On December 9, 2021, a vulnerability was reported that could allow a system running Apache Log4j 2 version 2.14.1 or below to be compromised and allow an attacker to execute arbitrary code on the vulnerable server. This vulnerability was registered on the National Vulnerability Database as CVE-2021-44228, with a severity score of 10. Here is a diagram of the attack chain from the Swiss Government Computer Emergency Response Team (GovCERT).
In collaboration with the AWS team, we have recently released the new Redshift data source plugin for Grafana. Amazon Redshift is the fastest and most widely used cloud data warehouse. It uses SQL to analyze structured and semi-structured data across data warehouses, operational databases, and data lakes by using AWS-designed hardware and machine learning.
Many organizations are experiencing the need to modernize their IT systems to keep pace in an increasingly digital world. Adopting DevOps helps companies implement and initialize the modernization processes. At xMatters, our path to IT modernization has included implementing DevOps, but we have done it a little differently to ensure we are using agile processes.
Here we are with the final “What’s new in Sysdig” monthly newsletter of the year. First of all, Merry Christmas, メリークリスマス, Buon Natale, 성탄을 축하드려요, С рождеством!, Vrolijk kerstfeest, Feliz Navidad! Whatever you may be celebrating, we wish you a wonderful holiday season from all of us at Sysdig!
On Nov. 8, I started as the new Chief Information and Security Officer at Grafana Labs. In my first five weeks, I’ve met about 100 really amazing people; learned and absorbed early lessons about our workplace culture; kicked off working groups for our 2022 initiatives (bug bounty FTW); and contributed to tackling our first-ever 0day. Amid all of that, I’ve also been doing a lot of thinking.
Marshmallow is a Python library that converts complex data types to and from Python data types. It is a powerful tool for both validating and converting data. In this tutorial, I will be using Marshmallow to validate a simple bookmarks API where users can save their favorite URLs along with a short description of each site.
We're very pleased to announce that incident.io is now SOC 2 compliant, having successfully completed our Type I audit. Put simply, this means an external auditor has looked at how the company is operating, and how our software is managed and operated, and confirmed that we meet a set of high security standards.
At Avantra, our customers trust us to keep their business operations based on SAP running smoothly. I have written in the past about the importance of SAP security, and how I believe that in the next few years, SAP risks becoming an attack vector for hackers. It should come as no surprise that security is an area in which Avantra has invested significantly since I became CEO.
In the latest episode of Network AF, your host Avi Freedman chats with Zac Smith. Zac is a 20-year networking veteran, the managing director of Equinix Metal, and a double bass player. Throughout Zac’s career, he’s focused on using software to build automated infrastructure platforms. That includes growing Voxel, the Linux-based hosting platform that sold to Internap in 2011, into one of the early, leading cloud-hosting companies.
