Operations | Monitoring | ITSM | DevOps | Cloud

This post will be updated over the next several days. Recently, a Remote Code Execution vulnerability was discovered in the Apache Log4J library. This vulnerability, which is tracked in CVE-2021-44228, dubbed Log4Shell, allows attackers to execute arbitrary code on affected systems. While HAProxy Enterprise, HAProxy ALOHA, and other products within the HAProxy Technologies portfolio are not impacted by this (they do not use the Log4J library at all), you can use them to block the attack.

Modern applications come in a variety of forms–monoliths, microservices, serverless functions, and containers to name a few–but at the heart of all of these are processes. Processes are the fundamental unit of execution that we use to run programs, and although we need processes to run our applications, software engineers rarely think about them.

Last Thursday, a researcher from the Alibaba Cloud Security Team dropped a zero-day remote code execution exploit on Twitter, targeting the extremely popular log4j logging framework for Java (specifically, the 2.x branch called Log4j2). The vulnerability was originally discovered and reported to Apache by the Alibaba cloud security team on November 24th. MITRE assigned CVE-2021-44228 to this vulnerability, which has since been dubbed Log4Shell by security researchers.

We’re excited to share with you that we have launched a completely new way to start using the JFrog DevOps Platform that you – as a developer – will love. We’ve provided a super-easy, developer-friendly path to discovering how Artifactory and Xray can help you produce safer apps, faster, getting started through the command line shell and IDE that you use every day.

Let’s get to the point about data management: Businesses need data, but accumulating too much can be detrimental. Data overcrowding can corrupt IT professionals, turning them into greedy hoarders. Being indigestible with excessive repeated, outdated or banal information, the so-called ROT data, is bad. Companies of the world! The Devil tempts you with Big Data! Something that, if too much, could be harmful! We tell you all about it in this article.

We’re excited to announce that private incidents are now available on FireHydrant. For the first time, incidents can have visibility limited to only permissioned users are able to see. This is a great solution for security and compliance teams who need to collaborate with their engineering counterparts to resolve incidents. The nature of these incidents that these teams work on dramatically differs from operational incidents.

So you’ve heard of Kubernetes, and you’ve decided it’s time to dive into what everyone’s talking about. Or maybe you’ve worked with it a little, but you’d like to level up.

Learning how to fly. Again. Because certain technologies and processes can always be optimized. Take laptops, for instance (I always wanted to become a laptop designer!). From foldable screens to computers that incorporate e-readers, we are always pushing for new designs that address ergonomic requirements but also improve the way we work. We are doing the same with drones. This month features innovations that dare to challenge the status quo of how we fly.

Today, hundreds, if not thousands, of businesses globally outsource their software development projects for various reasons. In 2022, Gartner predicts that global IT outsourcing linked to remote work will reach $456 billion, a jump of 6.8% from 2020. The cost of developing a digital product with an outsourced team may appear to be much cheaper than with an in-house team.