If you have access to the internet, it’s likely that you have already heard of the critical vulnerability in the Log4j library. A zero-day vulnerability in the Java library Log4j, with the assigned CVE code of CVE-2021-44228, has been disclosed by Chen Zhaojun, a security researcher in the Alibaba Cloud Security team. It’s got people worried—and with good reason.
The following is an analysis of the Amazon Web Services (AWS) incident on 12/22/2021. When it comes to major AWS outages, three times is certainly not the charm. For the third time in three weeks, the public cloud giant reported an outage, this time due to a power outage “within a single data center within a single Availability Zone (USE1-AZ4) in the U.S.-EAST-1 Region," according to the AWS status page. Here at Catchpoint, we first observed issues at 07:11 a.m.
Ooh, good question! My favorite thing about this part of the year is that work slows down, everybody is on vacation, and those of us not traveling get to work on little projects that we’re too busy to touch most of the year. As Martin Thwaites put it: “The Product Owners are away, the devs will play.” For Martin, this year, “play” means adding tracing to more of their services.
You place your mug on your desk and boot your computer. Like every morning, you skim over various dashboards on one screen and sift through your email alerts on the other before you start pulling the regular reports. But this morning turns out to be nothing like other mornings. It is about to take a mean twist that will keep you from ever finishing your morning coffee.
Looking at where major DevOps trends are headed, a common theme across many tools and practices is improving the Developer Experience or DX. One paradigm of thinking is that if you improve your internal customer experience, then your external customers will benefit too. However, up until now, the Developer Experience has been quite siloed and segregated for a multitude of reasons, such as scaling or having best-of-breed technologies to support individual concerns. Presentation on DX.
If you’re looking for an alternative to Docker Desktop or to integrate Docker into your Multipass workflow, this how-to is for you. Multipass can host a docker engine inside an Ubuntu VM in a manner similar to Docker Desktop. That Docker instance can be controlled either directly from the VM, or remotely from the host machine with no additional software required. This allows you to run Docker locally on your Windows or Mac machine directly from your host terminal.
A couple of weeks ago our partner Rok Ponikvar from S&T contacted me about an issue one of his customers faced. His customer complained that Enterprise Alert is not alerting on current issues and even if he creates a test ticket in his OBM system no alert goes out. After a little back and forth we concluded that Enterprise Alert is still processing historic data from an Event Storm in OBM earlier that day.
In light of the recent news about yet another reported Zero-Day Exploit and the accompanying discussions about security, let’s touch on the topic of security audits and how Enterprise Alert can be configured to avoid or at least minimize potential security impact. First, let’s establish what we mean by security audit.
