Operations | Monitoring | ITSM | DevOps | Cloud

The latest News and Information on CyberSecurity for Applications, Services and Infrastructure, and related technologies.

DarkSide Ransomware: Splunk Threat Update and Detections

The ransomware campaign against the Colonial Pipeline highlights the dangers and real-life consequences of cyberattacks. If you want to understand how to use Splunk to find activity related to the DarkSide Ransomware, we highly recommend you first read “The DarkSide of the Ransomware Pipeline” from Splunk’s Security Strategist team. In short, according to the FBI, the actors behind this campaign are part of the “DarkSide” group.

GDPR Compliance With Uptime.com | What You Need to Know

Uptime.com is GDPR compliant as of 2021. Becoming GDPR compliant required an organization-wide dedication to maintaining privacy and security to meet these new standards. These updates impact everything from working with support to our team logging in for work each day. Today, we’ll tackle what GDPR means to our organization, how these changes affect your usage of Uptime.com, and what we’re doing now (and into the future) to protect your personal data.

Introducing Kubewarden, an Open Source Policy Engine

Security has always been a wide and complex topic. A recent survey from StackRox about the state of containers and Kubernetes security provides some interesting data on these topics. In this blog post, I’ll dive into some of the findings in that survey and introduce you to Kubewarden, an open source policy engine. A staggering 66 percent of the survey participants do not feel confident enough in the security measures they have in place.

Avoid Market Pressures That Compromise Mobile App Security

The marketplace for mobile apps is a broad and highly competitive one. There are millions of apps available on Apple’s App store, Google Play, and within private enterprise app stores. Expanding market demands continue to drive the pressure to innovate. New iOS and Android updates and mobile device releases, along with myriad apps from companies vying for their customer’s attention, are creating shorter app release cycles.

Secure Monitoring - Open TCP Ports are a Security Risk

I’ve been updating some of our security documentation explaining what we do to ensure our product is suitable for the security models in regulated industries, such as finance and healthcare. Talking to our security guys, I was flabbergasted to find out that there are monitoring products out there that go against what is not only an industry best practice but also the right thing to do: agents that open and listen on fixed TCP ports!

Sponsored Post

Top Events You Should Always Audit & Monitor

Anybody who’s looked for answers on the Internet has likely stumbled across a “TOP X LISTS”: The “10 things famous people do every day”, “Top 10 stocks to by”, the “20 books you have to read” are just some examples of the myriad of lists that are out there offering answers. You may have even stumbled upon a few “Top 10 (or 12) Events To Monitor” articles too.

Kubernetes capacity planning: How to rightsize the requests of your cluster

Kubernetes capacity planning is one of the main challenges that infrastructure engineers have to face, as understanding Kubernetes limits and requests is not an easy thing. You might be reserving way more resources than you need to ensure your containers don’t run out of memory, or are CPU throttled. If you are in this situation, you’re going to be charged for those resources even if they aren’t being used, and it will also make deployments more difficult to schedule.