How much damage happens to a company when hackers phish an executive’s email? An FBI report claims that the total losses from these attacks has grown to $3.7 billion dollars. Can current phishing detection find instances of these attacks? A solution is to first separate the generic phishing attacks from those to executives, also known as whaling attack. Whaling attacks are different as they are more targeted to prominent employees. A wide range of detection currently exists, from security appliances all the way through relying on self-reported emails. Those that slip through are the ones that can cause the most damage.
Our team developed a service that reads from a Kafka topic, interacts with a Postgres database using basic CRUD operations, and calls APIs on an external service. As part of our increased focus on automated testing, getting to a higher level of testing code coverage required us to tie in the external components of our system architecture. Since we don’t control these components in production, we included these components in our CI/CD pipeline to give us a higher level of confidence that our integrated code is working as expected. We also wanted to run automated functional tests against our service, and that too required running these services in the pipeline. We use Drone as our CI/CD tooling and decided to learn how to use services in Drone to solve this problem. This short blog post runs through an example of how we started up a database service and a Kafka service in Drone and ran a test against these service, that might help others in a similar situation.