Network/Security Operations Center (NOC/SOC) engineers and service desk personnel are tasked to process numerous incidents as quickly as possible. However, to resolve an incident they are required to to perform various activities including collecting various operations data including metrics, logs, traces and more from different tools. In many cases, the process also involves coordinating with other IT personnel or creating a war room to bring the incident to closure.

In Linux, system calls (syscalls) are at the heart of everything. They are the primary interface through which an application interacts with the kernel. Therefore, it is vital that they are fast. And especially in a post-Spectre/Meltdown world, this is all the more important.

Every day more and more third-party service providers are publishing APIs for their customers to consume, with many of them competing against each other. For instance, with payment APIs, you can use Stripe, Recurly, Chargify, or several others.

As part of the re-affirmed commitment to customers as announced on January 30, Ivanti launched an Independent Business Unit (IBU) consisting of proven solutions with a large customer following (dare I say, fans?) that deserve some TLC. One of these solutions is Ivanti Endpoint Security (IES), previously referred to as Endpoint Management & Security Suite (EMSS) and also as Patch for Linux, Unix and Mac. So, what’s new with Ivanti Endpoint Security?

Today we are proud to announce the next major release of Icinga for Windows: Version 1.1.0. Besides new core features that we added to the Framework itself, we also provide additional components to extend the features of our solution. Thanks to the increased usage in our community we collected lots of feedback that we considered and implemented for better usability and flexibility.

This post is the second in our series on system metrics where we cover: In the previous post, we went through some built-in tools and methods for identifying key metrics and values on your systems. In this post, we'll provide a tutorial on how to use Metricbeat to consolidate metrics, store and analyze them in the long term, and discuss some of the benefits of a centralized metric store.

We hosted our first ever virtual Elastic{ON} Gov Summit with one primary goal: recreate the collaboration and community-building we normally enjoy at our in-person Gov Summit in a new, virtual format. And we were humbled to be able to do just that. The event gathered more than 2,000 registered attendees from across government agencies and partners to collaborate while so many of us were social distancing across the nation.

As organizations embrace a combination of hybrid, multi-cloud, and cloud-native infrastructure to optimize business services, technology teams are struggling to control the chaos of their complex IT environments. IT operators need to piece together availability and performance data across different applications and infrastructure components to truly understand the true health of their enterprise services.

We're happy to announce that we have just launched our improved integration for the Azure Event Hub, allowing DevOps & Security professionals to send log data for analysis easier than ever. This announcement comes as Microsoft’s Azure Event Hub reaches its highest global popularity as a data ingestion service. The integration ensures best-in-class performance across a variety of use cases using Azure.

In this post, we continue our discussion of use cases involving account take over and credential access in enterprise data sets. In the first part of this series, we introduced the definition of a VIP account as any account that has privileged or root level access to systems/services. These VIP accounts are important to monitor for changes in behavior, particularly because they have critical access to key parts of the enterprise.