Operations | Monitoring | ITSM | DevOps | Cloud

The latest News and Information on CyberSecurity for Applications, Services and Infrastructure, and related technologies.

CIS-Harden your Ubuntu in Google Cloud

CIS Benchmarks are best practices for the secure configuration of a target system. The Center for Internet Security, Inc. (CIS®) is the authority backing CIS Benchmarks. Ubuntu Pro is entitled to be CIS compliant and packaged with CIS toolings from Canonical. Let’s SSH into your Ubuntu Pro virtual machine. If you haven’t yet upgrade your Ubuntu LTS to Ubuntu Pro, please follow this tutorial.

History of Open Source Identity Management (part 1)

Few computing concepts are as ubiquitous as identity and access management. There isn’t a single day that goes by without us being asked for credentials, passwords or pin codes. Yet very few know the origins and the evolution of the technologies behind them. This is the first of two blog posts where we will look at the history of open-source identity management. We will cover the main open-source protocols and standards that shaped it, from its origins to the modern days.

How to Optimize Your Cyber Security and Performance Monitoring Tools Using Load Balancing

The capacity to scale and process high data traffic by monitoring appliances is a critical requirement for organizations aiming to enhance or improve their security and protection from external threats. Excessive incoming traffic demands high-monitoring capabilities as it overwhelms the monitoring tools and places computational bounds that increase exponentially.

Deploy Friday: E79 The Long and Winding Road towards security compliance

Platform.sh has worked hard to be the most secure, compliant, and dependable business partner possible for our customers. To that end, we're able to provide data processing agreements (DPAs) for European GDPR, German BDSG, Canadian PIPEDA, and the Australian Privacy Act. We have been successfully audited for SOC 3 Type 2 and PCI DSS Level 1 compliance, and we've got more important acronyms in the works.

Monitoring network security with Aruba Clearpass, Grafana and Graphite

In this article, we will explore why it is imperative to constantly monitor network security metrics, what Aruba Clearpass is, and how it helps us manage network security. Then we will look at what Graphite and Grafana are and how to analyze metrics with their help. Finally, we will learn how MetricFire can make it easier for us to work with Graphite and Grafana.

Innovations in cloud network security

Learn about innovations in cloud network security over a global network. This includes Google Cloud innovations released this year from DDoS and Web Application Firewall (WAF), Google Cloud Armor, Google Cloud firewalls, and Google Cloud IDS - the newest network based intrusion detection solution.

Three countries, outside the European Community, that are reforming their privacy policies

Are you not a little curious? Even a little bit, right under your chin or your temple about how they deal with privacy policies in other countries? Aren’t you? Well, surprise! Today, in Pandora FMS blog, we are going to get it out of our system by discussing how they do it, how they deal with the protection of international data and privacy, in at least three countries outside the European Community.

Build a modern data compliance strategy with Datadog's Sensitive Data Scanner

Within distributed applications, data moves across many loosely connected endpoints, microservices, and teams, making it difficult to know when services are storing—or inadvertently leaking—sensitive data. This is especially true for governance, risk management, and compliance (GRC) or other security teams working for enterprises in highly regulated industries, such as healthcare, banking, insurance, and financial services.

Fast and simple troubleshooting with GUI-based Dynamic Packet Capture

With the Calico 3.10 release, Dynamic Packet Capture is available in Dynamic Service Graph. This means users who require self-service, live troubleshooting for microservices and Kubernetes workloads can capture and evaluate traffic packets on endpoints without writing a single line of code or using any 3rd-party troubleshooting tools. Users don’t need to learn about or have knowledge of kubectl or YAML to troubleshoot their microservices and Kubernetes cluster.

Label standard and best practices for Kubernetes security

In this blog post, I will be talking about label standard and best practices for Kubernetes security. This is a common area where I see organizations struggle to define the set of labels required to meet their security requirements. My advice is to always start with a hierarchical security design that is capable of achieving your enterprise security and compliance requirements, then define your label standard in alignment with your design.