Shared agent configs, monitor search, and a GDPR policy
A few practical improvements this week, mostly driven by what we’re learning as customers deploy CertKit into larger infrastructures.
Operations | Monitoring | ITSM | DevOps | Cloud
The Place Where Modern Operations & Technology Come Together
NIS2 and CER Serve a Broader Purpose Than Cybersecurity - The 5 Biggest Risks You Need to Address Now
The European directives NIS2 (Network and Information Security Directive 2) and Critical Entities Resilience (CER) Directive have rapidly sharpened the conversation around digital resilience. While many organizations initially viewed these directives as an extension of their cybersecurity obligations, it is becoming increasingly clear that much more is at stake. These directives require a strategic transformation in how organizations manage risks, processes, and responsibilities.
GDPR Compliance Dashboard: Asset Visibility, Reporting, And Access Control
Protecting personal data isn’t something you can manage with spreadsheets or manual checks. A GDPR compliance dashboard gives you visibility across all assets that handle personal data, while still letting you act on individual devices and configuration items. In this video, we'll show you how dashboards give teams a clear view of where personal data lives, who can access it, and how requests are handled over time. You’ll also see how health rules, access controls, and reporting come together in a single view that supports better decisions.
Why DPDP compliance must include network configuration governance
India’s Digital Personal Data Protection (DPDP) Act places accountability on how organizations collect, process, and store personal data to help organizations stay steps ahead of threat actors. Forrester’s CIO roadmap highlights a clear shift: compliance is no longer limited to policies and consent workflows. CIOs must extend governance deeper into the technology stack, including infrastructure that directly impacts data security.
UK Cybersecurity Bill #shorts
The UK introduces a cybersecurity bill that enforces stricter regulations for critical infrastructure. As threat actors become more aggressive and utilize AI for advanced attacks, the legislation mandates organizations to respond quickly to incidents. Vendors must notify authorities within 24 hours, and emergency powers are created to improve cybersecurity responses. The emphasis is now on managing exposure in vulnerability practices.
What does the EU Data Act mean for Observability?
The EU Data Act came into effect on January 12th, 2024 and most of its provisions apply from September 12th, 2025. The EU Data Act is designed to give individuals and businesses more control over the data they generate, ensuring fair access, use, and sharing across sectors. For any data generating platform that intends to operate in the European Union, this new legislation matters.
The EU Data Act: Portability Without Pain
Data lock-in and freedom are a worldwide problem. As usual, the EU is the first to regulate it. The passing of the Data Act made clear that in Europe, companies are guaranteed: “fairness in the digital environment by clarifying who can create value from data and under which conditions.
Automating GDPR compliance for web applications with CircleCI
Since 2018, the General Data Protection Regulation (GDPR) compliance has been an important milestone in the evolution of privacy laws for web application users across Europe. GDPR requires companies to obtain explicit user consent for data collection and processing, and only for specified, legitimate purposes. It’s a law based on principles of transparency and purpose limitation. This law applies to global companies dealing with EU citizen data, giving individuals control over personal data.
DORA Compliance Software Options And Use Cases
DORA entered into application on January 17, 2025, and since then, DORA compliance software, such as Spektion, has become an essential part of many DORA-compliant workflows. However, in this article, we go beyond just one software solution and round up the most common DORA compliance software categories that covered entities are currently using. We also examine what they excel at and how they come together in the context of DORA compliance.
The first rule of DORA Metrics...
DORA Metrics are widely regarded as the gold standard for measuring the performance of software development teams. The metrics themselves though are generic, high-level pointers – they are not an instruction manual. Adopting the DORA approach is the first step down the path to continuous improvement. The next steps are deciding how the measures should be defined in the context of your own organisations processes and then figuring out how to retrieve (and present) the relevant data.