Posts
I am true to my traditions. Every New Year's holiday I read some interesting book (if I h…
January 9, 2026 at 7:58 PM•Max Knyazev is typing…Telegram mirror
I am true to my traditions. Every New Year holidays I read some interesting book (
if I have time, then several
). This year was no exception, which means it’s time to review
"Safe DevOps. Efficient operation of systems"
Julien Wehena
The book is actually not new and, I would say, popular in certain circles. However, I haven’t said anything about her yet. Taking this opportunity, I tell
📖
This is a rare case when a book does not try to be smarter than the reader. She's trying to save him from himself
I’ll set expectations right away. This is not an instruction, not a motivational manifesto, and not a collection of checklists in the style of “add SAST, add DAST, etc.” This is a book about the practical operation of systems in the real world. So yes, food is always on fire, security is always a hindrance, people are always unhappy
😳
It reads calmly and rather easily. The author does not scare with horror stories and does not sell “the only correct approach.” Instead, he methodically explains why DevOps can turn into an incident factory, and security without an understanding of operations is stupidly stuck on paper and only
What I liked most is that the book constantly brings the reader back to the thought: a system is not a code. The system is code, people, processes, automation, monitoring, alerts, oncalls and a fellow engineer on duty ( even if he's sleeping ). And if you ignore at least one of these elements, no CI/CD will save you
🙂
The topic of observability is covered very well. If you don't understand what's happening in the system right now, you have no control. Logs for the sake of logs, metrics for the sake of dashboards... this
(
as my math teacher at the Higher School of Economics liked to say
)
self-deception
I can separately highlight the author’s attitude towards automation. He neither deifies nor demonizes her. Automation is seen as a tool that either reduces cognitive load and errors, or makes things worse if you've automated chaos. And this, by the way, is very painful to learn
💯
The book does not talk about security as a separate function. It is woven into operation at the level of minimizing privileges, control of changes, reproducibility of environments, and predictability of system behavior. Everything to the point
It is important to understand one more thing. This is not a book for people who only learned the word DevOps yesterday. And not a book for those looking for a silver bullet. It will be more suitable for those who have already argued with developers, encountered incidents, etc. ( literals mi )
🤔
Presentation style also I liked it. An engineering conversation between an adult and another adult. Personally I like this
Subjective rating - 10/10
If you work with production, infrastructure, CI/CD and still think that for security it’s enough to cover everything with scanners, this book is worth reading. Something like this
👨💻
#book_review
#information_security
Open original post on TelegramThe book is actually not new and, I would say, popular in certain circles. However, I haven’t said anything about her yet. Taking this opportunity, I tell
This is a rare case when a book does not try to be smarter than the reader. She's trying to save him from himself
I’ll set expectations right away. This is not an instruction, not a motivational manifesto, and not a collection of checklists in the style of “add SAST, add DAST, etc.” This is a book about the practical operation of systems in the real world. So yes, food is always on fire, security is always a hindrance, people are always unhappy
It reads calmly and rather easily. The author does not scare with horror stories and does not sell “the only correct approach.” Instead, he methodically explains why DevOps can turn into an incident factory, and security without an understanding of operations is stupidly stuck on paper and only
What I liked most is that the book constantly brings the reader back to the thought: a system is not a code. The system is code, people, processes, automation, monitoring, alerts, oncalls and a fellow engineer on duty ( even if he's sleeping ). And if you ignore at least one of these elements, no CI/CD will save you
The topic of observability is covered very well. If you don't understand what's happening in the system right now, you have no control. Logs for the sake of logs, metrics for the sake of dashboards... this
I can separately highlight the author’s attitude towards automation. He neither deifies nor demonizes her. Automation is seen as a tool that either reduces cognitive load and errors, or makes things worse if you've automated chaos. And this, by the way, is very painful to learn
The book does not talk about security as a separate function. It is woven into operation at the level of minimizing privileges, control of changes, reproducibility of environments, and predictability of system behavior. Everything to the point
It is important to understand one more thing. This is not a book for people who only learned the word DevOps yesterday. And not a book for those looking for a silver bullet. It will be more suitable for those who have already argued with developers, encountered incidents, etc. ( literals mi )
Presentation style also I liked it. An engineering conversation between an adult and another adult. Personally I like this
Subjective rating - 10/10
If you work with production, infrastructure, CI/CD and still think that for security it’s enough to cover everything with scanners, this book is worth reading. Something like this
#book_review
#information_security
Discussion
Comments
Comments are available only to confirmed email subscribers. No separate registration or password is required: a magic link opens a comment session.
Join the discussion
Enter the same email that you already used for your site subscription. We will send you a magic link to open comments on this device.
There are no approved comments here yet.