Operations | Monitoring | ITSM | DevOps | Cloud

The latest News and Information on CyberSecurity for Applications, Services and Infrastructure, and related technologies.

One SSL certificate on multiple servers

Every certificate renewal automation tool has to answer one architecture question before it does anything else: where does the private key get generated? A reader who used to be “the certificate guy” at his organization emailed me this week to ask about exactly that: It’s the right instinct. It’s also how most automation tools work. Certbot generates the key on the server, builds a certificate signing request, and the private key never leaves the machine.

Beyond safety and security: Why automotive open source demands dependability

In the traditional automotive world, teams often work in silos: the cybersecurity experts lock down the ports, the quality assurance teams hunt for bugs, and the functional safety engineers track the ISO 26262 compliance. At Canonical, we believe this fragmented workflow causes friction rather than collaboration. You cannot have a safe vehicle that isn’t secure, and you cannot have a secure vehicle running on poor quality code. This friction results in a slow and rigid development process.

Building an open source chain of trust: new research uncovers key blockers and ways forward

Canonical is pleased to share its latest research report, “The open source chain of trust.” Based on a survey of 500 DevOps professionals, the report highlights how organizations approach their open source software supply chains. While many companies are moving toward verifiable provenance and automated security workflows, internal misalignment and disjointed approaches remain serious challenges for most teams. Read the report.

Modern IT Infrastructure for Business Continuity, Security and Operational Efficiency

Modern organizations rely on IT infrastructure for almost every part of daily operations. Communication, customer service, accounting, data storage, remote work, application hosting and internal collaboration all depend on stable digital systems. When infrastructure is reliable, employees can work efficiently and customers experience fewer disruptions. When it is outdated or poorly managed, even small technical issues can quickly affect the entire business.

Modern Communication Tools for Personal Privacy and Family Connection

A student studying abroad wants to call home without paying international rates. A traveler needs a US number to receive verification codes for banking apps. A family scattered across three cities wants to video chat together on a Sunday evening. A freelancer needs a separate number for clients without giving out their personal line. These are everyday problems. And they affect millions of people, not just large companies. Two types of communication tools solve them: virtual phone numbers and video calling apps. Both are now SaaS products designed for individual users.

Why Strategic IT Planning Is Essential for Business Success

Technology now plays a central role in nearly every aspect of business operations. From communication and customer service to data management and workflow automation, organizations rely on digital systems to maintain efficiency and support growth. However, simply adopting new technologies is not enough. Businesses need a clear strategy that aligns technology investments with their long-term objectives.

Physical Security and Environmental Control in Facilities Operations

A warehouse stores goods worth millions. A server room holds critical data. A clean room needs strict air control. Keeping these facilities secure and sealed is a core operational task. Facility operations cover two related areas: physical access control and environmental integrity. One controls who gets in. One controls what gets in. Both are essential for secure, efficient operations.

The Server-Room Weak Spots Hackers Count on You Ignoring

When people think about cybersecurity, they usually picture sophisticated malware, phishing emails, or hackers exploiting software vulnerabilities. In reality, many successful attacks begin with something much simpler: overlooked weaknesses inside the organization's own infrastructure. Server rooms, network closets, and IT equipment often receive less attention than cloud security, yet they remain some of the most valuable targets for attackers.

Icinga Web 2.14, Security Releases, and Module Updates

We are shipping a new batch of Icinga Web ecosystem releases today. Icinga Web 2.14 is the headline, bringing the baseline for two-factor authentication support, configurable password policies, a configurable Content Security Policy, and a round of developer tooling improvements that have been in the works for a while. Icinga Certificate Monitoring 1.4, Icinga Reporting 1.1, and Icinga PDF Export 0.13 join it with PHP 8.5 support across the board and a set of focused improvements for each module.

Six AI agent SDKs for enterprise Kubernetes, compared

There’s a question we hear constantly from platform and engineering leaders right now, “which agent SDK should we standardize on for our Kubernetes clusters?” The honest answer is that the question is slightly wrong, and the rest of this post explains why. But it’s a fair question, so let’s compare the contenders first.