I’ve been writing about continuous cloud optimization for a while now, and recently, I’ve spoken with several organizations to understand any challenges they’re currently facing in their automation journey. Their insights would help us understand how we can improve our technology to better support them. I discovered two fundamental themes behind their challenges.
One of the hidden gems within eG Enterprise is the ability to perform remote actions and automated tasks using built-in functionality. In conversations with customers and community peers, I often get asked why we at eG Innovations don’t offer functionality in regard to adding custom scripts and a community database of shared scripts.
Just like countless other business functions, cloud delivery has now shifted entirely to remote working for now and perhaps longer term. Canonical has been a remote-first company for some time, so we thought we’d take this opportunity to share some of the best practices we’ve learned along the way. Communication Effective communication between customers, engineers, and project managers is the most critical element of successful cloud delivery.
Cybersecurity has been a core issue in business management and growth. As businesses try to manage more remote teams, it’s important now more than ever. With technology becoming an integral part of our everyday lives, we’re exposed to an ever-growing risk of cyber-attacks and malicious technological crimes. According to a recent study, on average, hack attacks occur every 39 seconds. That is, one in three Americans is a victim of cybercrime every year.
It's been a while since I've had the opportunity to take a break, come up for air, and write a blog for some of the amazing work the Splunk Threat Research team has done. We have kept busy by shipping new detections under security-content (via Splunk ES Content Update and our API). Also, we have improved the Attack Range project to allow us to test detections described as test unit files.
Throughout the duration of COVID-19, there have been consistent rumors of increased nation-state espionage. In parallel, many recent ransomware strains have a COVID-19 tie-in. Now the United Kingdom's National Cyber Security Centre (NCSC), published an advisory report that the threat group APT29 is targeting governmental, diplomatic, think-tank, healthcare and energy targets for intelligence gain which are involved in COVID-19 vaccines development and testing.
Link-Local Multicast Name Resolution (LLMNR) and NetBIOS Name Service (NBT-NS) are two protocols that are used to identify a host address on a network when the DNS name resolution, which is the conventional method, fails to do so. When a DNS server is unable to resolve a request from a requester machine, the latter broadcasts a message to its peer computers asking for the location of the required server. Hackers leverage this operation to steal the credentials of the requester machine.
Kubernetes has a lot of features and deployment options for running containers. One of these is the StatefulSet. In this blog post, we’ll discuss what a StatefulSet is, what it can be used for, and how to create and update them.
A new vulnerability, CVE-2020-8557, has been detected in kubelet. It can be exploited by writing into /etc/hosts to cause a denial of service. The source of the issue is that the /etc/hosts file mounted in a pod by kubelet is not included by the kubelet eviction manager, so it’s not taken into account when calculating ephemeral storage usage by a pod.
Cortex and Thanos are two brilliant solutions to scale out Prometheus, and many companies are now running them in production at scale. These two projects, both in the CNCF Sandbox, initially started with different technical approaches and philosophies: Cortex has been designed for scalability and high performances since day zero, while Thanos was originally focused on operational simplicity and cost-effectiveness.
