Operations | Monitoring | ITSM | DevOps | Cloud

Security

The latest News and Information on CyberSecurity for Applications, Services and Infrastructure, and related technologies.

Using Kosli to signal a change freeze

Like many software teams, here at Kosli we use a continuous delivery approach. This means that every commit to our trunk is automatically built, tested, and deployed to our production-like staging environment. This provides us with the confidence that every build is potentially deployable to production. We use our staging environment to perform final exploratory testing before we deploy to production. Deployments to production are “on-demand”.

Binary Provenance, SBOMs and the Software Supply Chain for Humans

“What’s really running in prod?” Every engineer will hear these immortal words on a long enough timeline (or career). It might be because a new security zero day was dropped, alerts fired from the depths of a vast microservice architecture, or you might just be looking to know what commit was actually tested. Either way, it often comes with the promise of a stressful day.

DevOps Security Best Practices: 2025 Guide

Is your DevOps security ready for cyber threats? Embrace these best practices and make security your competitive advantage. DevOps, a set of practices that combines software development (Dev) and IT operations (Ops), has revolutionized the way organizations build, deploy, and maintain software. With the rise of cloud computing, there was a need for faster and more reliable software delivery than traditional software development methodologies allowed. DevOps was the natural evolution.

Having a "Secure Network" or "Secure Devices" Isn't Enough Anymore. So, What Is?

There’s this notion that a secure network of devices is not good enough…that what you need is a network of secure devices. However, at Zebra, we believe the only thing that’s acceptable these days is a secure network of secure devices. That’s why we’re working with Google Cloud and Qualcomm Technologies, Inc. to look deep into on-prem and cloud architectures to implement the best security features at every potential access point.

Types of Intrusion Detection Systems: Network vs. Host-Based IDS

Intrusion Detection Systems (IDS) are specialized security tools that are designed to detect and respond to suspicious activities within an organization's network or on individual computer systems. Their primary objective is to identify anomalous patterns or behaviors that may indicate a security incident. These anomalies may include unauthorized access attempts, suspicious patterns in network traffic, or alterations to critical system files.

New IT Disruptions Shake Up the Enterprise Landscape

Recent IT disruptions have been the causes of great changes in the very core of doing business worldwide, presenting both challenges and opportunities in their wake. As such, organizations continue to embrace these changes through emerging technologies, operations, workforce interactions, and customer experience. Therefore, digitization and the adoption of innovative solutions are key to maintaining competitive advantages.

Feature Friday #34: Self organizing groups with select_class

Did you know CFEngine can self-organize hosts into different groups? Say you have a few hosts that you want to reboot once a month. You don’t care when, but you want the hosts to self-organize and pick a date. The select_class attribute for classes type promises might be what you’re looking for. Let’s take a look.

10 Best Practices for Ruby on Rails Development

There is much to learn when coding with Ruby on Rails, and the steep learning curve is not always easy. Fortunately, as an open-source web development framework, there is a large community backing RoR that can always be sought out with questions. Chances are someone has already written a tutorial or has the advice to streamline what you're trying to do with Ruby on Rails. Here are the best practices for Ruby on Rails development for your web development project.
Sponsored Post

Platform Engineering: A Deep Dive into Building the Foundation for Modern Software Delivery

In the ever-evolving software development landscape, platform engineering has risen to prominence as a pivotal practice, transforming how organizations build, maintain, and operate internal infrastructure. As digital transformation continues to accelerate, companies are under immense pressure to deliver software faster, more reliably, and at scale. Platform engineering provides the foundation for achieving this by creating and maintaining internal developer platforms (IDPs) that streamline the development process, enabling developers to focus on writing code rather than managing complex infrastructure.