When Paddy Power Betfair’s (PPB) bug bounty journey began in early 2018, it felt like a natural next step to strengthen the company’s security posture. PPB has a Continuous Integration/Continuous Delivery (CI/CD) development culture with an agile mindset, and that means short development cycles and quick release of new features on our web platforms. A common concern with CI/CD in large scale and complex web products is the possibility of introducing bugs in production before the new feature has had time to mature and be thoroughly assessed.
To us, the best way to address this challenge is to embed security in each stage of the Software Development Life Cycle (SDLC), from the early planning stages, through implementation and release, and eventually to production monitoring of established products. To ensure we were able to scale with our growth, we worked hard to automate these security controls in as many stages as possible.
Continue reading “PPB’s Bug Bounty Journey – Looking back four years on”
In this article, we’ll cover the introduction of distributed tracing in Betfair. First, we outline our problems with monitoring and logs, and explain why we think tracing is important. Then we detail the steps we took to enable tracing the bet placement in our platform. If you are looking for an open source implementation of a distributed tracing system, we propose you to check out https://www.jaegertracing.io/ . Jaeger is also our choice here in Betfair. Yuri Shkuro has written a great book on the subject.
Continue reading “Adopting Distributed Tracing – Part 1”
Alex Cioflica, Cristian Bote and Tiberiu Krisboi
Just a few
days before the World Cup started, we sequentially released a major rework of
all our Gaming sites covering both redesigning all the products and a complete
under the hood revamp. Rebuilding our technology stack was a massive effort
across multiple teams and departments, ranging from Product, Design and
Marketing to Tech, Content, SEO and the list goes on.
lengthy article we’ll talk about our journey through choosing the right
technology, learning from different mistakes and ultimately achieving what we
set out to do.
Continue reading “Rebuilding the Gaming lobbies – part 1”