Recently, an incorrect security report was published, claiming that there’s a SQL injection attack in Grafana. As we have communicated to the security researcher, this report is wrong. Authenticated users in Grafana have the same permissions as the user configured for the underlying data source.

Two modules are available for this task: allow-all-hosts and allow-hosts. The first module, allow-all-hosts, configures the most open situation which is to accept hosts from anywhere. This is only recommended in network restricted environments such as a local machine’s virtual machine network or other such closed down situations.

Ever want to run just a one or a few select bundles from your policy? While developing policy it’s common to run cf-agent -KI so that you can quickly iterate on changes and the run the policy without locks. But if you are focused on select bundles you may not need the full policy to run, you can use the --bundlesequence option to specify one or more bundles overriding the bundlesequence defined in body common control. Let’s check out an example using the Masterfiles Policy Framework (MPF).

Security is paramount for almost any sized organization. With the rapid pace of technological advancements and the increasing reliance on digital infrastructure, organizations face an ever-evolving landscape of cyber threats and risks. Protecting sensitive data, intellectual property, and customer information is no longer optional; it is a critical component of maintaining trust and credibility in the marketplace.

This blog post explores Cribl.Cloud‘s approach to Identity Governance (IG), a crucial strategy for securing access to critical systems and data. Learn how Cribl.Cloud leverages IG to ensure security, compliance, efficiency, and customer trust, while also tackling the challenges of managing custom SaaS APIs within an IG framework.

Not that long ago, in a galaxy that isn’t remotely far away, a disturbance in the open source world was felt with wide-ranging reverberations. Imagine waking up one morning to find out that your beloved open source tool, which lies at the heart of your system, is being relicensed. What does it mean? Can you still use it as before? Could the new license be infectious and require you to open source your own business logic? This doom’s day nightmare scenario isn’t hypothetical.

In a world where data carries such huge importance, safeguarding sensitive information is critical for all organizations. In our current landscape, where cyber threats lurk around every corner, passwords serve as the frontline defense, shielding both MSPs and their customers from potential breaches and data compromises. World Password Day, is the perfect opportunity for MSPs emphasize the importance of robust password management to their customers.

In this livestream, I talked to security expert Matt Johansen, a computer security veteran who has helped defend everyone from startups to the largest financial companies in the world. We talked about the current state of cybersecurity, why attacks are on the rise, and what can be done to prevent threats in the future. Matt’s blog covers the latest news in cybersecurity and also touches on mental health and personal growth for tech professionals.