Operations | Monitoring | ITSM | DevOps | Cloud

The latest News and Information on CyberSecurity for Applications, Services and Infrastructure, and related technologies.

Seven steps to help protect your ERP system against cyberattacks

What would happen if your enterprise resource planning (ERP) system were attacked? For many companies, the consequences would be devastating. ERP systems not only contain the crown jewels of the business—customer data, stock levels, order entries, production plans, and contract data—they also manage such essential financial processes as order to cash (OTC), and operational processes such as production planning and steering and cash collection and payments.

9 Essential Steps of a Server Hardening Process

In any given IT environment, a server is the foundation that provides services for endpoints to carry out various actions. They are essential for computer networks to have shared access or information. Unfortunately, servers are often targets for cyberattacks due to their ability to reach other parts of the IT environment and wreak havoc. With these attacks on the rise, developing a server hardening process will help organizations improve its security posture.

What is SCP Protocol? A Complete Guide

When transferring data between systems, it's extremely important to preserve integrity and confidentiality. There are protocols and procedures to do so. One of them is the Secure Copy Protocol (SCP); which is a method designed to securely pass on digital information. The SCP protocol helps transferring files from a local to a remote host or between two remote hosts.

Change in behavior: multiple cf-execd processes

Recently we introduced new feature where you can trigger agent runs and report collection from the Mission Portal UI. This required our daemon cf-execd to behave a bit differently when periodic agent runs occur. Previously the daemon would create a new thread in which to run cf-agent, capture output, wait for completion and move on. We changed the behavior so that the daemon forks itself and then fork/execs cf-agent as before, with the forked cf-execd processing agent run output.

CFEngine Build System version 2

A while back we released version 2 of cfbs, and even though we release versions of this tool quite frequently, without announcing it on the blog, we thought this was a good opportunity to talk a bit about the tool, what’s new and our direction with it in the future. The reason why we called this the “2.0” release is that we are trying to follow semantic versioning, and there were some big new features in the release which could be considered breaking changes.

Key advantages of the Calico eBPF data plane

Project Calico has offered a production-ready data plane based on eBPF since September 2020, and it’s been available for technical evaluation for even longer (since February 2020). The pre-requisites and limitations are simple to review, it’s easy to enable, and it’s easy to validate your configuration. So, there’s never been a better time to start experiencing the benefits! You do know what those are, don’t you? Don’t worry if not!

3 ways to boost your company's cybersecurity

Cybersecurity is on the mind of every business leader, and for good reason: The number of data breaches rose 24% between 2020 and 2021, according to global ThoughtLab research co-sponsored by ServiceNow. Organizations everywhere need advanced security programs to navigate today’s fluid threat landscape. Here are three ways to help do that: 1. Create a framework Customers are increasingly concerned about data security.

How to audit Node.js modules

Node.js is one of the best and most widely used Javascript runtimes used for building APIs. But, this popularity status has led to many hackers distributing insecure modules that exploit the Node.js application or provide a weak point for exploitation. In this tutorial, you will learn how to audit Node.js modules and also detect vulnerabilities in modules using npm audit.

Anatomy of a Supply Chain Attack Detection and Response

In today's world of global supply chains, a breach never stops at a supplier level but cascades all the way up the chain. So being able to detect and stop a supply chain attack at an early stage before an attacker exfiltrates confidential company data or damages company operations and reputation is critical to your organization's survival. Luckily, hackers always leave a trace, so proper detection can help you stop breaches at an early stage before hackers achieve their goals.

What are CIS Controls, and Why Are They Important?

Way back in the early days of the Internet, having an antivirus was the end-all-be-all of cybersecurity. These were admittedly wilder times but in a way, only a few bad actors had the tools and knowledge to threaten and breach corporate IT infrastructures. Times have changed and thanks to the dissemination of information and widespread accessibility to more hacking technology, cyber-attacks have become a very real and tangible menace with potentially devastating consequences.