Operations | Monitoring | ITSM | DevOps | Cloud

The latest News and Information on DevOps, CI/CD, Automation and related technologies.

Best practices for network perimeter security in cloud-native environments

Cloud-native infrastructure has become the standard for deploying applications that are performant and readily available to a globally distributed user base. While this has enabled organizations to quickly adapt to the demands of modern app users, the rapid nature of this migration has also made cloud resources a primary target for security threats.

How does a DNS work?

DNS resolution is the first step taken to form an internet connection. This includes when any device is being used to access a website or any type of internet-enabled application, such as e-commerce, CRM, or food delivery. These applications are connected to the internet via IP-backbone, which is typically controlled by a protocol named BGP (Border Gateway Protocol). Each application has a unique numbering schema on the internet, referred to as IP address.

Scanning Secrets in Environment Variables with Kubewarden

We are thrilled to announce you can now scan your environment variables for secrets with the new env-variable-secrets-scanner-policy in Kubewarden! This policy rejects a Pod or workload resources such as Deployments, ReplicaSets, DaemonSets , ReplicationControllers, Jobs, CronJobs etc. if a secret is found in the environment variable within a container, init container or ephemeral container. Secrets that are leaked in plain text or base64 encoded variables are detected.

7 ways teams are using incident.io's Decision Flows

One of my favourite features in incident.io is Decision Flows. With it, you can create a series of questions which eventually lead to a decision based on what you’ve answered. You can pull up this flow during an incident and it’ll guide you through the questions. It’s like having an experienced on-caller calmly guide you through what to do when a crisis hits. This is complementary to incident.io’s Workflows feature.

Komodor Introduces New Companion Tool For Helm

Today, I am happy to see the public release of Helm-Dashboard, Komodor’s second open-source project, after ValidKube, and my first since joining the team as Head of Open Source. It’s a compelling challenge to try and solve the pain points of Helm users, but more than anything it’s a labor of love. So it is with love that we’re now sharing this project with the community, and I’m excited to imagine where it will go from here.

Getting started with Civo Academy

Here at Civo, we have created over 50 free video guides and tutorials to help you navigate Kubernetes: from understanding the basic need for and function of containers, to launching and scaling your first clusters. You can start learning everything you need to know to get started with Kubernetes today with our nine modules which were created by in-house experts at Civo!

Puppet supports DoD continuous compliance and configuration management

Puppet Enterprise now offers Compliance Enforcement Modules aligned to DISA STIGs Benchmarks. The Defense Information Systems Agency (DISA) Security Technical Implementation Guides (STIGs) were built to safeguard our most critical security systems and data against a dynamic threat environment, yet monitoring and enforcing widely deployed infrastructure at the U.S. Department of Defense (DoD) scale is a formidable task.

How To Build A Case For Your Cloud Cost Optimization Opportunity

Identifying great business optimization opportunities is tougher than it seems. You often need to weigh the projected revenue and costs of taking a new path against the potential opportunity costs of not taking that path. Not only is this an apples-to-oranges comparison, but also a “what if” scenario riddled with variables. For instance, what if slashing costs makes the customer experience so much slower and more frustrating that sales decline and you wind up losing revenue?

FireHydrant is now more powerful across the entire incident lifecycle

FireHydrant has partnered with incredible companies to transform incident response inside their organizations, but our goal has always been to support the full incident lifecycle. That’s because we know that investing in good incident management can kickstart your reliability efforts when it includes both a streamlined incident response process that helps you recover faster and the ability to learn from incidents and then feed those insights back into your system.