Does your business accept credit card payments? If that’s the case, you should read this article to find out what the challenges to the Payment Card Industry Data Security Standard (PCI DSS) are, and the current best practices to ensure that you are in compliance with this legal requirement.
Today I wanted to write about something that’s been on my mind for the last few months. The industry spends quite a bit of time talking about observability these days and something’s been, somewhat vaguely, bothering me about it. So about a week or so ago, I spent some time figuring out what was bothering me and had some insights I would like to share.
We live in a containerized world, and traditional monitoring and logging are being forever changed. The dynamic and ephemeral nature of containers creates new logging challenges. Docker addresses these in some ways. Docker Engine provides various logging drivers that determine where logs are sent or written to. The default driver for Docker logs is “json-file,” which writes the logs to local files on the Docker host in json format.
As DevSecOps continues to redefine the IT security landscape, security is becoming everyone’s responsibility. That means that staying ahead of the latest cybersecurity threats—such as IoT botnets—should be a priority for every DevOps professional. To help you do that, this article discusses strategies for combating IoT botnets.
In a recent post, we talked about AWS CloudTrail and saw how CloudTrail can capture histories of every API call made to any resource or service in an AWS account. These event logs can be invaluable for auditing, compliance, and governance. We also saw where CloudTrail logs are saved and how they are structured. Enabling a CloudTrail in your AWS account is only half the task.
Containers and serverless computing are two of today’s hottest technologies for application deployment. When used the right way, they both help DevOps teams to deploy applications faster and more cost-effectively. Although the features of containers and serverless architectures overlap in some respects, they are not interchangeable technologies. Containers work better for some use cases, while in others, serverless is what you need.
If you are reading this article, you’re probably familiar with syslog, a logging tool that has been around since the 1980s. It is a daemon present in most Linux-based operating systems. By default, syslog (and variants like rsyslog) on Linux systems can be used to forward logs to central syslog servers or monitoring platforms where further analysis can be conducted. That’s useful, but to make the very most of syslog, you also want to be able to analyze log data.