Operations | Monitoring | ITSM | DevOps | Cloud

The latest News and Information on DevOps, CI/CD, Automation and related technologies.

Simplify bare metal operations for sovereign clouds

The way enterprises are thinking about their infrastructure has changed. Digital sovereignty of all kinds – data sovereignty, operational sovereignty, and software sovereignty – have begun to dominate the infrastructure discussion. Today, these abstract terms have become practical concerns for platform teams.

How to Harden Ubuntu SSH: From static keys to cloud identity

30 years after its introduction, Secure Shell (SSH) remains the ubiquitous gateway for administration, making it a primary target for brute force attacks and lateral movement within enterprise environments. For system administrators and security architects operating under the weight of regulatory frameworks like SOC2, HIPAA, and PCI-DSS, default SSH configurations are an “open door” that represents an unacceptable risk.

How to Scale Sandbox Environments with an Internal Developer Portal | Harness Blog

Here's a scenario that probably sounds familiar: a developer needs a sandbox environment to test something. They file a ticket. Then they wait. And wait. Maybe a day goes by, maybe three. Meanwhile, your platform team is buried in provisioning requests, and somewhere, someone has already spun up an unsanctioned workaround that bypasses every governance policy you've put in place. It's a lose-lose. Developers lose velocity, platform teams lose their sanity, and security gaps quietly multiply.

It's Time to Rethink Untrusted Code in Your Pipeline | Harness Blog

The catastrophic TeamPCP exploit in March 2026 demonstrated that "open execution" models, in which third-party code runs with full privileges, have made CI/CD pipelines a primary target for global credential harvesting. There are better architectures. On March 19th, the risks of running open execution pipelines — where what code runs in your CI/CD environment is largely uncontrolled — went from theoretical to catastrophic.

3 Biggest Myths of Chaos Engineering

Are myths about chaos engineering preventing your team from building more resilient systems? In this video, Matt Schillerstrom, Director of Product Management at Harness and founding engineer of the chaos engineering program at Target.com, breaks down the three most common misconceptions about chaos engineering. Drawing from his experience building large-scale programs, Matt explains how to move past these myths to build confidence in your infrastructure.

Building an Alert Routing setup that never misses a critical incident

Critical incidents have a direct impact on your business revenue and the trust your customers place in you. The longer a critical incident goes unnoticed, the higher the stakes. A reliable alert routing setup automatically catches these incidents the moment they trigger and gets them to the right person without delay. This guide walks you through how to build that reliable routing setup.

How to handle midnight incidents without waking everyone up

When a midnight incident triggers, the goal is not to wake your entire team. It’s to reach the one person who can act on it. Everyone else should sleep through it undisturbed. The difference between a team that handles midnight incidents well and one that doesn’t usually comes down to a few decisions made ahead of time. Which incidents actually need a midnight response? Who should get the call? And what should happen to everything else? This guide walks through those decisions.