Forecasting health is vital in today's society. Who has the highest risk of getting a virus? Are you able to predict when this will happen? Knowing answers to these questions could save many lives. Forecasting the health of IT infrastructures is equally essential. Think of identifying databases that are about to stop serving requests in a timely matter, hard drives that are about to run out of space, or Service-level agreements (SLA's) that are about to cross the set thresholds.

Last month, we hosted a webinar, Hunting for persistence using Elastic Security, where we examined some techniques that attackers use in the wild to maintain presence in their victim’s environment. In this two-part blog series, we’ll share the details of what was covered during our webinar with the goal of helping security practitioners improve their visibility of these offensive persistence techniques and help to undermine the efficacy of these attacks against their organization.

In today’s chaotic digital sphere, networks are distributed across an increasingly wide range of hackable endpoints. From smartphones and tablets to Internet of Things (IoT) devices—everything gets connected to the network. EDR technologies and practices were created for the purpose of providing active endpoint protection and defense. However, if your systems and admins are overloaded with alerts, an EDR strategy might become obsolete.

That is a common question I see among developers. Most of the time, nobody cares about system logs. But when things go south, we absolutely need them. Like water in the desert, sometimes! At Dashbird, we have a list of criteria compiled to determine a reasonable retention policy for application logs. There is no one-size-fits-all, though. The analytical dimensions below will give a relative notion of how long the retention period should be.

With the rise of cloud computing and modern distributed systems, we also witnessed the rise of a new practice area: DevOps. Despite being fundamental for smooth cloud operations, a dedicated DevOps practitioner is a luxury most teams can’t afford. Salaries average $130K in San Francisco, for example. When a dedicated DevOps practitioner is not available in our team, what should we do? The answer could unfold a multitude of aspects.

Web proxies intercept traffic from your systems as they move to other systems, analyze the packets, then send the data along. There are a lot of reasons why you might want to intercept packets. Originally the main use case for a proxy was as a caching server. In this use case, the first time a person in your network goes to a website, the static content (particularly graphic images) gets downloaded and cached. Then, because the content is local, the next person to hit that site will get a fast response.

(This blog post is part of a 5 part series, titled “How to launch IoT devices”. It will cover the key choices and concerns when turning bright IoT ideas into a product in the market. Sign up to the webinar on how to launch IoT devices to get the full story, all in one place.) First part: Why does IoT take so long? Second part: Select the right hardware and foundations Third part: IoT devices and infrastructure

The tutorial for building a Raspberry Pi cluster with MicroK8s is here. This blog is not a tutorial. This blog aims to answer; why? Why would you build a Raspberry Pi cluster with MicroK8s? Here we go a little deeper to understand the hype around Kubernetes, the uses of cluster computing and the capabilities of MicroK8s.

Canonical today announced full enterprise support for Kubernetes 1.18, with support covering Charmed Kubernetes, MicroK8s and kubeadm. Committed to releasing in tandem with upstream Kubernetes, enterprises can benefit from the latest additions to enhance their day to day operations.

Uh oh, the site’s certificate has expired. How do we generate a new one? Where’s the private key? Which servers need the new cert? What even goes in the cert? If this sounds all too familiar, rest assured you’re not alone. Outages due to expired certs are far too common and it happens to sites of all sizes (one recent example includes Microsoft Teams going down for several hours due to an expired cert). Disruptions like this are entirely preventable with proper monitoring in place.