Operations | Monitoring | ITSM | DevOps | Cloud

Ubuntu on WSL 2 Backported to Windows 10 1903 and 1909, Extending Reach

Microsoft announced the general availability of Windows Subsystem for Linux 2 in the Windows 10 May 2020 update, also known as version 2004. Today Microsoft announced an update for Windows 10 which brings WSL 2 back to the Windows 10 May 2019 and November 2019 updates, also known as versions 1903 and 1909, respectively.

Create Custom Icinga Powershell Modules and Plugins

Today I will show you briefly how to build your own Powershell Modules/Plugins using icinga-powershell-framework. As you might know, we recently started writing plugins in Powershell that can be used to monitor windows-services in Icinga2 in a simple way. If you are interested in learning more about it, everything is documented here down to the smallest detail.

Detecting Windows Persistence

Persistence is effectively the ability of the attacker to maintain access to a compromised host through intermittent network access, system reboots, and (to a certain degree) remediation activities. The ability of an attacker to compromise a system or network and successfully carry out their objectives typically relies on their ability to maintain some sort of persistence on the target system/network.

Monitor your Windows containers with Datadog

As cloud providers and infrastructure technologies grow their support for Windows containers, developers who use the Windows ecosystem are more and more able to enjoy the benefits of containerization. It’s quicker and easier than ever to modernize and deploy applications that use Windows-specific frameworks like .NET. Plus, Windows developers can use orchestration services like Kubernetes, Amazon ECS, or Docker Swarm to manage the complexity that containerized environments introduce.

macOS vs. Windows - What kernels tell you about security events: Part 2

This post continues this two-part blog series on further understanding the differences between macOS and Windows on the system level for effective endpoint security analysis. In Part 1, we covered process events. Here in Part 2, we’ll discuss file and network events. As with Part 1, my hope is to help cybersecurity professionals expand and enrich their experiences on a less familiar platform, ultimately helping them to be better prepared to face differences from past experiences.

macOS vs. Windows - What kernels tell you about security events: Part 1

How would you compare the Windows and macOS operating systems? In what ways are they similar? Why do they each take different approaches to solving the same problem? For the last 19 years I've developed security software for Windows. Recently, I’ve started implementing similar features on macOS. Since then, people have asked me questions like this. The more experience I gained on these two operating systems, the more I realized they’re very different.