"noopener\" href=\"https://docs.lagoon.sh/using-lagoon-advanced/service-types/\"><strong>lagoon.sh</strong></a> website.</p><p></p><p>So the amazee.io team got to work lending a hand to our customers, helping them master the art of multi-stage docker builds to keep their image lean and mean.</p><p></p><h2>What’s going on under the hood?</h2><p></p><p>While the story of solving a scale problem is fascinating, for those technical folks reading, we thought we’d break down the mechanics of our solution. Let’s look at the magic behind the curtains!</p><p></p><h3>Docker Compose Setup</h3><p></p><p>To our `docker-compose.yml`, we add the following:</p>","raw":[{"type":"heading2","text":"Our Australian CSP Adventure","spans":[]},{"type":"paragraph","text":"","spans":[]},{"type":"paragraph","text":"Enter the challenge. A significant government agency in Australia uses CSP on its site. Sounds pretty straightforward, but here's the twist: no matter how tuned a CSP is, it can only partially prevent violations. Why? Unpredictable elements, like browser extensions, often trigger some violations. ","spans":[]},{"type":"paragraph","text":"","spans":[]},{"type":"paragraph","text":"The agency's site, built on Drupal, could log CSP violations using the Seckit module. But with the astronomical number of violations, it was like we were asking a household vacuum to clean an entire beach! And before you ask, third-party tools were off the table due to the usual government security and procurement processes. ","spans":[{"start":71,"end":77,"type":"strong"},{"start":71,"end":77,"type":"hyperlink","data":{"link_type":"Web","url":"https://www.drupal.org/project/seckit","target":"_blank"}}]},{"type":"paragraph","text":"","spans":[]},{"type":"paragraph","text":"We needed to roll something lightweight and scalable.","spans":[]},{"type":"paragraph","text":"","spans":[]},{"type":"heading2","text":"The Road to Golang and Lagoon","spans":[]},{"type":"paragraph","text":"","spans":[]},{"type":"paragraph","text":"So, how did we solve this mountain of a challenge? First, we ditched Drupal for logging these violations. Drupal is just too heavy for this volume.","spans":[]},{"type":"paragraph","text":"","spans":[]},{"type":"paragraph","text":"Instead, we picked a zippy dedicated Golang binary that snugly fits into its own container within the amazee.io project and is easily deployed by Lagoon. The stars of this setup? ","spans":[]},{"type":"paragraph","text":"","spans":[]},{"type":"paragraph","text":"Firstly the go-CSP-collector streamlined the collection like a charm. ","spans":[]},{"type":"paragraph","text":"","spans":[]},{"type":"paragraph","text":"And secondly, Lagoon for deploying the application on the amazee.io platform.","spans":[{"start":14,"end":20,"type":"strong"},{"start":14,"end":20,"type":"hyperlink","data":{"link_type":"Web","url":"https://lagoon.sh","target":"_blank"}}]},{"type":"paragraph","text":"","spans":[]},{"type":"paragraph","text":"Hosting this as a service in our Lagoon project was relatively quick. Lagoon is more than just the application deployment component for amazee.io. It’s also not just a dream for developers, ensuring congruent environments, 100% open source transparency, and top-notch web application delivery. It is also incredibly flexible! ","spans":[]},{"type":"paragraph","text":"","spans":[]},{"type":"paragraph","text":"We settled on using the `basic` service type from Lagoon, explicitly crafted for extended services like this scenario required. More about Lagoon service types can be found on the lagoon.sh website.","spans":[{"start":180,"end":189,"type":"strong"},{"start":180,"end":189,"type":"hyperlink","data":{"link_type":"Web","url":"https://docs.lagoon.sh/using-lagoon-advanced/service-types/","target":"_blank"}}]},{"type":"paragraph","text":"","spans":[]},{"type":"paragraph","text":"So the amazee.io team got to work lending a hand to our customers, helping them master the art of multi-stage docker builds to keep their image lean and mean.","spans":[]},{"type":"paragraph","text":"","spans":[]},{"type":"heading2","text":"What’s going on under the hood?","spans":[]},{"type":"paragraph","text":"","spans":[]},{"type":"paragraph","text":"While the story of solving a scale problem is fascinating, for those technical folks reading, we thought we’d break down the mechanics of our solution. Let’s look at the magic behind the curtains!","spans":[]},{"type":"paragraph","text":"","spans":[]},{"type":"heading3","text":"Docker Compose Setup","spans":[]},{"type":"paragraph","text":"","spans":[]},{"type":"paragraph","text":"To our `docker-compose.yml`, we add the following:","spans":[]}],"text":"Our Australian CSP Adventure  Enter the challenge. A significant government agency in Australia uses CSP on its site. Sounds pretty straightforward, but here's the twist: no matter how tuned a CSP is, it can only partially prevent violations. Why? Unpredictable elements, like browser extensions, often trigger some violations.   The agency's site, built on Drupal, could log CSP violations using the Seckit module. But with the astronomical number of violations, it was like we were asking a household vacuum to clean an entire beach! And before you ask, third-party tools were off the table due to the usual government security and procurement processes.   We needed to roll something lightweight and scalable.  The Road to Golang and Lagoon  So, how did we solve this mountain of a challenge? First, we ditched Drupal for logging these violations. Drupal is just too heavy for this volume.  Instead, we picked a zippy dedicated Golang binary that snugly fits into its own container within the amazee.io project and is easily deployed by Lagoon. The stars of this setup?   Firstly the go-CSP-collector streamlined the collection like a charm.   And secondly, Lagoon for deploying the application on the amazee.io platform.  Hosting this as a service in our Lagoon project was relatively quick. Lagoon is more than just the application deployment component for amazee.io. It’s also not just a dream for developers, ensuring congruent environments, 100% open source transparency, and top-notch web application delivery. It is also incredibly flexible!   We settled on using the `basic` service type from Lagoon, explicitly crafted for extended services like this scenario required. More about Lagoon service types can be found on the lagoon.sh website.  So the amazee.io team got to work lending a hand to our customers, helping them master the art of multi-stage docker builds to keep their image lean and mean.  What’s going on under the hood?  While the story of solving a scale problem is fascinating, for those technical folks reading, we thought we’d break down the mechanics of our solution. Let’s look at the magic behind the curtains!  Docker Compose Setup  To our `docker-compose.yml`, we add the following:"}}},{"id":"34d22238-d58a-53eb-8524-32effdb13137","slice_type":"raw_html","slice_label":null,"primary":{"html_content":{"html":"<p>&lt;pre&gt;<br />services:<br />…<br />  csp:<br />    build:<br />      context: .<br />      dockerfile: .docker/csp.dockerfile<br />    labels:<br />      lagoon.type: basic<br />    ports:<br />      - &#39;3000:3000&#39;<br /><br />&lt;/pre&gt;</p>","raw":[{"type":"paragraph","text":"<pre>\nservices:\n…\n  csp:\n    build:\n      context: .\n      dockerfile: .docker/csp.dockerfile\n    labels:\n      lagoon.type: basic\n    ports:\n      - '3000:3000'\n\n</pre>","spans":[]}],"text":"<pre>\nservices:\n…\n  csp:\n    build:\n      context: .\n      dockerfile: .docker/csp.dockerfile\n    labels:\n      lagoon.type: basic\n    ports:\n      - '3000:3000'\n\n</pre>"}}},{"id":"06893f0e-cdaf-5e13-b31e-bd747768dc39","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"<p>This segment is essentially how we tell Lagoon to build our Golang container. The `lagoon.type: basic` is important to note - this is the directive for Lagoon, telling it to treat this service as a base type which by default listens on port 3000. Lagoon will test port 3000 when the container is deployed to confirm the service is running.</p><p></p><h3>The CSP Dockerfile</h3><p></p><p>Now, let&#39;s take a quick tour of the CSP service Dockerfile:</p>","raw":[{"type":"paragraph","text":"This segment is essentially how we tell Lagoon to build our Golang container. The `lagoon.type: basic` is important to note - this is the directive for Lagoon, telling it to treat this service as a base type which by default listens on port 3000. Lagoon will test port 3000 when the container is deployed to confirm the service is running.","spans":[]},{"type":"paragraph","text":"","spans":[]},{"type":"heading3","text":"The CSP Dockerfile","spans":[]},{"type":"paragraph","text":"","spans":[]},{"type":"paragraph","text":"Now, let's take a quick tour of the CSP service Dockerfile:","spans":[]}],"text":"This segment is essentially how we tell Lagoon to build our Golang container. The `lagoon.type: basic` is important to note - this is the directive for Lagoon, telling it to treat this service as a base type which by default listens on port 3000. Lagoon will test port 3000 when the container is deployed to confirm the service is running.  The CSP Dockerfile  Now, let's take a quick tour of the CSP service Dockerfile:"}}},{"id":"15505fec-4c63-55d0-bcc5-3521b42355d2","slice_type":"raw_html","slice_label":null,"primary":{"html_content":{"html":"<p>&lt;pre&gt;<br />FROM golang:alpine as builder<br /><br />ARG VERSION=0.0.10<br /><br />RUN apk update \\<br />    &amp;&amp; apk add curl \\<br />    &amp;&amp; mkdir /tmp/csp \\<br />    &amp;&amp; cd /tmp/csp \\<br />    &amp;&amp; curl -L https://github.com/jacobbednarz/go-csp-collector/archive/refs/tags/v${VERSION}.zip &gt; csp.zip \\<br />    &amp;&amp; unzip csp.zip \\<br />    &amp;&amp; cd go-csp-collector-${VERSION} \\<br />    &amp;&amp; go build csp_collector.go \\<br />    &amp;&amp; mkdir /csp \\<br />    &amp;&amp; mv csp_collector /csp<br /><br />FROM alpine<br /><br />COPY --from=builder /csp /csp<br /><br />WORKDIR /csp<br /><br />CMD [&quot;/csp/csp_collector&quot;, &quot;--port&quot;, &quot;3000&quot;]<br />&lt;/pre&gt;</p>","raw":[{"type":"paragraph","text":"<pre>\nFROM golang:alpine as builder\n\nARG VERSION=0.0.10\n\nRUN apk update \\\n    && apk add curl \\\n    && mkdir /tmp/csp \\\n    && cd /tmp/csp \\\n    && curl -L https://github.com/jacobbednarz/go-csp-collector/archive/refs/tags/v${VERSION}.zip > csp.zip \\\n    && unzip csp.zip \\\n    && cd go-csp-collector-${VERSION} \\\n    && go build csp_collector.go \\\n    && mkdir /csp \\\n    && mv csp_collector /csp\n\nFROM alpine\n\nCOPY --from=builder /csp /csp\n\nWORKDIR /csp\n\nCMD [\"/csp/csp_collector\", \"--port\", \"3000\"]\n</pre>","spans":[]}],"text":"<pre>\nFROM golang:alpine as builder\n\nARG VERSION=0.0.10\n\nRUN apk update \\\n    && apk add curl \\\n    && mkdir /tmp/csp \\\n    && cd /tmp/csp \\\n    && curl -L https://github.com/jacobbednarz/go-csp-collector/archive/refs/tags/v${VERSION}.zip > csp.zip \\\n    && unzip csp.zip \\\n    && cd go-csp-collector-${VERSION} \\\n    && go build csp_collector.go \\\n    && mkdir /csp \\\n    && mv csp_collector /csp\n\nFROM alpine\n\nCOPY --from=builder /csp /csp\n\nWORKDIR /csp\n\nCMD [\"/csp/csp_collector\", \"--port\", \"3000\"]\n</pre>"}}},{"id":"916ff540-bd7d-57bf-8839-f79aa53543d0","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"<p>We start from a base image, `golang:alpine`, which is lightweight and equipped with a Go installation. We use this in the first stage of our multistage build to build our application.</p><p></p><p>Once we have downloaded the source and compiled the application (based on the open source <a target=\"_blank\" rel=\"noopener\" href=\"https://github.com/jacobbednarz/go-csp-collector\"><strong>jacobbednarz/go-csp-collector</strong></a>), all we need from the builder is the compiled CSP binary, so we switch to the next stage in the build and copy the binary into a standard thin alpine image which will run the binary. </p><p></p><p>We do this for at least two reasons:</p><ol><li>We save ourselves a lot of storage space by using the lightest possible image</li><li>By limiting what we have in the container, we explicitly reduce the attack surface of any application in the container by, essentially, limiting what is in the container to be attacked.</li></ol><p></p><p>With everything in place, we tell the CSP application to start listening on port 3000 on startup. The Lagoon `basic` service type also monitors port 3000, so if, for any reason, our application stops responding, this will alert Kubernetes to take corrective actions.</p><p></p><p>With this setup, our CSP collector service is ready to be built and deployed by Lagoon. When deployed, it&#39;s isolated yet part of the bigger picture, efficiently catching the tens of millions of violations </p><p></p><p>Below we see our container, scanned by Trivy, and only 7.2MB in size!</p>","raw":[{"type":"paragraph","text":"We start from a base image, `golang:alpine`, which is lightweight and equipped with a Go installation. We use this in the first stage of our multistage build to build our application.","spans":[]},{"type":"paragraph","text":"","spans":[]},{"type":"paragraph","text":"Once we have downloaded the source and compiled the application (based on the open source jacobbednarz/go-csp-collector), all we need from the builder is the compiled CSP binary, so we switch to the next stage in the build and copy the binary into a standard thin alpine image which will run the binary. ","spans":[{"start":90,"end":119,"type":"strong"},{"start":90,"end":119,"type":"hyperlink","data":{"link_type":"Web","url":"https://github.com/jacobbednarz/go-csp-collector","target":"_blank"}}]},{"type":"paragraph","text":"","spans":[]},{"type":"paragraph","text":"We do this for at least two reasons:","spans":[]},{"type":"o-list-item","text":"We save ourselves a lot of storage space by using the lightest possible image","spans":[]},{"type":"o-list-item","text":"By limiting what we have in the container, we explicitly reduce the attack surface of any application in the container by, essentially, limiting what is in the container to be attacked.","spans":[]},{"type":"paragraph","text":"","spans":[]},{"type":"paragraph","text":"With everything in place, we tell the CSP application to start listening on port 3000 on startup. The Lagoon `basic` service type also monitors port 3000, so if, for any reason, our application stops responding, this will alert Kubernetes to take corrective actions.","spans":[]},{"type":"paragraph","text":"","spans":[]},{"type":"paragraph","text":"With this setup, our CSP collector service is ready to be built and deployed by Lagoon. When deployed, it's isolated yet part of the bigger picture, efficiently catching the tens of millions of violations ","spans":[]},{"type":"paragraph","text":"","spans":[]},{"type":"paragraph","text":"Below we see our container, scanned by Trivy, and only 7.2MB in size!","spans":[]}],"text":"We start from a base image, `golang:alpine`, which is lightweight and equipped with a Go installation. We use this in the first stage of our multistage build to build our application.  Once we have downloaded the source and compiled the application (based on the open source jacobbednarz/go-csp-collector), all we need from the builder is the compiled CSP binary, so we switch to the next stage in the build and copy the binary into a standard thin alpine image which will run the binary.   We do this for at least two reasons: We save ourselves a lot of storage space by using the lightest possible image By limiting what we have in the container, we explicitly reduce the attack surface of any application in the container by, essentially, limiting what is in the container to be attacked.  With everything in place, we tell the CSP application to start listening on port 3000 on startup. The Lagoon `basic` service type also monitors port 3000, so if, for any reason, our application stops responding, this will alert Kubernetes to take corrective actions.  With this setup, our CSP collector service is ready to be built and deployed by Lagoon. When deployed, it's isolated yet part of the bigger picture, efficiently catching the tens of millions of violations   Below we see our container, scanned by Trivy, and only 7.2MB in size!"}}},{"id":"9bbe187f-97eb-5f58-b6af-6b5290db9912","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"\n    <p class=\" block-img\">\n      <img src=\"https://images.prismic.io/amazeeio/69d8d0c4-a80e-4b4e-8c5f-17804802f741_Master-CSP.jpg?auto=compress,format\" alt=\"Master CSP\" copyright=\"\" />\n    </p>\n  ","raw":[{"type":"image","url":"https://images.prismic.io/amazeeio/69d8d0c4-a80e-4b4e-8c5f-17804802f741_Master-CSP.jpg?auto=compress,format","alt":"Master CSP","copyright":null,"dimensions":{"width":1121,"height":787},"id":"ZOczfxAAACYAcKao","edit":{"x":0,"y":0,"zoom":1,"background":"#fff"}}],"text":""}}},{"id":"2a4afb33-b212-5fc2-b5cd-b532445a8504","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"<h2>The Result</h2><p></p><p>Fast forward to now, the system is handling a whopping 38 million CSP violations every month, all without breaking a sweat. </p><p></p><p>And the best part? The main Drupal site remains unaffected, singing its merry tune and performing content delivery as it was designed to. </p>","raw":[{"type":"heading2","text":"The Result","spans":[]},{"type":"paragraph","text":"","spans":[]},{"type":"paragraph","text":"Fast forward to now, the system is handling a whopping 38 million CSP violations every month, all without breaking a sweat. ","spans":[]},{"type":"paragraph","text":"","spans":[]},{"type":"paragraph","text":"And the best part? The main Drupal site remains unaffected, singing its merry tune and performing content delivery as it was designed to. ","spans":[]}],"text":"The Result  Fast forward to now, the system is handling a whopping 38 million CSP violations every month, all without breaking a sweat.   And the best part? The main Drupal site remains unaffected, singing its merry tune and performing content delivery as it was designed to. "}}},{"id":"dd4a060c-3882-57ed-b724-d9ccf7ce36cc","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"\n    <p class=\" block-img\">\n      <img src=\"https://images.prismic.io/amazeeio/cbd65c07-a462-4efe-a214-7f4dd08f7b9c_The-Result.jpg?auto=compress,format\" alt=\"38 million requests/month or 1.3 million requests/day\" copyright=\"\" />\n    </p>\n  ","raw":[{"type":"image","url":"https://images.prismic.io/amazeeio/cbd65c07-a462-4efe-a214-7f4dd08f7b9c_The-Result.jpg?auto=compress,format","alt":"38 million requests/month or 1.3 million requests/day","copyright":null,"dimensions":{"width":1121,"height":360},"id":"ZOczuxAAACcAcKeu","edit":{"x":0,"y":0,"zoom":1,"background":"#fff"}}],"text":""}}},{"id":"96157fbc-0afe-5607-8ca7-9ec805a3ffc5","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"<p>Below we see an example of a logged CSP violation (with names changed to protect the innocent!)</p>","raw":[{"type":"paragraph","text":"Below we see an example of a logged CSP violation (with names changed to protect the innocent!)","spans":[]}],"text":"Below we see an example of a logged CSP violation (with names changed to protect the innocent!)"}}},{"id":"3948ab38-9735-575c-b80d-e5af026f984f","slice_type":"raw_html","slice_label":null,"primary":{"html_content":{"html":"<p>&lt;pre&gt;<br />&lt;strong&gt;timestamp&lt;/strong&gt;=&quot;2023-08-06T21:21:38Z&quot;<br />&lt;strong&gt;level&lt;/strong&gt;=info<br />&lt;strong&gt;blocked_uri&lt;/strong&gt;=&quot;https://redacted.redacted.redacted/script/5525/webReader/webReader.js?pids=wr&quot;<br />&lt;strong&gt;disposition&lt;/strong&gt;=report document_uri=&quot;https://redacted.redacted.redacted/contact-us?context=64107&quot;<br />&lt;strong&gt;effective_directive&lt;/strong&gt;=script-src-elem metadata=&quot;&quot;<br />&lt;strong&gt;original_policy&lt;/strong&gt;=&quot;default-src &#39;self&#39;; connect-src &#39;self&#39; *.google-analytics.com *.googletagmanager.com *.nr-data.net *.readspeaker.com translate.googleapis.com; font-src &#39;self&#39; data: fonts.googleapis.com fonts.gstatic.com themes.googleusercontent.com; frame-src &#39;self&#39; *.azurewebsites.net *.googletagmanager.com redacted.redacted.redacted *.readspeaker.com redacted.redacted.redacted.vudoo.io youtube.com *.youtube.com; img-src &#39;self&#39; bam.nr-data.net chart.apis.google.com data: *.google.com *.google-analytics.com *.googletagmanager.com *.gstatic.com i.ytimg.com translate.googleapis.com; object-src &#39;none&#39;; script-src &#39;self&#39; &#39;unsafe-eval&#39; api.microsofttranslator.com bam.nr-data.net *.google-analytics.com *.googleoptimize.com *.googletagmanager.com js-agent.newrelic.com https://redacted.redacted.redacted.azurewebsites.net https://redacted.redacted.redacted.azurewebsites.net https://redacted.redacted.redacted.azurewebsites.net; script-src-elem &#39;self&#39; &#39;unsafe-inline&#39; *.google-analytics.com *.googleoptimize.com *.googletagmanager.com *.newrelic.com *.nr-data.net translate.googleapis.com https://redacted.redacted.redacted.azurewebsites.net https://redacted.redacted.redacted.azurewebsites.net https://redacted.redacted.redacted.azurewebsites.net; style-src &#39;self&#39; &#39;unsafe-inline&#39; fonts.googleapis.com *.readspeaker.com f1-oc.readspeaker.com; style-src-attr &#39;self&#39; &#39;unsafe-inline&#39; &#39;unsafe-hashes&#39;; style-src-elem &#39;self&#39; &#39;unsafe-inline&#39; f1-oc.readspeaker.com fonts.googleapis.com *.googletagmanager.com translate.googleapis.com; base-uri &#39;self&#39;; form-action &#39;self&#39; https://redacted.redacted.redacted.com; frame-ancestors &#39;self&#39;; report-uri https://redacted.redacted.redacted&quot;<br />&lt;strong&gt;referrer&lt;/strong&gt;=&quot;https://redacted.redacted.redacted/&quot;<br />&lt;strong&gt;script_sample&lt;/strong&gt;=&quot;&quot;<br />&lt;strong&gt;status_code&lt;/strong&gt;=200<br />&lt;strong&gt;violated_directive&lt;/strong&gt;=script-src-ele<br />&lt;/pre&gt;</p>","raw":[{"type":"paragraph","text":"<pre>\n<strong>timestamp</strong>=\"2023-08-06T21:21:38Z\"\n<strong>level</strong>=info\n<strong>blocked_uri</strong>=\"https://redacted.redacted.redacted/script/5525/webReader/webReader.js?pids=wr\"\n<strong>disposition</strong>=report document_uri=\"https://redacted.redacted.redacted/contact-us?context=64107\"\n<strong>effective_directive</strong>=script-src-elem metadata=\"\"\n<strong>original_policy</strong>=\"default-src 'self'; connect-src 'self' *.google-analytics.com *.googletagmanager.com *.nr-data.net *.readspeaker.com translate.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com themes.googleusercontent.com; frame-src 'self' *.azurewebsites.net *.googletagmanager.com redacted.redacted.redacted *.readspeaker.com redacted.redacted.redacted.vudoo.io youtube.com *.youtube.com; img-src 'self' bam.nr-data.net chart.apis.google.com data: *.google.com *.google-analytics.com *.googletagmanager.com *.gstatic.com i.ytimg.com translate.googleapis.com; object-src 'none'; script-src 'self' 'unsafe-eval' api.microsofttranslator.com bam.nr-data.net *.google-analytics.com *.googleoptimize.com *.googletagmanager.com js-agent.newrelic.com https://redacted.redacted.redacted.azurewebsites.net https://redacted.redacted.redacted.azurewebsites.net https://redacted.redacted.redacted.azurewebsites.net; script-src-elem 'self' 'unsafe-inline' *.google-analytics.com *.googleoptimize.com *.googletagmanager.com *.newrelic.com *.nr-data.net translate.googleapis.com https://redacted.redacted.redacted.azurewebsites.net https://redacted.redacted.redacted.azurewebsites.net https://redacted.redacted.redacted.azurewebsites.net; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.readspeaker.com f1-oc.readspeaker.com; style-src-attr 'self' 'unsafe-inline' 'unsafe-hashes'; style-src-elem 'self' 'unsafe-inline' f1-oc.readspeaker.com fonts.googleapis.com *.googletagmanager.com translate.googleapis.com; base-uri 'self'; form-action 'self' https://redacted.redacted.redacted.com; frame-ancestors 'self'; report-uri https://redacted.redacted.redacted\"\n<strong>referrer</strong>=\"https://redacted.redacted.redacted/\"\n<strong>script_sample</strong>=\"\"\n<strong>status_code</strong>=200\n<strong>violated_directive</strong>=script-src-ele\n</pre>","spans":[]}],"text":"<pre>\n<strong>timestamp</strong>=\"2023-08-06T21:21:38Z\"\n<strong>level</strong>=info\n<strong>blocked_uri</strong>=\"https://redacted.redacted.redacted/script/5525/webReader/webReader.js?pids=wr\"\n<strong>disposition</strong>=report document_uri=\"https://redacted.redacted.redacted/contact-us?context=64107\"\n<strong>effective_directive</strong>=script-src-elem metadata=\"\"\n<strong>original_policy</strong>=\"default-src 'self'; connect-src 'self' *.google-analytics.com *.googletagmanager.com *.nr-data.net *.readspeaker.com translate.googleapis.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com themes.googleusercontent.com; frame-src 'self' *.azurewebsites.net *.googletagmanager.com redacted.redacted.redacted *.readspeaker.com redacted.redacted.redacted.vudoo.io youtube.com *.youtube.com; img-src 'self' bam.nr-data.net chart.apis.google.com data: *.google.com *.google-analytics.com *.googletagmanager.com *.gstatic.com i.ytimg.com translate.googleapis.com; object-src 'none'; script-src 'self' 'unsafe-eval' api.microsofttranslator.com bam.nr-data.net *.google-analytics.com *.googleoptimize.com *.googletagmanager.com js-agent.newrelic.com https://redacted.redacted.redacted.azurewebsites.net https://redacted.redacted.redacted.azurewebsites.net https://redacted.redacted.redacted.azurewebsites.net; script-src-elem 'self' 'unsafe-inline' *.google-analytics.com *.googleoptimize.com *.googletagmanager.com *.newrelic.com *.nr-data.net translate.googleapis.com https://redacted.redacted.redacted.azurewebsites.net https://redacted.redacted.redacted.azurewebsites.net https://redacted.redacted.redacted.azurewebsites.net; style-src 'self' 'unsafe-inline' fonts.googleapis.com *.readspeaker.com f1-oc.readspeaker.com; style-src-attr 'self' 'unsafe-inline' 'unsafe-hashes'; style-src-elem 'self' 'unsafe-inline' f1-oc.readspeaker.com fonts.googleapis.com *.googletagmanager.com translate.googleapis.com; base-uri 'self'; form-action 'self' https://redacted.redacted.redacted.com; frame-ancestors 'self'; report-uri https://redacted.redacted.redacted\"\n<strong>referrer</strong>=\"https://redacted.redacted.redacted/\"\n<strong>script_sample</strong>=\"\"\n<strong>status_code</strong>=200\n<strong>violated_directive</strong>=script-src-ele\n</pre>"}}},{"id":"491cb262-2b8f-5073-8797-573aef03f1e3","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"<p>This journey showed us that with the right approach and tooling choices, a pinch of innovation, and a healthy dose of Lagoon flexibility, large-scale CSP can be achieved for large enterprises and government customers without relying on third-party tools and platforms.</p><p></p><p><strong>Open Source Wins Again!</strong></p><p></p><p>This story definitely underscores the capabilities of Kubernetes, Lagoon, and amazee.io, showing how they handle large-scale tasks without missing a beat. So, the next time you&#39;re facing a tech conundrum and starting to reach for third-party tools, remember there may be a simple, secure, and scalable open source solution deployable by Lagoon on amazee.io.</p><p></p><p>If you’re interested in learning how amazee.io’s ZeroOps application delivery platform could help solve your technology challenges and achieve your strategic goals, 🗓️ schedule your <strong>free technical demo</strong> below.</p>","raw":[{"type":"paragraph","text":"This journey showed us that with the right approach and tooling choices, a pinch of innovation, and a healthy dose of Lagoon flexibility, large-scale CSP can be achieved for large enterprises and government customers without relying on third-party tools and platforms.","spans":[]},{"type":"paragraph","text":"","spans":[]},{"type":"paragraph","text":"Open Source Wins Again!","spans":[{"start":0,"end":23,"type":"strong"}]},{"type":"paragraph","text":"","spans":[]},{"type":"paragraph","text":"This story definitely underscores the capabilities of Kubernetes, Lagoon, and amazee.io, showing how they handle large-scale tasks without missing a beat. So, the next time you're facing a tech conundrum and starting to reach for third-party tools, remember there may be a simple, secure, and scalable open source solution deployable by Lagoon on amazee.io.","spans":[]},{"type":"paragraph","text":"","spans":[]},{"type":"paragraph","text":"If you’re interested in learning how amazee.io’s ZeroOps application delivery platform could help solve your technology challenges and achieve your strategic goals, 🗓️ schedule your free technical demo below.","spans":[{"start":183,"end":202,"type":"strong"}]}],"text":"This journey showed us that with the right approach and tooling choices, a pinch of innovation, and a healthy dose of Lagoon flexibility, large-scale CSP can be achieved for large enterprises and government customers without relying on third-party tools and platforms.  Open Source Wins Again!  This story definitely underscores the capabilities of Kubernetes, Lagoon, and amazee.io, showing how they handle large-scale tasks without missing a beat. So, the next time you're facing a tech conundrum and starting to reach for third-party tools, remember there may be a simple, secure, and scalable open source solution deployable by Lagoon on amazee.io.  If you’re interested in learning how amazee.io’s ZeroOps application delivery platform could help solve your technology challenges and achieve your strategic goals, 🗓️ schedule your free technical demo below."}}},{"id":"fec9c2ec-aa1c-58fd-8564-9d29261cf802","slice_type":"raw_html","slice_label":null,"primary":{"html_content":{"html":"<p>&lt;iframe title=&quot;1:1 Technical Demo&quot; style=&quot;width:100%;height: 650px;&quot; src=&quot;https://go.amazee.io/meetings/martin-schloegl/live-demo?embed=true&quot;&gt;&lt;/iframe&gt;</p>","raw":[{"type":"paragraph","text":"<iframe title=\"1:1 Technical Demo\" style=\"width:100%;height: 650px;\" src=\"https://go.amazee.io/meetings/martin-schloegl/live-demo?embed=true\"></iframe>","spans":[]}],"text":"<iframe title=\"1:1 Technical Demo\" style=\"width:100%;height: 650px;\" src=\"https://go.amazee.io/meetings/martin-schloegl/live-demo?embed=true\"></iframe>"}}}],"summary":"If you've ever dealt with web security, you've probably heard of CSP (Content Security Policy). It's the unsung hero of the web, silently guarding sites against malicious attacks.","canonical_url":null,"unlisted":false,"calendar_title":null,"calendar_embed":{"url":""},"calender_heading":null,"calender_subheading":null,"calender_body":{"html":"","raw":[],"text":""},"calender_image":{"url":null,"alt":null},"images":[{"path":"https://images.prismic.io/amazeeio/ca98541d-16b3-43c4-9134-e9c79a2b9531_CSP-violation-Blog.jpg?auto=compress%2Cformat"}]},"suggestedPosts":[{"topLevelBlogData":{"tags":[{"slug":"news","name":"News","include_in_header":true},{"slug":"tips-tricks","name":"Knowledge Base","include_in_header":true},{"slug":"culture","name":"Culture","include_in_header":true},{"slug":"success-stories","name":"Success Stories","include_in_header":false},{"slug":"roadmap","name":"Lagoon Roadmap","include_in_header":false},{"slug":"events","name":"Events","include_in_header":true}],"availablePrismicBlogs":[{"slug":"women-in-tech-brittany-mitchell","title":"Women in Tech - Q&A with Brittany Mitchell, Platform Engineer"},{"slug":"multi-region-failover-explained-cross-cloud-resilience","title":"Multi-Region Failover: Cross-Cloud Resilience Explained"},{"slug":"women-in-tech-lauren-morris","title":"Women in Tech - Q&A with Lauren Morris, Head of Product"},{"slug":"women-in-tech-nicole-ritchie","title":"Women in Tech - Q&A with Nicole Ritchie, Customer Success Lead"},{"slug":"women-in-tech-bree-benesh","title":"Women in Tech - Q&A with Bree Benesh, Product Manager"},{"slug":"women-in-tech-deeksha-kini","title":"Women in Tech - Q&A with Deeksha Kini, Systems Support Engineer"},{"slug":"dependency-track-software-supply-chain-security","title":"Managed Dependency-Track: The 2026 Guide to Continuous Supply Chain Security"},{"slug":"drupal-dev-days-athens-2026-recap","title":"Drupal Dev Days Athens 2026: Vibe Coding, Ancient Hospitality, and the Future of Drupal"},{"slug":"byoc-bring-your-own-cloud-guide","title":"Bring Your Own Cloud (BYOC): The Hosting Architecture of Trust for 2026"},{"slug":"fault-tolerant-enterprise-hosting","title":"Fault-Tolerant Enterprise Hosting: From Self-Healing Infrastructure to Deployment Strategies That Never Fail"},{"slug":"ab-bark-road-playlist-2026","title":"Ab-bark Road – amazee.io Team Playlist 2026"},{"slug":"apm-and-observability","title":"APM and Observability: Essential Platforms for Modern Enterprises"},{"slug":"kitty-stardust-playlist-2025","title":"Kitty Stardust – amazee.io Team Playlist 2025"},{"slug":"fully-managed-secured-data-hosting-service","title":"Beyond Uptime: Why Fully Managed Secured Data Hosting is Your Best Defense Against Security Risks"},{"slug":"high-scalability-hosting-for-drupal-projects","title":"High Scalability Hosting for Your Enterprise Drupal Projects"},{"slug":"drupalcon-europe-2025-vienna-recap","title":"DrupalCon Europe 2025 - Vienna: Recap"},{"slug":"amazeeio-acquires-amazeelabs","title":"The amazee Reunion: amazee.io Acquires Amazee Labs, Reuniting Two Tech Powerhouses"},{"slug":"drupal-hosting-iso-27001-certification","title":"Your Enterprise Security Advantage: ISO/IEC 27001 Certified Drupal Hosting Excellence"},{"slug":"drupals-strategic-ai-initiative-our-commitment","title":"Our Commitment to Drupal’s Strategic AI Initiative"},{"slug":"introducing-brittany-bailey","title":"Welcome, Brittany Bailey, our new Delivery Manager"},{"slug":"introducing-lanette-miller","title":"Meet Lanette Miller, our new Technical Account Manager"},{"slug":"introducing-ryan-price","title":"Introducing Ryan Price, our new Technical Account Manager"},{"slug":"introducing-katywalsh","title":"Introducing Katy Walsh, our new Marketing Lead"},{"slug":"enterprise-drupal-migrations-done-right","title":"From Monoliths to Multi-Sites: Two Stories of Enterprise Drupal Website Migrations Done Right"},{"slug":"ddos-attack-mitigation-for-enterprises","title":"DDoS Attack Mitigation for Enterprises: Protect Your Digital Properties"},{"slug":"future-of-work-conference-2024-highlights","title":"Future of Work Conference 2024: Highlights and Key Takeaways"},{"slug":"headless-drupal-basics-for-enterprises","title":"Headless Drupal Basics For Modern Enterprises"},{"slug":"update-from-franz","title":"A personal update from Franz on stepping back from his role as CEO of amazee.io"},{"slug":"push-your-code-well-handle-the-rest","title":"Push Your Code. We’ll Handle The Rest."},{"slug":"data-pipelines-for-rag","title":"Data Pipelines for RAG"},{"slug":"building-a-private-llm-chatbot-learnings-insights","title":"Building a Private LLM Chatbot: Learning and Insights"},{"slug":"drupal-7-end-of-life","title":"Drupal 7 End of Life: How We Help"},{"slug":"introducing-dimitra-chatzichrysou","title":"Meet amazee.io’s new Platform Engineer, Dimitra Chatzichrysou"},{"slug":"welcome-karl-hepworth","title":"Welcome, Karl Hepworth, amazee.io’s new Platform Engineer"},{"slug":"lagoon-v220-release","title":"Lagoon V2.20 Release: New Features and Enhancements"},{"slug":"introducing-lauren-morris","title":"Welcome, Lauren Morris, Our New Product Manager at amazee.io!"},{"slug":"meet-glyn-davies","title":"Meet Glyn Davies, our new Platform Engineer!"},{"slug":"introducing-laura-caraker","title":"Introducing Laura Caraker, our new Sales Representative"},{"slug":"introducing-sailonlagoon","title":"Provision and Deploy Laravel on amazee.io - Introducing Sail:onLagoon"},{"slug":"building-a-private-llm-chatbot","title":"Building a Private LLM Chatbot from Technical Documentation: Challenges and Solutions"},{"slug":"what-is-green-web-hosting","title":"What is Green Web Hosting?"},{"slug":"cdn-waf-enhancing-protecting-your-website","title":"CDN + WAF: Enhancing and Protecting Your Website"},{"slug":"live-webinar-secure-at-speed-with-fastly-edge-delivery","title":"Webinar: Secure at Speed with Fastly - Edge Delivery Without Compromise"},{"slug":"automating-migrations-between-lagoon-clusters-and-embracing-managed-kubernetes","title":"Automating Migrations Between Lagoon Clusters, and Embracing Managed Kubernetes"},{"slug":"asynchronous-communication-in-a-globally-remote-team","title":"Asynchronous Communication in a Globally Remote Team"},{"slug":"a-new-home-and-platform-for-our-lagoon-documentation","title":"A New Home (and Platform) for Our Lagoon Documentation"},{"slug":"amazee-io-joins-aws-isv-accelerate-program","title":"amazee.io joins AWS ISV Accelerate Program to accelerate developer experience"},{"slug":"austin-sprint-week-recap","title":"Support for Native Kubernetes – Austin Sprint Week Recap"},{"slug":"amazeeio-now-available-in-aws-marketplace","title":"amazee.io – Now Available in AWS Marketplace"},{"slug":"amazee.io--a-worldwide-family","title":"amazee.io – a worldwide family"},{"slug":"amazee-io-joins-mirantis","title":"Taking steps to further improve the developer experience: amazee.io joins Mirantis"},{"slug":"amazee-io-recognized-with-aws-devops-software-competency","title":"amazee.io recognized with AWS DevOps Software Competency"},{"slug":"are-you-ready-for-drupalsouth-shorts","title":"Are you ready for DrupalSouth Shorts?"},{"slug":"amazee-io-virtual-birthday-panel","title":"Join us for amazee.io’s Virtual Birthday Panel!"},{"slug":"a-marketers-perspective-on-web-hosting","title":"A Marketer’s Perspective on Switching Hosting Providers"},{"slug":"5-key-reasons-more-businesses-are-relying-on-webops","title":"5 Key Reasons More Businesses are Relying on WebOps in 2022"},{"slug":"announcing-lando-integration-for-lagoon","title":"Announcing Lando Integration for Lagoon"},{"slug":"amazee-io-earns-high-performer-ranking","title":"amazee.io earns High Performer ranking in Web Hosting and Continuous Delivery on G2"},{"slug":"live-uncover-hidden-vulnerabilities-with-dependency-track","title":"Webinar: Uncover Hidden Vulnerabilities - Continuous Software Security with Dependency-Track"},{"slug":"sounds-like-team-spirit-playlist-2024","title":"Sounds Like Team Spirit – amazee.io Team Playlist 2024"},{"slug":"drupal-dxp-built-for-decoupled-enterprise-hosting","title":"Drupal: The DXP Built for Decoupled Enterprise Website Hosting"},{"slug":"why-enterprises-turn-to-private-ai-solutions","title":"Webinar: Why Smart Enterprises Are Turning to Private AI Solutions"},{"slug":"webinar-launch-drupal-ai-provider","title":"Webinar: Private Drupal AI Provider – From Demo to Launch"},{"slug":"drupalcon-na-2021-recap-the-amazee-io-sessions","title":"DrupalCon North America 2021 Recap: The amazee.io Sessions"},{"slug":"meet-brand-ambassador-jason-lewis","title":"Welcome Jason Lewis, our Brand Ambassador"},{"slug":"meet-matt-swann","title":"Meet Matt Swan, our new UX Product Designer"},{"slug":"welcome-jay-porter","title":"Meet Jay Porter, our Technical Account Manager"},{"slug":"webinar-recap-lagoon-insights","title":"Webinar Recap: Lagoon Insights"},{"slug":"say-hello-to-peter-wettstein","title":"Say hello to Peter, our new Technical Account Manager"},{"slug":"what-was-the-cwp-for-the-new-zealand-government-and-whats-next","title":"What was the CWP for the New Zealand Government — and what's next?"},{"slug":"lagoon-2-is-available-now","title":"Lagoon 2 is Available Now! Here’s What’s New"},{"slug":"welcome-bobby-our-new-technical-account-manager","title":"Meet Bobby Kindle, our Technical Account Manager"},{"slug":"webinar-recap-how-to-simplify-your-development-workflow","title":"Webinar Recap: How to simplify your development workflow with Lando and Lagoon"},{"slug":"were-going-to-drupalcon-global","title":"We’re going to DrupalCon Global — see you online!"},{"slug":"webinar-recap-blue-green-deployments-with-activestandby","title":"Webinar Recap: Blue-Green Deployments with Active/Standby on Lagoon"},{"slug":"get-to-know-a-tam-sean-hamlin","title":"Get to Know a Technical Account Management Lead: Sean Hamlin"},{"slug":"lagoon-insights-webinar","title":"Lagoon Insights webinar"},{"slug":"introducing-nicole-laine","title":"Introducing Nicole Laine, our Digital Marketing and Advertising Specialist!"},{"slug":"joint-webinar-recap-the-future-of-web-development","title":"Joint Webinar Recap: The Future of Web Development and Hosting"},{"slug":"joint-webinar-recap-advanced-lando-ing-with-lagoon","title":"Joint Webinar Recap: Advanced Lando-ing with Lagoon"},{"slug":"joint-webinar-devportal-as-a-service-enabled-by-amazeeio","title":"Joint Webinar - DevPortal as a Service, deployed wherever the customer needs it, enabled by amazee.io"},{"slug":"is-cloud-native-too-hard-to-hire-for","title":"Is cloud native too hard to hire for? amazee.io can help simplify the process. Here’s how."},{"slug":"drupalcon-europe-2020-speaker-video-replay","title":"DrupalCon Europe 2020 Speaker Video Replay"},{"slug":"welcome-to-the-team-jonathan-peter","title":"Welcome to the team, Jonathan Peter – our new IT LEAD!"},{"slug":"webinar-drupal-ai-private-by-design","title":"Webinar: AI for Drupal - Private-by-Design"},{"slug":"drupal-content-distribution-solutions","title":"Drupal Content Distribution Solutions"},{"slug":"composable-web-drupal-web-hosting-and-the-future-of-web-architectures","title":"Composable web: Drupal web hosting and the future of web architectures"},{"slug":"will-greener-hosting-help","title":"Will greener hosting help reduce my website’s carbon emissions?"},{"slug":"dedicated-cloud-an-introductory-guide","title":"Dedicated Cloud: An Introductory Guide to Hosting Drupal and Other Enterprise CMS Software"},{"slug":"join-us-in-welcoming-toby-bellwood--our-new-product","title":"Join us in welcoming Toby Bellwood – our new Product Lead!"},{"slug":"preparing-lagoon-for-drupal-9-launch-day","title":"Preparing Lagoon for Drupal 9 Launch Day"},{"slug":"lagoon-implements-active-standby-a-blue-green-deploy-solution","title":"Lagoon implements “Active/Standby” - A Blue-Green Deploy Solution"},{"slug":"badcamping-virtually-together","title":"BADCamping Virtually Together"},{"slug":"amazee-io-launches-agency-partner-program","title":"amazee.io launches first Agency Partner Program, creating reseller and referral opportunities for agencies around the world"},{"slug":"amazee.io-catalyst-cloud-sparks-panel-discussion","title":"Webinar Recap: How Governments Can Leverage Open Source and the Cloud"},{"slug":"join-amazee-io-at-new-zealand-techweek2021","title":"Join us at New Zealand Techweek2021"},{"slug":"webinar-data-sovereignty-enterprise-drupal-publishing-workflows","title":"Webinar: Drupal Publishing Workflows and Data Sovereignty"},{"slug":"webinar-recap-lagoon-2.0-deploy-into-kubernetes-and","title":"Webinar RECAP: Lagoon 2.0: Deploy into Kubernetes and more!"},{"slug":"meet-us-at-cloudfest-2022","title":"Meet Us At CloudFest 2022"},{"slug":"top-benefits-of-cicd-in-web-hosting","title":"Top benefits of CI/CD in web hosting - and what it means for developers"},{"slug":"the-best-hosting-solution","title":"The Best Enterprise Hosting Solution: Top 3 Things To Look For"},{"slug":"webinar-open-source-power-of-typo3","title":"Better Together: The Open Source Power of TYPO3 CMS and amazee.io"},{"slug":"if-spotify-can-go-down-is-anyone-safe","title":"If Spotify can go down, is anyone safe?"},{"slug":"composable-architecture-and-drupal","title":"Composable Architecture: Why Drupal should be part of your Solution"},{"slug":"introducing-blaize-kaye","title":"Introducing our new Developer Experience and CI/CD Engineer – Blaize Kaye"},{"slug":"smartsheet-dedicated-kubernetes-based-web-hosting","title":"Supporting enterprise SaaS demand with dedicated Kubernetes-based web hosting"},{"slug":"meet-our-new-bizops-lead-ingrid-talbot","title":"Meet Ingrid Talbot, our BizOps Lead"},{"slug":"acquia-site-factory-vs-amazee-io-paas","title":"Acquia Site Factory vs amazee.io PaaS: Why amazee.io has the multisite hosting advantage you need"},{"slug":"welcome-to-the-team-martin","title":"Meet Martin Schlögl, our Head of Sales"},{"slug":"taoti-creative-and-amazee.io-breaking-free-from-limits-to-deliver-more","title":"Taoti Creative - Delivering more for Customers | amazee.io"},{"slug":"lagoon-cli-an-essential-tool-for-managing-lagoon-sites","title":"Lagoon-CLI — an essential tool for managing Lagoon sites."},{"slug":"driven-by-a-global-pandemic-the-world-is-changing","title":"Supporting COVID-19 Response Efforts"},{"slug":"why-were-moving-to-managed-kubernetes","title":"Why we’re moving to Managed Kubernetes"},{"slug":"global-distributed-and-open-source","title":"Proud to be Global, Distributed, and Open Source"},{"slug":"say-hi-to-tobi-nehrlich","title":"Say hi to Tobi Nehrlich, amazee.io’s Platform Lead"},{"slug":"how-to-prepare-your-website-for-high-traffic-events","title":"Case Study: Züri Fäscht — How to Prepare Your Website for High-Traffic Events"},{"slug":"introducing-stephanie-ogozaly-solutions-marketing-manager","title":"Meet Stephanie Ogozaly, our Solutions Marketing Manager"},{"slug":"new-content-marketing-manager-sophia-harris","title":"Say hi to our new Content Marketing Manager – Sophia Harris"},{"slug":"joint-webinar---the-future-of-web-development-and-hosting","title":"Joint Webinar - The future of web development and hosting: how to build performance apps for the modern web"},{"slug":"how-a-global-pharma-company-cut-application-delivery-costs","title":"EKS Migration - Cut App Delivery Costs by 60% | amazee.io"},{"slug":"unlocking-the-power-of-platform-engineering","title":"What Is Platform Engineering | amazee.io"},{"slug":"talking-kubernetes-on-talking-drupal-podcast","title":"Talking Kubernetes on Talking Drupal Podcast"},{"slug":"gitops-vs-devops","title":"GitOps vs. DevOps - What they are and why they are better together"},{"slug":"survive-a-high-traffic-event","title":"7 Tips: How to Survive a High-Traffic Event"},{"slug":"we-are-going-to-drupalcon-north-america","title":"We’re going to DrupalCon North America, April 12–16"},{"slug":"supporting-students-during-uncertain-times","title":"Supporting Students During Uncertain Times"},{"slug":"what-is-zeroops","title":"What is ZeroOps? Solving Your DevOps Challenges"},{"slug":"were-sponsoring-drupalgov-2020-australia","title":"We're Sponsoring, Attending and Speaking at DrupalGov 2020 in Australia"},{"slug":"crank-it-up-the-amazee-io-2021-playlist","title":"Crank It Up: The amazee.io 2021 Playlist Has Arrived"},{"slug":"what-is-webops","title":"What is WebOps? How does it Solve your Hosting Problems?"},{"slug":"matterport-autoscaling-to-meet-peak-demand-with-amazee.io-support","title":"Matterport: Autoscaling to meet peak demand with amazee.io support"},{"slug":"how-one-saas-company-saved-70k-in-startup-costs","title":"How one SaaS company saved $70k in startup costs and went to market a year faster"},{"slug":"govcms-case-study-managing-increased-website-demand","title":"GovCMS Case Study: managing increased website demand during COVID-19"},{"slug":"upcoming-webinar-how-governments-can-leverage-open-source","title":"Upcoming Webinar: How Governments can Leverage Open Source and the Cloud"},{"slug":"html-to-pdf-with-gotenberg-hosted-on-lagoon","title":"HTML to PDF with Gotenberg Hosted on Lagoon"},{"slug":"uptime-monitoring-explained","title":"Uptime Monitoring Explained"},{"slug":"lagoon-2020-roadmap","title":"Lagoon 2020 Roadmap"},{"slug":"what-to-expect-in-lagoon-1-3-0","title":"What to expect in Lagoon 1.3.0"},{"slug":"platform-as-a-service-hitting-the-wall","title":"Platform-as-a-Service: Are you hitting the wall with your Enterprise Drupal Hosting?"},{"slug":"see-you-at-drupalsouth-shorts-2021","title":"We’ll see you at DrupalSouth Shorts 2021"},{"slug":"the-top-7-webops-questions-answered","title":"The Top 7 WebOps Questions Answered"},{"slug":"what-were-releasing-in-lagoon-1.6.0-not-just-drupal-9-compatibility","title":"What we're releasing in Lagoon 1.6.0 - (not just Drupal 9 compatibility)"},{"slug":"welcome-johnny-squardo","title":"Welcome our new Support Engineer, Johnny Squardo"},{"slug":"lagoon-examples-silverstripe-cms","title":"Lagoon examples - Silverstripe CMS"},{"slug":"a-large-credential-stuffing-attack","title":"A Large Credential Stuffing Attack - How We Respond and Mitigate"},{"slug":"simply-push-your-code","title":"“Simply push your code.” What does that mean, exactly?"},{"slug":"open-source-companies-navigating-challenges","title":"Open Source Companies: Navigating Challenges and Building a Business on Open Source"},{"slug":"a-day-in-the-life-inside-lagoon-a-step-by-step-tutorial","title":"A day in the life inside Lagoon: A step-by-step tutorial demo"},{"slug":"amazeeio-is-now-a-kubernetes-certified-service-provider","title":"amazee.io is now a Kubernetes Certified Service Provider (KCSP)"},{"slug":"what-we-released-in-lagoon-1.9----the-ones-before","title":"What we released in Lagoon 1.9  –  the one(s) before two"},{"slug":"white-paper-what-is-ci-cd","title":"What is CI/CD? A Primer on Continuous Integration and Continuous Delivery"},{"slug":"lando-and-lagoon-webinar","title":"Webinar: Simplifying your development workflow with Lando and Lagoon"},{"slug":"drupalgov-2020-sessions-recap","title":"DrupalGov 2020 Sessions Recap"},{"slug":"drupal-govcon-2020--here-we-come","title":"Drupal GovCon 2020 – Here We Come!"},{"slug":"a-warm-amazee.io-welcome-to-salvatore-pappalardo","title":"A warm amazee.io welcome to Salvatore Pappalardo – our new Systems Engineer"},{"slug":"amazee-io-as-your-composable-web-platform","title":"amazee.io as your composable web platform"},{"slug":"life-as-a-systems-engineer-at-amazee.io","title":"Life as a Systems Engineer at amazee.io"},{"slug":"lagoon-2.0-vision--what-were-working-on","title":"Lagoon 2.0 Vision – What We’re Working On"},{"slug":"joint-webinar-recap-developer-portals-as-a-service","title":"Joint Webinar Recap: Developer Portals as a Service, enabled by amazee.io"},{"slug":"see-you-at-drupalcon-europe-2020","title":"See You at DrupalCon Europe 2020"},{"slug":"our-new-partner-manager-bryan-gruneberg","title":"Meet our new Partner Manager — Bryan Gruneberg!"},{"slug":"meet-our-new-product-designer--ac-cowart","title":"Meet our new Product Designer – AC Cowart!"},{"slug":"powered-by-lagoon-managing-countless-csp-violations","title":"Powered by Lagoon: Managing countless CSP violations using amazee.io's platform flexibility"},{"slug":"recap-the-first-ever-lagooncon","title":"Recap – The first-ever LagoonCon"},{"slug":"podcast-joining-an-open-source-start-up-to-scale-growth","title":"Podcast: Joining an Open Source Start-Up to Scale Growth"},{"slug":"what-arrived-in-lagoon-1.8.x--a-release-in-three-movements","title":"What arrived in Lagoon 1.8.x – a release in three movements"},{"slug":"origins-of-lagoon-drupaleasy-interview-with-michael-schmid","title":"Origins of Lagoon - Interview with Michael Schmid on Drupal Easy"},{"slug":"developerweek-global-cloud-2021","title":"We’ll be at DeveloperWeek Global: Cloud, September 14-15"},{"slug":"our-drupalcon-global-recap","title":"Our DrupalCon Global Recap"},{"slug":"learn-containers-5-minutes-at-a-time-a-preview","title":"Learn containers 5 minutes at a time: A preview"},{"slug":"office-hours","title":"Office Hours"},{"slug":"lagoon-hacktoberfest-2020-call-for-more-examples","title":"Lagoon Hacktoberfest 2020  – call for more examples!"},{"slug":"what-were-releasing-in-lagoon-1.7.0","title":"What we're releasing in Lagoon 1.7.0"},{"slug":"ceo-franz-karlsberger-takes-the-reins","title":"CEO Franz Karlsberger takes the reins"},{"slug":"webinar-how-to-run-blue-green-deployments-with-active-standby-on-lagoon","title":"Webinar: How to Run Blue-Green Deployments with Active/Standby on Lagoon"},{"slug":"why-we-use-and-recommend-lens-for-kubernetes","title":"Here’s why we use and recommend Lens for Kubernetes"},{"slug":"women-in-tech-spotlight-interview-witb-dania-gerhardt-co-founder-of-amazee-group","title":"Women in Tech Spotlight: Interview with Dania Gerhardt, Co-Founder of Amazee Group"},{"slug":"gitlab-contribution","title":"GitLab Contribution"},{"slug":"webinar-on-lagoon-2-0-deploy-into-kubernetes-and-more","title":"Webinar on Lagoon 2.0 — Deploy into Kubernetes and more!"},{"slug":"exploring-self-managed-kubernetes-heres-what-to-consider","title":"Exploring Self-Managed Kubernetes? Here’s what to consider:"},{"slug":"what-we-released-in-lagoon-1.5.0","title":"What we released in Lagoon 1.5.0"},{"slug":"what-we-released-in-lagoon-1.4.0-and-1.4.1","title":"What we released in Lagoon 1.4.0 (and 1.4.1)"},{"slug":"how-can-we-preserve-developers-freedom","title":"How can we preserve developers’ freedom? And other questions with amazee.io"},{"slug":"what-are-the-benefits-of-using-open-source-software","title":"What are the benefits of using open source software? And other questions with amazee.io"},{"slug":"drupalcon-highlights-video-another-great-year-of-open-source-events","title":"DrupalCon Highlights Video: Another Great Year of Open Source Events"},{"slug":"part-2-how-secure-are-you-in-2022","title":"Part 2: How secure are you in 2022?"},{"slug":"welcome-to-the-team-nicole-ritchie","title":"Welcome to the team, Nicole Richie!"},{"slug":"after-ten-years-as-a-back-end-developer-alanna-decided","title":"A warm amazee.io welcome to Alanna Burke, our new expert on Documentation, Training, and Developer Relations!"},{"slug":"joint-webinar-advanced-lando-ing-with-lagoon","title":"Joint Webinar: Advanced Lando-ing with Lagoon"},{"slug":"what-you-need-to-know-about-open-source-software-and-webops","title":"What you need to know about open source software and DevOps"},{"slug":"meet-us-at-drupalcon-europe-2021","title":"Meet us at DrupalCon Europe 2021"},{"slug":"your-workflow-your-way","title":"Your workflow, your way: Leveraging the Lagoon API for custom CI/CD pipelines & development workflows"},{"slug":"say-hi-to-martina-augurio","title":"Meet Martina Augurio, our Client Engagement Manager"},{"slug":"visit-our-booth-at-drupal-govcon-2021","title":"Visit our booth at Drupal GovCon 2021"},{"slug":"welcome-chris-goodwin","title":"Meet Chris Goodwin, our Software Engineer"},{"slug":"what-is-dedicated-cloud-and-why-you-should-move-to-it","title":"What is Dedicated Cloud? And Why You Should Move to It"},{"slug":"our-highlights-from-new-zealand-techweek2021","title":"Our highlights from New Zealand Techweek2021"},{"slug":"what-is-a-content-delivery-network-cdn","title":"What is a Content Delivery Network (CDN) – and why do you need one?"},{"slug":"watch-now-amazee-io-at-drupalsouth-shorts-2021","title":"Watch Now: amazee.io at DrupalSouth ‘Shorts’ 2021"},{"slug":"introducing-rolando-scott","title":"Meet Rolando Scott, our Technical Account Manager"},{"slug":"welcome-to-amazee-io-mihaela","title":"Meet Mihaela Gheorghe, our Support Engineer"},{"slug":"celebrating-5-years-of-making-developers-lives-easier","title":"Celebrating 5 years of Making Developers’ Lives Easier"},{"slug":"welcome-ashleigh-king","title":"Meet Ashleigh King, our Client Engagement Manager"},{"slug":"join-our-drupal4gov-september-webinar","title":"Join our Drupal4Gov webinar on how to survive high-traffic events"},{"slug":"welcome-cezary-rataj","title":"Welcome Cezary Rataj, our new Delivery Lead at amazee.io!"},{"slug":"master-the-fundamentals-of-k8s","title":"Master the Fundamentals of K8s:\nKubernetes 101 video series with Jeff Geerling"},{"slug":"website-uptime-guarantees-explained","title":"Website Uptime Guarantees Explained"},{"slug":"how-to-scale-kubernetes-with-a-small-team","title":"How to scale Kubernetes with a small team"},{"slug":"welcome-to-discord-lagoon","title":"Welcome to Discord, Lagoon"},{"slug":"should-developers-have-to-do-kubernetes","title":"Should developers have to do Kubernetes?"},{"slug":"say-hi-to-bree-benesh","title":"Say hi to Bree Benesh – amazee.io’s new Sales Solutions Architect"},{"slug":"recap-2023-composablenow","title":"Recap 2023 – ComposableNow: The Future of the Open Web"},{"slug":"welcome-henk-beld","title":"Welcome our new Sales Solutions Architect, Henk Beld, to the amazee.io team"},{"slug":"why-developers-need-devops-as-a-service","title":"Why developers need DevOps-as-a-Service: A solution to Kubernetes management and developer burnout"},{"slug":"welcome-pedro-alagoa","title":"Welcome Pedro Alagoa, our newest Software Engineer"},{"slug":"welcome-deeksha-kini","title":"Meet amazee.io's new Systems Support Engineer – Deeksha Kini"},{"slug":"k8s-101-is-kubernetes-essential-for-developers","title":"K8s 101: Is Kubernetes essential for developers? Here’s how to start using it today"},{"slug":"how-to-get-support-from-amazee-io","title":"How to get support from amazee.io"},{"slug":"what-is-containerized-hosting","title":"What is containerized hosting?"},{"slug":"benefits-of-kubernetes-with-lagoon","title":"Reaping the Benefits of Kubernetes \n(with Lagoon)"},{"slug":"website-security-risks-in-2022","title":"Which website security risks do you really need to worry about in 2022?"},{"slug":"how-to-simplify-your-data-sovereignty-strategy","title":"How to simplify your data sovereignty strategy"},{"slug":"new-platform-engineer-brittany-mitchell","title":"Meet our new Platform Engineer – Brittany Mitchell"},{"slug":"annai-partnership-announcement","title":"amazee.io and ANNAI Inc. Partner to Bring Open Source PaaS to Japan"},{"slug":"drupaljam-2025-the-power-of-community","title":"Drupaljam 2025: Big Ideas, Bold Tech, and the Power of Community"},{"slug":"introducing-private-ai-at-drupalcon-atlanta","title":"Introducing Private AI at DrupalCon Atlanta"},{"slug":"ai-llm-data-privacy-protection","title":"AI and LLM Data Privacy and Data Sovereignty: Navigating the Challenges"},{"slug":"experience-the-power-of-drupal-ai-for-free","title":"Experience the power of Drupal AI for free"},{"slug":"drupalcon-barcelona-2024-team-recap","title":"DrupalCon Barcelona 2024 - Team Recap"},{"slug":"recap-drupal-govcon-2024","title":"Drupal GovCon 2024 Recap"},{"slug":"lagooncon-portland-2024-recap","title":"LagoonCon Portland 2024 Recap"},{"slug":"drupalcon-portland-2024-recap","title":"DrupalCon Portland 2024 in 1,800 Words"},{"slug":"soc2-type2-attestation-report-announcement","title":"amazee.io Achieves SOC 2 Type 2 Attestation - Our Ongoing Commitment to Enterprise-Level Security"},{"slug":"aws-tokyo-cloud-region","title":"amazee.io Launches New Tokyo Cloud Region on AWS"},{"slug":"amazee-io-bolsters-enterprise-level-security-with-iso-27001-security-standard-certification","title":"amazee.io Bolsters Enterprise-Level Security with ISO 27001 Security Standard Certification"},{"slug":"thriving-in-tech-removing-barriers-for-black-professionals","title":"Thriving in Tech: Removing Barriers for Black Professionals"},{"slug":"comparably-awards-honor-amazee-io","title":"Comparably awards honor our Perks and Benefits and Company Compensation at amazee.io"},{"slug":"drupalcon-amsterdam-2019-recap","title":"DrupalCon Amsterdam 2019 Recap"},{"slug":"aws-government-competency","title":"amazee.io Achieves AWS Government Competency"},{"slug":"soc2-type1-attestation-report-announcement","title":"amazee.io Proves Enhanced Enterprise-Level Security with SOC2 Type1 Attestation Report"},{"slug":"salsa-digital-and-amazee-io-secure-new-contract-with-the-australian-department-of-finance-for-govcms","title":"Salsa Digital and amazee.io secure new contract with the Australian Department of Finance for GovCMS"}]},"legacy":false,"slug":"live-webinar-secure-at-speed-with-fastly-edge-delivery","data":{"title":"Webinar: Secure at Speed with Fastly - Edge Delivery Without Compromise","meta_title":"Edge Security Webinar: Secure at Speed with Fastly","posted_on":"Jun 25, 2026","author_name":"Nicole Laine","author_image":"https://images.prismic.io/amazeeio/1c6600c7-ec77-4ee7-850c-6c563542f48b_Nicole-Laine.jpg?auto=format%2Ccompress","read_time":2,"tag":"News","faq":{"heading":null,"faq_items":[]},"body":[{"id":"7061f4af-6d4f-5ea3-aca1-1ba578e62ee7","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"\n    <p class=\" block-img\">\n      <img src=\"https://images.prismic.io/amazeeio/ajzX5FbRV8_Qf2xn_amazee-io-fastly-webinar-edge-delivery-without-compromise-july-2026.jpg.jpg?auto=format,compress\" alt=\"A blog webinar graphic co-branded by amazee.io and Fastly, titled &quot;Secure at Speed with Fastly: Edge Delivery Without Compromise.&quot; The banner includes a teal &quot;Register today!&quot; button, circular profile headshots of the two speakers, and event scheduling details for July 22 / July 23, 2026, at 3 PM PDT / 8 AM AEST. The background features abstract neon red and blue high-speed data stream graphics.\" copyright=\"\" />\n    </p>\n  ","raw":[{"type":"image","url":"https://images.prismic.io/amazeeio/ajzX5FbRV8_Qf2xn_amazee-io-fastly-webinar-edge-delivery-without-compromise-july-2026.jpg.jpg?auto=format,compress","alt":"A blog webinar graphic co-branded by amazee.io and Fastly, titled \"Secure at Speed with Fastly: Edge Delivery Without Compromise.\" The banner includes a teal \"Register today!\" button, circular profile headshots of the two speakers, and event scheduling details for July 22 / July 23, 2026, at 3 PM PDT / 8 AM AEST. The background features abstract neon red and blue high-speed data stream graphics.","copyright":null,"dimensions":{"width":1120,"height":675},"id":"ajzX5FbRV8_Qf2xn","edit":{"x":0,"y":0,"zoom":1,"background":"transparent"}}],"text":""}}},{"id":"44c24a3c-0bcf-547a-aea4-2e0e32e3168a","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"<p><strong>Learn how regulated and high-traffic organizations reduce security risks without sacrificing deployment speed using a modern managed edge layer.</strong></p><p></p>","raw":[{"type":"paragraph","text":"Learn how regulated and high-traffic organizations reduce security risks without sacrificing deployment speed using a modern managed edge layer.","spans":[{"start":0,"end":144,"type":"strong"}],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"Learn how regulated and high-traffic organizations reduce security risks without sacrificing deployment speed using a modern managed edge layer. "}}},{"id":"f601c9a4-5d09-5b5f-91b5-99a7572dc861","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"<p>🗓️ <strong>Date</strong>: July 22nd | July 23rd, 2026</p><p>⏰ <strong>Time</strong>: 3 PM PDT | 8 AM AEST</p>","raw":[{"type":"paragraph","text":"🗓️ Date: July 22nd | July 23rd, 2026","spans":[{"start":4,"end":8,"type":"strong"}],"direction":"ltr"},{"type":"paragraph","text":"⏰ Time: 3 PM PDT | 8 AM AEST","spans":[{"start":2,"end":6,"type":"strong"}],"direction":"ltr"}],"text":"🗓️ Date: July 22nd | July 23rd, 2026 ⏰ Time: 3 PM PDT | 8 AM AEST"}}},{"id":"3f9bfbfc-0f5e-5995-818f-619896a32aef","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"<h3>What We&#39;ll Cover:</h3><p></p>","raw":[{"type":"heading3","text":"What We'll Cover:","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"What We'll Cover: "}}},{"id":"c8c1eb54-2f85-57da-b7b2-9dc393f08f84","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"<ul><li><strong>Speed vs. Security:</strong> Why fast performance and strong protection shouldn&#39;t be a trade-off, especially for highly regulated websites.</li></ul><p></p><ul><li><strong>The amazee.io + Fastly Integration:</strong> How we built Fastly’s advanced WAF and DDoS protection directly into our service so customers get the benefits without the maintenance headaches.</li></ul><p></p><ul><li><strong>Handling Bot Traffic:</strong> Why modern bot traffic is rarely black and white, and how to set up flexible rules to see and control what&#39;s hitting your site.</li></ul><p></p><ul><li><strong>Using AI to Scale Log Visibility:</strong> Using OpenClaw and real-time logging to dig into traffic data, spot patterns with AI, and block bad bots instantly.</li></ul><p></p>","raw":[{"type":"list-item","text":"Speed vs. Security: Why fast performance and strong protection shouldn't be a trade-off, especially for highly regulated websites.","spans":[{"start":0,"end":19,"type":"strong"}],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"list-item","text":"The amazee.io + Fastly Integration: How we built Fastly’s advanced WAF and DDoS protection directly into our service so customers get the benefits without the maintenance headaches.","spans":[{"start":0,"end":35,"type":"strong"}],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"list-item","text":"Handling Bot Traffic: Why modern bot traffic is rarely black and white, and how to set up flexible rules to see and control what's hitting your site.","spans":[{"start":0,"end":21,"type":"strong"}],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"list-item","text":"Using AI to Scale Log Visibility: Using OpenClaw and real-time logging to dig into traffic data, spot patterns with AI, and block bad bots instantly.","spans":[{"start":0,"end":33,"type":"strong"}],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"Speed vs. Security: Why fast performance and strong protection shouldn't be a trade-off, especially for highly regulated websites.  The amazee.io + Fastly Integration: How we built Fastly’s advanced WAF and DDoS protection directly into our service so customers get the benefits without the maintenance headaches.  Handling Bot Traffic: Why modern bot traffic is rarely black and white, and how to set up flexible rules to see and control what's hitting your site.  Using AI to Scale Log Visibility: Using OpenClaw and real-time logging to dig into traffic data, spot patterns with AI, and block bad bots instantly. "}}},{"id":"d7bb9783-a5f2-57a8-a0dc-b746caf80e6f","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"<h2>Register Now to Save Your Spot!</h2><p></p><p>Join our live session and learn how to improve speed, resilience, and security at the edge without adding operational overhead.</p>","raw":[{"type":"heading2","text":"Register Now to Save Your Spot!","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"Join our live session and learn how to improve speed, resilience, and security at the edge without adding operational overhead.","spans":[],"direction":"ltr"}],"text":"Register Now to Save Your Spot!  Join our live session and learn how to improve speed, resilience, and security at the edge without adding operational overhead."}}},{"id":"544cacef-94dd-5eb7-a5b4-c22a2e3e61ef","slice_type":"hubspot_form","slice_label":null,"primary":{"portal_id":"5096486","form_id":"1e22b1d8-e53e-46ed-91df-2b21214c8367"}},{"id":"67677346-ed43-5481-88be-24773543cd67","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"<h3>What You’ll Learn</h3><p></p>","raw":[{"type":"heading3","text":"What You’ll Learn","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"What You’ll Learn "}}},{"id":"e76d1e61-267c-5967-a012-6b7908da9a72","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"<ul><li><strong>Simpler Operations:</strong> How a managed edge layer handles the heavy lifting so your development and security teams don&#39;t have to.</li></ul><p></p><ul><li><strong>Better Bot Management:</strong> Practical ways to move past rigid security rules and handle smarter, more complex web attacks.</li></ul><p></p><ul><li><strong>Real-Time Visibility:</strong> How to connect your logs to observability tools so you can see bot actions and blocks as they happen.</li></ul><p></p><ul><li><strong>Log Interrogation in Practice:</strong> A look at how to use OpenClaw to get a clear, detailed view of your traffic.</li></ul><p></p><ul><li><strong>Team Alignment:</strong> How to get your platform, security, and engineering teams working toward the same goals for uptime and speed.</li></ul><p></p>","raw":[{"type":"list-item","text":"Simpler Operations: How a managed edge layer handles the heavy lifting so your development and security teams don't have to.","spans":[{"start":0,"end":19,"type":"strong"}],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"list-item","text":"Better Bot Management: Practical ways to move past rigid security rules and handle smarter, more complex web attacks.","spans":[{"start":0,"end":22,"type":"strong"}],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"list-item","text":"Real-Time Visibility: How to connect your logs to observability tools so you can see bot actions and blocks as they happen.","spans":[{"start":0,"end":21,"type":"strong"}],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"list-item","text":"Log Interrogation in Practice: A look at how to use OpenClaw to get a clear, detailed view of your traffic.","spans":[{"start":0,"end":30,"type":"strong"}],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"list-item","text":"Team Alignment: How to get your platform, security, and engineering teams working toward the same goals for uptime and speed.","spans":[{"start":0,"end":15,"type":"strong"}],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"Simpler Operations: How a managed edge layer handles the heavy lifting so your development and security teams don't have to.  Better Bot Management: Practical ways to move past rigid security rules and handle smarter, more complex web attacks.  Real-Time Visibility: How to connect your logs to observability tools so you can see bot actions and blocks as they happen.  Log Interrogation in Practice: A look at how to use OpenClaw to get a clear, detailed view of your traffic.  Team Alignment: How to get your platform, security, and engineering teams working toward the same goals for uptime and speed. "}}},{"id":"b148750d-bdd6-5971-83c8-bf75269bd2e3","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"<h3>Who Should Attend?</h3><p></p>","raw":[{"type":"heading3","text":"Who Should Attend?","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"Who Should Attend? "}}},{"id":"7e934f2d-32d5-5c5e-b9fd-577f1468a7c6","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"<ul><li>Teams running Drupal or other complex web platforms who need to tighten security but can&#39;t afford to slow down their release cycles.</li></ul><p></p><ul><li>Anyone working in regulated or high-traffic sectors, such as government, healthcare, education, or finance, who is responsible for website uptime and compliance.</li></ul><p></p>","raw":[{"type":"list-item","text":"Teams running Drupal or other complex web platforms who need to tighten security but can't afford to slow down their release cycles.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"list-item","text":"Anyone working in regulated or high-traffic sectors, such as government, healthcare, education, or finance, who is responsible for website uptime and compliance.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"Teams running Drupal or other complex web platforms who need to tighten security but can't afford to slow down their release cycles.  Anyone working in regulated or high-traffic sectors, such as government, healthcare, education, or finance, who is responsible for website uptime and compliance. "}}},{"id":"76c68dd1-0700-5447-9c7d-0bbd2c0c5e25","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"<h3>Our Speakers</h3><p></p>","raw":[{"type":"heading3","text":"Our Speakers","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"Our Speakers "}}},{"id":"334b18be-ef44-5c55-acfc-91fd6f8a24df","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"<ul><li><strong>Peter Scott: </strong>As Fastly’s Melbourne-based ANZ Channel Manager, Peter Scott scales edge security solutions and partner growth across Australia and New Zealand. He specializes in helping media, retail, and e-commerce brands maximize digital performance while ruthlessly cutting unnecessary infrastructure overhead.</li></ul><p></p><ul><li><strong>Sean Hamlin: </strong>As amazee.io’s New Zealand-based Principal Architect, Sean Hamlin designs scalable, secure architectures for high-traffic digital experiences. He specializes in performance tuning, Drupal development, and edge delivery, helping global teams maximize system speed and resilience while maintaining operational simplicity</li></ul><p></p>","raw":[{"type":"list-item","text":"Peter Scott: As Fastly’s Melbourne-based ANZ Channel Manager, Peter Scott scales edge security solutions and partner growth across Australia and New Zealand. He specializes in helping media, retail, and e-commerce brands maximize digital performance while ruthlessly cutting unnecessary infrastructure overhead.","spans":[{"start":0,"end":13,"type":"strong"}],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"list-item","text":"Sean Hamlin: As amazee.io’s New Zealand-based Principal Architect, Sean Hamlin designs scalable, secure architectures for high-traffic digital experiences. He specializes in performance tuning, Drupal development, and edge delivery, helping global teams maximize system speed and resilience while maintaining operational simplicity","spans":[{"start":0,"end":13,"type":"strong"}],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"Peter Scott: As Fastly’s Melbourne-based ANZ Channel Manager, Peter Scott scales edge security solutions and partner growth across Australia and New Zealand. He specializes in helping media, retail, and e-commerce brands maximize digital performance while ruthlessly cutting unnecessary infrastructure overhead.  Sean Hamlin: As amazee.io’s New Zealand-based Principal Architect, Sean Hamlin designs scalable, secure architectures for high-traffic digital experiences. He specializes in performance tuning, Drupal development, and edge delivery, helping global teams maximize system speed and resilience while maintaining operational simplicity "}}},{"id":"db2240fa-7b0f-54ea-a197-6a39677db200","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"\n    <p class=\" block-img\">\n      <img src=\"https://images.prismic.io/amazeeio/ajzDFFbRV8_Qf2j4_amazee-io-fastly-webinar-sean-hamlin-peter-scott-anz.png?auto=format,compress\" alt=\"A blog post webinar graphic featuring two speaker profile circles on a white background. On the left is Sean Hamlin, Principal Architect at amazee.io. On the right is Peter Scott, ANZ Channel Manager at Fastly. Each circular headshot is accented with a bright blue crescent design element.\" copyright=\"\" />\n    </p>\n  ","raw":[{"type":"image","url":"https://images.prismic.io/amazeeio/ajzDFFbRV8_Qf2j4_amazee-io-fastly-webinar-sean-hamlin-peter-scott-anz.png?auto=format,compress","alt":"A blog post webinar graphic featuring two speaker profile circles on a white background. On the left is Sean Hamlin, Principal Architect at amazee.io. On the right is Peter Scott, ANZ Channel Manager at Fastly. Each circular headshot is accented with a bright blue crescent design element.","copyright":null,"dimensions":{"width":1120,"height":189},"id":"ajzDFFbRV8_Qf2j4","edit":{"x":0,"y":0,"zoom":1,"background":"transparent"}}],"text":""}}}],"summary":"Spoiler alert: Speed vs. security is a fake trade-off. Join amazee.io & Fastly on July 22/23 to automate edge WAF, block bad bots, and keep websites live.","canonical_url":null,"unlisted":false,"calendar_title":null,"calendar_embed":{"url":""},"calender_heading":null,"calender_subheading":null,"calender_body":{"html":"","raw":[],"text":""},"calender_image":{"url":null,"alt":null},"images":[{"path":"https://images.prismic.io/amazeeio/ajzX5FbRV8_Qf2xn_amazee-io-fastly-webinar-edge-delivery-without-compromise-july-2026.jpg.jpg?auto=format%2Ccompress"}]}},{"topLevelBlogData":{"tags":[{"slug":"news","name":"News","include_in_header":true},{"slug":"tips-tricks","name":"Knowledge Base","include_in_header":true},{"slug":"culture","name":"Culture","include_in_header":true},{"slug":"success-stories","name":"Success Stories","include_in_header":false},{"slug":"roadmap","name":"Lagoon Roadmap","include_in_header":false},{"slug":"events","name":"Events","include_in_header":true}],"availablePrismicBlogs":[{"slug":"women-in-tech-brittany-mitchell","title":"Women in Tech - Q&A with Brittany Mitchell, Platform Engineer"},{"slug":"multi-region-failover-explained-cross-cloud-resilience","title":"Multi-Region Failover: Cross-Cloud Resilience Explained"},{"slug":"women-in-tech-lauren-morris","title":"Women in Tech - Q&A with Lauren Morris, Head of Product"},{"slug":"women-in-tech-nicole-ritchie","title":"Women in Tech - Q&A with Nicole Ritchie, Customer Success Lead"},{"slug":"women-in-tech-bree-benesh","title":"Women in Tech - Q&A with Bree Benesh, Product Manager"},{"slug":"women-in-tech-deeksha-kini","title":"Women in Tech - Q&A with Deeksha Kini, Systems Support Engineer"},{"slug":"dependency-track-software-supply-chain-security","title":"Managed Dependency-Track: The 2026 Guide to Continuous Supply Chain Security"},{"slug":"drupal-dev-days-athens-2026-recap","title":"Drupal Dev Days Athens 2026: Vibe Coding, Ancient Hospitality, and the Future of Drupal"},{"slug":"byoc-bring-your-own-cloud-guide","title":"Bring Your Own Cloud (BYOC): The Hosting Architecture of Trust for 2026"},{"slug":"fault-tolerant-enterprise-hosting","title":"Fault-Tolerant Enterprise Hosting: From Self-Healing Infrastructure to Deployment Strategies That Never Fail"},{"slug":"ab-bark-road-playlist-2026","title":"Ab-bark Road – amazee.io Team Playlist 2026"},{"slug":"apm-and-observability","title":"APM and Observability: Essential Platforms for Modern Enterprises"},{"slug":"kitty-stardust-playlist-2025","title":"Kitty Stardust – amazee.io Team Playlist 2025"},{"slug":"fully-managed-secured-data-hosting-service","title":"Beyond Uptime: Why Fully Managed Secured Data Hosting is Your Best Defense Against Security Risks"},{"slug":"high-scalability-hosting-for-drupal-projects","title":"High Scalability Hosting for Your Enterprise Drupal Projects"},{"slug":"drupalcon-europe-2025-vienna-recap","title":"DrupalCon Europe 2025 - Vienna: Recap"},{"slug":"amazeeio-acquires-amazeelabs","title":"The amazee Reunion: amazee.io Acquires Amazee Labs, Reuniting Two Tech Powerhouses"},{"slug":"drupal-hosting-iso-27001-certification","title":"Your Enterprise Security Advantage: ISO/IEC 27001 Certified Drupal Hosting Excellence"},{"slug":"drupals-strategic-ai-initiative-our-commitment","title":"Our Commitment to Drupal’s Strategic AI Initiative"},{"slug":"introducing-brittany-bailey","title":"Welcome, Brittany Bailey, our new Delivery Manager"},{"slug":"introducing-lanette-miller","title":"Meet Lanette Miller, our new Technical Account Manager"},{"slug":"introducing-ryan-price","title":"Introducing Ryan Price, our new Technical Account Manager"},{"slug":"introducing-katywalsh","title":"Introducing Katy Walsh, our new Marketing Lead"},{"slug":"enterprise-drupal-migrations-done-right","title":"From Monoliths to Multi-Sites: Two Stories of Enterprise Drupal Website Migrations Done Right"},{"slug":"ddos-attack-mitigation-for-enterprises","title":"DDoS Attack Mitigation for Enterprises: Protect Your Digital Properties"},{"slug":"future-of-work-conference-2024-highlights","title":"Future of Work Conference 2024: Highlights and Key Takeaways"},{"slug":"headless-drupal-basics-for-enterprises","title":"Headless Drupal Basics For Modern Enterprises"},{"slug":"update-from-franz","title":"A personal update from Franz on stepping back from his role as CEO of amazee.io"},{"slug":"push-your-code-well-handle-the-rest","title":"Push Your Code. We’ll Handle The Rest."},{"slug":"data-pipelines-for-rag","title":"Data Pipelines for RAG"},{"slug":"building-a-private-llm-chatbot-learnings-insights","title":"Building a Private LLM Chatbot: Learning and Insights"},{"slug":"drupal-7-end-of-life","title":"Drupal 7 End of Life: How We Help"},{"slug":"introducing-dimitra-chatzichrysou","title":"Meet amazee.io’s new Platform Engineer, Dimitra Chatzichrysou"},{"slug":"welcome-karl-hepworth","title":"Welcome, Karl Hepworth, amazee.io’s new Platform Engineer"},{"slug":"lagoon-v220-release","title":"Lagoon V2.20 Release: New Features and Enhancements"},{"slug":"introducing-lauren-morris","title":"Welcome, Lauren Morris, Our New Product Manager at amazee.io!"},{"slug":"meet-glyn-davies","title":"Meet Glyn Davies, our new Platform Engineer!"},{"slug":"introducing-laura-caraker","title":"Introducing Laura Caraker, our new Sales Representative"},{"slug":"introducing-sailonlagoon","title":"Provision and Deploy Laravel on amazee.io - Introducing Sail:onLagoon"},{"slug":"building-a-private-llm-chatbot","title":"Building a Private LLM Chatbot from Technical Documentation: Challenges and Solutions"},{"slug":"what-is-green-web-hosting","title":"What is Green Web Hosting?"},{"slug":"cdn-waf-enhancing-protecting-your-website","title":"CDN + WAF: Enhancing and Protecting Your Website"},{"slug":"live-webinar-secure-at-speed-with-fastly-edge-delivery","title":"Webinar: Secure at Speed with Fastly - Edge Delivery Without Compromise"},{"slug":"automating-migrations-between-lagoon-clusters-and-embracing-managed-kubernetes","title":"Automating Migrations Between Lagoon Clusters, and Embracing Managed Kubernetes"},{"slug":"asynchronous-communication-in-a-globally-remote-team","title":"Asynchronous Communication in a Globally Remote Team"},{"slug":"a-new-home-and-platform-for-our-lagoon-documentation","title":"A New Home (and Platform) for Our Lagoon Documentation"},{"slug":"amazee-io-joins-aws-isv-accelerate-program","title":"amazee.io joins AWS ISV Accelerate Program to accelerate developer experience"},{"slug":"austin-sprint-week-recap","title":"Support for Native Kubernetes – Austin Sprint Week Recap"},{"slug":"amazeeio-now-available-in-aws-marketplace","title":"amazee.io – Now Available in AWS Marketplace"},{"slug":"amazee.io--a-worldwide-family","title":"amazee.io – a worldwide family"},{"slug":"amazee-io-joins-mirantis","title":"Taking steps to further improve the developer experience: amazee.io joins Mirantis"},{"slug":"amazee-io-recognized-with-aws-devops-software-competency","title":"amazee.io recognized with AWS DevOps Software Competency"},{"slug":"are-you-ready-for-drupalsouth-shorts","title":"Are you ready for DrupalSouth Shorts?"},{"slug":"amazee-io-virtual-birthday-panel","title":"Join us for amazee.io’s Virtual Birthday Panel!"},{"slug":"a-marketers-perspective-on-web-hosting","title":"A Marketer’s Perspective on Switching Hosting Providers"},{"slug":"5-key-reasons-more-businesses-are-relying-on-webops","title":"5 Key Reasons More Businesses are Relying on WebOps in 2022"},{"slug":"announcing-lando-integration-for-lagoon","title":"Announcing Lando Integration for Lagoon"},{"slug":"amazee-io-earns-high-performer-ranking","title":"amazee.io earns High Performer ranking in Web Hosting and Continuous Delivery on G2"},{"slug":"live-uncover-hidden-vulnerabilities-with-dependency-track","title":"Webinar: Uncover Hidden Vulnerabilities - Continuous Software Security with Dependency-Track"},{"slug":"sounds-like-team-spirit-playlist-2024","title":"Sounds Like Team Spirit – amazee.io Team Playlist 2024"},{"slug":"drupal-dxp-built-for-decoupled-enterprise-hosting","title":"Drupal: The DXP Built for Decoupled Enterprise Website Hosting"},{"slug":"why-enterprises-turn-to-private-ai-solutions","title":"Webinar: Why Smart Enterprises Are Turning to Private AI Solutions"},{"slug":"webinar-launch-drupal-ai-provider","title":"Webinar: Private Drupal AI Provider – From Demo to Launch"},{"slug":"drupalcon-na-2021-recap-the-amazee-io-sessions","title":"DrupalCon North America 2021 Recap: The amazee.io Sessions"},{"slug":"meet-brand-ambassador-jason-lewis","title":"Welcome Jason Lewis, our Brand Ambassador"},{"slug":"meet-matt-swann","title":"Meet Matt Swan, our new UX Product Designer"},{"slug":"welcome-jay-porter","title":"Meet Jay Porter, our Technical Account Manager"},{"slug":"webinar-recap-lagoon-insights","title":"Webinar Recap: Lagoon Insights"},{"slug":"say-hello-to-peter-wettstein","title":"Say hello to Peter, our new Technical Account Manager"},{"slug":"what-was-the-cwp-for-the-new-zealand-government-and-whats-next","title":"What was the CWP for the New Zealand Government — and what's next?"},{"slug":"lagoon-2-is-available-now","title":"Lagoon 2 is Available Now! Here’s What’s New"},{"slug":"welcome-bobby-our-new-technical-account-manager","title":"Meet Bobby Kindle, our Technical Account Manager"},{"slug":"webinar-recap-how-to-simplify-your-development-workflow","title":"Webinar Recap: How to simplify your development workflow with Lando and Lagoon"},{"slug":"were-going-to-drupalcon-global","title":"We’re going to DrupalCon Global — see you online!"},{"slug":"webinar-recap-blue-green-deployments-with-activestandby","title":"Webinar Recap: Blue-Green Deployments with Active/Standby on Lagoon"},{"slug":"get-to-know-a-tam-sean-hamlin","title":"Get to Know a Technical Account Management Lead: Sean Hamlin"},{"slug":"lagoon-insights-webinar","title":"Lagoon Insights webinar"},{"slug":"introducing-nicole-laine","title":"Introducing Nicole Laine, our Digital Marketing and Advertising Specialist!"},{"slug":"joint-webinar-recap-the-future-of-web-development","title":"Joint Webinar Recap: The Future of Web Development and Hosting"},{"slug":"joint-webinar-recap-advanced-lando-ing-with-lagoon","title":"Joint Webinar Recap: Advanced Lando-ing with Lagoon"},{"slug":"joint-webinar-devportal-as-a-service-enabled-by-amazeeio","title":"Joint Webinar - DevPortal as a Service, deployed wherever the customer needs it, enabled by amazee.io"},{"slug":"is-cloud-native-too-hard-to-hire-for","title":"Is cloud native too hard to hire for? amazee.io can help simplify the process. Here’s how."},{"slug":"drupalcon-europe-2020-speaker-video-replay","title":"DrupalCon Europe 2020 Speaker Video Replay"},{"slug":"welcome-to-the-team-jonathan-peter","title":"Welcome to the team, Jonathan Peter – our new IT LEAD!"},{"slug":"webinar-drupal-ai-private-by-design","title":"Webinar: AI for Drupal - Private-by-Design"},{"slug":"drupal-content-distribution-solutions","title":"Drupal Content Distribution Solutions"},{"slug":"composable-web-drupal-web-hosting-and-the-future-of-web-architectures","title":"Composable web: Drupal web hosting and the future of web architectures"},{"slug":"will-greener-hosting-help","title":"Will greener hosting help reduce my website’s carbon emissions?"},{"slug":"dedicated-cloud-an-introductory-guide","title":"Dedicated Cloud: An Introductory Guide to Hosting Drupal and Other Enterprise CMS Software"},{"slug":"join-us-in-welcoming-toby-bellwood--our-new-product","title":"Join us in welcoming Toby Bellwood – our new Product Lead!"},{"slug":"preparing-lagoon-for-drupal-9-launch-day","title":"Preparing Lagoon for Drupal 9 Launch Day"},{"slug":"lagoon-implements-active-standby-a-blue-green-deploy-solution","title":"Lagoon implements “Active/Standby” - A Blue-Green Deploy Solution"},{"slug":"badcamping-virtually-together","title":"BADCamping Virtually Together"},{"slug":"amazee-io-launches-agency-partner-program","title":"amazee.io launches first Agency Partner Program, creating reseller and referral opportunities for agencies around the world"},{"slug":"amazee.io-catalyst-cloud-sparks-panel-discussion","title":"Webinar Recap: How Governments Can Leverage Open Source and the Cloud"},{"slug":"join-amazee-io-at-new-zealand-techweek2021","title":"Join us at New Zealand Techweek2021"},{"slug":"webinar-data-sovereignty-enterprise-drupal-publishing-workflows","title":"Webinar: Drupal Publishing Workflows and Data Sovereignty"},{"slug":"webinar-recap-lagoon-2.0-deploy-into-kubernetes-and","title":"Webinar RECAP: Lagoon 2.0: Deploy into Kubernetes and more!"},{"slug":"meet-us-at-cloudfest-2022","title":"Meet Us At CloudFest 2022"},{"slug":"top-benefits-of-cicd-in-web-hosting","title":"Top benefits of CI/CD in web hosting - and what it means for developers"},{"slug":"the-best-hosting-solution","title":"The Best Enterprise Hosting Solution: Top 3 Things To Look For"},{"slug":"webinar-open-source-power-of-typo3","title":"Better Together: The Open Source Power of TYPO3 CMS and amazee.io"},{"slug":"if-spotify-can-go-down-is-anyone-safe","title":"If Spotify can go down, is anyone safe?"},{"slug":"composable-architecture-and-drupal","title":"Composable Architecture: Why Drupal should be part of your Solution"},{"slug":"introducing-blaize-kaye","title":"Introducing our new Developer Experience and CI/CD Engineer – Blaize Kaye"},{"slug":"smartsheet-dedicated-kubernetes-based-web-hosting","title":"Supporting enterprise SaaS demand with dedicated Kubernetes-based web hosting"},{"slug":"meet-our-new-bizops-lead-ingrid-talbot","title":"Meet Ingrid Talbot, our BizOps Lead"},{"slug":"acquia-site-factory-vs-amazee-io-paas","title":"Acquia Site Factory vs amazee.io PaaS: Why amazee.io has the multisite hosting advantage you need"},{"slug":"welcome-to-the-team-martin","title":"Meet Martin Schlögl, our Head of Sales"},{"slug":"taoti-creative-and-amazee.io-breaking-free-from-limits-to-deliver-more","title":"Taoti Creative - Delivering more for Customers | amazee.io"},{"slug":"lagoon-cli-an-essential-tool-for-managing-lagoon-sites","title":"Lagoon-CLI — an essential tool for managing Lagoon sites."},{"slug":"driven-by-a-global-pandemic-the-world-is-changing","title":"Supporting COVID-19 Response Efforts"},{"slug":"why-were-moving-to-managed-kubernetes","title":"Why we’re moving to Managed Kubernetes"},{"slug":"global-distributed-and-open-source","title":"Proud to be Global, Distributed, and Open Source"},{"slug":"say-hi-to-tobi-nehrlich","title":"Say hi to Tobi Nehrlich, amazee.io’s Platform Lead"},{"slug":"how-to-prepare-your-website-for-high-traffic-events","title":"Case Study: Züri Fäscht — How to Prepare Your Website for High-Traffic Events"},{"slug":"introducing-stephanie-ogozaly-solutions-marketing-manager","title":"Meet Stephanie Ogozaly, our Solutions Marketing Manager"},{"slug":"new-content-marketing-manager-sophia-harris","title":"Say hi to our new Content Marketing Manager – Sophia Harris"},{"slug":"joint-webinar---the-future-of-web-development-and-hosting","title":"Joint Webinar - The future of web development and hosting: how to build performance apps for the modern web"},{"slug":"how-a-global-pharma-company-cut-application-delivery-costs","title":"EKS Migration - Cut App Delivery Costs by 60% | amazee.io"},{"slug":"unlocking-the-power-of-platform-engineering","title":"What Is Platform Engineering | amazee.io"},{"slug":"talking-kubernetes-on-talking-drupal-podcast","title":"Talking Kubernetes on Talking Drupal Podcast"},{"slug":"gitops-vs-devops","title":"GitOps vs. DevOps - What they are and why they are better together"},{"slug":"survive-a-high-traffic-event","title":"7 Tips: How to Survive a High-Traffic Event"},{"slug":"we-are-going-to-drupalcon-north-america","title":"We’re going to DrupalCon North America, April 12–16"},{"slug":"supporting-students-during-uncertain-times","title":"Supporting Students During Uncertain Times"},{"slug":"what-is-zeroops","title":"What is ZeroOps? Solving Your DevOps Challenges"},{"slug":"were-sponsoring-drupalgov-2020-australia","title":"We're Sponsoring, Attending and Speaking at DrupalGov 2020 in Australia"},{"slug":"crank-it-up-the-amazee-io-2021-playlist","title":"Crank It Up: The amazee.io 2021 Playlist Has Arrived"},{"slug":"what-is-webops","title":"What is WebOps? How does it Solve your Hosting Problems?"},{"slug":"matterport-autoscaling-to-meet-peak-demand-with-amazee.io-support","title":"Matterport: Autoscaling to meet peak demand with amazee.io support"},{"slug":"how-one-saas-company-saved-70k-in-startup-costs","title":"How one SaaS company saved $70k in startup costs and went to market a year faster"},{"slug":"govcms-case-study-managing-increased-website-demand","title":"GovCMS Case Study: managing increased website demand during COVID-19"},{"slug":"upcoming-webinar-how-governments-can-leverage-open-source","title":"Upcoming Webinar: How Governments can Leverage Open Source and the Cloud"},{"slug":"html-to-pdf-with-gotenberg-hosted-on-lagoon","title":"HTML to PDF with Gotenberg Hosted on Lagoon"},{"slug":"uptime-monitoring-explained","title":"Uptime Monitoring Explained"},{"slug":"lagoon-2020-roadmap","title":"Lagoon 2020 Roadmap"},{"slug":"what-to-expect-in-lagoon-1-3-0","title":"What to expect in Lagoon 1.3.0"},{"slug":"platform-as-a-service-hitting-the-wall","title":"Platform-as-a-Service: Are you hitting the wall with your Enterprise Drupal Hosting?"},{"slug":"see-you-at-drupalsouth-shorts-2021","title":"We’ll see you at DrupalSouth Shorts 2021"},{"slug":"the-top-7-webops-questions-answered","title":"The Top 7 WebOps Questions Answered"},{"slug":"what-were-releasing-in-lagoon-1.6.0-not-just-drupal-9-compatibility","title":"What we're releasing in Lagoon 1.6.0 - (not just Drupal 9 compatibility)"},{"slug":"welcome-johnny-squardo","title":"Welcome our new Support Engineer, Johnny Squardo"},{"slug":"lagoon-examples-silverstripe-cms","title":"Lagoon examples - Silverstripe CMS"},{"slug":"a-large-credential-stuffing-attack","title":"A Large Credential Stuffing Attack - How We Respond and Mitigate"},{"slug":"simply-push-your-code","title":"“Simply push your code.” What does that mean, exactly?"},{"slug":"open-source-companies-navigating-challenges","title":"Open Source Companies: Navigating Challenges and Building a Business on Open Source"},{"slug":"a-day-in-the-life-inside-lagoon-a-step-by-step-tutorial","title":"A day in the life inside Lagoon: A step-by-step tutorial demo"},{"slug":"amazeeio-is-now-a-kubernetes-certified-service-provider","title":"amazee.io is now a Kubernetes Certified Service Provider (KCSP)"},{"slug":"what-we-released-in-lagoon-1.9----the-ones-before","title":"What we released in Lagoon 1.9  –  the one(s) before two"},{"slug":"white-paper-what-is-ci-cd","title":"What is CI/CD? A Primer on Continuous Integration and Continuous Delivery"},{"slug":"lando-and-lagoon-webinar","title":"Webinar: Simplifying your development workflow with Lando and Lagoon"},{"slug":"drupalgov-2020-sessions-recap","title":"DrupalGov 2020 Sessions Recap"},{"slug":"drupal-govcon-2020--here-we-come","title":"Drupal GovCon 2020 – Here We Come!"},{"slug":"a-warm-amazee.io-welcome-to-salvatore-pappalardo","title":"A warm amazee.io welcome to Salvatore Pappalardo – our new Systems Engineer"},{"slug":"amazee-io-as-your-composable-web-platform","title":"amazee.io as your composable web platform"},{"slug":"life-as-a-systems-engineer-at-amazee.io","title":"Life as a Systems Engineer at amazee.io"},{"slug":"lagoon-2.0-vision--what-were-working-on","title":"Lagoon 2.0 Vision – What We’re Working On"},{"slug":"joint-webinar-recap-developer-portals-as-a-service","title":"Joint Webinar Recap: Developer Portals as a Service, enabled by amazee.io"},{"slug":"see-you-at-drupalcon-europe-2020","title":"See You at DrupalCon Europe 2020"},{"slug":"our-new-partner-manager-bryan-gruneberg","title":"Meet our new Partner Manager — Bryan Gruneberg!"},{"slug":"meet-our-new-product-designer--ac-cowart","title":"Meet our new Product Designer – AC Cowart!"},{"slug":"powered-by-lagoon-managing-countless-csp-violations","title":"Powered by Lagoon: Managing countless CSP violations using amazee.io's platform flexibility"},{"slug":"recap-the-first-ever-lagooncon","title":"Recap – The first-ever LagoonCon"},{"slug":"podcast-joining-an-open-source-start-up-to-scale-growth","title":"Podcast: Joining an Open Source Start-Up to Scale Growth"},{"slug":"what-arrived-in-lagoon-1.8.x--a-release-in-three-movements","title":"What arrived in Lagoon 1.8.x – a release in three movements"},{"slug":"origins-of-lagoon-drupaleasy-interview-with-michael-schmid","title":"Origins of Lagoon - Interview with Michael Schmid on Drupal Easy"},{"slug":"developerweek-global-cloud-2021","title":"We’ll be at DeveloperWeek Global: Cloud, September 14-15"},{"slug":"our-drupalcon-global-recap","title":"Our DrupalCon Global Recap"},{"slug":"learn-containers-5-minutes-at-a-time-a-preview","title":"Learn containers 5 minutes at a time: A preview"},{"slug":"office-hours","title":"Office Hours"},{"slug":"lagoon-hacktoberfest-2020-call-for-more-examples","title":"Lagoon Hacktoberfest 2020  – call for more examples!"},{"slug":"what-were-releasing-in-lagoon-1.7.0","title":"What we're releasing in Lagoon 1.7.0"},{"slug":"ceo-franz-karlsberger-takes-the-reins","title":"CEO Franz Karlsberger takes the reins"},{"slug":"webinar-how-to-run-blue-green-deployments-with-active-standby-on-lagoon","title":"Webinar: How to Run Blue-Green Deployments with Active/Standby on Lagoon"},{"slug":"why-we-use-and-recommend-lens-for-kubernetes","title":"Here’s why we use and recommend Lens for Kubernetes"},{"slug":"women-in-tech-spotlight-interview-witb-dania-gerhardt-co-founder-of-amazee-group","title":"Women in Tech Spotlight: Interview with Dania Gerhardt, Co-Founder of Amazee Group"},{"slug":"gitlab-contribution","title":"GitLab Contribution"},{"slug":"webinar-on-lagoon-2-0-deploy-into-kubernetes-and-more","title":"Webinar on Lagoon 2.0 — Deploy into Kubernetes and more!"},{"slug":"exploring-self-managed-kubernetes-heres-what-to-consider","title":"Exploring Self-Managed Kubernetes? Here’s what to consider:"},{"slug":"what-we-released-in-lagoon-1.5.0","title":"What we released in Lagoon 1.5.0"},{"slug":"what-we-released-in-lagoon-1.4.0-and-1.4.1","title":"What we released in Lagoon 1.4.0 (and 1.4.1)"},{"slug":"how-can-we-preserve-developers-freedom","title":"How can we preserve developers’ freedom? And other questions with amazee.io"},{"slug":"what-are-the-benefits-of-using-open-source-software","title":"What are the benefits of using open source software? And other questions with amazee.io"},{"slug":"drupalcon-highlights-video-another-great-year-of-open-source-events","title":"DrupalCon Highlights Video: Another Great Year of Open Source Events"},{"slug":"part-2-how-secure-are-you-in-2022","title":"Part 2: How secure are you in 2022?"},{"slug":"welcome-to-the-team-nicole-ritchie","title":"Welcome to the team, Nicole Richie!"},{"slug":"after-ten-years-as-a-back-end-developer-alanna-decided","title":"A warm amazee.io welcome to Alanna Burke, our new expert on Documentation, Training, and Developer Relations!"},{"slug":"joint-webinar-advanced-lando-ing-with-lagoon","title":"Joint Webinar: Advanced Lando-ing with Lagoon"},{"slug":"what-you-need-to-know-about-open-source-software-and-webops","title":"What you need to know about open source software and DevOps"},{"slug":"meet-us-at-drupalcon-europe-2021","title":"Meet us at DrupalCon Europe 2021"},{"slug":"your-workflow-your-way","title":"Your workflow, your way: Leveraging the Lagoon API for custom CI/CD pipelines & development workflows"},{"slug":"say-hi-to-martina-augurio","title":"Meet Martina Augurio, our Client Engagement Manager"},{"slug":"visit-our-booth-at-drupal-govcon-2021","title":"Visit our booth at Drupal GovCon 2021"},{"slug":"welcome-chris-goodwin","title":"Meet Chris Goodwin, our Software Engineer"},{"slug":"what-is-dedicated-cloud-and-why-you-should-move-to-it","title":"What is Dedicated Cloud? And Why You Should Move to It"},{"slug":"our-highlights-from-new-zealand-techweek2021","title":"Our highlights from New Zealand Techweek2021"},{"slug":"what-is-a-content-delivery-network-cdn","title":"What is a Content Delivery Network (CDN) – and why do you need one?"},{"slug":"watch-now-amazee-io-at-drupalsouth-shorts-2021","title":"Watch Now: amazee.io at DrupalSouth ‘Shorts’ 2021"},{"slug":"introducing-rolando-scott","title":"Meet Rolando Scott, our Technical Account Manager"},{"slug":"welcome-to-amazee-io-mihaela","title":"Meet Mihaela Gheorghe, our Support Engineer"},{"slug":"celebrating-5-years-of-making-developers-lives-easier","title":"Celebrating 5 years of Making Developers’ Lives Easier"},{"slug":"welcome-ashleigh-king","title":"Meet Ashleigh King, our Client Engagement Manager"},{"slug":"join-our-drupal4gov-september-webinar","title":"Join our Drupal4Gov webinar on how to survive high-traffic events"},{"slug":"welcome-cezary-rataj","title":"Welcome Cezary Rataj, our new Delivery Lead at amazee.io!"},{"slug":"master-the-fundamentals-of-k8s","title":"Master the Fundamentals of K8s:\nKubernetes 101 video series with Jeff Geerling"},{"slug":"website-uptime-guarantees-explained","title":"Website Uptime Guarantees Explained"},{"slug":"how-to-scale-kubernetes-with-a-small-team","title":"How to scale Kubernetes with a small team"},{"slug":"welcome-to-discord-lagoon","title":"Welcome to Discord, Lagoon"},{"slug":"should-developers-have-to-do-kubernetes","title":"Should developers have to do Kubernetes?"},{"slug":"say-hi-to-bree-benesh","title":"Say hi to Bree Benesh – amazee.io’s new Sales Solutions Architect"},{"slug":"recap-2023-composablenow","title":"Recap 2023 – ComposableNow: The Future of the Open Web"},{"slug":"welcome-henk-beld","title":"Welcome our new Sales Solutions Architect, Henk Beld, to the amazee.io team"},{"slug":"why-developers-need-devops-as-a-service","title":"Why developers need DevOps-as-a-Service: A solution to Kubernetes management and developer burnout"},{"slug":"welcome-pedro-alagoa","title":"Welcome Pedro Alagoa, our newest Software Engineer"},{"slug":"welcome-deeksha-kini","title":"Meet amazee.io's new Systems Support Engineer – Deeksha Kini"},{"slug":"k8s-101-is-kubernetes-essential-for-developers","title":"K8s 101: Is Kubernetes essential for developers? Here’s how to start using it today"},{"slug":"how-to-get-support-from-amazee-io","title":"How to get support from amazee.io"},{"slug":"what-is-containerized-hosting","title":"What is containerized hosting?"},{"slug":"benefits-of-kubernetes-with-lagoon","title":"Reaping the Benefits of Kubernetes \n(with Lagoon)"},{"slug":"website-security-risks-in-2022","title":"Which website security risks do you really need to worry about in 2022?"},{"slug":"how-to-simplify-your-data-sovereignty-strategy","title":"How to simplify your data sovereignty strategy"},{"slug":"new-platform-engineer-brittany-mitchell","title":"Meet our new Platform Engineer – Brittany Mitchell"},{"slug":"annai-partnership-announcement","title":"amazee.io and ANNAI Inc. Partner to Bring Open Source PaaS to Japan"},{"slug":"drupaljam-2025-the-power-of-community","title":"Drupaljam 2025: Big Ideas, Bold Tech, and the Power of Community"},{"slug":"introducing-private-ai-at-drupalcon-atlanta","title":"Introducing Private AI at DrupalCon Atlanta"},{"slug":"ai-llm-data-privacy-protection","title":"AI and LLM Data Privacy and Data Sovereignty: Navigating the Challenges"},{"slug":"experience-the-power-of-drupal-ai-for-free","title":"Experience the power of Drupal AI for free"},{"slug":"drupalcon-barcelona-2024-team-recap","title":"DrupalCon Barcelona 2024 - Team Recap"},{"slug":"recap-drupal-govcon-2024","title":"Drupal GovCon 2024 Recap"},{"slug":"lagooncon-portland-2024-recap","title":"LagoonCon Portland 2024 Recap"},{"slug":"drupalcon-portland-2024-recap","title":"DrupalCon Portland 2024 in 1,800 Words"},{"slug":"soc2-type2-attestation-report-announcement","title":"amazee.io Achieves SOC 2 Type 2 Attestation - Our Ongoing Commitment to Enterprise-Level Security"},{"slug":"aws-tokyo-cloud-region","title":"amazee.io Launches New Tokyo Cloud Region on AWS"},{"slug":"amazee-io-bolsters-enterprise-level-security-with-iso-27001-security-standard-certification","title":"amazee.io Bolsters Enterprise-Level Security with ISO 27001 Security Standard Certification"},{"slug":"thriving-in-tech-removing-barriers-for-black-professionals","title":"Thriving in Tech: Removing Barriers for Black Professionals"},{"slug":"comparably-awards-honor-amazee-io","title":"Comparably awards honor our Perks and Benefits and Company Compensation at amazee.io"},{"slug":"drupalcon-amsterdam-2019-recap","title":"DrupalCon Amsterdam 2019 Recap"},{"slug":"aws-government-competency","title":"amazee.io Achieves AWS Government Competency"},{"slug":"soc2-type1-attestation-report-announcement","title":"amazee.io Proves Enhanced Enterprise-Level Security with SOC2 Type1 Attestation Report"},{"slug":"salsa-digital-and-amazee-io-secure-new-contract-with-the-australian-department-of-finance-for-govcms","title":"Salsa Digital and amazee.io secure new contract with the Australian Department of Finance for GovCMS"}]},"legacy":false,"slug":"multi-region-failover-explained-cross-cloud-resilience","data":{"title":"Multi-Region Failover: Cross-Cloud Resilience Explained","meta_title":"Multi-Region Failover: Mitigating the $2M/Hour Outage Cost","posted_on":"Jun 09, 2026","author_name":"Martin Schlögl","author_image":"https://images.prismic.io/amazeeio/769461d2-5276-4e69-8585-810da50fcba1_Martin-Schlogl-.jpg?auto=compress%2Cformat","read_time":7,"tag":"Knowledge Base","faq":{"heading":null,"faq_items":[{"faq_heading":"What is the functional difference between multi-zone resilience and multi-region failover?","faq_copy":{"html":"<p>The core difference lies in the <strong>blast radius protection</strong> and the underlying infrastructure independence:</p><ul><li><strong>Multi-Zone Resilience (Baseline HA):</strong> Automatically distributes application workloads across multiple isolated data centers (Availability Zones) within a single geographic region (e.g., AWS us-east-1). It protects against localized hardware or power failures but cannot survive a widespread regional provider blackout or control-plane impairment.</li></ul><p></p><ul><li><strong>Multi-Region Failover (Disaster Recovery):</strong> Maintains a secondary &quot;shadow&quot; environment in an entirely separate geographic zone or completely different cloud provider (e.g., AWS to GCP). It serves as an independent &quot;Plan B,&quot; stepping in only when the primary region experiences a catastrophic, total collapse.</li></ul><p></p>","raw":[{"type":"paragraph","text":"The core difference lies in the blast radius protection and the underlying infrastructure independence:","spans":[{"start":32,"end":55,"type":"strong"}],"direction":"ltr"},{"type":"list-item","text":"Multi-Zone Resilience (Baseline HA): Automatically distributes application workloads across multiple isolated data centers (Availability Zones) within a single geographic region (e.g., AWS us-east-1). It protects against localized hardware or power failures but cannot survive a widespread regional provider blackout or control-plane impairment.","spans":[{"start":0,"end":36,"type":"strong"}],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"list-item","text":"Multi-Region Failover (Disaster Recovery): Maintains a secondary \"shadow\" environment in an entirely separate geographic zone or completely different cloud provider (e.g., AWS to GCP). It serves as an independent \"Plan B,\" stepping in only when the primary region experiences a catastrophic, total collapse.","spans":[{"start":0,"end":42,"type":"strong"}],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"The core difference lies in the blast radius protection and the underlying infrastructure independence: Multi-Zone Resilience (Baseline HA): Automatically distributes application workloads across multiple isolated data centers (Availability Zones) within a single geographic region (e.g., AWS us-east-1). It protects against localized hardware or power failures but cannot survive a widespread regional provider blackout or control-plane impairment.  Multi-Region Failover (Disaster Recovery): Maintains a secondary \"shadow\" environment in an entirely separate geographic zone or completely different cloud provider (e.g., AWS to GCP). It serves as an independent \"Plan B,\" stepping in only when the primary region experiences a catastrophic, total collapse. "}},{"faq_heading":"What RPO and RTO metrics can an enterprise expect with an active-passive multi-region configuration?","faq_copy":{"html":"<p>In an active-passive architecture, the recovery guardrails are defined by the frequency of data synchronization and the speed of network routing:</p><ul><li><strong>Recovery Point Objective (RPO):</strong> Measures the potential data-currency loss. With a platform like amazee.io, data is continuously synchronized every 15 minutes, guaranteeing a worst-case <strong>RPO of 15 minutes</strong> during a failover event.</li></ul><p></p><ul><li><strong>Recovery Time Objective (RTO):</strong> Measures total downtime. By leveraging automated edge health checks and instant traffic rerouting via DNS/CDN layers, the <strong>RTO is reduced to just minutes</strong>, as the secondary environment stands live and ready to absorb incoming traffic.</li></ul><p></p>","raw":[{"type":"paragraph","text":"In an active-passive architecture, the recovery guardrails are defined by the frequency of data synchronization and the speed of network routing:","spans":[],"direction":"ltr"},{"type":"list-item","text":"Recovery Point Objective (RPO): Measures the potential data-currency loss. With a platform like amazee.io, data is continuously synchronized every 15 minutes, guaranteeing a worst-case RPO of 15 minutes during a failover event.","spans":[{"start":0,"end":31,"type":"strong"},{"start":185,"end":202,"type":"strong"}],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"list-item","text":"Recovery Time Objective (RTO): Measures total downtime. By leveraging automated edge health checks and instant traffic rerouting via DNS/CDN layers, the RTO is reduced to just minutes, as the secondary environment stands live and ready to absorb incoming traffic.","spans":[{"start":0,"end":30,"type":"strong"},{"start":153,"end":183,"type":"strong"}],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"In an active-passive architecture, the recovery guardrails are defined by the frequency of data synchronization and the speed of network routing: Recovery Point Objective (RPO): Measures the potential data-currency loss. With a platform like amazee.io, data is continuously synchronized every 15 minutes, guaranteeing a worst-case RPO of 15 minutes during a failover event.  Recovery Time Objective (RTO): Measures total downtime. By leveraging automated edge health checks and instant traffic rerouting via DNS/CDN layers, the RTO is reduced to just minutes, as the secondary environment stands live and ready to absorb incoming traffic. "}},{"faq_heading":"Why should an enterprise consider a cross-cloud failover strategy over a single-provider multi-region setup?","faq_copy":{"html":"<p>While staying within a single provider’s ecosystem (e.g., AWS Region A to AWS Region B) keeps operations simpler, it leaves an organization vulnerable to provider-wide systemic issues. Widespread identity management failures, global configuration errors, or API control-plane lockouts can simultaneously compromise <em>all</em> regions under a single hyperscaler.</p><p>A <strong>cross-cloud failover strategy</strong> (such as AWS to GCP or Azure to AWS) eliminates this shared dependency entirely, mitigating <strong>Cloud Concentration Risk</strong> and ensuring your platform stays online even during a global, provider-wide outage.</p><p></p>","raw":[{"type":"paragraph","text":"While staying within a single provider’s ecosystem (e.g., AWS Region A to AWS Region B) keeps operations simpler, it leaves an organization vulnerable to provider-wide systemic issues. Widespread identity management failures, global configuration errors, or API control-plane lockouts can simultaneously compromise all regions under a single hyperscaler.","spans":[{"start":315,"end":318,"type":"em"}],"direction":"ltr"},{"type":"paragraph","text":"A cross-cloud failover strategy (such as AWS to GCP or Azure to AWS) eliminates this shared dependency entirely, mitigating Cloud Concentration Risk and ensuring your platform stays online even during a global, provider-wide outage.","spans":[{"start":2,"end":31,"type":"strong"},{"start":124,"end":148,"type":"strong"}],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"While staying within a single provider’s ecosystem (e.g., AWS Region A to AWS Region B) keeps operations simpler, it leaves an organization vulnerable to provider-wide systemic issues. Widespread identity management failures, global configuration errors, or API control-plane lockouts can simultaneously compromise all regions under a single hyperscaler. A cross-cloud failover strategy (such as AWS to GCP or Azure to AWS) eliminates this shared dependency entirely, mitigating Cloud Concentration Risk and ensuring your platform stays online even during a global, provider-wide outage. "}},{"faq_heading":"Why is the failback process to the primary cloud region handled manually instead of automatically?","faq_copy":{"html":"<p>While failing <em>over</em> to a standby region is automated to reduce downtime (RTO), failing <em>back</em> to the primary region should always be a controlled, manual step in your Business Continuity Plan (BCP).</p><p>A manual rollback is critical for three reasons:</p><ol><li><strong>Verifying Stability:</strong> It ensures the primary environment is genuinely healthy and not experiencing an intermittent, fluctuating outage (&quot;flapping&quot;).</li><li><strong>Data Integrity:</strong> It allows database administrators to ensure that any data written to the secondary shadow environment during the outage is fully resynchronized to the primary database.</li><li><strong>Operational Control:</strong> It allows the team to schedule the traffic switch during low-impact operational hours to mitigate further risk.</li></ol><p></p>","raw":[{"type":"paragraph","text":"While failing over to a standby region is automated to reduce downtime (RTO), failing back to the primary region should always be a controlled, manual step in your Business Continuity Plan (BCP).","spans":[{"start":14,"end":18,"type":"em"},{"start":86,"end":90,"type":"em"}],"direction":"ltr"},{"type":"paragraph","text":"A manual rollback is critical for three reasons:","spans":[],"direction":"ltr"},{"type":"o-list-item","text":"Verifying Stability: It ensures the primary environment is genuinely healthy and not experiencing an intermittent, fluctuating outage (\"flapping\").","spans":[{"start":0,"end":20,"type":"strong"}],"direction":"ltr"},{"type":"o-list-item","text":"Data Integrity: It allows database administrators to ensure that any data written to the secondary shadow environment during the outage is fully resynchronized to the primary database.","spans":[{"start":0,"end":15,"type":"strong"}],"direction":"ltr"},{"type":"o-list-item","text":"Operational Control: It allows the team to schedule the traffic switch during low-impact operational hours to mitigate further risk.","spans":[{"start":0,"end":20,"type":"strong"}],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"While failing over to a standby region is automated to reduce downtime (RTO), failing back to the primary region should always be a controlled, manual step in your Business Continuity Plan (BCP). A manual rollback is critical for three reasons: Verifying Stability: It ensures the primary environment is genuinely healthy and not experiencing an intermittent, fluctuating outage (\"flapping\"). Data Integrity: It allows database administrators to ensure that any data written to the secondary shadow environment during the outage is fully resynchronized to the primary database. Operational Control: It allows the team to schedule the traffic switch during low-impact operational hours to mitigate further risk. "}},{"faq_heading":"How can IT leaders justify the financial investment of multi-region disaster recovery to business stakeholders?","faq_copy":{"html":"<p>Multi-region failover should be evaluated as an investment in risk mitigation rather than a standard infrastructure markup. According to New Relic’s 2025 Observability Forecast, high-impact enterprise outages carry a median cost of <strong>$2 million per hour</strong>.</p><p>When building the business case, IT leaders should calculate the cost of a single hour of downtime relative to the baseline cost of a secondary shadow environment. Beyond direct transactional revenue losses, the justification anchors on preventing contractual SLA financial penalties, reducing emergency engineering strain, avoiding regulatory compliance failures, and protecting long-term brand equity and customer trust.</p>","raw":[{"type":"paragraph","text":"Multi-region failover should be evaluated as an investment in risk mitigation rather than a standard infrastructure markup. According to New Relic’s 2025 Observability Forecast, high-impact enterprise outages carry a median cost of $2 million per hour.","spans":[{"start":232,"end":251,"type":"strong"}],"direction":"ltr"},{"type":"paragraph","text":"When building the business case, IT leaders should calculate the cost of a single hour of downtime relative to the baseline cost of a secondary shadow environment. Beyond direct transactional revenue losses, the justification anchors on preventing contractual SLA financial penalties, reducing emergency engineering strain, avoiding regulatory compliance failures, and protecting long-term brand equity and customer trust.","spans":[],"direction":"ltr"}],"text":"Multi-region failover should be evaluated as an investment in risk mitigation rather than a standard infrastructure markup. According to New Relic’s 2025 Observability Forecast, high-impact enterprise outages carry a median cost of $2 million per hour. When building the business case, IT leaders should calculate the cost of a single hour of downtime relative to the baseline cost of a secondary shadow environment. Beyond direct transactional revenue losses, the justification anchors on preventing contractual SLA financial penalties, reducing emergency engineering strain, avoiding regulatory compliance failures, and protecting long-term brand equity and customer trust."}}]},"body":[{"id":"e6b738a6-6c9c-554c-8b04-f213630f0c1c","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"\n    <p class=\" block-img\">\n      <img src=\"https://images.prismic.io/amazeeio/aibWaAeQX7-eW9_M_Multi-Region-Failover.jpg?auto=format,compress\" alt=\"amazee.io Blog: Multi-Region FailOver Explained – Protecting Your Site from Regional Outages\" copyright=\"\" />\n    </p>\n  ","raw":[{"type":"image","url":"https://images.prismic.io/amazeeio/aibWaAeQX7-eW9_M_Multi-Region-Failover.jpg?auto=format,compress","alt":"amazee.io Blog: Multi-Region FailOver Explained – Protecting Your Site from Regional Outages","copyright":null,"dimensions":{"width":4481,"height":2701},"id":"aibWaAeQX7-eW9_M","edit":{"x":0,"y":0,"zoom":1,"background":"transparent"}}],"text":""}}},{"id":"e1aa50da-85af-5ae6-8243-f4f5759f5591","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"<h2>In Short</h2><p></p>","raw":[{"type":"heading2","text":"In Short","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"In Short "}}},{"id":"11737022-4904-59e8-bed4-306b1a31ef13","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"<ul><li><strong>The Vulnerability:</strong> Modern web applications face unpredictable upstream cloud-provider disruptions, network failures, and regional control-plane impairments that standard single-region setups cannot survive.</li></ul><p></p><ul><li><strong>Multi-Zone vs. Multi-Region:</strong> Multi-Zone protects against localized data center failures within one region. Multi-Region failover creates a complete &quot;Plan B&quot; environment in an independent geographic zone or separate cloud provider (e.g., AWS to GCP).</li></ul><p></p><ul><li><strong>The Operational Guardrails:</strong> amazee.io’s multi-region architecture delivers an <strong>RPO (Recovery Point Objective) of 15 minutes</strong> via continuous background data synchronization and automated edge routing.</li></ul><p></p><ul><li><strong>The Business Impact:</strong> With the median cost of high-impact enterprise outages climbing past $2 million per hour, multi-region architecture is an investment in business continuity, contract SLA compliance, and brand trust.</li></ul><p></p>","raw":[{"type":"list-item","text":"The Vulnerability: Modern web applications face unpredictable upstream cloud-provider disruptions, network failures, and regional control-plane impairments that standard single-region setups cannot survive.","spans":[{"start":0,"end":18,"type":"strong"}],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"list-item","text":"Multi-Zone vs. Multi-Region: Multi-Zone protects against localized data center failures within one region. Multi-Region failover creates a complete \"Plan B\" environment in an independent geographic zone or separate cloud provider (e.g., AWS to GCP).","spans":[{"start":0,"end":28,"type":"strong"}],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"list-item","text":"The Operational Guardrails: amazee.io’s multi-region architecture delivers an RPO (Recovery Point Objective) of 15 minutes via continuous background data synchronization and automated edge routing.","spans":[{"start":0,"end":27,"type":"strong"},{"start":78,"end":122,"type":"strong"}],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"list-item","text":"The Business Impact: With the median cost of high-impact enterprise outages climbing past $2 million per hour, multi-region architecture is an investment in business continuity, contract SLA compliance, and brand trust.","spans":[{"start":0,"end":20,"type":"strong"}],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"The Vulnerability: Modern web applications face unpredictable upstream cloud-provider disruptions, network failures, and regional control-plane impairments that standard single-region setups cannot survive.  Multi-Zone vs. Multi-Region: Multi-Zone protects against localized data center failures within one region. Multi-Region failover creates a complete \"Plan B\" environment in an independent geographic zone or separate cloud provider (e.g., AWS to GCP).  The Operational Guardrails: amazee.io’s multi-region architecture delivers an RPO (Recovery Point Objective) of 15 minutes via continuous background data synchronization and automated edge routing.  The Business Impact: With the median cost of high-impact enterprise outages climbing past $2 million per hour, multi-region architecture is an investment in business continuity, contract SLA compliance, and brand trust. "}}},{"id":"884164e1-ad89-58c4-a13c-a6e795308aa4","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"\n    <p class=\" block-img\">\n      <img src=\"https://images.prismic.io/amazeeio/aibc1weQX7-eW-Kk_Multi-RegionFailoverExplained3.gif?auto=format,compress\" alt=\"Multi-Region Failover Explained\" copyright=\"\" />\n    </p>\n  ","raw":[{"type":"image","url":"https://images.prismic.io/amazeeio/aibc1weQX7-eW-Kk_Multi-RegionFailoverExplained3.gif?auto=format,compress","alt":"Multi-Region Failover Explained","copyright":null,"dimensions":{"width":1920,"height":1080},"id":"aibc1weQX7-eW-Kk","edit":{"x":0,"y":0,"zoom":1,"background":"transparent"}}],"text":""}}},{"id":"3af815c2-de93-5ff9-9fd4-5b4933d11773","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"<p>If your website goes down, the impact is immediate: potential customers will go elsewhere, and some of them will never come back. Even if the outage is short, the knock-on effects can last for days: lost business, reputational damage,  missed deadlines, and a backlog of work that competes with everything else you planned to ship.</p><p></p>","raw":[{"type":"paragraph","text":"If your website goes down, the impact is immediate: potential customers will go elsewhere, and some of them will never come back. Even if the outage is short, the knock-on effects can last for days: lost business, reputational damage,  missed deadlines, and a backlog of work that competes with everything else you planned to ship.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"If your website goes down, the impact is immediate: potential customers will go elsewhere, and some of them will never come back. Even if the outage is short, the knock-on effects can last for days: lost business, reputational damage,  missed deadlines, and a backlog of work that competes with everything else you planned to ship. "}}},{"id":"86a0b72a-6c2a-513c-a3f0-432a7703ee88","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"<h2>Why Website Outages Happen</h2><p></p><p>Modern websites are built on layers of services that can fail in different ways. A problem in one layer can cascade quickly. Some of the most frustrating incidents are those outside your control, such as upstream cloud-provider disruptions or regional networking issues.</p><p></p>","raw":[{"type":"heading2","text":"Why Website Outages Happen","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"Modern websites are built on layers of services that can fail in different ways. A problem in one layer can cascade quickly. Some of the most frustrating incidents are those outside your control, such as upstream cloud-provider disruptions or regional networking issues.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"Why Website Outages Happen  Modern websites are built on layers of services that can fail in different ways. A problem in one layer can cascade quickly. Some of the most frustrating incidents are those outside your control, such as upstream cloud-provider disruptions or regional networking issues. "}}},{"id":"2ed46822-3fde-5440-be36-800caf0cd055","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"<h3>Common Causes of Website Downtime</h3><p></p>","raw":[{"type":"heading3","text":"Common Causes of Website Downtime","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"Common Causes of Website Downtime "}}},{"id":"7172db1f-f9b4-5033-afe6-f4706d7afeae","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"<p></p><ul><li><strong>Cloud-Provider Disruptions: </strong>Even Tier-1 cloud providers experience service outages, regional incidents, and platform disruptions that can affect customer applications.</li></ul><p></p><ul><li><strong>Network Failures: </strong>Core DNS routing issues, edge-network problems, and BGP connectivity disruptions can isolate a website, even when the application servers are running perfectly.</li></ul><p></p><ul><li><strong>Infrastructure Misconfigurations: </strong>Software bugs, upstream API changes, deployment errors, and accidental configuration drifts can introduce unexpected downtime.</li></ul><p></p><ul><li><strong>Availability Zone Failures: </strong>A physical infrastructure failure (such as a power grid outage or a fire) within an Availability Zone (AZ) can take down workloads that lack automated cross-zone distribution.</li></ul><p></p>","raw":[{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"list-item","text":"Cloud-Provider Disruptions: Even Tier-1 cloud providers experience service outages, regional incidents, and platform disruptions that can affect customer applications.","spans":[{"start":0,"end":28,"type":"strong"}],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"list-item","text":"Network Failures: Core DNS routing issues, edge-network problems, and BGP connectivity disruptions can isolate a website, even when the application servers are running perfectly.","spans":[{"start":0,"end":18,"type":"strong"}],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"list-item","text":"Infrastructure Misconfigurations: Software bugs, upstream API changes, deployment errors, and accidental configuration drifts can introduce unexpected downtime.","spans":[{"start":0,"end":34,"type":"strong"}],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"list-item","text":"Availability Zone Failures: A physical infrastructure failure (such as a power grid outage or a fire) within an Availability Zone (AZ) can take down workloads that lack automated cross-zone distribution.","spans":[{"start":0,"end":28,"type":"strong"}],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":" Cloud-Provider Disruptions: Even Tier-1 cloud providers experience service outages, regional incidents, and platform disruptions that can affect customer applications.  Network Failures: Core DNS routing issues, edge-network problems, and BGP connectivity disruptions can isolate a website, even when the application servers are running perfectly.  Infrastructure Misconfigurations: Software bugs, upstream API changes, deployment errors, and accidental configuration drifts can introduce unexpected downtime.  Availability Zone Failures: A physical infrastructure failure (such as a power grid outage or a fire) within an Availability Zone (AZ) can take down workloads that lack automated cross-zone distribution. "}}},{"id":"4459c949-96c1-54e8-ace9-840274ccb564","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"<h3>Why Resilience Planning Matters</h3><p></p><p>Failure is inevitable. No infrastructure is immune to failure, and resilient systems are designed with the expectation that outages will happen. Put into practice, resilience is about planning for the failures you can’t predict, and building systems that keep running even when parts of the stack are affected.</p><p></p>","raw":[{"type":"heading3","text":"Why Resilience Planning Matters","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"Failure is inevitable. No infrastructure is immune to failure, and resilient systems are designed with the expectation that outages will happen. Put into practice, resilience is about planning for the failures you can’t predict, and building systems that keep running even when parts of the stack are affected.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"Why Resilience Planning Matters  Failure is inevitable. No infrastructure is immune to failure, and resilient systems are designed with the expectation that outages will happen. Put into practice, resilience is about planning for the failures you can’t predict, and building systems that keep running even when parts of the stack are affected. "}}},{"id":"a167a0fc-6ca0-526f-9bc2-0e4b3b60db8c","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"<h2>Multi-Region Failover: Continuity When a Whole Region is at Risk</h2><p></p><p>Multi-region failover is designed for scenarios where staying inside a single cloud region is not enough. This can include regional outages, major platform incidents, or enterprise requirements that demand an independent “plan B” elsewhere.</p><p></p><p>At its core, multi-region failover means maintaining a secondary environment in a separate region (or even a separate provider) that can take over if the primary environment becomes unavailable.</p><p></p>","raw":[{"type":"heading2","text":"Multi-Region Failover: Continuity When a Whole Region is at Risk","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"Multi-region failover is designed for scenarios where staying inside a single cloud region is not enough. This can include regional outages, major platform incidents, or enterprise requirements that demand an independent “plan B” elsewhere.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"At its core, multi-region failover means maintaining a secondary environment in a separate region (or even a separate provider) that can take over if the primary environment becomes unavailable.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"Multi-Region Failover: Continuity When a Whole Region is at Risk  Multi-region failover is designed for scenarios where staying inside a single cloud region is not enough. This can include regional outages, major platform incidents, or enterprise requirements that demand an independent “plan B” elsewhere.  At its core, multi-region failover means maintaining a secondary environment in a separate region (or even a separate provider) that can take over if the primary environment becomes unavailable. "}}},{"id":"72aba751-e43a-5499-8704-695476701d07","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"<h3>What Multi-Region Failover Typically Involves</h3><p></p>","raw":[{"type":"heading3","text":"What Multi-Region Failover Typically Involves","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"What Multi-Region Failover Typically Involves "}}},{"id":"b8d9422b-3e5a-5a18-a394-1784d021c9ee","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"<ul><li>Failover across regions or providers (for example, one cloud region to another, or one provider to a different provider)</li></ul><p></p><ul><li>A shadow environment that stays synced on a defined schedule (commonly every 15 minutes)</li></ul><p></p><ul><li>Automatic DNS failover to route traffic to the secondary environment when the primary fails</li></ul><p></p><ul><li>Manual rollback once the primary is stable again, so teams can return to normal operations with control</li></ul><p></p>","raw":[{"type":"list-item","text":"Failover across regions or providers (for example, one cloud region to another, or one provider to a different provider)","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"list-item","text":"A shadow environment that stays synced on a defined schedule (commonly every 15 minutes)","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"list-item","text":"Automatic DNS failover to route traffic to the secondary environment when the primary fails","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"list-item","text":"Manual rollback once the primary is stable again, so teams can return to normal operations with control","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"Failover across regions or providers (for example, one cloud region to another, or one provider to a different provider)  A shadow environment that stays synced on a defined schedule (commonly every 15 minutes)  Automatic DNS failover to route traffic to the secondary environment when the primary fails  Manual rollback once the primary is stable again, so teams can return to normal operations with control "}}},{"id":"491f22f2-cf08-5442-9be2-5afb3f0e5a23","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"<h3>The Tradeoff: Availability vs. Data Currency (RPO vs. RTO)</h3><p></p><p>Multi-region designs often accept a small window of potential data loss in exchange for keeping services available during major incidents. This is measured using two critical industry metrics:</p><p></p>","raw":[{"type":"heading3","text":"The Tradeoff: Availability vs. Data Currency (RPO vs. RTO)","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"Multi-region designs often accept a small window of potential data loss in exchange for keeping services available during major incidents. This is measured using two critical industry metrics:","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"The Tradeoff: Availability vs. Data Currency (RPO vs. RTO)  Multi-region designs often accept a small window of potential data loss in exchange for keeping services available during major incidents. This is measured using two critical industry metrics: "}}},{"id":"faffed7e-2730-5f1b-8a59-9ff999e99e78","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"<ul><li><strong>Recovery Point Objective (RPO):</strong> This defines your data currency and measures the maximum age of files or data stores that must be recovered from backup storage for normal operations to resume. In an active-passive multi-region setup where data is continuously synchronized at a defined interval (typically every 15 minutes), your worst-case RPO is 15 minutes.</li></ul><p></p><ul><li><strong>Recovery Time Objective (RTO): </strong>This defines your downtime window and measures the time required to restore business processes after a disaster. By leveraging automated edge health checks and instant traffic rerouting, the RTO is reduced to minutes, since the secondary environment is already live and ready to accept users.</li></ul><p></p>","raw":[{"type":"list-item","text":"Recovery Point Objective (RPO): This defines your data currency and measures the maximum age of files or data stores that must be recovered from backup storage for normal operations to resume. In an active-passive multi-region setup where data is continuously synchronized at a defined interval (typically every 15 minutes), your worst-case RPO is 15 minutes.","spans":[{"start":0,"end":31,"type":"strong"}],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"list-item","text":"Recovery Time Objective (RTO): This defines your downtime window and measures the time required to restore business processes after a disaster. By leveraging automated edge health checks and instant traffic rerouting, the RTO is reduced to minutes, since the secondary environment is already live and ready to accept users.","spans":[{"start":0,"end":31,"type":"strong"}],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"Recovery Point Objective (RPO): This defines your data currency and measures the maximum age of files or data stores that must be recovered from backup storage for normal operations to resume. In an active-passive multi-region setup where data is continuously synchronized at a defined interval (typically every 15 minutes), your worst-case RPO is 15 minutes.  Recovery Time Objective (RTO): This defines your downtime window and measures the time required to restore business processes after a disaster. By leveraging automated edge health checks and instant traffic rerouting, the RTO is reduced to minutes, since the secondary environment is already live and ready to accept users. "}}},{"id":"2082d82d-3125-51f4-843b-c128035167fb","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"<p>For the vast majority of enterprise platforms, accepting a 15-minute RPO window is an incredibly worthwhile trade-off compared to hours-long site blackouts (high RTO), compounded financial losses, and severe contractual SLA penalties.</p><p></p>","raw":[{"type":"paragraph","text":"For the vast majority of enterprise platforms, accepting a 15-minute RPO window is an incredibly worthwhile trade-off compared to hours-long site blackouts (high RTO), compounded financial losses, and severe contractual SLA penalties.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"For the vast majority of enterprise platforms, accepting a 15-minute RPO window is an incredibly worthwhile trade-off compared to hours-long site blackouts (high RTO), compounded financial losses, and severe contractual SLA penalties. "}}},{"id":"8bb80ca3-9cbe-5709-9944-5c34619f7e58","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"<h3>Multi-Zone vs Multi-Region</h3><p></p><p>Multi-zone resilience protects you from failures within a single region, such as an Availability Zone (AZ) disruption. Multi-region failover is intended for larger scenarios, where the region itself is affected or where continuity requirements demand independence from a single regional footprint.</p><p>If your availability requirements are strict, you usually want both layers: multi-zone as your baseline, and multi-region for business continuity.</p><p></p>","raw":[{"type":"heading3","text":"Multi-Zone vs Multi-Region","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"Multi-zone resilience protects you from failures within a single region, such as an Availability Zone (AZ) disruption. Multi-region failover is intended for larger scenarios, where the region itself is affected or where continuity requirements demand independence from a single regional footprint.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"If your availability requirements are strict, you usually want both layers: multi-zone as your baseline, and multi-region for business continuity.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"Multi-Zone vs Multi-Region  Multi-zone resilience protects you from failures within a single region, such as an Availability Zone (AZ) disruption. Multi-region failover is intended for larger scenarios, where the region itself is affected or where continuity requirements demand independence from a single regional footprint. If your availability requirements are strict, you usually want both layers: multi-zone as your baseline, and multi-region for business continuity. "}}},{"id":"c087490e-9463-539b-8435-53c6e298db30","slice_type":"raw_html","slice_label":null,"primary":{"html_content":{"html":"<p>&lt;table class=&quot;tg&quot;&gt; &lt;thead&gt; &lt;tr&gt; &lt;th class=&quot;tg-0pky&quot;&gt;&lt;span style=&quot;font-weight:bold&quot;&gt;Capability&lt;/span&gt;&lt;/th&gt; &lt;th class=&quot;tg-0pky&quot;&gt;&lt;span style=&quot;font-weight:bold&quot;&gt;Multi-Zone Resilience (Baseline HA)&lt;/span&gt;&lt;/th&gt; &lt;th class=&quot;tg-0pky&quot;&gt;&lt;span style=&quot;font-weight:bold&quot;&gt;Multi-Region Failover (Disaster Recovery)&lt;/span&gt;&lt;/th&gt; &lt;/tr&gt; &lt;/thead&gt; &lt;tbody&gt; &lt;tr&gt; &lt;td class=&quot;tg-0pky&quot;&gt;&lt;span style=&quot;font-weight:bold&quot;&gt;Blast Radius Protection&lt;/span&gt;&lt;/td&gt; &lt;td class=&quot;tg-0pky&quot;&gt;Localized data center failure (Single AZ)&lt;/td&gt; &lt;td class=&quot;tg-0pky&quot;&gt;Complete regional collapse or provider outage&lt;/td&gt; &lt;/tr&gt; &lt;tr&gt; &lt;td class=&quot;tg-0pky&quot;&gt;&lt;span style=&quot;font-weight:bold&quot;&gt;Geographic Separation&lt;/span&gt;&lt;/td&gt; &lt;td class=&quot;tg-0pky&quot;&gt;Minimal (Typically within the same metropolitan area)&lt;/td&gt; &lt;td class=&quot;tg-0pky&quot;&gt;High (Hundreds or thousands of miles apart)&lt;/td&gt; &lt;/tr&gt; &lt;tr&gt; &lt;td class=&quot;tg-0pky&quot;&gt;&lt;span style=&quot;font-weight:bold&quot;&gt;Infrastructure Footprint&lt;/span&gt;&lt;/td&gt; &lt;td class=&quot;tg-0pky&quot;&gt;Shared regional control planes and network backbones&lt;/td&gt; &lt;td class=&quot;tg-0pky&quot;&gt;Completely separate regional infrastructure / Cross-Cloud&lt;/td&gt; &lt;/tr&gt; &lt;tr&gt; &lt;td class=&quot;tg-0pky&quot;&gt;&lt;span style=&quot;font-weight:bold&quot;&gt;Cost &amp;amp; Complexity&lt;/span&gt;&lt;/td&gt; &lt;td class=&quot;tg-0pky&quot;&gt;Low (Typically built into modern container platforms)&lt;/td&gt; &lt;td class=&quot;tg-0pky&quot;&gt;Higher (Requires data synchronization &amp;amp; edge routing)&lt;/td&gt; &lt;/tr&gt; &lt;/tbody&gt; &lt;/table&gt;</p>","raw":[{"type":"paragraph","text":"<table class=\"tg\"> <thead> <tr> <th class=\"tg-0pky\"><span style=\"font-weight:bold\">Capability</span></th> <th class=\"tg-0pky\"><span style=\"font-weight:bold\">Multi-Zone Resilience (Baseline HA)</span></th> <th class=\"tg-0pky\"><span style=\"font-weight:bold\">Multi-Region Failover (Disaster Recovery)</span></th> </tr> </thead> <tbody> <tr> <td class=\"tg-0pky\"><span style=\"font-weight:bold\">Blast Radius Protection</span></td> <td class=\"tg-0pky\">Localized data center failure (Single AZ)</td> <td class=\"tg-0pky\">Complete regional collapse or provider outage</td> </tr> <tr> <td class=\"tg-0pky\"><span style=\"font-weight:bold\">Geographic Separation</span></td> <td class=\"tg-0pky\">Minimal (Typically within the same metropolitan area)</td> <td class=\"tg-0pky\">High (Hundreds or thousands of miles apart)</td> </tr> <tr> <td class=\"tg-0pky\"><span style=\"font-weight:bold\">Infrastructure Footprint</span></td> <td class=\"tg-0pky\">Shared regional control planes and network backbones</td> <td class=\"tg-0pky\">Completely separate regional infrastructure / Cross-Cloud</td> </tr> <tr> <td class=\"tg-0pky\"><span style=\"font-weight:bold\">Cost &amp; Complexity</span></td> <td class=\"tg-0pky\">Low (Typically built into modern container platforms)</td> <td class=\"tg-0pky\">Higher (Requires data synchronization &amp; edge routing)</td> </tr> </tbody> </table>","spans":[],"direction":"ltr"}],"text":"<table class=\"tg\"> <thead> <tr> <th class=\"tg-0pky\"><span style=\"font-weight:bold\">Capability</span></th> <th class=\"tg-0pky\"><span style=\"font-weight:bold\">Multi-Zone Resilience (Baseline HA)</span></th> <th class=\"tg-0pky\"><span style=\"font-weight:bold\">Multi-Region Failover (Disaster Recovery)</span></th> </tr> </thead> <tbody> <tr> <td class=\"tg-0pky\"><span style=\"font-weight:bold\">Blast Radius Protection</span></td> <td class=\"tg-0pky\">Localized data center failure (Single AZ)</td> <td class=\"tg-0pky\">Complete regional collapse or provider outage</td> </tr> <tr> <td class=\"tg-0pky\"><span style=\"font-weight:bold\">Geographic Separation</span></td> <td class=\"tg-0pky\">Minimal (Typically within the same metropolitan area)</td> <td class=\"tg-0pky\">High (Hundreds or thousands of miles apart)</td> </tr> <tr> <td class=\"tg-0pky\"><span style=\"font-weight:bold\">Infrastructure Footprint</span></td> <td class=\"tg-0pky\">Shared regional control planes and network backbones</td> <td class=\"tg-0pky\">Completely separate regional infrastructure / Cross-Cloud</td> </tr> <tr> <td class=\"tg-0pky\"><span style=\"font-weight:bold\">Cost &amp; Complexity</span></td> <td class=\"tg-0pky\">Low (Typically built into modern container platforms)</td> <td class=\"tg-0pky\">Higher (Requires data synchronization &amp; edge routing)</td> </tr> </tbody> </table>"}}},{"id":"c543e108-fdca-555a-b0c0-1336549e6aef","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"<h2>How amazee.io Approaches Multi-Region Failover</h2><p></p>","raw":[{"type":"heading2","text":"How amazee.io Approaches Multi-Region Failover","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"How amazee.io Approaches Multi-Region Failover "}}},{"id":"b2539a0c-b880-53fa-a40d-c9d9fab8568d","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"<p>That’s the context in which amazee.io builds failover into the platform. We aim to reduce the likelihood that infrastructure incidents become customer-visible events and make recovery predictable when the incident spans more than a single zone.</p><p>We deliver resilience in two layers: multi-zone failover by default, and multi-region failover as an advanced add-on for organizations that need continuity across multiple regions.</p><p></p>","raw":[{"type":"paragraph","text":"That’s the context in which amazee.io builds failover into the platform. We aim to reduce the likelihood that infrastructure incidents become customer-visible events and make recovery predictable when the incident spans more than a single zone.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"We deliver resilience in two layers: multi-zone failover by default, and multi-region failover as an advanced add-on for organizations that need continuity across multiple regions.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"That’s the context in which amazee.io builds failover into the platform. We aim to reduce the likelihood that infrastructure incidents become customer-visible events and make recovery predictable when the incident spans more than a single zone. We deliver resilience in two layers: multi-zone failover by default, and multi-region failover as an advanced add-on for organizations that need continuity across multiple regions. "}}},{"id":"225fd278-c5e6-56d6-9f1f-87fadf0e5fed","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"<h3>Built-In Resilience: Multi-Zone Failover by Default</h3><p></p><p>Most major hyperscaler regions (AWS, GCP, Azure) contain three or more isolated Availability Zones (AZs). amazee.io automatically distributes workloads across all AZs in a region, so if one AZ fails, your sites can stay live.</p><p></p><p>What you get:</p>","raw":[{"type":"heading3","text":"Built-In Resilience: Multi-Zone Failover by Default","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"Most major hyperscaler regions (AWS, GCP, Azure) contain three or more isolated Availability Zones (AZs). amazee.io automatically distributes workloads across all AZs in a region, so if one AZ fails, your sites can stay live.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"What you get:","spans":[],"direction":"ltr"}],"text":"Built-In Resilience: Multi-Zone Failover by Default  Most major hyperscaler regions (AWS, GCP, Azure) contain three or more isolated Availability Zones (AZs). amazee.io automatically distributes workloads across all AZs in a region, so if one AZ fails, your sites can stay live.  What you get:"}}},{"id":"0b7f1c81-34ff-51ab-9ea9-1ce45a5a4166","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"<ul><li>Failover across zones within a region</li></ul><p></p><ul><li>No extra configuration required</li></ul><p></p><ul><li>No additional cost for multi-zone resilience</li></ul><p></p>","raw":[{"type":"list-item","text":"Failover across zones within a region","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"list-item","text":"No extra configuration required","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"list-item","text":"No additional cost for multi-zone resilience","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"Failover across zones within a region  No extra configuration required  No additional cost for multi-zone resilience "}}},{"id":"6083ba97-7709-5cec-acb6-8fe8cbf4267f","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"<h3>Multi-Region Failover with amazee.io: Continuity Beyond One Region</h3><p></p><p>We offer multi-region failover as an advanced add-on, enabling:</p>","raw":[{"type":"heading3","text":"Multi-Region Failover with amazee.io: Continuity Beyond One Region","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"We offer multi-region failover as an advanced add-on, enabling:","spans":[],"direction":"ltr"}],"text":"Multi-Region Failover with amazee.io: Continuity Beyond One Region  We offer multi-region failover as an advanced add-on, enabling:"}}},{"id":"c3d5cf13-ea28-5108-b58b-5351d6d50268","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"<ul><li>Failover across regions or providers (for example, AWS to GCP, Azure to AWS)</li></ul><p></p><ul><li>Shadow environment synced every 15 minutes</li></ul><p></p><ul><li>Automatic DNS failover to the shadow environment if the primary becomes unavailable</li></ul><p></p><ul><li>Manual rollback once the primary environment is restored and stable</li></ul><p></p><ul><li>Continuous failover tests help ensure readiness, though no live failover has been required in production to date. In the worst-case scenario, you may lose up to 15 minutes of data.</li></ul>","raw":[{"type":"list-item","text":"Failover across regions or providers (for example, AWS to GCP, Azure to AWS)","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"list-item","text":"Shadow environment synced every 15 minutes","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"list-item","text":"Automatic DNS failover to the shadow environment if the primary becomes unavailable","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"list-item","text":"Manual rollback once the primary environment is restored and stable","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"list-item","text":"Continuous failover tests help ensure readiness, though no live failover has been required in production to date. In the worst-case scenario, you may lose up to 15 minutes of data.","spans":[],"direction":"ltr"}],"text":"Failover across regions or providers (for example, AWS to GCP, Azure to AWS)  Shadow environment synced every 15 minutes  Automatic DNS failover to the shadow environment if the primary becomes unavailable  Manual rollback once the primary environment is restored and stable  Continuous failover tests help ensure readiness, though no live failover has been required in production to date. In the worst-case scenario, you may lose up to 15 minutes of data."}}},{"id":"3152ce16-3f93-50e5-8eb8-b39aa3c69755","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"<h2>The Business Cost of Downtime</h2><p></p>","raw":[{"type":"heading2","text":"The Business Cost of Downtime","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"The Business Cost of Downtime "}}},{"id":"b1ac0e92-76ef-5c07-9d76-f4a241bdba85","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"<p>Downtime is expensive, even before you factor in lost revenue. Incident response can pull senior engineers into urgent work, customer-facing teams need to manage incoming support requests, and internal roadmaps often stall while teams focus on recovery.</p><p>Data shows that the financial impact of outages is significant and growing. According to <strong><a target=\"_blank\" rel=\"noopener\" href=\"https://newrelic.com/press-release/20250917\">New Relic’s 2025 Observability Forecast</a></strong>, high-impact outages cost organizations a median of $2 million per hour, with some industries reporting even higher figures depending on regulatory and operational complexity.</p><p>Depending on how crucial your website is to revenue and operations, downtime losses may range from thousands to hundreds of thousands of dollars per minute.</p><p></p>","raw":[{"type":"paragraph","text":"Downtime is expensive, even before you factor in lost revenue. Incident response can pull senior engineers into urgent work, customer-facing teams need to manage incoming support requests, and internal roadmaps often stall while teams focus on recovery.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"Data shows that the financial impact of outages is significant and growing. According to New Relic’s 2025 Observability Forecast, high-impact outages cost organizations a median of $2 million per hour, with some industries reporting even higher figures depending on regulatory and operational complexity.","spans":[{"start":89,"end":128,"type":"hyperlink","data":{"link_type":"Web","url":"https://newrelic.com/press-release/20250917","target":"_blank"}},{"start":89,"end":128,"type":"strong"}],"direction":"ltr"},{"type":"paragraph","text":"Depending on how crucial your website is to revenue and operations, downtime losses may range from thousands to hundreds of thousands of dollars per minute.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"Downtime is expensive, even before you factor in lost revenue. Incident response can pull senior engineers into urgent work, customer-facing teams need to manage incoming support requests, and internal roadmaps often stall while teams focus on recovery. Data shows that the financial impact of outages is significant and growing. According to New Relic’s 2025 Observability Forecast, high-impact outages cost organizations a median of $2 million per hour, with some industries reporting even higher figures depending on regulatory and operational complexity. Depending on how crucial your website is to revenue and operations, downtime losses may range from thousands to hundreds of thousands of dollars per minute. "}}},{"id":"51ee2d06-e9a9-5ab8-ae88-fb919a2b96d6","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"<h3>The Costs Go Beyond Revenue</h3><p></p><p>The financial impact of downtime is only part of the picture. Organizations also face:</p><p></p>","raw":[{"type":"heading3","text":"The Costs Go Beyond Revenue","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"The financial impact of downtime is only part of the picture. Organizations also face:","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"The Costs Go Beyond Revenue  The financial impact of downtime is only part of the picture. Organizations also face: "}}},{"id":"435e12e6-b8f8-582b-ba01-907463cce7c7","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"<ul><li>Increased incident response and engineering effort</li></ul><p></p><ul><li>Customer support spikes during and after outages</li></ul><p></p><ul><li>Missed service-level objectives and contractual penalties</li></ul><p></p><ul><li>Loss of customer trust and brand confidence</li></ul><p></p><ul><li>Delays to product delivery and internal initiatives</li></ul><p></p><ul><li>Increased operational risk in regulated environments</li></ul><p></p>","raw":[{"type":"list-item","text":"Increased incident response and engineering effort","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"list-item","text":"Customer support spikes during and after outages","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"list-item","text":"Missed service-level objectives and contractual penalties","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"list-item","text":"Loss of customer trust and brand confidence","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"list-item","text":"Delays to product delivery and internal initiatives","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"list-item","text":"Increased operational risk in regulated environments","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"Increased incident response and engineering effort  Customer support spikes during and after outages  Missed service-level objectives and contractual penalties  Loss of customer trust and brand confidence  Delays to product delivery and internal initiatives  Increased operational risk in regulated environments "}}},{"id":"44a761a3-97bc-5410-936b-40d1217c2ec5","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"<p>As systems become more distributed and dependent on external services, the cost of recovery effort often becomes as significant as the outage itself.</p><p></p>","raw":[{"type":"paragraph","text":"As systems become more distributed and dependent on external services, the cost of recovery effort often becomes as significant as the outage itself.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"As systems become more distributed and dependent on external services, the cost of recovery effort often becomes as significant as the outage itself. "}}},{"id":"6bf17731-1016-5dcc-8a86-1e6098450890","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"<h3>Why Multi-Region Failover Is a Business Decision</h3><p></p><p>This is why multi-region failover is often evaluated less as a technical upgrade and more as an investment in business continuity. The objective is not simply to improve infrastructure resilience, but to reduce the operational, financial, and reputational impact of major outages when they occur.</p><p></p>","raw":[{"type":"heading3","text":"Why Multi-Region Failover Is a Business Decision","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"This is why multi-region failover is often evaluated less as a technical upgrade and more as an investment in business continuity. The objective is not simply to improve infrastructure resilience, but to reduce the operational, financial, and reputational impact of major outages when they occur.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"Why Multi-Region Failover Is a Business Decision  This is why multi-region failover is often evaluated less as a technical upgrade and more as an investment in business continuity. The objective is not simply to improve infrastructure resilience, but to reduce the operational, financial, and reputational impact of major outages when they occur. "}}},{"id":"9d08ba25-b966-5715-ad37-9ce475093cb2","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"<h2>Don&#39;t Wait for an Outage to Test Your Resilience</h2><h2></h2>","raw":[{"type":"heading2","text":"Don't Wait for an Outage to Test Your Resilience","spans":[],"direction":"ltr"},{"type":"heading2","text":"","spans":[],"direction":"ltr"}],"text":"Don't Wait for an Outage to Test Your Resilience "}}},{"id":"08d7783e-8400-5688-9b36-320411d27f3d","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"<p>What&#39;s one hour of downtime worth to your organization? If website availability is critical to revenue, compliance, or public access, it&#39;s worth evaluating your recovery strategy before the next incident occurs.</p><p>Our team can assess your resilience requirements and show you how amazee.io helps keep critical websites online during major infrastructure disruptions.</p><p><strong><a target=\"_blank\" rel=\"noopener\" href=\"https://www.amazee.io/get-in-touch\">Talk to our Experts</a></strong></p><p></p>","raw":[{"type":"paragraph","text":"What's one hour of downtime worth to your organization? If website availability is critical to revenue, compliance, or public access, it's worth evaluating your recovery strategy before the next incident occurs.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"Our team can assess your resilience requirements and show you how amazee.io helps keep critical websites online during major infrastructure disruptions.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"Talk to our Experts","spans":[{"start":0,"end":19,"type":"hyperlink","data":{"link_type":"Web","url":"https://www.amazee.io/get-in-touch","target":"_blank"}},{"start":0,"end":19,"type":"strong"}],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"What's one hour of downtime worth to your organization? If website availability is critical to revenue, compliance, or public access, it's worth evaluating your recovery strategy before the next incident occurs. Our team can assess your resilience requirements and show you how amazee.io helps keep critical websites online during major infrastructure disruptions. Talk to our Experts "}}},{"id":"9c510c70-a6e4-55ee-88ae-ef2057e86594","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"<h2>Additional Resources</h2><p></p><p>👓 <strong><a target=\"_blank\" rel=\"noopener\" href=\"https://www.amazee.io/blog/post/fault-tolerant-enterprise-hosting\">Fault-Tolerant Enterprise Hosting</a></strong></p><p>👓 <strong><a target=\"_blank\" rel=\"noopener\" href=\"https://www.amazee.io/blog/post/fully-managed-secured-data-hosting-service\">Beyond Uptime: Why Fully Managed Secured Data Hosting is Your Best Defense Against Security Risks</a></strong></p>","raw":[{"type":"heading2","text":"Additional Resources","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"👓 Fault-Tolerant Enterprise Hosting","spans":[{"start":3,"end":36,"type":"hyperlink","data":{"link_type":"Web","url":"https://www.amazee.io/blog/post/fault-tolerant-enterprise-hosting","target":"_blank"}},{"start":3,"end":36,"type":"strong"}],"direction":"ltr"},{"type":"paragraph","text":"👓 Beyond Uptime: Why Fully Managed Secured Data Hosting is Your Best Defense Against Security Risks","spans":[{"start":3,"end":100,"type":"hyperlink","data":{"link_type":"Web","url":"https://www.amazee.io/blog/post/fully-managed-secured-data-hosting-service","target":"_blank"}},{"start":3,"end":100,"type":"strong"}],"direction":"ltr"}],"text":"Additional Resources  👓 Fault-Tolerant Enterprise Hosting 👓 Beyond Uptime: Why Fully Managed Secured Data Hosting is Your Best Defense Against Security Risks"}}}],"summary":"Website outages cost a median of $2M per hour. Discover how our multi-region failover delivers an automated 15-minute RPO across AWS, GCP, and Azure","canonical_url":null,"unlisted":false,"calendar_title":null,"calendar_embed":{"url":""},"calender_heading":null,"calender_subheading":null,"calender_body":{"html":"","raw":[],"text":""},"calender_image":{"url":null,"alt":null},"images":[{"path":"https://images.prismic.io/amazeeio/aibWaAeQX7-eW9_M_Multi-Region-Failover.jpg?auto=format%2Ccompress"}]}},{"topLevelBlogData":{"tags":[{"slug":"news","name":"News","include_in_header":true},{"slug":"tips-tricks","name":"Knowledge Base","include_in_header":true},{"slug":"culture","name":"Culture","include_in_header":true},{"slug":"success-stories","name":"Success Stories","include_in_header":false},{"slug":"roadmap","name":"Lagoon Roadmap","include_in_header":false},{"slug":"events","name":"Events","include_in_header":true}],"availablePrismicBlogs":[{"slug":"women-in-tech-brittany-mitchell","title":"Women in Tech - Q&A with Brittany Mitchell, Platform Engineer"},{"slug":"multi-region-failover-explained-cross-cloud-resilience","title":"Multi-Region Failover: Cross-Cloud Resilience Explained"},{"slug":"women-in-tech-lauren-morris","title":"Women in Tech - Q&A with Lauren Morris, Head of Product"},{"slug":"women-in-tech-nicole-ritchie","title":"Women in Tech - Q&A with Nicole Ritchie, Customer Success Lead"},{"slug":"women-in-tech-bree-benesh","title":"Women in Tech - Q&A with Bree Benesh, Product Manager"},{"slug":"women-in-tech-deeksha-kini","title":"Women in Tech - Q&A with Deeksha Kini, Systems Support Engineer"},{"slug":"dependency-track-software-supply-chain-security","title":"Managed Dependency-Track: The 2026 Guide to Continuous Supply Chain Security"},{"slug":"drupal-dev-days-athens-2026-recap","title":"Drupal Dev Days Athens 2026: Vibe Coding, Ancient Hospitality, and the Future of Drupal"},{"slug":"byoc-bring-your-own-cloud-guide","title":"Bring Your Own Cloud (BYOC): The Hosting Architecture of Trust for 2026"},{"slug":"fault-tolerant-enterprise-hosting","title":"Fault-Tolerant Enterprise Hosting: From Self-Healing Infrastructure to Deployment Strategies That Never Fail"},{"slug":"ab-bark-road-playlist-2026","title":"Ab-bark Road – amazee.io Team Playlist 2026"},{"slug":"apm-and-observability","title":"APM and Observability: Essential Platforms for Modern Enterprises"},{"slug":"kitty-stardust-playlist-2025","title":"Kitty Stardust – amazee.io Team Playlist 2025"},{"slug":"fully-managed-secured-data-hosting-service","title":"Beyond Uptime: Why Fully Managed Secured Data Hosting is Your Best Defense Against Security Risks"},{"slug":"high-scalability-hosting-for-drupal-projects","title":"High Scalability Hosting for Your Enterprise Drupal Projects"},{"slug":"drupalcon-europe-2025-vienna-recap","title":"DrupalCon Europe 2025 - Vienna: Recap"},{"slug":"amazeeio-acquires-amazeelabs","title":"The amazee Reunion: amazee.io Acquires Amazee Labs, Reuniting Two Tech Powerhouses"},{"slug":"drupal-hosting-iso-27001-certification","title":"Your Enterprise Security Advantage: ISO/IEC 27001 Certified Drupal Hosting Excellence"},{"slug":"drupals-strategic-ai-initiative-our-commitment","title":"Our Commitment to Drupal’s Strategic AI Initiative"},{"slug":"introducing-brittany-bailey","title":"Welcome, Brittany Bailey, our new Delivery Manager"},{"slug":"introducing-lanette-miller","title":"Meet Lanette Miller, our new Technical Account Manager"},{"slug":"introducing-ryan-price","title":"Introducing Ryan Price, our new Technical Account Manager"},{"slug":"introducing-katywalsh","title":"Introducing Katy Walsh, our new Marketing Lead"},{"slug":"enterprise-drupal-migrations-done-right","title":"From Monoliths to Multi-Sites: Two Stories of Enterprise Drupal Website Migrations Done Right"},{"slug":"ddos-attack-mitigation-for-enterprises","title":"DDoS Attack Mitigation for Enterprises: Protect Your Digital Properties"},{"slug":"future-of-work-conference-2024-highlights","title":"Future of Work Conference 2024: Highlights and Key Takeaways"},{"slug":"headless-drupal-basics-for-enterprises","title":"Headless Drupal Basics For Modern Enterprises"},{"slug":"update-from-franz","title":"A personal update from Franz on stepping back from his role as CEO of amazee.io"},{"slug":"push-your-code-well-handle-the-rest","title":"Push Your Code. We’ll Handle The Rest."},{"slug":"data-pipelines-for-rag","title":"Data Pipelines for RAG"},{"slug":"building-a-private-llm-chatbot-learnings-insights","title":"Building a Private LLM Chatbot: Learning and Insights"},{"slug":"drupal-7-end-of-life","title":"Drupal 7 End of Life: How We Help"},{"slug":"introducing-dimitra-chatzichrysou","title":"Meet amazee.io’s new Platform Engineer, Dimitra Chatzichrysou"},{"slug":"welcome-karl-hepworth","title":"Welcome, Karl Hepworth, amazee.io’s new Platform Engineer"},{"slug":"lagoon-v220-release","title":"Lagoon V2.20 Release: New Features and Enhancements"},{"slug":"introducing-lauren-morris","title":"Welcome, Lauren Morris, Our New Product Manager at amazee.io!"},{"slug":"meet-glyn-davies","title":"Meet Glyn Davies, our new Platform Engineer!"},{"slug":"introducing-laura-caraker","title":"Introducing Laura Caraker, our new Sales Representative"},{"slug":"introducing-sailonlagoon","title":"Provision and Deploy Laravel on amazee.io - Introducing Sail:onLagoon"},{"slug":"building-a-private-llm-chatbot","title":"Building a Private LLM Chatbot from Technical Documentation: Challenges and Solutions"},{"slug":"what-is-green-web-hosting","title":"What is Green Web Hosting?"},{"slug":"cdn-waf-enhancing-protecting-your-website","title":"CDN + WAF: Enhancing and Protecting Your Website"},{"slug":"live-webinar-secure-at-speed-with-fastly-edge-delivery","title":"Webinar: Secure at Speed with Fastly - Edge Delivery Without Compromise"},{"slug":"automating-migrations-between-lagoon-clusters-and-embracing-managed-kubernetes","title":"Automating Migrations Between Lagoon Clusters, and Embracing Managed Kubernetes"},{"slug":"asynchronous-communication-in-a-globally-remote-team","title":"Asynchronous Communication in a Globally Remote Team"},{"slug":"a-new-home-and-platform-for-our-lagoon-documentation","title":"A New Home (and Platform) for Our Lagoon Documentation"},{"slug":"amazee-io-joins-aws-isv-accelerate-program","title":"amazee.io joins AWS ISV Accelerate Program to accelerate developer experience"},{"slug":"austin-sprint-week-recap","title":"Support for Native Kubernetes – Austin Sprint Week Recap"},{"slug":"amazeeio-now-available-in-aws-marketplace","title":"amazee.io – Now Available in AWS Marketplace"},{"slug":"amazee.io--a-worldwide-family","title":"amazee.io – a worldwide family"},{"slug":"amazee-io-joins-mirantis","title":"Taking steps to further improve the developer experience: amazee.io joins Mirantis"},{"slug":"amazee-io-recognized-with-aws-devops-software-competency","title":"amazee.io recognized with AWS DevOps Software Competency"},{"slug":"are-you-ready-for-drupalsouth-shorts","title":"Are you ready for DrupalSouth Shorts?"},{"slug":"amazee-io-virtual-birthday-panel","title":"Join us for amazee.io’s Virtual Birthday Panel!"},{"slug":"a-marketers-perspective-on-web-hosting","title":"A Marketer’s Perspective on Switching Hosting Providers"},{"slug":"5-key-reasons-more-businesses-are-relying-on-webops","title":"5 Key Reasons More Businesses are Relying on WebOps in 2022"},{"slug":"announcing-lando-integration-for-lagoon","title":"Announcing Lando Integration for Lagoon"},{"slug":"amazee-io-earns-high-performer-ranking","title":"amazee.io earns High Performer ranking in Web Hosting and Continuous Delivery on G2"},{"slug":"live-uncover-hidden-vulnerabilities-with-dependency-track","title":"Webinar: Uncover Hidden Vulnerabilities - Continuous Software Security with Dependency-Track"},{"slug":"sounds-like-team-spirit-playlist-2024","title":"Sounds Like Team Spirit – amazee.io Team Playlist 2024"},{"slug":"drupal-dxp-built-for-decoupled-enterprise-hosting","title":"Drupal: The DXP Built for Decoupled Enterprise Website Hosting"},{"slug":"why-enterprises-turn-to-private-ai-solutions","title":"Webinar: Why Smart Enterprises Are Turning to Private AI Solutions"},{"slug":"webinar-launch-drupal-ai-provider","title":"Webinar: Private Drupal AI Provider – From Demo to Launch"},{"slug":"drupalcon-na-2021-recap-the-amazee-io-sessions","title":"DrupalCon North America 2021 Recap: The amazee.io Sessions"},{"slug":"meet-brand-ambassador-jason-lewis","title":"Welcome Jason Lewis, our Brand Ambassador"},{"slug":"meet-matt-swann","title":"Meet Matt Swan, our new UX Product Designer"},{"slug":"welcome-jay-porter","title":"Meet Jay Porter, our Technical Account Manager"},{"slug":"webinar-recap-lagoon-insights","title":"Webinar Recap: Lagoon Insights"},{"slug":"say-hello-to-peter-wettstein","title":"Say hello to Peter, our new Technical Account Manager"},{"slug":"what-was-the-cwp-for-the-new-zealand-government-and-whats-next","title":"What was the CWP for the New Zealand Government — and what's next?"},{"slug":"lagoon-2-is-available-now","title":"Lagoon 2 is Available Now! Here’s What’s New"},{"slug":"welcome-bobby-our-new-technical-account-manager","title":"Meet Bobby Kindle, our Technical Account Manager"},{"slug":"webinar-recap-how-to-simplify-your-development-workflow","title":"Webinar Recap: How to simplify your development workflow with Lando and Lagoon"},{"slug":"were-going-to-drupalcon-global","title":"We’re going to DrupalCon Global — see you online!"},{"slug":"webinar-recap-blue-green-deployments-with-activestandby","title":"Webinar Recap: Blue-Green Deployments with Active/Standby on Lagoon"},{"slug":"get-to-know-a-tam-sean-hamlin","title":"Get to Know a Technical Account Management Lead: Sean Hamlin"},{"slug":"lagoon-insights-webinar","title":"Lagoon Insights webinar"},{"slug":"introducing-nicole-laine","title":"Introducing Nicole Laine, our Digital Marketing and Advertising Specialist!"},{"slug":"joint-webinar-recap-the-future-of-web-development","title":"Joint Webinar Recap: The Future of Web Development and Hosting"},{"slug":"joint-webinar-recap-advanced-lando-ing-with-lagoon","title":"Joint Webinar Recap: Advanced Lando-ing with Lagoon"},{"slug":"joint-webinar-devportal-as-a-service-enabled-by-amazeeio","title":"Joint Webinar - DevPortal as a Service, deployed wherever the customer needs it, enabled by amazee.io"},{"slug":"is-cloud-native-too-hard-to-hire-for","title":"Is cloud native too hard to hire for? amazee.io can help simplify the process. Here’s how."},{"slug":"drupalcon-europe-2020-speaker-video-replay","title":"DrupalCon Europe 2020 Speaker Video Replay"},{"slug":"welcome-to-the-team-jonathan-peter","title":"Welcome to the team, Jonathan Peter – our new IT LEAD!"},{"slug":"webinar-drupal-ai-private-by-design","title":"Webinar: AI for Drupal - Private-by-Design"},{"slug":"drupal-content-distribution-solutions","title":"Drupal Content Distribution Solutions"},{"slug":"composable-web-drupal-web-hosting-and-the-future-of-web-architectures","title":"Composable web: Drupal web hosting and the future of web architectures"},{"slug":"will-greener-hosting-help","title":"Will greener hosting help reduce my website’s carbon emissions?"},{"slug":"dedicated-cloud-an-introductory-guide","title":"Dedicated Cloud: An Introductory Guide to Hosting Drupal and Other Enterprise CMS Software"},{"slug":"join-us-in-welcoming-toby-bellwood--our-new-product","title":"Join us in welcoming Toby Bellwood – our new Product Lead!"},{"slug":"preparing-lagoon-for-drupal-9-launch-day","title":"Preparing Lagoon for Drupal 9 Launch Day"},{"slug":"lagoon-implements-active-standby-a-blue-green-deploy-solution","title":"Lagoon implements “Active/Standby” - A Blue-Green Deploy Solution"},{"slug":"badcamping-virtually-together","title":"BADCamping Virtually Together"},{"slug":"amazee-io-launches-agency-partner-program","title":"amazee.io launches first Agency Partner Program, creating reseller and referral opportunities for agencies around the world"},{"slug":"amazee.io-catalyst-cloud-sparks-panel-discussion","title":"Webinar Recap: How Governments Can Leverage Open Source and the Cloud"},{"slug":"join-amazee-io-at-new-zealand-techweek2021","title":"Join us at New Zealand Techweek2021"},{"slug":"webinar-data-sovereignty-enterprise-drupal-publishing-workflows","title":"Webinar: Drupal Publishing Workflows and Data Sovereignty"},{"slug":"webinar-recap-lagoon-2.0-deploy-into-kubernetes-and","title":"Webinar RECAP: Lagoon 2.0: Deploy into Kubernetes and more!"},{"slug":"meet-us-at-cloudfest-2022","title":"Meet Us At CloudFest 2022"},{"slug":"top-benefits-of-cicd-in-web-hosting","title":"Top benefits of CI/CD in web hosting - and what it means for developers"},{"slug":"the-best-hosting-solution","title":"The Best Enterprise Hosting Solution: Top 3 Things To Look For"},{"slug":"webinar-open-source-power-of-typo3","title":"Better Together: The Open Source Power of TYPO3 CMS and amazee.io"},{"slug":"if-spotify-can-go-down-is-anyone-safe","title":"If Spotify can go down, is anyone safe?"},{"slug":"composable-architecture-and-drupal","title":"Composable Architecture: Why Drupal should be part of your Solution"},{"slug":"introducing-blaize-kaye","title":"Introducing our new Developer Experience and CI/CD Engineer – Blaize Kaye"},{"slug":"smartsheet-dedicated-kubernetes-based-web-hosting","title":"Supporting enterprise SaaS demand with dedicated Kubernetes-based web hosting"},{"slug":"meet-our-new-bizops-lead-ingrid-talbot","title":"Meet Ingrid Talbot, our BizOps Lead"},{"slug":"acquia-site-factory-vs-amazee-io-paas","title":"Acquia Site Factory vs amazee.io PaaS: Why amazee.io has the multisite hosting advantage you need"},{"slug":"welcome-to-the-team-martin","title":"Meet Martin Schlögl, our Head of Sales"},{"slug":"taoti-creative-and-amazee.io-breaking-free-from-limits-to-deliver-more","title":"Taoti Creative - Delivering more for Customers | amazee.io"},{"slug":"lagoon-cli-an-essential-tool-for-managing-lagoon-sites","title":"Lagoon-CLI — an essential tool for managing Lagoon sites."},{"slug":"driven-by-a-global-pandemic-the-world-is-changing","title":"Supporting COVID-19 Response Efforts"},{"slug":"why-were-moving-to-managed-kubernetes","title":"Why we’re moving to Managed Kubernetes"},{"slug":"global-distributed-and-open-source","title":"Proud to be Global, Distributed, and Open Source"},{"slug":"say-hi-to-tobi-nehrlich","title":"Say hi to Tobi Nehrlich, amazee.io’s Platform Lead"},{"slug":"how-to-prepare-your-website-for-high-traffic-events","title":"Case Study: Züri Fäscht — How to Prepare Your Website for High-Traffic Events"},{"slug":"introducing-stephanie-ogozaly-solutions-marketing-manager","title":"Meet Stephanie Ogozaly, our Solutions Marketing Manager"},{"slug":"new-content-marketing-manager-sophia-harris","title":"Say hi to our new Content Marketing Manager – Sophia Harris"},{"slug":"joint-webinar---the-future-of-web-development-and-hosting","title":"Joint Webinar - The future of web development and hosting: how to build performance apps for the modern web"},{"slug":"how-a-global-pharma-company-cut-application-delivery-costs","title":"EKS Migration - Cut App Delivery Costs by 60% | amazee.io"},{"slug":"unlocking-the-power-of-platform-engineering","title":"What Is Platform Engineering | amazee.io"},{"slug":"talking-kubernetes-on-talking-drupal-podcast","title":"Talking Kubernetes on Talking Drupal Podcast"},{"slug":"gitops-vs-devops","title":"GitOps vs. DevOps - What they are and why they are better together"},{"slug":"survive-a-high-traffic-event","title":"7 Tips: How to Survive a High-Traffic Event"},{"slug":"we-are-going-to-drupalcon-north-america","title":"We’re going to DrupalCon North America, April 12–16"},{"slug":"supporting-students-during-uncertain-times","title":"Supporting Students During Uncertain Times"},{"slug":"what-is-zeroops","title":"What is ZeroOps? Solving Your DevOps Challenges"},{"slug":"were-sponsoring-drupalgov-2020-australia","title":"We're Sponsoring, Attending and Speaking at DrupalGov 2020 in Australia"},{"slug":"crank-it-up-the-amazee-io-2021-playlist","title":"Crank It Up: The amazee.io 2021 Playlist Has Arrived"},{"slug":"what-is-webops","title":"What is WebOps? How does it Solve your Hosting Problems?"},{"slug":"matterport-autoscaling-to-meet-peak-demand-with-amazee.io-support","title":"Matterport: Autoscaling to meet peak demand with amazee.io support"},{"slug":"how-one-saas-company-saved-70k-in-startup-costs","title":"How one SaaS company saved $70k in startup costs and went to market a year faster"},{"slug":"govcms-case-study-managing-increased-website-demand","title":"GovCMS Case Study: managing increased website demand during COVID-19"},{"slug":"upcoming-webinar-how-governments-can-leverage-open-source","title":"Upcoming Webinar: How Governments can Leverage Open Source and the Cloud"},{"slug":"html-to-pdf-with-gotenberg-hosted-on-lagoon","title":"HTML to PDF with Gotenberg Hosted on Lagoon"},{"slug":"uptime-monitoring-explained","title":"Uptime Monitoring Explained"},{"slug":"lagoon-2020-roadmap","title":"Lagoon 2020 Roadmap"},{"slug":"what-to-expect-in-lagoon-1-3-0","title":"What to expect in Lagoon 1.3.0"},{"slug":"platform-as-a-service-hitting-the-wall","title":"Platform-as-a-Service: Are you hitting the wall with your Enterprise Drupal Hosting?"},{"slug":"see-you-at-drupalsouth-shorts-2021","title":"We’ll see you at DrupalSouth Shorts 2021"},{"slug":"the-top-7-webops-questions-answered","title":"The Top 7 WebOps Questions Answered"},{"slug":"what-were-releasing-in-lagoon-1.6.0-not-just-drupal-9-compatibility","title":"What we're releasing in Lagoon 1.6.0 - (not just Drupal 9 compatibility)"},{"slug":"welcome-johnny-squardo","title":"Welcome our new Support Engineer, Johnny Squardo"},{"slug":"lagoon-examples-silverstripe-cms","title":"Lagoon examples - Silverstripe CMS"},{"slug":"a-large-credential-stuffing-attack","title":"A Large Credential Stuffing Attack - How We Respond and Mitigate"},{"slug":"simply-push-your-code","title":"“Simply push your code.” What does that mean, exactly?"},{"slug":"open-source-companies-navigating-challenges","title":"Open Source Companies: Navigating Challenges and Building a Business on Open Source"},{"slug":"a-day-in-the-life-inside-lagoon-a-step-by-step-tutorial","title":"A day in the life inside Lagoon: A step-by-step tutorial demo"},{"slug":"amazeeio-is-now-a-kubernetes-certified-service-provider","title":"amazee.io is now a Kubernetes Certified Service Provider (KCSP)"},{"slug":"what-we-released-in-lagoon-1.9----the-ones-before","title":"What we released in Lagoon 1.9  –  the one(s) before two"},{"slug":"white-paper-what-is-ci-cd","title":"What is CI/CD? A Primer on Continuous Integration and Continuous Delivery"},{"slug":"lando-and-lagoon-webinar","title":"Webinar: Simplifying your development workflow with Lando and Lagoon"},{"slug":"drupalgov-2020-sessions-recap","title":"DrupalGov 2020 Sessions Recap"},{"slug":"drupal-govcon-2020--here-we-come","title":"Drupal GovCon 2020 – Here We Come!"},{"slug":"a-warm-amazee.io-welcome-to-salvatore-pappalardo","title":"A warm amazee.io welcome to Salvatore Pappalardo – our new Systems Engineer"},{"slug":"amazee-io-as-your-composable-web-platform","title":"amazee.io as your composable web platform"},{"slug":"life-as-a-systems-engineer-at-amazee.io","title":"Life as a Systems Engineer at amazee.io"},{"slug":"lagoon-2.0-vision--what-were-working-on","title":"Lagoon 2.0 Vision – What We’re Working On"},{"slug":"joint-webinar-recap-developer-portals-as-a-service","title":"Joint Webinar Recap: Developer Portals as a Service, enabled by amazee.io"},{"slug":"see-you-at-drupalcon-europe-2020","title":"See You at DrupalCon Europe 2020"},{"slug":"our-new-partner-manager-bryan-gruneberg","title":"Meet our new Partner Manager — Bryan Gruneberg!"},{"slug":"meet-our-new-product-designer--ac-cowart","title":"Meet our new Product Designer – AC Cowart!"},{"slug":"powered-by-lagoon-managing-countless-csp-violations","title":"Powered by Lagoon: Managing countless CSP violations using amazee.io's platform flexibility"},{"slug":"recap-the-first-ever-lagooncon","title":"Recap – The first-ever LagoonCon"},{"slug":"podcast-joining-an-open-source-start-up-to-scale-growth","title":"Podcast: Joining an Open Source Start-Up to Scale Growth"},{"slug":"what-arrived-in-lagoon-1.8.x--a-release-in-three-movements","title":"What arrived in Lagoon 1.8.x – a release in three movements"},{"slug":"origins-of-lagoon-drupaleasy-interview-with-michael-schmid","title":"Origins of Lagoon - Interview with Michael Schmid on Drupal Easy"},{"slug":"developerweek-global-cloud-2021","title":"We’ll be at DeveloperWeek Global: Cloud, September 14-15"},{"slug":"our-drupalcon-global-recap","title":"Our DrupalCon Global Recap"},{"slug":"learn-containers-5-minutes-at-a-time-a-preview","title":"Learn containers 5 minutes at a time: A preview"},{"slug":"office-hours","title":"Office Hours"},{"slug":"lagoon-hacktoberfest-2020-call-for-more-examples","title":"Lagoon Hacktoberfest 2020  – call for more examples!"},{"slug":"what-were-releasing-in-lagoon-1.7.0","title":"What we're releasing in Lagoon 1.7.0"},{"slug":"ceo-franz-karlsberger-takes-the-reins","title":"CEO Franz Karlsberger takes the reins"},{"slug":"webinar-how-to-run-blue-green-deployments-with-active-standby-on-lagoon","title":"Webinar: How to Run Blue-Green Deployments with Active/Standby on Lagoon"},{"slug":"why-we-use-and-recommend-lens-for-kubernetes","title":"Here’s why we use and recommend Lens for Kubernetes"},{"slug":"women-in-tech-spotlight-interview-witb-dania-gerhardt-co-founder-of-amazee-group","title":"Women in Tech Spotlight: Interview with Dania Gerhardt, Co-Founder of Amazee Group"},{"slug":"gitlab-contribution","title":"GitLab Contribution"},{"slug":"webinar-on-lagoon-2-0-deploy-into-kubernetes-and-more","title":"Webinar on Lagoon 2.0 — Deploy into Kubernetes and more!"},{"slug":"exploring-self-managed-kubernetes-heres-what-to-consider","title":"Exploring Self-Managed Kubernetes? Here’s what to consider:"},{"slug":"what-we-released-in-lagoon-1.5.0","title":"What we released in Lagoon 1.5.0"},{"slug":"what-we-released-in-lagoon-1.4.0-and-1.4.1","title":"What we released in Lagoon 1.4.0 (and 1.4.1)"},{"slug":"how-can-we-preserve-developers-freedom","title":"How can we preserve developers’ freedom? And other questions with amazee.io"},{"slug":"what-are-the-benefits-of-using-open-source-software","title":"What are the benefits of using open source software? And other questions with amazee.io"},{"slug":"drupalcon-highlights-video-another-great-year-of-open-source-events","title":"DrupalCon Highlights Video: Another Great Year of Open Source Events"},{"slug":"part-2-how-secure-are-you-in-2022","title":"Part 2: How secure are you in 2022?"},{"slug":"welcome-to-the-team-nicole-ritchie","title":"Welcome to the team, Nicole Richie!"},{"slug":"after-ten-years-as-a-back-end-developer-alanna-decided","title":"A warm amazee.io welcome to Alanna Burke, our new expert on Documentation, Training, and Developer Relations!"},{"slug":"joint-webinar-advanced-lando-ing-with-lagoon","title":"Joint Webinar: Advanced Lando-ing with Lagoon"},{"slug":"what-you-need-to-know-about-open-source-software-and-webops","title":"What you need to know about open source software and DevOps"},{"slug":"meet-us-at-drupalcon-europe-2021","title":"Meet us at DrupalCon Europe 2021"},{"slug":"your-workflow-your-way","title":"Your workflow, your way: Leveraging the Lagoon API for custom CI/CD pipelines & development workflows"},{"slug":"say-hi-to-martina-augurio","title":"Meet Martina Augurio, our Client Engagement Manager"},{"slug":"visit-our-booth-at-drupal-govcon-2021","title":"Visit our booth at Drupal GovCon 2021"},{"slug":"welcome-chris-goodwin","title":"Meet Chris Goodwin, our Software Engineer"},{"slug":"what-is-dedicated-cloud-and-why-you-should-move-to-it","title":"What is Dedicated Cloud? And Why You Should Move to It"},{"slug":"our-highlights-from-new-zealand-techweek2021","title":"Our highlights from New Zealand Techweek2021"},{"slug":"what-is-a-content-delivery-network-cdn","title":"What is a Content Delivery Network (CDN) – and why do you need one?"},{"slug":"watch-now-amazee-io-at-drupalsouth-shorts-2021","title":"Watch Now: amazee.io at DrupalSouth ‘Shorts’ 2021"},{"slug":"introducing-rolando-scott","title":"Meet Rolando Scott, our Technical Account Manager"},{"slug":"welcome-to-amazee-io-mihaela","title":"Meet Mihaela Gheorghe, our Support Engineer"},{"slug":"celebrating-5-years-of-making-developers-lives-easier","title":"Celebrating 5 years of Making Developers’ Lives Easier"},{"slug":"welcome-ashleigh-king","title":"Meet Ashleigh King, our Client Engagement Manager"},{"slug":"join-our-drupal4gov-september-webinar","title":"Join our Drupal4Gov webinar on how to survive high-traffic events"},{"slug":"welcome-cezary-rataj","title":"Welcome Cezary Rataj, our new Delivery Lead at amazee.io!"},{"slug":"master-the-fundamentals-of-k8s","title":"Master the Fundamentals of K8s:\nKubernetes 101 video series with Jeff Geerling"},{"slug":"website-uptime-guarantees-explained","title":"Website Uptime Guarantees Explained"},{"slug":"how-to-scale-kubernetes-with-a-small-team","title":"How to scale Kubernetes with a small team"},{"slug":"welcome-to-discord-lagoon","title":"Welcome to Discord, Lagoon"},{"slug":"should-developers-have-to-do-kubernetes","title":"Should developers have to do Kubernetes?"},{"slug":"say-hi-to-bree-benesh","title":"Say hi to Bree Benesh – amazee.io’s new Sales Solutions Architect"},{"slug":"recap-2023-composablenow","title":"Recap 2023 – ComposableNow: The Future of the Open Web"},{"slug":"welcome-henk-beld","title":"Welcome our new Sales Solutions Architect, Henk Beld, to the amazee.io team"},{"slug":"why-developers-need-devops-as-a-service","title":"Why developers need DevOps-as-a-Service: A solution to Kubernetes management and developer burnout"},{"slug":"welcome-pedro-alagoa","title":"Welcome Pedro Alagoa, our newest Software Engineer"},{"slug":"welcome-deeksha-kini","title":"Meet amazee.io's new Systems Support Engineer – Deeksha Kini"},{"slug":"k8s-101-is-kubernetes-essential-for-developers","title":"K8s 101: Is Kubernetes essential for developers? Here’s how to start using it today"},{"slug":"how-to-get-support-from-amazee-io","title":"How to get support from amazee.io"},{"slug":"what-is-containerized-hosting","title":"What is containerized hosting?"},{"slug":"benefits-of-kubernetes-with-lagoon","title":"Reaping the Benefits of Kubernetes \n(with Lagoon)"},{"slug":"website-security-risks-in-2022","title":"Which website security risks do you really need to worry about in 2022?"},{"slug":"how-to-simplify-your-data-sovereignty-strategy","title":"How to simplify your data sovereignty strategy"},{"slug":"new-platform-engineer-brittany-mitchell","title":"Meet our new Platform Engineer – Brittany Mitchell"},{"slug":"annai-partnership-announcement","title":"amazee.io and ANNAI Inc. Partner to Bring Open Source PaaS to Japan"},{"slug":"drupaljam-2025-the-power-of-community","title":"Drupaljam 2025: Big Ideas, Bold Tech, and the Power of Community"},{"slug":"introducing-private-ai-at-drupalcon-atlanta","title":"Introducing Private AI at DrupalCon Atlanta"},{"slug":"ai-llm-data-privacy-protection","title":"AI and LLM Data Privacy and Data Sovereignty: Navigating the Challenges"},{"slug":"experience-the-power-of-drupal-ai-for-free","title":"Experience the power of Drupal AI for free"},{"slug":"drupalcon-barcelona-2024-team-recap","title":"DrupalCon Barcelona 2024 - Team Recap"},{"slug":"recap-drupal-govcon-2024","title":"Drupal GovCon 2024 Recap"},{"slug":"lagooncon-portland-2024-recap","title":"LagoonCon Portland 2024 Recap"},{"slug":"drupalcon-portland-2024-recap","title":"DrupalCon Portland 2024 in 1,800 Words"},{"slug":"soc2-type2-attestation-report-announcement","title":"amazee.io Achieves SOC 2 Type 2 Attestation - Our Ongoing Commitment to Enterprise-Level Security"},{"slug":"aws-tokyo-cloud-region","title":"amazee.io Launches New Tokyo Cloud Region on AWS"},{"slug":"amazee-io-bolsters-enterprise-level-security-with-iso-27001-security-standard-certification","title":"amazee.io Bolsters Enterprise-Level Security with ISO 27001 Security Standard Certification"},{"slug":"thriving-in-tech-removing-barriers-for-black-professionals","title":"Thriving in Tech: Removing Barriers for Black Professionals"},{"slug":"comparably-awards-honor-amazee-io","title":"Comparably awards honor our Perks and Benefits and Company Compensation at amazee.io"},{"slug":"drupalcon-amsterdam-2019-recap","title":"DrupalCon Amsterdam 2019 Recap"},{"slug":"aws-government-competency","title":"amazee.io Achieves AWS Government Competency"},{"slug":"soc2-type1-attestation-report-announcement","title":"amazee.io Proves Enhanced Enterprise-Level Security with SOC2 Type1 Attestation Report"},{"slug":"salsa-digital-and-amazee-io-secure-new-contract-with-the-australian-department-of-finance-for-govcms","title":"Salsa Digital and amazee.io secure new contract with the Australian Department of Finance for GovCMS"}]},"legacy":false,"slug":"dependency-track-software-supply-chain-security","data":{"title":"Managed Dependency-Track: The 2026 Guide to Continuous Supply Chain Security","meta_title":"Managed Dependency-Track: Supply Chain Security in 2026","posted_on":"May 20, 2026","author_name":"Bree Benesh","author_image":"https://images.prismic.io/amazeeio/148378f3-3cfd-4007-bea3-c3d4126dd6d8_Bree.jpg?auto=compress%2Cformat","read_time":8,"tag":"Knowledge Base","faq":{"heading":"Frequently Asked Questions","faq_items":[{"faq_heading":"What is the core purpose of a software bill of materials (SBOM) management system?","faq_copy":{"html":"<p>The core purpose of an SBOM management system (such as Dependency-Track) is to serve as a centralized, continuous inventory and vulnerability-matching engine for an organization’s entire software portfolio. Unlike standard, isolated security scanners that look at individual code repositories one by one, an SBOM management system provides fleet-wide visibility by:</p><ul><li><strong>Maintaining a Living Catalog:</strong> Continuously storing the exact lists of components, base images, and dependencies running across all production environments.</li><li><strong>Providing Instant Querying:</strong> Allowing security teams to instantly search across thousands of applications during an active zero-day incident to locate specific vulnerable library versions in seconds.</li><li><strong>Decoupling Scanning from Code:</strong> Continuously matching the stored inventory against real-time threat intelligence feeds without requiring development teams to manually rerun CI/CD pipelines every time a new CVE is announced.</li></ul>","raw":[{"type":"paragraph","text":"The core purpose of an SBOM management system (such as Dependency-Track) is to serve as a centralized, continuous inventory and vulnerability-matching engine for an organization’s entire software portfolio. Unlike standard, isolated security scanners that look at individual code repositories one by one, an SBOM management system provides fleet-wide visibility by:","spans":[],"direction":"ltr"},{"type":"list-item","text":"Maintaining a Living Catalog: Continuously storing the exact lists of components, base images, and dependencies running across all production environments.","spans":[{"start":0,"end":29,"type":"strong"}],"direction":"ltr"},{"type":"list-item","text":"Providing Instant Querying: Allowing security teams to instantly search across thousands of applications during an active zero-day incident to locate specific vulnerable library versions in seconds.","spans":[{"start":0,"end":27,"type":"strong"}],"direction":"ltr"},{"type":"list-item","text":"Decoupling Scanning from Code: Continuously matching the stored inventory against real-time threat intelligence feeds without requiring development teams to manually rerun CI/CD pipelines every time a new CVE is announced.","spans":[{"start":0,"end":30,"type":"strong"}],"direction":"ltr"}],"text":"The core purpose of an SBOM management system (such as Dependency-Track) is to serve as a centralized, continuous inventory and vulnerability-matching engine for an organization’s entire software portfolio. Unlike standard, isolated security scanners that look at individual code repositories one by one, an SBOM management system provides fleet-wide visibility by: Maintaining a Living Catalog: Continuously storing the exact lists of components, base images, and dependencies running across all production environments. Providing Instant Querying: Allowing security teams to instantly search across thousands of applications during an active zero-day incident to locate specific vulnerable library versions in seconds. Decoupling Scanning from Code: Continuously matching the stored inventory against real-time threat intelligence feeds without requiring development teams to manually rerun CI/CD pipelines every time a new CVE is announced."}},{"faq_heading":"How can I get started with an open source SBOM tool for my project?","faq_copy":{"html":"<p>Getting started with open source SBOM tooling requires a simple three-step approach: generation and management.</p><p></p><p><strong>Choose a Generation Tool:</strong> Integrate an open source SBOM generator like Syft or Trivy into your local command-line interface or development environment. For PHP containers, Syft is the better choice due to its more robust component detection. Run a basic command to scan your container image (e.g., `syft local-container-name -o cyclonedx-json &gt; sbom.local-container-name.json`).</p><p></p><p><strong>Standardize the Format:</strong> Ensure your generation tool outputs data in an industry-standard, machine-readable format, ideally CycloneDX or SPDX, so different security platforms can read the inventory seamlessly.</p><p></p><p><strong>Select a Management Layer:</strong> For an individual project, reading the raw JSON output is sufficient. However, as soon as you manage multiple applications, you will need to point those generated files to an open-source aggregation platform like Dependency-Track to start tracking vulnerabilities continuously.</p>","raw":[{"type":"paragraph","text":"Getting started with open source SBOM tooling requires a simple three-step approach: generation and management.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"Choose a Generation Tool: Integrate an open source SBOM generator like Syft or Trivy into your local command-line interface or development environment. For PHP containers, Syft is the better choice due to its more robust component detection. Run a basic command to scan your container image (e.g., `syft local-container-name -o cyclonedx-json > sbom.local-container-name.json`).","spans":[{"start":0,"end":25,"type":"strong"}],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"Standardize the Format: Ensure your generation tool outputs data in an industry-standard, machine-readable format, ideally CycloneDX or SPDX, so different security platforms can read the inventory seamlessly.","spans":[{"start":0,"end":23,"type":"strong"}],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"Select a Management Layer: For an individual project, reading the raw JSON output is sufficient. However, as soon as you manage multiple applications, you will need to point those generated files to an open-source aggregation platform like Dependency-Track to start tracking vulnerabilities continuously.","spans":[{"start":0,"end":26,"type":"strong"}],"direction":"ltr"}],"text":"Getting started with open source SBOM tooling requires a simple three-step approach: generation and management.  Choose a Generation Tool: Integrate an open source SBOM generator like Syft or Trivy into your local command-line interface or development environment. For PHP containers, Syft is the better choice due to its more robust component detection. Run a basic command to scan your container image (e.g., `syft local-container-name -o cyclonedx-json > sbom.local-container-name.json`).  Standardize the Format: Ensure your generation tool outputs data in an industry-standard, machine-readable format, ideally CycloneDX or SPDX, so different security platforms can read the inventory seamlessly.  Select a Management Layer: For an individual project, reading the raw JSON output is sufficient. However, as soon as you manage multiple applications, you will need to point those generated files to an open-source aggregation platform like Dependency-Track to start tracking vulnerabilities continuously."}},{"faq_heading":"How do you set up a dependency tracking tool for open-source components?","faq_copy":{"html":"<p>Setting up an enterprise-grade dependency tracking tool via the self-managed (DIY) open-source path involves establishing three core architectural pillars:<br /></p><p><strong>The Hosting Environment:</strong> Provision the infrastructure required to run the core application stack. For a platform like Dependency-Track, this typically involves deploying a Java runtime environment alongside a highly optimized relational database, such as PostgreSQL, to handle intensive database queries.<br /></p><p><strong>The Intelligence Pipeline:</strong> Configure the platform to automatically pull from global vulnerability data streams, such as the GitHub Advisory Database, OSV, and the National Vulnerability Database (NVD).<br /></p><p><strong>The Day-Two Operational Routine:</strong> To keep the platform healthy long-term, you must dedicate engineering time to manage database scaling, fine-tune query performance, apply regular Java framework patches, and ensure background data feeds do not time out.</p>","raw":[{"type":"paragraph","text":"Setting up an enterprise-grade dependency tracking tool via the self-managed (DIY) open-source path involves establishing three core architectural pillars:\n","spans":[],"direction":"ltr"},{"type":"paragraph","text":"The Hosting Environment: Provision the infrastructure required to run the core application stack. For a platform like Dependency-Track, this typically involves deploying a Java runtime environment alongside a highly optimized relational database, such as PostgreSQL, to handle intensive database queries.\n","spans":[{"start":0,"end":24,"type":"strong"}],"direction":"ltr"},{"type":"paragraph","text":"The Intelligence Pipeline: Configure the platform to automatically pull from global vulnerability data streams, such as the GitHub Advisory Database, OSV, and the National Vulnerability Database (NVD).\n","spans":[{"start":0,"end":26,"type":"strong"}],"direction":"ltr"},{"type":"paragraph","text":"The Day-Two Operational Routine: To keep the platform healthy long-term, you must dedicate engineering time to manage database scaling, fine-tune query performance, apply regular Java framework patches, and ensure background data feeds do not time out.","spans":[{"start":0,"end":32,"type":"strong"}],"direction":"ltr"}],"text":"Setting up an enterprise-grade dependency tracking tool via the self-managed (DIY) open-source path involves establishing three core architectural pillars:\n The Hosting Environment: Provision the infrastructure required to run the core application stack. For a platform like Dependency-Track, this typically involves deploying a Java runtime environment alongside a highly optimized relational database, such as PostgreSQL, to handle intensive database queries.\n The Intelligence Pipeline: Configure the platform to automatically pull from global vulnerability data streams, such as the GitHub Advisory Database, OSV, and the National Vulnerability Database (NVD).\n The Day-Two Operational Routine: To keep the platform healthy long-term, you must dedicate engineering time to manage database scaling, fine-tune query performance, apply regular Java framework patches, and ensure background data feeds do not time out."}},{"faq_heading":"What are the best practices for integrating a dependency vulnerability tracker into development workflows?","faq_copy":{"html":"<p>To make a dependency vulnerability tracker operationally effective without disrupting software delivery teams, follow these industry best practices:</p><p></p><ul><li><strong>Automate Ingestion via CI/CD:</strong> Bake SBOM generation into your deployment pipelines (e.g., using Lagoon). The generation step should run automatically in the background, adding minimal time (20-60 seconds) to the build process.</li><li><strong>Implement Closed-Loop Notifications:</strong> Move developers out of the security tool’s user interface. Configure webhooks to send targeted, actionable alerts to Slack or Microsoft Teams only when a newly announced CVE directly matches a component currently sitting in production.</li><li><strong>Contextualize with VEX and EPSS</strong>: Do not block builds based solely on raw vulnerability scores. Use VEX to document and clear non-exploitable code paths, and leverage EPSS to focus developer remediation efforts on vulnerabilities that have a high probability of real-world exploitation.</li></ul>","raw":[{"type":"paragraph","text":"To make a dependency vulnerability tracker operationally effective without disrupting software delivery teams, follow these industry best practices:","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"list-item","text":"Automate Ingestion via CI/CD: Bake SBOM generation into your deployment pipelines (e.g., using Lagoon). The generation step should run automatically in the background, adding minimal time (20-60 seconds) to the build process.","spans":[{"start":0,"end":29,"type":"strong"}],"direction":"ltr"},{"type":"list-item","text":"Implement Closed-Loop Notifications: Move developers out of the security tool’s user interface. Configure webhooks to send targeted, actionable alerts to Slack or Microsoft Teams only when a newly announced CVE directly matches a component currently sitting in production.","spans":[{"start":0,"end":36,"type":"strong"}],"direction":"ltr"},{"type":"list-item","text":"Contextualize with VEX and EPSS: Do not block builds based solely on raw vulnerability scores. Use VEX to document and clear non-exploitable code paths, and leverage EPSS to focus developer remediation efforts on vulnerabilities that have a high probability of real-world exploitation.","spans":[{"start":0,"end":31,"type":"strong"}],"direction":"ltr"}],"text":"To make a dependency vulnerability tracker operationally effective without disrupting software delivery teams, follow these industry best practices:  Automate Ingestion via CI/CD: Bake SBOM generation into your deployment pipelines (e.g., using Lagoon). The generation step should run automatically in the background, adding minimal time (20-60 seconds) to the build process. Implement Closed-Loop Notifications: Move developers out of the security tool’s user interface. Configure webhooks to send targeted, actionable alerts to Slack or Microsoft Teams only when a newly announced CVE directly matches a component currently sitting in production. Contextualize with VEX and EPSS: Do not block builds based solely on raw vulnerability scores. Use VEX to document and clear non-exploitable code paths, and leverage EPSS to focus developer remediation efforts on vulnerabilities that have a high probability of real-world exploitation."}},{"faq_heading":"How does Dependency-Track address delays and gaps in the National Vulnerability Database (NVD)?","faq_copy":{"html":"<p>Dependency-Track bypasses the &quot;NVD Gap&quot;, the critical window of time where the National Vulnerability Database delays processing and enriching new CVEs, by using Multi-Source Intelligence Aggregation.</p><p>Instead of relying on a single database, it continuously aggregates threat intelligence from alternative real-time feeds, including:</p><ul><li>GitHub Advisory Database</li><li>OSV (Open Source Vulnerability data)</li><li>Snyk</li></ul><p>This multi-feed approach ensures that when a zero-day exploit emerges, your security team receives the necessary version-level visibility and remediation context within minutes, hours before the NVD completes its formal enrichment process.</p>","raw":[{"type":"paragraph","text":"Dependency-Track bypasses the \"NVD Gap\", the critical window of time where the National Vulnerability Database delays processing and enriching new CVEs, by using Multi-Source Intelligence Aggregation.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"Instead of relying on a single database, it continuously aggregates threat intelligence from alternative real-time feeds, including:","spans":[],"direction":"ltr"},{"type":"list-item","text":"GitHub Advisory Database","spans":[],"direction":"ltr"},{"type":"list-item","text":"OSV (Open Source Vulnerability data)","spans":[],"direction":"ltr"},{"type":"list-item","text":"Snyk","spans":[],"direction":"ltr"},{"type":"paragraph","text":"This multi-feed approach ensures that when a zero-day exploit emerges, your security team receives the necessary version-level visibility and remediation context within minutes, hours before the NVD completes its formal enrichment process.","spans":[],"direction":"ltr"}],"text":"Dependency-Track bypasses the \"NVD Gap\", the critical window of time where the National Vulnerability Database delays processing and enriching new CVEs, by using Multi-Source Intelligence Aggregation. Instead of relying on a single database, it continuously aggregates threat intelligence from alternative real-time feeds, including: GitHub Advisory Database OSV (Open Source Vulnerability data) Snyk This multi-feed approach ensures that when a zero-day exploit emerges, your security team receives the necessary version-level visibility and remediation context within minutes, hours before the NVD completes its formal enrichment process."}},{"faq_heading":"What is the operational difference between CVSS, EPSS, and VEX in vulnerability triage?","faq_copy":{"html":"<p>To eliminate alert fatigue across software fleets, Dependency-Track combines three distinct signals to separate basic findings from urgent threats:</p><ul><li><strong>CVSS (Common Vulnerability Scoring System)</strong>: Measures the theoretical severity and potential impact of a vulnerability if fully exploited.</li><li><strong>EPSS (Exploit Prediction Scoring System)</strong>: Measures the real-world likelihood that a vulnerability will actually be exploited in the wild, helping teams prioritize their actual backlogs.</li><li><strong>VEX (Vulnerability Exploitability eXchange)</strong>: A documentation standard that allows your team to declare a vulnerability as non-exploitable because the underlying vulnerable code path is not reachable within your specific application context.</li></ul><p>Using these together allows security teams to verify what is present (CVSS), prioritize what is actively dangerous (EPSS), and dismiss the noise (VEX).</p>","raw":[{"type":"paragraph","text":"To eliminate alert fatigue across software fleets, Dependency-Track combines three distinct signals to separate basic findings from urgent threats:","spans":[],"direction":"ltr"},{"type":"list-item","text":"CVSS (Common Vulnerability Scoring System): Measures the theoretical severity and potential impact of a vulnerability if fully exploited.","spans":[{"start":0,"end":42,"type":"strong"}],"direction":"ltr"},{"type":"list-item","text":"EPSS (Exploit Prediction Scoring System): Measures the real-world likelihood that a vulnerability will actually be exploited in the wild, helping teams prioritize their actual backlogs.","spans":[{"start":0,"end":40,"type":"strong"}],"direction":"ltr"},{"type":"list-item","text":"VEX (Vulnerability Exploitability eXchange): A documentation standard that allows your team to declare a vulnerability as non-exploitable because the underlying vulnerable code path is not reachable within your specific application context.","spans":[{"start":0,"end":43,"type":"strong"}],"direction":"ltr"},{"type":"paragraph","text":"Using these together allows security teams to verify what is present (CVSS), prioritize what is actively dangerous (EPSS), and dismiss the noise (VEX).","spans":[],"direction":"ltr"}],"text":"To eliminate alert fatigue across software fleets, Dependency-Track combines three distinct signals to separate basic findings from urgent threats: CVSS (Common Vulnerability Scoring System): Measures the theoretical severity and potential impact of a vulnerability if fully exploited. EPSS (Exploit Prediction Scoring System): Measures the real-world likelihood that a vulnerability will actually be exploited in the wild, helping teams prioritize their actual backlogs. VEX (Vulnerability Exploitability eXchange): A documentation standard that allows your team to declare a vulnerability as non-exploitable because the underlying vulnerable code path is not reachable within your specific application context. Using these together allows security teams to verify what is present (CVSS), prioritize what is actively dangerous (EPSS), and dismiss the noise (VEX)."}},{"faq_heading":"How does Managed Dependency-Track safeguard data sovereignty compared to commercial SaaS tools?","faq_copy":{"html":"<p>Commercial SaaS security tools operate as a &quot;black box,&quot; meaning your Software Bill of Materials (SBOM) and internal vulnerability data must be exported and stored within the vendor&#39;s multi-tenant public cloud footprint.</p><p>With amazee.io’s Managed Dependency-Track, your data security follows a strict &quot;your data is your data&quot; philosophy: Your SBOMs and vulnerability profiles remain isolated within your existing cloud boundaries (such as AWS or GCP).</p><p>It eliminates the risk of exposing sensitive infrastructure blueprints to a third-party shared database.</p><p>It keeps your platform fully compliant with stringent data-residency laws and frameworks such as DORA, SOC 2, and ISO 27001.</p>","raw":[{"type":"paragraph","text":"Commercial SaaS security tools operate as a \"black box,\" meaning your Software Bill of Materials (SBOM) and internal vulnerability data must be exported and stored within the vendor's multi-tenant public cloud footprint.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"With amazee.io’s Managed Dependency-Track, your data security follows a strict \"your data is your data\" philosophy: Your SBOMs and vulnerability profiles remain isolated within your existing cloud boundaries (such as AWS or GCP).","spans":[],"direction":"ltr"},{"type":"paragraph","text":"It eliminates the risk of exposing sensitive infrastructure blueprints to a third-party shared database.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"It keeps your platform fully compliant with stringent data-residency laws and frameworks such as DORA, SOC 2, and ISO 27001.","spans":[],"direction":"ltr"}],"text":"Commercial SaaS security tools operate as a \"black box,\" meaning your Software Bill of Materials (SBOM) and internal vulnerability data must be exported and stored within the vendor's multi-tenant public cloud footprint. With amazee.io’s Managed Dependency-Track, your data security follows a strict \"your data is your data\" philosophy: Your SBOMs and vulnerability profiles remain isolated within your existing cloud boundaries (such as AWS or GCP). It eliminates the risk of exposing sensitive infrastructure blueprints to a third-party shared database. It keeps your platform fully compliant with stringent data-residency laws and frameworks such as DORA, SOC 2, and ISO 27001."}},{"faq_heading":"Will continuous SBOM generation and ingestion slow down our CI/CD pipelines?","faq_copy":{"html":"<p><strong>No</strong>. When built into automated deployment workflows (like Lagoon), continuous SBOM generation uses highly efficient tools like Syft during the background &quot;Insights gathering&quot; step. In practice, this process only adds 20 to 60 seconds to an active deployment. This negligible timeline hit completely eliminates operational friction from manual uploads while ensuring your centralized fleet inventory remains fully current and auditable.</p>","raw":[{"type":"paragraph","text":"No. When built into automated deployment workflows (like Lagoon), continuous SBOM generation uses highly efficient tools like Syft during the background \"Insights gathering\" step. In practice, this process only adds 20 to 60 seconds to an active deployment. This negligible timeline hit completely eliminates operational friction from manual uploads while ensuring your centralized fleet inventory remains fully current and auditable.","spans":[{"start":0,"end":2,"type":"strong"}],"direction":"ltr"}],"text":"No. When built into automated deployment workflows (like Lagoon), continuous SBOM generation uses highly efficient tools like Syft during the background \"Insights gathering\" step. In practice, this process only adds 20 to 60 seconds to an active deployment. This negligible timeline hit completely eliminates operational friction from manual uploads while ensuring your centralized fleet inventory remains fully current and auditable."}}]},"body":[{"id":"4f2e8654-5317-59e4-af5e-5254f9fa29ba","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"\n    <p class=\" block-img\">\n      <img src=\"https://images.prismic.io/amazeeio/agyGcqYofJOwHYho_amazee-io-managed-dependency-track-supply-chain-security-guide.png?auto=format,compress\" alt=\"A blog post resource graphic for amazee.io&#39;s Managed Dependency-Track titled &quot;The Guide to Continuous Supply Chain Security.&quot; The background is dark, highlighted by a futuristic 3D digital circuit microchip layout featuring a glowing blue security shield with a keyhole and a red warning triangle icon.\" copyright=\"\" />\n    </p>\n  ","raw":[{"type":"image","url":"https://images.prismic.io/amazeeio/agyGcqYofJOwHYho_amazee-io-managed-dependency-track-supply-chain-security-guide.png?auto=format,compress","alt":"A blog post resource graphic for amazee.io's Managed Dependency-Track titled \"The Guide to Continuous Supply Chain Security.\" The background is dark, highlighted by a futuristic 3D digital circuit microchip layout featuring a glowing blue security shield with a keyhole and a red warning triangle icon.","copyright":null,"dimensions":{"width":1120,"height":675},"id":"agyGcqYofJOwHYho","edit":{"x":0,"y":0,"zoom":1,"background":"transparent"}}],"text":""}}},{"id":"d76dd328-4881-5bc9-8742-2942bceb93d2","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"<h2>In Short:</h2><p></p><ul><li><strong>Continuous SBOM Fleet Monitoring</strong>: Dependency-Track is an open source, API-first Software Composition Analysis (SCA) platform that continuously ingests automated Software Bills of Materials (SBOMs), transforming vulnerability tracking from isolated, reactive project scans into real-time fleet-wide visibility.</li></ul><p></p><ul><li><strong>Closing the NVD Gap</strong>: The platform bypasses National Vulnerability Database (NVD) enrichment and processing delays by aggregating data from multiple alternative feeds, including GitHub Advisory Database, OSV, and Snyk, to provide rapid context during active zero-day threats.</li></ul><p></p><ul><li><strong>Noise Reduction via VEX and EPSS</strong>: To combat alert fatigue, the platform utilizes VEX (Vulnerability Exploitability eXchange) to document non-exploitable code paths and EPSS (Exploit Prediction Scoring System) to prioritize vulnerabilities based on actual real-world threat probability.</li></ul><p></p><ul><li><strong>Data Sovereignty &amp; Zero Day-Two Ops</strong>: amazee.io’s managed deployment provides the complete transparency of open source software while removing infrastructure overhead (like Java upgrades and PostgreSQL performance tuning). Crucially, sensitive vulnerability data remains completely isolated within your own cloud security boundaries.</li></ul><h2></h2>","raw":[{"type":"heading2","text":"In Short:","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"list-item","text":"Continuous SBOM Fleet Monitoring: Dependency-Track is an open source, API-first Software Composition Analysis (SCA) platform that continuously ingests automated Software Bills of Materials (SBOMs), transforming vulnerability tracking from isolated, reactive project scans into real-time fleet-wide visibility.","spans":[{"start":0,"end":32,"type":"strong"}],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"list-item","text":"Closing the NVD Gap: The platform bypasses National Vulnerability Database (NVD) enrichment and processing delays by aggregating data from multiple alternative feeds, including GitHub Advisory Database, OSV, and Snyk, to provide rapid context during active zero-day threats.","spans":[{"start":0,"end":19,"type":"strong"}],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"list-item","text":"Noise Reduction via VEX and EPSS: To combat alert fatigue, the platform utilizes VEX (Vulnerability Exploitability eXchange) to document non-exploitable code paths and EPSS (Exploit Prediction Scoring System) to prioritize vulnerabilities based on actual real-world threat probability.","spans":[{"start":0,"end":32,"type":"strong"}],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"list-item","text":"Data Sovereignty & Zero Day-Two Ops: amazee.io’s managed deployment provides the complete transparency of open source software while removing infrastructure overhead (like Java upgrades and PostgreSQL performance tuning). Crucially, sensitive vulnerability data remains completely isolated within your own cloud security boundaries.","spans":[{"start":0,"end":35,"type":"strong"}],"direction":"ltr"},{"type":"heading2","text":"","spans":[],"direction":"ltr"}],"text":"In Short:  Continuous SBOM Fleet Monitoring: Dependency-Track is an open source, API-first Software Composition Analysis (SCA) platform that continuously ingests automated Software Bills of Materials (SBOMs), transforming vulnerability tracking from isolated, reactive project scans into real-time fleet-wide visibility.  Closing the NVD Gap: The platform bypasses National Vulnerability Database (NVD) enrichment and processing delays by aggregating data from multiple alternative feeds, including GitHub Advisory Database, OSV, and Snyk, to provide rapid context during active zero-day threats.  Noise Reduction via VEX and EPSS: To combat alert fatigue, the platform utilizes VEX (Vulnerability Exploitability eXchange) to document non-exploitable code paths and EPSS (Exploit Prediction Scoring System) to prioritize vulnerabilities based on actual real-world threat probability.  Data Sovereignty & Zero Day-Two Ops: amazee.io’s managed deployment provides the complete transparency of open source software while removing infrastructure overhead (like Java upgrades and PostgreSQL performance tuning). Crucially, sensitive vulnerability data remains completely isolated within your own cloud security boundaries. "}}},{"id":"937f5001-a008-5df4-9328-371dd45b2285","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"<h2>Introduction: The “Fritos” Problem of Modern Software</h2><p></p><p>Put plainly by our Head of Product, Lauren Morris, in our recent <strong><a target=\"_blank\" rel=\"noopener\" href=\"https://www.amazee.io/resources/webinar/uncover-hidden-vulnerabilities-with-dependency-track\">webinar on Dependency-Track</a></strong>: “I eat Fritos all the time and purposely do not read the label. But sometimes you do want to know what you&#39;re putting in your body.”</p><p></p><p>Modern software works in a similar way. Every application is built on layers of dependencies, base images, and transitive components that evolve faster than most teams can track manually. A Software Bill of Materials (SBOM) provides a practical way to understand what is actually inside that stack. The comparison to nutrition labels fits neatly: you may not check every label every day, but when you need to know, that information becomes essential.</p><p>The core argument is simple: periodic scans are no longer enough. When a supply chain exploit emerges, organizations need visibility into their exposure in minutes, not days later. This guide explains how continuous SBOM monitoring works and why many teams choose a managed approach rather than operating the platform themselves.</p><p></p>","raw":[{"type":"heading2","text":"Introduction: The “Fritos” Problem of Modern Software","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"Put plainly by our Head of Product, Lauren Morris, in our recent webinar on Dependency-Track: “I eat Fritos all the time and purposely do not read the label. But sometimes you do want to know what you're putting in your body.”","spans":[{"start":65,"end":92,"type":"hyperlink","data":{"link_type":"Web","url":"https://www.amazee.io/resources/webinar/uncover-hidden-vulnerabilities-with-dependency-track","target":"_blank"}},{"start":65,"end":92,"type":"strong"}],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"Modern software works in a similar way. Every application is built on layers of dependencies, base images, and transitive components that evolve faster than most teams can track manually. A Software Bill of Materials (SBOM) provides a practical way to understand what is actually inside that stack. The comparison to nutrition labels fits neatly: you may not check every label every day, but when you need to know, that information becomes essential.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"The core argument is simple: periodic scans are no longer enough. When a supply chain exploit emerges, organizations need visibility into their exposure in minutes, not days later. This guide explains how continuous SBOM monitoring works and why many teams choose a managed approach rather than operating the platform themselves.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"Introduction: The “Fritos” Problem of Modern Software  Put plainly by our Head of Product, Lauren Morris, in our recent webinar on Dependency-Track: “I eat Fritos all the time and purposely do not read the label. But sometimes you do want to know what you're putting in your body.”  Modern software works in a similar way. Every application is built on layers of dependencies, base images, and transitive components that evolve faster than most teams can track manually. A Software Bill of Materials (SBOM) provides a practical way to understand what is actually inside that stack. The comparison to nutrition labels fits neatly: you may not check every label every day, but when you need to know, that information becomes essential. The core argument is simple: periodic scans are no longer enough. When a supply chain exploit emerges, organizations need visibility into their exposure in minutes, not days later. This guide explains how continuous SBOM monitoring works and why many teams choose a managed approach rather than operating the platform themselves. "}}},{"id":"9ac96af8-5de6-5c95-9206-41ac7cb8d914","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"<h2>What is Dependency-Track?</h2><p></p><h3>Defining the Tool</h3><p></p><p>Dependency-Track is an open source, API-first Software Composition Analysis platform that ingests SBOMs, catalogs components, and continuously matches that inventory against vulnerability intelligence. The important framing is that it is a portfolio tool, not a 1:1 project tool.</p><p>That portfolio orientation matters because most organizations do not have one application. They have fleets. Dependency-Track is designed to answer questions across that fleet without turning every incident into a manual inventory exercise.</p><p></p>","raw":[{"type":"heading2","text":"What is Dependency-Track?","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"heading3","text":"Defining the Tool","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"Dependency-Track is an open source, API-first Software Composition Analysis platform that ingests SBOMs, catalogs components, and continuously matches that inventory against vulnerability intelligence. The important framing is that it is a portfolio tool, not a 1:1 project tool.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"That portfolio orientation matters because most organizations do not have one application. They have fleets. Dependency-Track is designed to answer questions across that fleet without turning every incident into a manual inventory exercise.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"What is Dependency-Track?  Defining the Tool  Dependency-Track is an open source, API-first Software Composition Analysis platform that ingests SBOMs, catalogs components, and continuously matches that inventory against vulnerability intelligence. The important framing is that it is a portfolio tool, not a 1:1 project tool. That portfolio orientation matters because most organizations do not have one application. They have fleets. Dependency-Track is designed to answer questions across that fleet without turning every incident into a manual inventory exercise. "}}},{"id":"15be09f7-9183-5820-b1cb-73b9d73698ac","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"<h3>OWASP Origins</h3><p></p><p>Dependency-Track is an OWASP project, which positions it as an open source standard and part of a security community that values transparency and shared practices. This aligns naturally with amazee.io’s “open source at the core” ethos.</p><p></p>","raw":[{"type":"heading3","text":"OWASP Origins","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"Dependency-Track is an OWASP project, which positions it as an open source standard and part of a security community that values transparency and shared practices. This aligns naturally with amazee.io’s “open source at the core” ethos.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"OWASP Origins  Dependency-Track is an OWASP project, which positions it as an open source standard and part of a security community that values transparency and shared practices. This aligns naturally with amazee.io’s “open source at the core” ethos. "}}},{"id":"a93e90ee-ed99-5d12-abd9-90a62dbf5b6d","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"<h3>SBOMs (Software Bill of Materials) Explained</h3><p></p><p>SBOMs are inventories of the contents of your software artifact. They can describe application dependencies, OS packages, and deeper layers of container images.</p><p>SBOMs become far more valuable when they’re generated automatically and ingested continuously, because security depends on both what you run and what the world discovers about what you run.</p><p></p><p>In practice, SBOMs help you answer:</p><ul><li>What components and versions are in production right now?</li><li>Where are we exposed to a newly announced CVE?</li></ul><p></p>","raw":[{"type":"heading3","text":"SBOMs (Software Bill of Materials) Explained","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"SBOMs are inventories of the contents of your software artifact. They can describe application dependencies, OS packages, and deeper layers of container images.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"SBOMs become far more valuable when they’re generated automatically and ingested continuously, because security depends on both what you run and what the world discovers about what you run.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"In practice, SBOMs help you answer:","spans":[],"direction":"ltr"},{"type":"list-item","text":"What components and versions are in production right now?","spans":[],"direction":"ltr"},{"type":"list-item","text":"Where are we exposed to a newly announced CVE?","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"SBOMs (Software Bill of Materials) Explained  SBOMs are inventories of the contents of your software artifact. They can describe application dependencies, OS packages, and deeper layers of container images. SBOMs become far more valuable when they’re generated automatically and ingested continuously, because security depends on both what you run and what the world discovers about what you run.  In practice, SBOMs help you answer: What components and versions are in production right now? Where are we exposed to a newly announced CVE? "}}},{"id":"31eb4ba7-294c-5880-8e57-bf15f0d3d595","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"<h2>Solving the “NVD Gap”: Intelligence Beyond the Database</h2><p></p><h3>The National Vulnerability Database (NVD) Crisis</h3><p></p><p>The National Vulnerability Database (NVD) is the primary source of standardized vulnerability data, enriching CVEs with severity scores, affected products, and remediation guidance. But the NVD is not always fast. Processing and enrichment delays can leave security teams without critical context during the first hours of an incident, when exploit tooling spreads quickly and leadership wants immediate answers.</p><p>The goal is not to replace the NVD. It is to reduce the gap between knowing what software you have and understanding whether it is vulnerable.</p><p></p>","raw":[{"type":"heading2","text":"Solving the “NVD Gap”: Intelligence Beyond the Database","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"heading3","text":"The National Vulnerability Database (NVD) Crisis","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"The National Vulnerability Database (NVD) is the primary source of standardized vulnerability data, enriching CVEs with severity scores, affected products, and remediation guidance. But the NVD is not always fast. Processing and enrichment delays can leave security teams without critical context during the first hours of an incident, when exploit tooling spreads quickly and leadership wants immediate answers.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"The goal is not to replace the NVD. It is to reduce the gap between knowing what software you have and understanding whether it is vulnerable.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"Solving the “NVD Gap”: Intelligence Beyond the Database  The National Vulnerability Database (NVD) Crisis  The National Vulnerability Database (NVD) is the primary source of standardized vulnerability data, enriching CVEs with severity scores, affected products, and remediation guidance. But the NVD is not always fast. Processing and enrichment delays can leave security teams without critical context during the first hours of an incident, when exploit tooling spreads quickly and leadership wants immediate answers. The goal is not to replace the NVD. It is to reduce the gap between knowing what software you have and understanding whether it is vulnerable. "}}},{"id":"7b202666-853a-5535-bffb-076e5368be3d","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"<h3>Multi-Source Intelligence Aggregation</h3><p></p><p>To close that gap, organizations aggregate intelligence from multiple sources, including GitHub Advisory Database, OSV, and Snyk.</p><p>The value is speed and context. Alternative feeds often publish affected ranges, remediation guidance, and exploit discussions before the NVD completes enrichment. Combining those sources gives teams faster answers and better data during active incidents.</p><p></p>","raw":[{"type":"heading3","text":"Multi-Source Intelligence Aggregation","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"To close that gap, organizations aggregate intelligence from multiple sources, including GitHub Advisory Database, OSV, and Snyk.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"The value is speed and context. Alternative feeds often publish affected ranges, remediation guidance, and exploit discussions before the NVD completes enrichment. Combining those sources gives teams faster answers and better data during active incidents.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"Multi-Source Intelligence Aggregation  To close that gap, organizations aggregate intelligence from multiple sources, including GitHub Advisory Database, OSV, and Snyk. The value is speed and context. Alternative feeds often publish affected ranges, remediation guidance, and exploit discussions before the NVD completes enrichment. Combining those sources gives teams faster answers and better data during active incidents. "}}},{"id":"903e934c-6a55-5a20-a644-939f72029da9","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"<h3>Why Aggregation Matters for Zero-Day Threats</h3><p></p><p>Aggregation matters most during fast-moving zero-day events. In our aforementioned <strong><a target=\"_blank\" rel=\"noopener\" href=\"https://www.amazee.io/resources/webinar/uncover-hidden-vulnerabilities-with-dependency-track\">webinar</a></strong>, amazee.io’s Principal Architect, Sean Hamlin, highlighted the recent <a target=\"_blank\" rel=\"noopener\" href=\"https://nextjs.org/blog/CVE-2025-66478\"><strong>Next.js RCE issue</strong>,</a> in which bots began scanning the internet within hours of the disclosure.</p><p>The 2024 <strong><a target=\"_blank\" rel=\"noopener\" href=\"https://en.wikipedia.org/wiki/XZ_Utils_backdoor\">XZ Utils backdoor incident</a></strong> showed a different risk: a trusted low-level dependency becoming the target itself. In both cases, version-level visibility is essential for understanding real exposure.</p><p>But visibility only matters if inventory stays current, which is where automated ingestion becomes critical.</p><p></p>","raw":[{"type":"heading3","text":"Why Aggregation Matters for Zero-Day Threats","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"Aggregation matters most during fast-moving zero-day events. In our aforementioned webinar, amazee.io’s Principal Architect, Sean Hamlin, highlighted the recent Next.js RCE issue, in which bots began scanning the internet within hours of the disclosure.","spans":[{"start":83,"end":90,"type":"hyperlink","data":{"link_type":"Web","url":"https://www.amazee.io/resources/webinar/uncover-hidden-vulnerabilities-with-dependency-track","target":"_blank"}},{"start":83,"end":90,"type":"strong"},{"start":161,"end":179,"type":"hyperlink","data":{"link_type":"Web","url":"https://nextjs.org/blog/CVE-2025-66478","target":"_blank"}},{"start":161,"end":178,"type":"strong"}],"direction":"ltr"},{"type":"paragraph","text":"The 2024 XZ Utils backdoor incident showed a different risk: a trusted low-level dependency becoming the target itself. In both cases, version-level visibility is essential for understanding real exposure.","spans":[{"start":9,"end":35,"type":"hyperlink","data":{"link_type":"Web","url":"https://en.wikipedia.org/wiki/XZ_Utils_backdoor","target":"_blank"}},{"start":9,"end":35,"type":"strong"}],"direction":"ltr"},{"type":"paragraph","text":"But visibility only matters if inventory stays current, which is where automated ingestion becomes critical.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"Why Aggregation Matters for Zero-Day Threats  Aggregation matters most during fast-moving zero-day events. In our aforementioned webinar, amazee.io’s Principal Architect, Sean Hamlin, highlighted the recent Next.js RCE issue, in which bots began scanning the internet within hours of the disclosure. The 2024 XZ Utils backdoor incident showed a different risk: a trusted low-level dependency becoming the target itself. In both cases, version-level visibility is essential for understanding real exposure. But visibility only matters if inventory stays current, which is where automated ingestion becomes critical. "}}},{"id":"299828f9-1a6c-5c3d-9e88-60eef8e43781","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"<h2>Continuous Ingestion: Where Dependency-Track becomes Operational</h2><p></p><p>Dependency-Track is only as useful as the SBOM pipeline feeding it. Manual uploads don’t scale and often fail under stress. The goal is to generate SBOMs automatically and continuously ingest them, keeping the inventory current without heroics.</p><p></p>","raw":[{"type":"heading2","text":"Continuous Ingestion: Where Dependency-Track becomes Operational","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"Dependency-Track is only as useful as the SBOM pipeline feeding it. Manual uploads don’t scale and often fail under stress. The goal is to generate SBOMs automatically and continuously ingest them, keeping the inventory current without heroics.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"Continuous Ingestion: Where Dependency-Track becomes Operational  Dependency-Track is only as useful as the SBOM pipeline feeding it. Manual uploads don’t scale and often fail under stress. The goal is to generate SBOMs automatically and continuously ingest them, keeping the inventory current without heroics. "}}},{"id":"e55f7de7-07a3-595e-b3d8-26a90d96a23e","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"<h3>CI/CD Integration Patterns (High-Level)</h3><p></p><p>At a high level, the pipeline needs two things: SBOMs generated automatically, and continuous ingestion into a central inventory. With Lagoon, this can be integrated into the deployment flow so teams don’t rely on manual uploads.</p><p>SBOM quality also matters. In the webinar, Sean referenced moving from Trivy to Syft because Syft can produce more complete labels. In the Lagoon context, SBOM generation typically adds 20-60 seconds to a deployment during the “Insights gathering” step, a manageable cost for continuous visibility.</p><p>Finally, closed-loop notifications using tools like Slack and Teams help you avoid living in the UI. The best practice is simple. The system should only notify you when a new CVE matches your existing inventory.</p><p></p>","raw":[{"type":"heading3","text":"CI/CD Integration Patterns (High-Level)","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"At a high level, the pipeline needs two things: SBOMs generated automatically, and continuous ingestion into a central inventory. With Lagoon, this can be integrated into the deployment flow so teams don’t rely on manual uploads.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"SBOM quality also matters. In the webinar, Sean referenced moving from Trivy to Syft because Syft can produce more complete labels. In the Lagoon context, SBOM generation typically adds 20-60 seconds to a deployment during the “Insights gathering” step, a manageable cost for continuous visibility.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"Finally, closed-loop notifications using tools like Slack and Teams help you avoid living in the UI. The best practice is simple. The system should only notify you when a new CVE matches your existing inventory.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"CI/CD Integration Patterns (High-Level)  At a high level, the pipeline needs two things: SBOMs generated automatically, and continuous ingestion into a central inventory. With Lagoon, this can be integrated into the deployment flow so teams don’t rely on manual uploads. SBOM quality also matters. In the webinar, Sean referenced moving from Trivy to Syft because Syft can produce more complete labels. In the Lagoon context, SBOM generation typically adds 20-60 seconds to a deployment during the “Insights gathering” step, a manageable cost for continuous visibility. Finally, closed-loop notifications using tools like Slack and Teams help you avoid living in the UI. The best practice is simple. The system should only notify you when a new CVE matches your existing inventory. "}}},{"id":"041de476-8dc5-5c98-b99e-7535e03466ca","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"<h3>Operational Triage: Reduce Noise with VEX and EPSS</h3><p></p><p>Alert fatigue kills programs. Dependency-Track’s risk score is useful, but it should guide research and not trigger panic by itself. The goal of triage is to quickly separate “interesting” from “urgent,” and to document decisions so teams don’t re-litigate the same findings every time a scanner refreshes.</p><p>Two concepts help teams focus on what matters:</p><p>VEX lets you document non-exploitability when a vulnerable library exists, but the vulnerable code path is not reachable in your context. It’s how you turn “this shows up in the SBOM” into a defensible decision: <em>present, but not exploitable here.</em></p><p>EPSS helps prioritize vulnerabilities that are more likely to be exploited in the wild, which is often more operationally useful than severity alone, especially when teams are staring at a long backlog.</p><p></p><h4>Triage Signals to Use Together:</h4><p></p><ul><li>CVSS + EPSS: balance potential impact with likelihood of real-world exploitation, so you focus on what’s both serious <em>and</em> urgent.</li></ul><p></p><ul><li>VEX: document when something is present in your SBOM, but not actually exploitable in your specific context.</li></ul><p></p>","raw":[{"type":"heading3","text":"Operational Triage: Reduce Noise with VEX and EPSS","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"Alert fatigue kills programs. Dependency-Track’s risk score is useful, but it should guide research and not trigger panic by itself. The goal of triage is to quickly separate “interesting” from “urgent,” and to document decisions so teams don’t re-litigate the same findings every time a scanner refreshes.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"Two concepts help teams focus on what matters:","spans":[],"direction":"ltr"},{"type":"paragraph","text":"VEX lets you document non-exploitability when a vulnerable library exists, but the vulnerable code path is not reachable in your context. It’s how you turn “this shows up in the SBOM” into a defensible decision: present, but not exploitable here.","spans":[{"start":212,"end":246,"type":"em"}],"direction":"ltr"},{"type":"paragraph","text":"EPSS helps prioritize vulnerabilities that are more likely to be exploited in the wild, which is often more operationally useful than severity alone, especially when teams are staring at a long backlog.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"heading4","text":"Triage Signals to Use Together:","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"list-item","text":"CVSS + EPSS: balance potential impact with likelihood of real-world exploitation, so you focus on what’s both serious and urgent.","spans":[{"start":118,"end":121,"type":"em"}],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"list-item","text":"VEX: document when something is present in your SBOM, but not actually exploitable in your specific context.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"Operational Triage: Reduce Noise with VEX and EPSS  Alert fatigue kills programs. Dependency-Track’s risk score is useful, but it should guide research and not trigger panic by itself. The goal of triage is to quickly separate “interesting” from “urgent,” and to document decisions so teams don’t re-litigate the same findings every time a scanner refreshes. Two concepts help teams focus on what matters: VEX lets you document non-exploitability when a vulnerable library exists, but the vulnerable code path is not reachable in your context. It’s how you turn “this shows up in the SBOM” into a defensible decision: present, but not exploitable here. EPSS helps prioritize vulnerabilities that are more likely to be exploited in the wild, which is often more operationally useful than severity alone, especially when teams are staring at a long backlog.  Triage Signals to Use Together:  CVSS + EPSS: balance potential impact with likelihood of real-world exploitation, so you focus on what’s both serious and urgent.  VEX: document when something is present in your SBOM, but not actually exploitable in your specific context. "}}},{"id":"bda2fae8-2e1b-599c-80db-84aec9680801","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"<h3>Fleet Management: Why Portfolios Matter</h3><p></p><p>Dependency-Track becomes essential as soon as you have enough services that spreadsheets become useless. In the webinar, Sean describes the calm workflow: search for a CVE, see affected projects immediately, and hand developers a targeted list instead of asking them to inventory everything during a crisis.</p><p></p><p>High-value fleet questions that Dependency-Track can answer:</p><p></p><ul><li>Where are we running this vulnerable library and version?</li></ul><p></p><ul><li>Which projects are affected by this CVE right now?</li></ul><p></p><ul><li>Which teams own the affected services, so remediation can start immediately?</li></ul><p></p>","raw":[{"type":"heading3","text":"Fleet Management: Why Portfolios Matter","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"Dependency-Track becomes essential as soon as you have enough services that spreadsheets become useless. In the webinar, Sean describes the calm workflow: search for a CVE, see affected projects immediately, and hand developers a targeted list instead of asking them to inventory everything during a crisis.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"High-value fleet questions that Dependency-Track can answer:","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"list-item","text":"Where are we running this vulnerable library and version?","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"list-item","text":"Which projects are affected by this CVE right now?","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"list-item","text":"Which teams own the affected services, so remediation can start immediately?","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"Fleet Management: Why Portfolios Matter  Dependency-Track becomes essential as soon as you have enough services that spreadsheets become useless. In the webinar, Sean describes the calm workflow: search for a CVE, see affected projects immediately, and hand developers a targeted list instead of asking them to inventory everything during a crisis.  High-value fleet questions that Dependency-Track can answer:  Where are we running this vulnerable library and version?  Which projects are affected by this CVE right now?  Which teams own the affected services, so remediation can start immediately? "}}},{"id":"f6bf38be-681b-5522-a66b-7757079bdb62","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"<h2>Why Managed Dependency-Track?</h2><p></p><h3>SCA Landscape: DIY vs. Commercial vs. Managed</h3><p></p><p>In practice, teams usually consider one of three options:</p><p></p><p><strong>DIY (open source): </strong> gives maximum transparency, but you operate the platform long-term.</p><p></p><p><strong>Commercial SaaS: </strong>reduces operations but can introduce “black box” tradeoffs and data-residency constraints.</p><p></p><p><strong>Managed Dependency-Track (amazee.io)</strong>: keeps open source transparency while removing the day-two operational burden, with strong control over where data lives.</p><h3></h3><p></p>","raw":[{"type":"heading2","text":"Why Managed Dependency-Track?","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"heading3","text":"SCA Landscape: DIY vs. Commercial vs. Managed","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"In practice, teams usually consider one of three options:","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"DIY (open source):  gives maximum transparency, but you operate the platform long-term.","spans":[{"start":0,"end":19,"type":"strong"}],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"Commercial SaaS: reduces operations but can introduce “black box” tradeoffs and data-residency constraints.","spans":[{"start":0,"end":17,"type":"strong"}],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"Managed Dependency-Track (amazee.io): keeps open source transparency while removing the day-two operational burden, with strong control over where data lives.","spans":[{"start":0,"end":36,"type":"strong"}],"direction":"ltr"},{"type":"heading3","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"Why Managed Dependency-Track?  SCA Landscape: DIY vs. Commercial vs. Managed  In practice, teams usually consider one of three options:  DIY (open source):  gives maximum transparency, but you operate the platform long-term.  Commercial SaaS: reduces operations but can introduce “black box” tradeoffs and data-residency constraints.  Managed Dependency-Track (amazee.io): keeps open source transparency while removing the day-two operational burden, with strong control over where data lives.  "}}},{"id":"fe767f55-1e46-54f7-8157-e48c18ad51af","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"<h2></h2><h3>Comparison: DIY vs. Commercial vs. Managed</h3><p></p>","raw":[{"type":"heading2","text":"","spans":[],"direction":"ltr"},{"type":"heading3","text":"Comparison: DIY vs. Commercial vs. Managed","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":" Comparison: DIY vs. Commercial vs. Managed "}}},{"id":"41e916cd-4b25-54b9-943e-7e75a80f8417","slice_type":"raw_html","slice_label":null,"primary":{"html_content":{"html":"<p>&lt;table class=&quot;tg&quot;&gt; &lt;thead&gt; &lt;tr&gt; &lt;th class=&quot;tg-0pky&quot;&gt;&lt;span style=&quot;font-weight:bold&quot;&gt;Feature&lt;/span&gt;&lt;/th&gt; &lt;th class=&quot;tg-0pky&quot;&gt;&lt;span style=&quot;font-weight:bold&quot;&gt;DIY (Standard Open Source)&lt;/span&gt;&lt;/th&gt; &lt;th class=&quot;tg-0pky&quot;&gt;&lt;span style=&quot;font-weight:bold&quot;&gt;Commercial SaaS (Snyk, Black Duck, etc.)&lt;/span&gt;&lt;/th&gt; &lt;th class=&quot;tg-0pky&quot;&gt;&lt;span style=&quot;font-weight:bold&quot;&gt;Managed Dependency-Track (amazee.io)&lt;/span&gt;&lt;/th&gt; &lt;/tr&gt; &lt;/thead&gt; &lt;tbody&gt; &lt;tr&gt; &lt;td class=&quot;tg-0pky&quot;&gt;&lt;span style=&quot;font-weight:bold&quot;&gt;Direct Cost&lt;/span&gt;&lt;/td&gt; &lt;td class=&quot;tg-0pky&quot;&gt;$0 (Licensing)&lt;/td&gt; &lt;td class=&quot;tg-0pky&quot;&gt;High (Per-seat/Per-repo)&lt;/td&gt; &lt;td class=&quot;tg-0pky&quot;&gt;Predictable (Tiered Pricing)&lt;/td&gt; &lt;/tr&gt; &lt;tr&gt; &lt;td class=&quot;tg-0pky&quot;&gt;&lt;span style=&quot;font-weight:bold&quot;&gt;Infrastructure&lt;/span&gt;&lt;/td&gt; &lt;td class=&quot;tg-0pky&quot;&gt;You manage Java/PostgreSQL&lt;/td&gt; &lt;td class=&quot;tg-0pky&quot;&gt;Proprietary &quot;Black Box&quot;&lt;/td&gt; &lt;td class=&quot;tg-0pky&quot;&gt;Open Source (on optimized PaaS)&lt;/td&gt; &lt;/tr&gt; &lt;tr&gt; &lt;td class=&quot;tg-0pky&quot;&gt;&lt;span style=&quot;font-weight:bold&quot;&gt;Data Sovereignty&lt;/span&gt;&lt;/td&gt; &lt;td class=&quot;tg-0pky&quot;&gt;Your Cloud&lt;/td&gt; &lt;td class=&quot;tg-0pky&quot;&gt;Their Cloud&lt;/td&gt; &lt;td class=&quot;tg-0pky&quot;&gt;Your Cloud (In isolation)&lt;/td&gt; &lt;/tr&gt; &lt;tr&gt; &lt;td class=&quot;tg-0pky&quot;&gt;&lt;span style=&quot;font-weight:bold&quot;&gt;Transparency&lt;/span&gt;&lt;/td&gt; &lt;td class=&quot;tg-0pky&quot;&gt;Full (Source available)&lt;/td&gt; &lt;td class=&quot;tg-0pky&quot;&gt;None (Proprietary)&lt;/td&gt; &lt;td class=&quot;tg-0pky&quot;&gt;Full (Open source code/logic)&lt;/td&gt; &lt;/tr&gt; &lt;tr&gt; &lt;td class=&quot;tg-0pky&quot;&gt;&lt;span style=&quot;font-weight:bold&quot;&gt;Threat Feeds&lt;/span&gt;&lt;/td&gt; &lt;td class=&quot;tg-0pky&quot;&gt;Manual Configuration&lt;/td&gt; &lt;td class=&quot;tg-0pky&quot;&gt;Proprietary &amp;amp; Bundled&lt;/td&gt; &lt;td class=&quot;tg-0pky&quot;&gt;Pre-configured (Multi-source)&lt;/td&gt; &lt;/tr&gt; &lt;tr&gt; &lt;td class=&quot;tg-0pky&quot;&gt;&lt;span style=&quot;font-weight:bold&quot;&gt;Compliance&lt;/span&gt;&lt;/td&gt; &lt;td class=&quot;tg-0pky&quot;&gt;Your responsibility&lt;/td&gt; &lt;td class=&quot;tg-0pky&quot;&gt;SOC 2 / ISO (on their end)&lt;/td&gt; &lt;td class=&quot;tg-0pky&quot;&gt;SOC 2 / ISO / DORA Ready&lt;/td&gt; &lt;/tr&gt; &lt;/tbody&gt; &lt;/table&gt;</p>","raw":[{"type":"paragraph","text":"<table class=\"tg\"> <thead> <tr> <th class=\"tg-0pky\"><span style=\"font-weight:bold\">Feature</span></th> <th class=\"tg-0pky\"><span style=\"font-weight:bold\">DIY (Standard Open Source)</span></th> <th class=\"tg-0pky\"><span style=\"font-weight:bold\">Commercial SaaS (Snyk, Black Duck, etc.)</span></th> <th class=\"tg-0pky\"><span style=\"font-weight:bold\">Managed Dependency-Track (amazee.io)</span></th> </tr> </thead> <tbody> <tr> <td class=\"tg-0pky\"><span style=\"font-weight:bold\">Direct Cost</span></td> <td class=\"tg-0pky\">$0 (Licensing)</td> <td class=\"tg-0pky\">High (Per-seat/Per-repo)</td> <td class=\"tg-0pky\">Predictable (Tiered Pricing)</td> </tr> <tr> <td class=\"tg-0pky\"><span style=\"font-weight:bold\">Infrastructure</span></td> <td class=\"tg-0pky\">You manage Java/PostgreSQL</td> <td class=\"tg-0pky\">Proprietary \"Black Box\"</td> <td class=\"tg-0pky\">Open Source (on optimized PaaS)</td> </tr> <tr> <td class=\"tg-0pky\"><span style=\"font-weight:bold\">Data Sovereignty</span></td> <td class=\"tg-0pky\">Your Cloud</td> <td class=\"tg-0pky\">Their Cloud</td> <td class=\"tg-0pky\">Your Cloud (In isolation)</td> </tr> <tr> <td class=\"tg-0pky\"><span style=\"font-weight:bold\">Transparency</span></td> <td class=\"tg-0pky\">Full (Source available)</td> <td class=\"tg-0pky\">None (Proprietary)</td> <td class=\"tg-0pky\">Full (Open source code/logic)</td> </tr> <tr> <td class=\"tg-0pky\"><span style=\"font-weight:bold\">Threat Feeds</span></td> <td class=\"tg-0pky\">Manual Configuration</td> <td class=\"tg-0pky\">Proprietary &amp; Bundled</td> <td class=\"tg-0pky\">Pre-configured (Multi-source)</td> </tr> <tr> <td class=\"tg-0pky\"><span style=\"font-weight:bold\">Compliance</span></td> <td class=\"tg-0pky\">Your responsibility</td> <td class=\"tg-0pky\">SOC 2 / ISO (on their end)</td> <td class=\"tg-0pky\">SOC 2 / ISO / DORA Ready</td> </tr> </tbody> </table>","spans":[],"direction":"ltr"}],"text":"<table class=\"tg\"> <thead> <tr> <th class=\"tg-0pky\"><span style=\"font-weight:bold\">Feature</span></th> <th class=\"tg-0pky\"><span style=\"font-weight:bold\">DIY (Standard Open Source)</span></th> <th class=\"tg-0pky\"><span style=\"font-weight:bold\">Commercial SaaS (Snyk, Black Duck, etc.)</span></th> <th class=\"tg-0pky\"><span style=\"font-weight:bold\">Managed Dependency-Track (amazee.io)</span></th> </tr> </thead> <tbody> <tr> <td class=\"tg-0pky\"><span style=\"font-weight:bold\">Direct Cost</span></td> <td class=\"tg-0pky\">$0 (Licensing)</td> <td class=\"tg-0pky\">High (Per-seat/Per-repo)</td> <td class=\"tg-0pky\">Predictable (Tiered Pricing)</td> </tr> <tr> <td class=\"tg-0pky\"><span style=\"font-weight:bold\">Infrastructure</span></td> <td class=\"tg-0pky\">You manage Java/PostgreSQL</td> <td class=\"tg-0pky\">Proprietary \"Black Box\"</td> <td class=\"tg-0pky\">Open Source (on optimized PaaS)</td> </tr> <tr> <td class=\"tg-0pky\"><span style=\"font-weight:bold\">Data Sovereignty</span></td> <td class=\"tg-0pky\">Your Cloud</td> <td class=\"tg-0pky\">Their Cloud</td> <td class=\"tg-0pky\">Your Cloud (In isolation)</td> </tr> <tr> <td class=\"tg-0pky\"><span style=\"font-weight:bold\">Transparency</span></td> <td class=\"tg-0pky\">Full (Source available)</td> <td class=\"tg-0pky\">None (Proprietary)</td> <td class=\"tg-0pky\">Full (Open source code/logic)</td> </tr> <tr> <td class=\"tg-0pky\"><span style=\"font-weight:bold\">Threat Feeds</span></td> <td class=\"tg-0pky\">Manual Configuration</td> <td class=\"tg-0pky\">Proprietary &amp; Bundled</td> <td class=\"tg-0pky\">Pre-configured (Multi-source)</td> </tr> <tr> <td class=\"tg-0pky\"><span style=\"font-weight:bold\">Compliance</span></td> <td class=\"tg-0pky\">Your responsibility</td> <td class=\"tg-0pky\">SOC 2 / ISO (on their end)</td> <td class=\"tg-0pky\">SOC 2 / ISO / DORA Ready</td> </tr> </tbody> </table>"}}},{"id":"e243beda-1d1d-5b5f-a7c5-fbff4832a5e8","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"<h3>The Infrastructure Overhead</h3><p></p><p>Here’s the key point: the hidden cost of DIY isn’t the first deployment. It’s the day-two work, such as upgrades, database tuning, feed health, monitoring, backups, and keeping the platform itself secure. <strong>If your goal is to reduce supply chain risk, the more time you spend operating the tool, the less time you spend reducing actual risk.</strong></p><p></p>","raw":[{"type":"heading3","text":"The Infrastructure Overhead","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"Here’s the key point: the hidden cost of DIY isn’t the first deployment. It’s the day-two work, such as upgrades, database tuning, feed health, monitoring, backups, and keeping the platform itself secure. If your goal is to reduce supply chain risk, the more time you spend operating the tool, the less time you spend reducing actual risk.","spans":[{"start":205,"end":339,"type":"strong"}],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"The Infrastructure Overhead  Here’s the key point: the hidden cost of DIY isn’t the first deployment. It’s the day-two work, such as upgrades, database tuning, feed health, monitoring, backups, and keeping the platform itself secure. If your goal is to reduce supply chain risk, the more time you spend operating the tool, the less time you spend reducing actual risk. "}}},{"id":"45677d47-5ca7-52f6-8fda-254a2015dbac","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"<h3>Data Sovereignty and Compliance</h3><p></p><p>SBOMs and vulnerability posture can be sensitive. During Q&amp;A, Lauren succinctly summarized the expectation: “Your data is your data.” For many teams, the requirement is that vulnerability and SBOM data stay within existing security boundaries in AWS, GCP, or another controlled environment, rather than living in a shared public cloud SaaS footprint.</p><p>Data sovereignty is also intertwined with compliance. If you need to prove control over where data lives and how it is accessed, the hosting model becomes part of your security story.</p><p></p>","raw":[{"type":"heading3","text":"Data Sovereignty and Compliance","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"SBOMs and vulnerability posture can be sensitive. During Q&A, Lauren succinctly summarized the expectation: “Your data is your data.” For many teams, the requirement is that vulnerability and SBOM data stay within existing security boundaries in AWS, GCP, or another controlled environment, rather than living in a shared public cloud SaaS footprint.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"Data sovereignty is also intertwined with compliance. If you need to prove control over where data lives and how it is accessed, the hosting model becomes part of your security story.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"Data Sovereignty and Compliance  SBOMs and vulnerability posture can be sensitive. During Q&A, Lauren succinctly summarized the expectation: “Your data is your data.” For many teams, the requirement is that vulnerability and SBOM data stay within existing security boundaries in AWS, GCP, or another controlled environment, rather than living in a shared public cloud SaaS footprint. Data sovereignty is also intertwined with compliance. If you need to prove control over where data lives and how it is accessed, the hosting model becomes part of your security story. "}}},{"id":"2545da9e-6698-5aa5-a28f-527687cf3041","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"<h3>amazee.io’s Managed Solution</h3><p></p><p>Managed Dependency-Track focuses on removing the day-one configuration headache and the day-two operations burden. It also supports the deployment flexibility described by Sean, where instances can be provisioned in the location and cloud environment required by the customer.</p><p>The “inception” joke from the webinar illustrates how deep the integration can go. Sean described deploying Dependency-Track with Lagoon and using Dependency-Track to create SBOMs for Dependency-Track itself. It is funny, but it also demonstrates a platform mindset where continuous security is baked into how systems are delivered.</p><p>Managed hosting also ties into platform security. The goal is to meet SOC 2, ISO 27001, and DORA-oriented expectations through a managed approach that pre-configures feeds, reduces manual twiddling, and standardizes operations in a way that stands up to audits.</p><p></p>","raw":[{"type":"heading3","text":"amazee.io’s Managed Solution","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"Managed Dependency-Track focuses on removing the day-one configuration headache and the day-two operations burden. It also supports the deployment flexibility described by Sean, where instances can be provisioned in the location and cloud environment required by the customer.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"The “inception” joke from the webinar illustrates how deep the integration can go. Sean described deploying Dependency-Track with Lagoon and using Dependency-Track to create SBOMs for Dependency-Track itself. It is funny, but it also demonstrates a platform mindset where continuous security is baked into how systems are delivered.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"Managed hosting also ties into platform security. The goal is to meet SOC 2, ISO 27001, and DORA-oriented expectations through a managed approach that pre-configures feeds, reduces manual twiddling, and standardizes operations in a way that stands up to audits.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"amazee.io’s Managed Solution  Managed Dependency-Track focuses on removing the day-one configuration headache and the day-two operations burden. It also supports the deployment flexibility described by Sean, where instances can be provisioned in the location and cloud environment required by the customer. The “inception” joke from the webinar illustrates how deep the integration can go. Sean described deploying Dependency-Track with Lagoon and using Dependency-Track to create SBOMs for Dependency-Track itself. It is funny, but it also demonstrates a platform mindset where continuous security is baked into how systems are delivered. Managed hosting also ties into platform security. The goal is to meet SOC 2, ISO 27001, and DORA-oriented expectations through a managed approach that pre-configures feeds, reduces manual twiddling, and standardizes operations in a way that stands up to audits. "}}},{"id":"069b92f3-87f4-5ce3-80b9-37f4662e1cbb","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"<h2>Why Teams Choose Managed Dependency-Track</h2><p></p><p>Teams tend to fall into the DIY trap because the software is free, only to realize the operational burden is high. Dependency-Track needs care, and vulnerability intelligence needs to stay healthy. Managed Dependency-Track keeps the transparency and cost-efficiency of open source while removing the operational overhead, so the organization can focus on remediation.</p><p></p>","raw":[{"type":"heading2","text":"Why Teams Choose Managed Dependency-Track","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"Teams tend to fall into the DIY trap because the software is free, only to realize the operational burden is high. Dependency-Track needs care, and vulnerability intelligence needs to stay healthy. Managed Dependency-Track keeps the transparency and cost-efficiency of open source while removing the operational overhead, so the organization can focus on remediation.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"Why Teams Choose Managed Dependency-Track  Teams tend to fall into the DIY trap because the software is free, only to realize the operational burden is high. Dependency-Track needs care, and vulnerability intelligence needs to stay healthy. Managed Dependency-Track keeps the transparency and cost-efficiency of open source while removing the operational overhead, so the organization can focus on remediation. "}}},{"id":"24f006bf-a8c0-541a-bd98-c6fd150c3654","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"<h3>Key Advantages of the Managed Path</h3><p></p><ul><li>Infrastructure silence: you do not manage PostgreSQL performance or Java 25 migrations</li></ul><p></p><ul><li>Intelligence injected: multi-source feeds are pre-linked, reducing configuration burden</li></ul><p></p><ul><li>Compliance without effort: support SBOM requirements with an enterprise-grade, audited platform posture</li></ul><p></p>","raw":[{"type":"heading3","text":"Key Advantages of the Managed Path","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"list-item","text":"Infrastructure silence: you do not manage PostgreSQL performance or Java 25 migrations","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"list-item","text":"Intelligence injected: multi-source feeds are pre-linked, reducing configuration burden","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"list-item","text":"Compliance without effort: support SBOM requirements with an enterprise-grade, audited platform posture","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"Key Advantages of the Managed Path  Infrastructure silence: you do not manage PostgreSQL performance or Java 25 migrations  Intelligence injected: multi-source feeds are pre-linked, reducing configuration burden  Compliance without effort: support SBOM requirements with an enterprise-grade, audited platform posture "}}},{"id":"b300487f-63f4-5e7c-84a6-8b11ebc5d499","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"<h2>Navigating the Shared Responsibility Framework</h2><p></p><p>In a BYOC model, security and uptime are not owned by one party. They are shared across a stack, with each layer managed by the party best equipped to handle it. Getting clarity here early helps procurement because it turns the question of who is accountable into an actionable map of duties and escalation paths.</p><p></p>","raw":[{"type":"heading2","text":"Navigating the Shared Responsibility Framework","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"In a BYOC model, security and uptime are not owned by one party. They are shared across a stack, with each layer managed by the party best equipped to handle it. Getting clarity here early helps procurement because it turns the question of who is accountable into an actionable map of duties and escalation paths.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"Navigating the Shared Responsibility Framework  In a BYOC model, security and uptime are not owned by one party. They are shared across a stack, with each layer managed by the party best equipped to handle it. Getting clarity here early helps procurement because it turns the question of who is accountable into an actionable map of duties and escalation paths. "}}},{"id":"ddfbf9b1-2a6b-5c7c-814f-687b35d28b5b","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"<h2>Conclusion: From Fire Drills to Continuous Security</h2><p></p><p>Stop fighting fires when the next CVE drops. With Managed Dependency-Track from amazee.io, you get a dedicated instance (within your cloud boundaries) that continuously matches your SBOM inventory to vulnerability intelligence and alerts you only when action is required.</p><p></p><p>Reach out to your amazee.io Client Engagement Manager or contact the amazee.io sales team to get started.</p>","raw":[{"type":"heading2","text":"Conclusion: From Fire Drills to Continuous Security","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"Stop fighting fires when the next CVE drops. With Managed Dependency-Track from amazee.io, you get a dedicated instance (within your cloud boundaries) that continuously matches your SBOM inventory to vulnerability intelligence and alerts you only when action is required.","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"Reach out to your amazee.io Client Engagement Manager or contact the amazee.io sales team to get started.","spans":[],"direction":"ltr"}],"text":"Conclusion: From Fire Drills to Continuous Security  Stop fighting fires when the next CVE drops. With Managed Dependency-Track from amazee.io, you get a dedicated instance (within your cloud boundaries) that continuously matches your SBOM inventory to vulnerability intelligence and alerts you only when action is required.  Reach out to your amazee.io Client Engagement Manager or contact the amazee.io sales team to get started."}}},{"id":"49395c96-86cd-50cf-8975-6d58d1d2c688","internal":{"type":"PrismicBlogPostBody1BasicContent"},"slice_label":null,"slice_type":"basic_content","primary":{"content":{"html":"<h2>Further Reading</h2><p></p><p>👓 [Article] <strong><a target=\"_blank\" rel=\"noopener\" href=\"https://www.amazee.io/blog/post/ddos-attack-mitigation-for-enterprises\">DDoS Attack Mitigation for Enterprises</a></strong></p><p></p><p>👓 [Product Page] <strong><a target=\"_blank\" rel=\"noopener\" href=\"https://www.amazee.io/product/dependency-track\">Managed Dependency-Track</a></strong></p><p></p><p>👓 [Article] <strong><a target=\"_blank\" rel=\"noopener\" href=\"https://www.amazee.io/blog/post/fault-tolerant-enterprise-hosting\">Fault-Tolerant Enterprise Hosting</a></strong></p><p></p>","raw":[{"type":"heading2","text":"Further Reading","spans":[],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"👓 [Article] DDoS Attack Mitigation for Enterprises","spans":[{"start":13,"end":51,"type":"hyperlink","data":{"link_type":"Web","url":"https://www.amazee.io/blog/post/ddos-attack-mitigation-for-enterprises","target":"_blank"}},{"start":13,"end":51,"type":"strong"}],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"👓 [Product Page] Managed Dependency-Track","spans":[{"start":18,"end":42,"type":"hyperlink","data":{"link_type":"Web","url":"https://www.amazee.io/product/dependency-track","target":"_blank"}},{"start":18,"end":42,"type":"strong"}],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"},{"type":"paragraph","text":"👓 [Article] Fault-Tolerant Enterprise Hosting","spans":[{"start":13,"end":46,"type":"hyperlink","data":{"link_type":"Web","url":"https://www.amazee.io/blog/post/fault-tolerant-enterprise-hosting","target":"_blank"}},{"start":13,"end":46,"type":"strong"}],"direction":"ltr"},{"type":"paragraph","text":"","spans":[],"direction":"ltr"}],"text":"Further Reading  👓 [Article] DDoS Attack Mitigation for Enterprises  👓 [Product Page] Managed Dependency-Track  👓 [Article] Fault-Tolerant Enterprise Hosting "}}}],"summary":"Learn how our Managed Dependency-Track delivers continuous software supply chain security, automated SBOM monitoring, and multi-source CVE intelligence.","canonical_url":null,"unlisted":false,"calendar_title":null,"calendar_embed":{"url":""},"calender_heading":null,"calender_subheading":null,"calender_body":{"html":"","raw":[],"text":""},"calender_image":{"url":null,"alt":null},"images":[{"path":"https://images.prismic.io/amazeeio/agyGcqYofJOwHYho_amazee-io-managed-dependency-track-supply-chain-security-guide.png?auto=format%2Ccompress"}]}}]}},
    "staticQueryHashes": ["1659250047","2244888832","3350517190"]}