Operations | Monitoring | ITSM | DevOps | Cloud

canonical

How to Harden Ubuntu SSH: From static keys to cloud identity

Mar 30, 2026 By Massimiliano Gori In Canonical
30 years after its introduction, Secure Shell (SSH) remains the ubiquitous gateway for administration, making it a primary target for brute force attacks and lateral movement within enterprise environments. For system administrators and security architects operating under the weight of regulatory frameworks like SOC2, HIPAA, and PCI-DSS, default SSH configurations are an “open door” that represents an unacceptable risk.
Read Post
canonical

The "scanner report has to be green" trap

Mar 27, 2026 By Lech Sandecki In Canonical
In the modern DevSecOps world, CISOs are constantly looking for signals in the noise, and the outputs of security scanners often carry a lot of weight. A security scan that returns a “zero CVE” report often unlocks promotion to production; a single red flag can block a release. This binary view of security has birthed two diametrically opposed philosophies. On one side, we have the long-term support (LTS) approach: stay on a battle-tested version and backport specific security fixes.
Read Post

In a world built by code, design lives between the lines

Mar 26, 2026 By Canonical Ubuntu In Canonical
Design is the art of solving problems; open source makes that visible. In this video, Open Source Designer Eriol Fox dives into the pragmatic world of design and usability within the FOSS ecosystem. We discuss how product designers and user researchers are driving long-term software sustainability through accessibility and smarter design.
View Video
canonical

Hot code burns: the supply chain case for letting your containers cool before you ship

Mar 23, 2026 By ijlal-loutfi In Canonical
In September 2025, dozens of popular JavaScript packages, like chalk and debug, were compromised on the npm registry. These packages are so ubiquitous they end up in everything: front-end apps, back-end microservices, and CI tooling. Developers didn’t do anything wrong, they just ran the same command they always do: npm install chalk. But then the malware arrived silently. This wasn’t a bug in an operating system. It wasn’t a virus on someone’s laptop.
Read Post
canonical

Introducing MicroCloud Cluster Manager

Mar 20, 2026 By Miona Aleksic In Canonical
Today, we’re excited to introduce the beta release of MicroCloud Cluster Manager, a new way to discover, organize, and operate your MicroCloud environments from a single, unified interface. MicroCloud is an open source cloud platform that makes it simple to create lightweight, resilient clusters anywhere. As teams scale from one cluster to many, visibility and coordination quickly become essential. Cluster Manager is built to solve exactly that.
Read Post
canonical

Building a dry-run mode for the OpenTelemetry Collector

Mar 17, 2026 By Simon Aronsson In Canonical
Teams continuously deploy programmable telemetry pipelines to production, without having access to a dry-run mode. At the same time, most organizations lack staging environments that resemble production – especially with regards to observability and other platform-level services.
Read Post

The fallacy of complacent distroless containers

Mar 11, 2026 By Canonical Ubuntu In Canonical
Join us on our deep dive into Chisel: the tool that brings enterprise-grade traceability to ultra-minimal container images. In this video, we explain why Chisel was created, and how it helps address security challenges in modern container images. We cover why container images often include unnecessary software and dependencies, why building minimal distroless containers can be difficult, and how missing metadata can lead to false confidence in vulnerability scans.
View Video

Copyright © 2026 OpsMatters™. All rights reserved.