%term

The latest News and Information on DevOps, CI/CD, Automation and related technologies.

Security vulnerabilities on the Data Distribution Service (DDS)

Dec 15, 2021 By Florencia Cabral Berenfus In Canonical

If you are currently running the Robot Operating System 2 (ROS 2), this piece is especially relevant to the security of your robots. A few weeks ago, a group of security researchers reported 13 security vulnerabilities affecting some of the most used implementations of DDS, the default middleware used by ROS 2.

Read Post

Canonical

Read more about Security vulnerabilities on the Data Distribution Service (DDS)

The EPC-U3233 by Advantech gets Ubuntu certified to accelerate AIoT Applications

Dec 15, 2021 By Canonical In Canonical

Canonical and Advantech have collaborated to help enterprises accelerate Edge AIoT Applications with Ubuntu 20.04 LTS certified on the EPC-U3233, powered by an 8th Gen Intel® Core™ i series processor. This compact fanless embedded PC facilitates data-intensive computing in IoT edge applications.

Read Post

Canonical

Read more about The EPC-U3233 by Advantech gets Ubuntu certified to accelerate AIoT Applications

Introduction to JFrog Xray

Dec 15, 2021 By JFrog In JFrog

JFrog Xray is a universal software composition analysis (SCA) solution that natively integrates with Artifactory as part of the JFrog Platform. Xray gives developers and DevSecOps teams an easy way to proactively identify open source vulnerabilities and license compliance violations before they manifest in production.

View Video

JFrog

Read more about Introduction to JFrog Xray

Log4j Log4Shell Vulnerability: All You Need To Know

Dec 15, 2021 By JFrog In JFrog

On December 9, 2021, a researcher from the Alibaba Cloud Security Team dropped a zero-day remote code execution exploit on Twitter, targeting the extremely popular log4j logging framework for Java. Since then, the trivially exploitable (weaponized PoCs are available publicly) and extremely popular library has reportedly been massively exploited and has gotten wide coverage on media and social networks.

View Video

JFrog

Read more about Log4j Log4Shell Vulnerability: All You Need To Know

Build your software distribution fast lane with Distribution Edges

Dec 15, 2021 By JFrog In JFrog

DO YOU NEED TO CONTINUOUSLY PUBLISH AND DISTRIBUTE YOUR SOFTWARE TO SHARE WITH: Then you know what a hassle it can be -- with network bottlenecks, security overhead, and operational challenges managing distribution infrastructure at scale slowing down your releases.

View Video

JFrog

CI CD
DevOps

Read more about Build your software distribution fast lane with Distribution Edges

The Log4j Log4Shell vulnerability: Overview, detection, and remediation

Dec 14, 2021 By Zack Allen In Datadog

On December 9, 2021, a critical vulnerability in the popular Log4j Java logging library was disclosed and nicknamed Log4Shell. The vulnerability is tracked as CVE-2021-44228 and is a remote code execution vulnerability that can give an attacker full control of any impacted system. In this blog post, we will: We will also look at how to leverage Datadog to protect your infrastructure and applications.

Read Post

Datadog

Read more about The Log4j Log4Shell vulnerability: Overview, detection, and remediation

Podcast: Break Things on Purpose | Mandi Walls, DevOps Advocate at PagerDuty

Dec 14, 2021 By Julie Gunderson In Gremlin

Take a trip down memory lane with Mandi Walls, to chat about the many changes over the years in chaos engineering and other ares of tech. We’ve also got the new addition to Gremlin’s Developer Advocacy, Julie Gunderson who has joined Jason to chat with their mutual friend. Mandi talks about her previous work alongside Julie, but also the variegated nature of her background in operations and systems administration.

Read Post

Gremlin

Read more about Podcast: Break Things on Purpose | Mandi Walls, DevOps Advocate at PagerDuty

Git Integration for Jira v4.0 - New Git Indexing

Dec 14, 2021 By Jonathan Silva In GitKraken

Zip into Git Integration for Jira version 4.0! Our team has been whipping up some speedy new features and improvements to enhance your Git Integration for Jira Data Center and Jira Server experience. Do more in Git without leaving Jira, reducing context switching for a better workflow. Start using Git Integration for Jira free today! Start Free Trial.

Read Post

GitKraken

Read more about Git Integration for Jira v4.0 - New Git Indexing

FinOps Tools: Supercharge Your Investment with Optimization

Dec 14, 2021 By Densify In Densify

Cost analysis and allocation tools like CloudHealth, CloudCheckr, and Cloudability play an important role in many organizations’ FinOps journeys by assisting with keeping Finance informed, enabling forecasting, and driving accountability. These tools may also help provide visibility and direction around long-term purchases like Savings Plans and RIs. But, slicing and dicing your cloud costs is only the tip of the FinOps iceberg: 85%+ of your cloud savings potential lies beyond refining how you buy cloud services. You also need to optimize what you’re actually purchasing.

View Video

Densify

Read more about FinOps Tools: Supercharge Your Investment with Optimization

Log4shell fix with the Bitbucket Cloud and Snyk integration

Dec 14, 2021 By Ash Moosa In Atlassian

By now, you’re probably assessing your level of exposure — or are in the middle of remediating — the recently disclosed vulnerability known as Log4Shell. We recently introduced a native integration with Snyk, a leading provider of developer security solutions, to help you address zero-day vulnerabilities. Once enabled, Snyk scans your code and its dependencies, and alerts you about security vulnerabilities, including Log4j. All current versions of Log4j 2 up to 2.14.1 are vulnerable.

Read Post