Operations | Monitoring | ITSM | DevOps | Cloud

The latest News and Information on CyberSecurity for Applications, Services and Infrastructure, and related technologies.

Getting Started with Free Elasticsearch Security Features

Elasticsearch Security: learn how to easily add new users, create roles, and set privileges using the Elastic Stack (6.8/7.1+). You'll create a 2 node Elasticsearch cluster, configure TLS communication between the nodes, and have a Kibana instance talking to the cluster to analyze the data.

CFEngine 3.12.2 LTS Released

We are happy to release the 2nd update to the CFEngine 3.12 LTS series. This update comes with many important stability and performance improvements and is thus well worth the upgrade from an older version of 3.12 LTS. CFEngine 3.12 LTS brings a lot of innovation, new features and improved performance to CFEngine, and allows you to make the most efficient use of your time. We are looking forward to your feedback on this release.

Intel's latest security vulnerability - our steps and yours

This week Intel released a statement regarding Microarchitectural Data Sampling (MDS), another vulnerability in the "speculative execution" feature of modern processors. This is for HyperThreading and is the feature that allows the CPU to work out what commands will be run next, if they would affect the current running command and if not, run it on the same core.

Firefox add-on outage: Yet another reminder for companies to enforce PKI life cycle automation

More often than we’d like to admit, we tend to underestimate the impact of every moving part within an organization—especially those that seem small or insignificant. And usually, it’s not until we’re facing the fallout of neglecting that seemingly insignificant factor when we realize what a mistake we’ve made.

What Your Website is Going to Lose if it is Not Secured

The very foundation of exchange between web & client-server protocol started with HTTP, where HTML form was the source of fetching resources - from documents to images. This extensible protocol was designed in the early '90s and has evolved over time. Cache or authentication is the main feature handled by HTTP which has never been compromised. Still, there are dangerous sites that are keen on corrupting the digital world.

Tigera Secure Enterprise Edition 2.4 Enables Firewalls to Secure Dynamic Kubernetes Workloads

We are excited to announce the new security capabilities of Tigera Secure Enterprise Edition 2.4. This release enables enterprise security teams to extend their existing zone-based architectures and easily connect to external resources. The highlights include DNS Policies, Threat Defense, Compliance Dashboard and Reporting, and easier installation options.

Monitoring GitHub Activity with LogDNA

Source code management (SCM) is a core component of DevOps. In addition to storing and sharing source code, SCM tools maintain an ongoing history of changes. Reviewing this history provides numerous insights into your development process, including: How often code changes are submitted, The impact of changes on application performance, Which changes result in errors, bugs, or broken builds.