On January 25, 2022, Qualys announced the discovery of a local privilege escalation vulnerability that it identified as PwnKit. The PwnKit vulnerability affects PolicyKit’s pkexec, a SUID-root program installed by default on many Linux distributions. The same day of the announcement, a proof of concept (PoC) exploit was built and published by the security research community.

A core challenge for threat detection engineering is reproducing common attacker behavior. Several open source and commercial projects exist for traditional endpoint and on-premise security, but there is a clear need for a cloud-native tool built with cloud providers and infrastructure in mind. To meet this growing demand, we’re happy to announce Stratus Red Team, an open source project created to emulate common attack techniques directly in your cloud environment.

Content delivery networks (CDNs) reduce latency by delivering cached data (e.g., JavaScript files, stylesheets, images, and videos) from a network of linked proxy servers to end users around the globe. CDNs help reduce the load on your origin servers and shorten the distance that data needs to travel, thus improving the end-user experience.

Continuous integration (CI) has become the mainstream approach to software development as it enables organizations to iterate quickly while minimizing the risk of releasing faulty code. To implement CI, many organizations rely on Jenkins—one of the most mature and widely used automation servers on the market. Jenkins comes with hundreds of community-backed plugins to help you easily integrate it with other tools in your development workflow.

Serverless has become an increasingly popular paradigm among organizations looking to modernize their applications as it allows them to increase agility while reducing their operational overhead and costs. But the highly distributed nature of serverless architectures requires developers to rethink their approach to application design and development. AWS-based serverless applications hinge on AWS Lambda functions, which are stateless and ephemeral by design.

In part 1 of this series, we looked at common design principles and patterns for assembling microservices in serverless environments. But when it comes to building serverless applications, designing your architecture is only part of the challenge. You also have to ensure that each of your individual functions and services are secure, reliable, and highly performant—without incurring enormous costs.

Consul is a service networking platform from HashiCorp that helps you manage and secure communication between microservices. You can use Consul with Kubernetes, and it supports on-prem, hybrid, and multi-cloud architectures. Consul service mesh provides a control plane which allows you to automate the management of traffic between your services via features like service discovery, DNS, load balancing, and routing.

Toward the end of each year, tens of thousands make the journey to Las Vegas to participate in AWS re:Invent. AWS re:Invent has been the seminal conference for cloud-focused engineers since 2012, offering a space where the global cloud computing community can share and learn the latest insights and solutions.

Dell EMC Isilon is a petabyte-scale network attached storage (NAS) system that allows you to archive unstructured data. Isilon operates in a cluster to provide high availability, and you can scale up its throughput, IOPS, and storage space by adding nodes to your cluster. Isilon automatically replicates your data throughout the cluster to ensure durability and provides caching to minimize data retrieval latency.

Testing early and often throughout the software development process (shift-left testing) helps teams stay agile and reduce the time it takes to validate and release new updates. Datadog Synthetic CI/CD Testing enables you to implement shift-left testing throughout your CI/CD pipeline so that your team can prevent faulty code deployments from degrading your end user experience.

Earlier this year we launched Datadog Apps, which seamlessly integrate functionality from third-party tools into Datadog’s centralized monitoring platform. This project has enabled us to collaborate with some of our partners, such as PagerDuty and LaunchDarkly, to extend the Datadog UI and provide our customers with new solutions for incident management, feature flag optimization, and more.

Microsoft Azure SQL Database is a platform-as-a-service (PaaS) database offering for modern cloud applications. It’s a fully managed service that runs on the latest version of the SQL Server database engine, enabling you to create highly available and performant database instances without needing to maintain hardware upgrades, patches, or backups.

In Part 1 of this series, we discussed key metrics for monitoring Microsoft Azure SQL databases. We also looked at how your database resource and audit logs complement metrics to provide more insight into database performance, activity, and security. In this post, we’ll show you how to collect metrics and logs from your database instances and monitor them with Azure’s monitoring and reporting tools.

In Part 2 of this series, we showed you how to monitor Azure SQL Database metrics and logs using the Azure platform. In this post, we will look at how you can use Datadog to monitor your Azure SQL databases alongside other technologies in your infrastructure. Datadog provides turn-key integrations for Azure along with more than 500 other technologies, enabling you to track long-term performance trends across all systems in your infrastructure, not just your SQL databases.