EventSentry v4.1 builds on v4.0 released earlier this year and offers a lot of exciting new & improved features that enhance a variety of different monitoring scenarios.

Over the past decade, there have been many innovations in the software development industry with new technologies like the cloud, microservices, and virtualization and new methods with DevOps and agile practices. With these advancements, we’ve seen a seismic shift in application development, from many apps being built for business users and desktops to the rise of consumer apps on mobile devices.

Two malicious Python libraries, jeilyfish (with a capital i and a lowercase L in the original name) and python3-dateutil, were detected on PyPI (Python Package Index) on December 1st. They were typosquatting similar named legitimate libraries jellyfish (with a double lowercase L) and python-dateutil libraries, a malicious technique aiming to trick developers to use the similar named modified libraries.

“Service mesh” is an umbrella term for products that seek to solve the problems that microservices’ architectures create. These challenges include security, network traffic control, and application telemetry. The resolution of these challenges can be achieved by decoupling your application at layer five of the network stack, which is one definition of what service meshes do.

This year was the first time that we, together with the team from Approved in Sweden, hosted the yearly SCOM-Day event in Gothenburg. This year's event was a great success for which we thank our sponsors and attendee's. As always, the day was packed with exciting sessions and numerous networking opportunities. We have gathered pictures and presentations from the event that you can find in the link below.

In today’s post, we will be covering the Elixir library named Broadway. This library is maintained by the kind folks at Plataformatec and allows us to create highly concurrent data processing pipelines with relative ease. After an overview of how Broadway works and when to use it, we’ll dive into a sample project where we’ll leverage Broadway to fetch temperature data from https://openweathermap.org/ in order to find the coldest city on earth.

Organizations are rapidly moving more and more mission-critical applications to Kubernetes (K8s) and the cloud to reduce costs, achieve faster deployment times, and improve operational efficiencies, but are struggling to achieve a strong security posture because of their inability to apply conventional security practices in the cloud environment. Commitment to cloud security grows, but security safeguards are not keeping up with the increased use of the various cloud platforms.

In recent weeks, some of the most recognizable companies in the DevOps space have had their foundations rattled, perhaps shaking developer confidence. The acquisition of Docker Enterprise by Mirantis, the acquisition of Sonatype (Nexus) by a capital firm and the open-sourcing of Quay by Red Hat leave many development shops wondering what will happen next with their strategic tool choices.

Most people, when they think about Software Asset Management (SAM) (and, let’s be honest, most people try to avoid thinking about it at all), they think about minimizing disruption and cost of audits and ensuring that the organization remains in a compliant state to avoid heavy fines from their vendors. To be fair to these people, that is what a large part of SAM is—ensuring that the organization is paying appropriately for the products they use to avoid costly audits or legal battles.

But does this mean that Pandora FMS is also into Lynis security? Well, its specialty is different… but yes, of course, it reaches everything covered by monitoring. In fact, flexibility is inherent to its name: FMS means Flexible Monitoring System and it is a tool with which you can save yourself many headaches, as well as tailor it to your needs!