The value of log files goes far beyond their traditional remit of diagnosing and troubleshooting issues reported in production. They provide a wealth of information about your systems’ health and behavior, helping you spot issues as they emerge. By aggregating and analyzing your log file data in real time, you can proactively monitor your network, servers, user workstations, and applications for signs of trouble.
Contractors, freelancers, and other temporary workers have become essential parts of the modern enterprise. For IT and security teams, these individuals present unique challenges compared to full-time workers—and potential risks. The ‘offboarding’ process for these contractors is often less formal than bringing them on. Meaning, many just stop using their entitlements and accounts without actually closing them. These dormant accounts can pose serious risks to the organization.
This blog is the third in a four-part series about how Puppet can help government agencies meet compliance and security requirements. Read the second post here. Government agency IT departments know that migrating applications to the cloud can improve efficiency, increase visibility, and reduce costs. They also recognize the value in keeping some operation resources on-premises.
What would happen if your enterprise resource planning (ERP) system were attacked? For many companies, the consequences would be devastating. ERP systems not only contain the crown jewels of the business—customer data, stock levels, order entries, production plans, and contract data—they also manage such essential financial processes as order to cash (OTC), and operational processes such as production planning and steering and cash collection and payments.
No buzzwords were harmed in the making of this post Let’s take one of the most overloaded terms, DevOps, and mix it with the haziest of topics, security. What do you get, apart from confusion? SecDevOps. Or maybe it’s DevSecOps. If you’re not sure what either means, you’re not alone. Even the industry at large can’t decide what they should call it. And so they - we - came up with a new term altogether.
In any given IT environment, a server is the foundation that provides services for endpoints to carry out various actions. They are essential for computer networks to have shared access or information. Unfortunately, servers are often targets for cyberattacks due to their ability to reach other parts of the IT environment and wreak havoc. With these attacks on the rise, developing a server hardening process will help organizations improve its security posture.
Recently we introduced new feature where you can trigger agent runs and report collection from the Mission Portal UI. This required our daemon cf-execd to behave a bit differently when periodic agent runs occur. Previously the daemon would create a new thread in which to run cf-agent, capture output, wait for completion and move on. We changed the behavior so that the daemon forks itself and then fork/execs cf-agent as before, with the forked cf-execd processing agent run output.
A while back we released version 2 of cfbs, and even though we release versions of this tool quite frequently, without announcing it on the blog, we thought this was a good opportunity to talk a bit about the tool, what’s new and our direction with it in the future. The reason why we called this the “2.0” release is that we are trying to follow semantic versioning, and there were some big new features in the release which could be considered breaking changes.
