At first, the differences between common configuration management tools might seem marginal. But choosing the right solution for automated configuration management can make a huge difference. Some tools will have features that align with your organization’s goals, while others won’t. The choice between Puppet vs. SaltStack is one such decision, and it’s a little more nuanced than you might think.

So, you think you want to migrate OS (AKA operating systems)? In (most) everyone’s life there comes a time where you look toward migrating to another operating system. There are a variety of reasons why — take for instance the recent trouble with CentOS and RedHat. This process change has broadened adoption of new Enterprise Linux variants like Rocky, Alma Linux, or even Ubuntu.

The xz backdoor is a vulnerability in XZ Utils, a popular data compression library. The xz backdoor can let unauthorized users gain admin-level access to systems, endangering data security and much more. Read on to learn more about the xz backdoor, who’s affected, and what you can do now to find out if your systems are at risk.

Patch management software automatically applies updates to software, firmware, and other system components. Patching makes sure resources are up to date with the latest security and performance improvements to keep software protected and performing as expected.

Platform engineering metrics and/or platform engineering KPIs (Key Performance Indicators) can help us measure the success of this evolving approach and its impact on DevOps. According to our 2024 State of DevOps Report: The Evolution of Platform Engineering — 43% of organizations report that they have had a platform team from 3-5 years already. With this maturity, it’s important to measure what’s working and what isn’t working using the same indicators of success across the board.

SOC 2 compliance requirements (Service Organization Controls Type 2) ensure that customer data stays private and secure — essential for any business that stores or processes sensitive data. In this blog, we’ll explore the specifics of SOC 2 compliance, and provide a solution to help you automate and enforce SOC 2 compliance going forward.

Your cloud platform probably came with tools to secure and manage the resources you create. We call those cloud-native security tools because they’re proprietary to the vendor you’re using them on. Third-party alternatives, on the other hand, are usually created to be compatible with several cloud provider platforms at once.

Security and compliance are important in any organization. And most organizations use open source software (OSS) somewhere in their application stack. Open source compliance keeps OSS technologies secure by making sure they’re used in a way that aligns with security best practices, internal policies, and regulatory expectations.

What does the platform engineering roadmap look like as we head into its continued maturity? We recently conducted a survey to better understand the role and state of platform engineering — emphasizing those organizations who are using this tactic to greater success. Using this data, we will peek into the future and see where platform engineering is headed next.

CMMC 2.0 requirements are here — and The Cybersecurity Maturity Model Certification (CMMC) is mandatory for organizations involved in the Defense Industrial Base (DIB). Established by the Department of Defense, this framework outlines strict cybersecurity standards, aiming to safeguard Controlled Unclassified Information (CUI) throughout for contractors and subcontractors of the Department.