Operations | Monitoring | ITSM | DevOps | Cloud

JFrog has recently disclosed a directory traversal issue in CivetWeb, a very popular embeddable web server/library that can either be used as a standalone web server or included as a library to add web server functionality to an existing application. The issue has been assigned to CVE-2020-27304.

This week is Cybersecurity Career Awareness Week, which is part of October’s Cybersecurity Awareness Month. We sat down with Daniel Spicer, chief security officer at Ivanti, to learn more about what it’s like to work in the cybersecurity world.

A Service Level Agreement (SLA) is a document that details the expected level of service guaranteed by a vendor or product. This document generally sets out metrics such as uptime expectations and any payoffs if these levels are not met. For example, if a provider advertises an uptime of 99.9% and exceeds 43 minutes and 50 seconds of service downtime, technically the SLA has been breached and the customer may be entitled to some type of remuneration depending on the agreement.

You might already know that OpenTelemetry is the future of instrumentation. It’s an open-source and vendor-neutral instrumentation framework that frees you from the trap of using proprietary libraries simply to understand how your code is behaving. Best of all, you can instrument your applications just once and then take that instrumentation to any other backend system of your choice. This blog shows you exactly how to use OpenTelemetry to ✨break the vendor lock-in cycle.✨

COVID-19 has impacted every industry, but perhaps none more than healthcare and life sciences. From how and where healthcare is provided to the speed of developing and administering vaccines, there has been massive disruption to the way healthcare and life sciences organizations operate. But the crisis also provided unprecedented opportunities to reexamine and transform.

This article was born of necessity. Chatting with my editors at Auvik, I went looking to see what kinds of advice other sites had on SysAdmin tools you should have handy to do your job. Two things immediately struck me: Now don’t get me wrong, software is important to have. But what if you can’t access that device to use the software? What if there’s a (gasp!) physical issue that needs to be addressed, and you have to get some hands-on time with some racks?

I have always found data collection to be a fascinating area of work at Sumo Logic. Collecting data is a critical first step for all the solutions we develop for our customers. After all, to observe the health and performance of your applications, you must first collect all relevant data. It's also an area that has seen some significant activities by the open-source community over the years, which is completely changing the landscape of observability as we know it.

In a perfect world, small pieces of software scale up and down with a high-performance message broker like a heart, pumping data in a controlled, efficient manner. However, at some point, in every single system, an application starts pumping out large data requests, in a sporadic, uncontrollable manner. Because here, we are talking about the real world, right? In this article, we will address the problem of adapting a legacy system to play with a stream-based platform.

Ubuntu 21.10 is the latest release of Ubuntu and comes as the last interim release before the forthcoming 22.04 LTS release due in April 2022. As the interim releases are often proving grounds for upcoming features in the LTS releases, this provides a good opportunity to take stock of some of the latest security features delivered in this release, on the road to 22.04 LTS.

It’s a common belief that once we purchase a domain, it’ll be ours for as long as we like. Big mistake. Mainly because there are genuine threats to your domain online that mostly go unthought of. For example, hackers can gain access to your system and take your domain for ransom or cause malicious damage to you and your business. Surprised? Well, we have 5 examples of exactly when this has happened, and how hackers have managed to gain access to domains and cause mass disruption.