Nothing fills out the “worst-case scenario” column quite like a data breach. For the countless teams out there who work hard to protect their customers’ data, the idea of compromising that trust is a nightmare. Data breaches are on a lot of minds lately with the 2017 Equifax data breach, which exposed personal data from 143 million American consumers. The company, security industry, and regulators have a huge task of working out the details on how something like this happens.

Auditing changes on Microsoft Windows DNS server is a common requirement and question, but it’s not immediately obvious which versions of Windows support DNS Auditing, how it’s enabled, and where the audit data (and what data) is available. Fortunately Microsoft has greatly simplified DNS Server auditing with the release of Windows Server 2012 R2.

We’re happy to announce that CFEngine 3.7.6 is released! With 3.7 being a stable LTS branch, 3.7.6 brings bug fixes and stability enhancements to the CFEngine customers and community.

Today’s approach to securing IT infrastructure is passé. In a dynamic world of unpredictable and often frequent infrastructure changes, the traditional approach to security falls short. It is no longer sufficient to just scan frequently for vulnerabilities and then try to interpret this data in real time without (human) error. Additionally, despite smart analytics, this approach to illuminating security issues and remediating them is extremely time consuming.

Over the past several weeks, the security of AWS S3 buckets have come under increasing scrutiny. While the S3 service itself has not suffered any known breaches, customer misconfigurations have created some big headaches for some equally big companies.

At CloudSploit, one of our biggest satisfactions is learning more about how our users actually use our product. While we can look at charts, graphs, and usage statistics, nothing beats an actual walkthrough by an enthusiastic user who has incorporated CloudSploit into his or her company’s architecture.

The concept of “the cloud” is an amazingly powerful and novel solution for many providers and users. The idea of shifting from physical infrastructure to the digital space is an attractive one, especially when consideration is given to the impact of such a migration in terms of economy, ease of access, and ease of use. Due to this alluring nature, many organizations have rushed to adopt cloud-based solutions in recent years, and have garnered a large amount of success.

With more and more services using SSL keeping track of the certificates in use across a global infrastructure can be challenging. The inventory reporting features in CFEngine Enterprise can be useful in identifying services using SSL as well as when their certificates will expire.

Automatically detect network failures and reconnect with AutoSSH. This tip lets you create a persistent connection between two servers, or between your desktop and server, and have it automatically re-connect.

SSLping was born as a side project. It’s useful to people, which is cool, but today it was also helpful to me! I use it to monitor my HTTPS websites. This morning, my own SSLping project sent me an email about how my website https://hire.chris-hartwig.com is about to expire (in 10 days): it’s using Letsencrypt, and it’s been 80 days since I installed the cert.