The most common problems and outages in a Kubernetes cluster come from coreDNS, so learning how to monitor coreDNS is crucial. Imagine that your frontend application suddenly goes down. After some time investigating, you discover it’s not resolving the backend endpoint because the DNS keeps returning 500 error codes. The sooner you can get to this conclusion, the faster you can recover your application.

Depending on the business, there’s a myriad of IT assets to keep track of and doing it manually can be taxing. An IT asset management system allows IT pros to monitor all the hardware and software introduced into the business and when those assets exit. When a service desk has details on each IT asset, where it resides, and its owner, IT pros can provide continuity of service and better manage service costs. IT assets can be physical, digital, software, and in the cloud.

Network security management typically entails end-to-end management of the entire network security infrastructure of an enterprise. However, in this rapidly changing security ecosystem, there’s an inherent need for IT admins to be extremely agile to maintain an effective security posture.

Exciting news! We have recently updated our Webhooks integration to allow custom headers in order to integrate with third party alarming tools. This update makes our webhooks integration more powerful and adaptable. The Webhook integration allows you to get RapidSpike notifications in your applications, and custom headers lets us send extra data along with the Webhook, which some third parties may require.

Supporting legacy applications is problematic for several reasons. These aging systems are becoming increasingly obsolete and difficult to maintain. They use outdated software languages and unsupported hardware parts—some as much as 50 years old. As they age, they introduce cybersecurity risk and are less effective at accomplishing their intended purpose. While achieving application modernization isn’t without its challenges, the benefits are considerable.

Modern day Security Information and Event Management (SIEM) tooling enterprise security technology combine systems together for a comprehensive view of IT security. This can be tricky, so we’ve put together a simple SIEM tutorial to help you understand what a great SIEM provider will do for you. A SIEM’s responsibility is to collect, store, analyze, investigate and report on log and other data for incident response, forensics and regulatory compliance purposes.

Cybersecurity Infrastructure Security Agency (CISA) released Alert (AA20-302A) on October 28th called “Ransomware Activity Targeting the Healthcare and Public Health Sector.” This alert details TTPs associated with ongoing and possible imminent attacks against the Healthcare sector, and is a joint advisory in coordination with other U.S. Government agencies.

Several weeks ago, my good friend Katie Nickels (Director of Intelligence at Red Canary extraordinaire) and I were chatting about Ransomware. She was super interested and passionate about some new uses of a ransomware variant named “Ryuk” (first detected in 2018 and named after a manga/anime character) [1]. I was, to be honest, much less interested. It turns out, as usual, Katie was right; this was a big deal (although as you will see, I’m right too… still dull stuff!).

Since 2004, October has been designated by the National Cybersecurity Alliance as National Cybersecurity Awareness Month (NCSAM). Immediately, the mind wanders to supercomputers creating unbreakable algorithms against adversaries with unlimited compute power. This virtual landscape is happening today, and the arms race on both sides is something we’ll have to grapple with for the foreseeable future.

While all cybersecurity professionals agree that log management is integral for robust proactive and reactive security, managing the enormous amount of data logs can be a challenge. While you might be tempted to collect all logs generated from your systems, software, network devices, and users, this “fear of missing out” on an important notification ultimately leads to so much noise that your security analysts and threat hunters cannot find the most important information.