Our user community spoke and we listened. You asked for Xray to be even more universal and support more package types… in particular Go and PHP Composer. With Visual Studio Code (VSCode) now having more than 4.5 million monthly active users, we also added a new VSCode plugin for Xray. This broad adoption of multiple programming languages and package types across organizations, is driving up the need for a more universal DevSecOps solution supporting more package types.

Over my last two posts (part 1 and part 2), I have investigated user authentication in Kubernetes and how to create a single sign-on experience within the Kubernetes ecosystem. So far I have explained how Open ID Connect (OIDC) works, how to get started with OIDC and how to perform a login from the command line. The final piece of this puzzle is the Kubernetes dashboard, often used by our engineers alongside kubectl.

Researchers at Netflix and Google recently reported a vulnerability in the HTTP/2 protocol that enables adversaries to execute a DOS attack by legitimate use of the protocol. These types of attacks are very difficult to detect and mitigate because the traffic is valid HTTP/2 traffic. While HTTP/2 is a relatively new protocol it should be noted that even after several years of hardening we still see vulnerabilities for the TCP protocol like the recently reported SACK vulnerability.

Virtually every organization is a victim of cybercrime today. As the threat landscape evolves and proliferates, it’s necessary to prioritize the protection of data, customers’ privacy and brand reputation. Security directors must be prepared and equipped with the necessary tools to detect security events and address them accordingly at all times.

When working on the new Federated Reporting feature for CFEngine we had to solve the problem of collecting data from multiple CFEngine hubs (feeders) on a single hub (superhub). CFEngine hubs are using PostgreSQL to store data, so, more specifically, the problem was how to collect data from multiple PostgreSQL databases in one PostgreSQL database.

OpsRamp offers different options to manage user identity, including built-in user management, SAML, and OAuth2 based authentication, and third-party authentication services. The OpsRamp Okta integration enables secure user authentication and seamless access without having to remember multiple passwords or re-enter login details.

Mac usage, as you’ve probably seen in your workplace, has risen exponentially in enterprises. According to a Jamf survey, 74 percent of those who previously used a PC for work experience fewer issues now that they use a Mac. Just like you’ve been watching the rapid rise of Macs in enterprises, so have attackers—the ones wreaking havoc in enterprises through malware attacks.

This is a very exciting time for the CFEngine product team, the community, and the user base. As we are getting closer to the release of CFEngine 3.15 LTS, we can look back at some great improvements in the last few years.

Many say that in the world of tech, the only constant is change. For businesses, this dynamic reality presents opportunities as companies continuously scan the horizon for new IT products and services they can deploy to help them stay competitive. At the same time, businesses must navigate computing challenges, such as staying up to date and safe in an expanding universe of cyberthreats.

Data breaches don’t wait for a convenient time to strike. They sometimes take months to uncover. They are complicated beasts, but once you’ve uncovered them some complex rules kick in that determine when you need to report the breach. Reporting a breach can be a daunting prospect. You’ll need to make a public statement in most cases, you may need to report the breach, and there may be legal requirements.