Operations | Monitoring | ITSM | DevOps | Cloud

This blog is the third in a four-part series about how Puppet can help government agencies meet compliance and security requirements. Read the second post here. Government agency IT departments know that migrating applications to the cloud can improve efficiency, increase visibility, and reduce costs. They also recognize the value in keeping some operation resources on-premises.

What would happen if your enterprise resource planning (ERP) system were attacked? For many companies, the consequences would be devastating. ERP systems not only contain the crown jewels of the business—customer data, stock levels, order entries, production plans, and contract data—they also manage such essential financial processes as order to cash (OTC), and operational processes such as production planning and steering and cash collection and payments.

In any given IT environment, a server is the foundation that provides services for endpoints to carry out various actions. They are essential for computer networks to have shared access or information. Unfortunately, servers are often targets for cyberattacks due to their ability to reach other parts of the IT environment and wreak havoc. With these attacks on the rise, developing a server hardening process will help organizations improve its security posture.

Recently we introduced new feature where you can trigger agent runs and report collection from the Mission Portal UI. This required our daemon cf-execd to behave a bit differently when periodic agent runs occur. Previously the daemon would create a new thread in which to run cf-agent, capture output, wait for completion and move on. We changed the behavior so that the daemon forks itself and then fork/execs cf-agent as before, with the forked cf-execd processing agent run output.

A while back we released version 2 of cfbs, and even though we release versions of this tool quite frequently, without announcing it on the blog, we thought this was a good opportunity to talk a bit about the tool, what’s new and our direction with it in the future. The reason why we called this the “2.0” release is that we are trying to follow semantic versioning, and there were some big new features in the release which could be considered breaking changes.

Project Calico has offered a production-ready data plane based on eBPF since September 2020, and it’s been available for technical evaluation for even longer (since February 2020). The pre-requisites and limitations are simple to review, it’s easy to enable, and it’s easy to validate your configuration. So, there’s never been a better time to start experiencing the benefits! You do know what those are, don’t you? Don’t worry if not!

Cybersecurity is on the mind of every business leader, and for good reason: The number of data breaches rose 24% between 2020 and 2021, according to global ThoughtLab research co-sponsored by ServiceNow. Organizations everywhere need advanced security programs to navigate today’s fluid threat landscape. Here are three ways to help do that: 1. Create a framework Customers are increasingly concerned about data security.

Node.js is one of the best and most widely used Javascript runtimes used for building APIs. But, this popularity status has led to many hackers distributing insecure modules that exploit the Node.js application or provide a weak point for exploitation. In this tutorial, you will learn how to audit Node.js modules and also detect vulnerabilities in modules using npm audit.