Operations | Monitoring | ITSM | DevOps | Cloud

The latest News and Information on CyberSecurity for Applications, Services and Infrastructure, and related technologies.

InfluxData secures SOC 2 Type II certification for InfluxDB Cloud

SAN FRANCISCO — January 28, 2021 — InfluxData, creator of the time series database InfluxDB, today announced it has achieved Service Organization Control (SOC) 2 Type II compliance for InfluxDB Cloud, the fully managed and serverless time series platform. The certification demonstrates InfluxData’s ability to implement critical security policies and prove compliance over an extended period.

InfluxData is SOC 2 Certified

At InfluxData, we focus on our customers’ productivity — time to awesome, as we call it. Usually this is about product capabilities — InfluxDB’s features, speed, scalability, etc. But for some, your project will grow in size to the point where you need to purchase InfluxDB. And in some cases, you’ll need your compliance and/or security teams to sign off on the purchase.

Datadog achieves FedRAMP Moderate Impact authorization

As government agencies accelerate migrating their operations to the cloud, they need to adhere to strict compliance and security standards. The Federal Risk and Authorization Management Program (FedRAMP) provides the standard that these agencies—and their private-sector partners—must meet to work and manage federal data safely in the cloud.

How to export and import Timelines and templates from Elastic Security

When performing critical security investigations and threat hunts using Elastic Security, the Timeline feature is always by your side as a workspace for investigations and threat hunting. Drilling down into an event is as simple as dragging and dropping to create the query you need to investigate an alert or event.

Code42 launches a new app in the Sumo Logic Open Source Partner Ecosystem

Digital business transformation requires a fast-moving, collaborative culture. As companies on this fast track focus on innovation and speed to market, they inherently introduce more risk from the inside. Furthermore, in 2020, remote work became the norm, requiring increased adoption of cloud collaboration technologies. This shift caused a sudden acceleration of insider risk like we’ve never seen before.

Fail2ban Monitoring with InfluxDB and Telegraf

If you have a server open to the internet on Port 22 (the default port for SSH servers), it’s common to find several “Failed password” in your auth.log (log file) every minute, due to bots constantly browsing the internet for servers that are easy to hack with common passwords. But if your auth.log is growing very fast and SSH daemon randomly refuses to create new connections, then someone probably marked your server as a target for coordinated SSH brute-force attack.

Learn how to comply now before your next audit

Are you struggling to keep up with manual compliance across your infrastructure? In this 25-minute episode of the Pulling the Strings podcast, powered by Puppet, learn how Puppet Comply makes automating your configuration compliance easy -- with full view dashboards and the ability to assess, remediate and enforce all through the Puppet Enterprise solution. Listen in and discover:

How to set AWS S3 Bucket Read Permissions with Relay

Cloud environments are susceptible to security issues. A big contributor is misconfigured resources. Misconfigured S3 buckets are one example of a security risk that could expose your organization’s sensitive data to bad actors. Policies and regular enforcement of best practices are key to reducing this security risk. However, manually checking and enforcing security is time-consuming and can fall behind with all the demands a busy DevOps team faces every day.

Why ManageEngine PAM360 is the ultimate privileged access management solution

At ManageEngine, we‘re building one of the most comprehensive and tightly integrated IT management software suites on the market. We have over 90 products and free tools to manage all your IT needs, including Active Directory management, help desk management, desktop and mobile device management, network and server management, application management, IT security, and analytics.