The Center for Internet Security (CIS) is a nonprofit organisation that uses a community-driven process to release benchmarks to safeguard enterprises against cyber attacks. It is one of the most recognised industry standards that provides comprehensive configuration checklists to identify and remediate security vulnerabilities in a computing environment.

This is a guest blog by Trent R.Hein, Co-CEO of Rule 4. Once in a while an opportunity comes along that brings out our inner geek like no other, which is what happened when Canonical asked if we’d be willing to review the overall cybersecurity model of Ubuntu Core and its ecosystem.

Cisco Meraki provides a range of IT infrastructure devices—like network security appliances, switches, and wireless access points. As your on-prem infrastructure grows and you add potentially thousands of Meraki devices to your network, it becomes a challenge to get visibility across your entire fleet of devices.

AWS Fargate allows you to run applications in Amazon Elastic Container Service without having to manage the underlying infrastructure. With Fargate, you can define containerized tasks, specify the CPU and memory requirements, and launch your applications without spinning up EC2 instances or manually managing a cluster. Datadog has proudly supported Fargate since its launch, and we have continued to collaborate with AWS on best practices for managing serverless container tasks.

Hasura is an open source engine that connects to your databases & microservices and auto-generates a production-ready GraphQL backend. By using Hasura in conjunction with Qovery, you get a blazing fast, auto-scallable and extensible solution to quickly build your applications.

Where are Docker container logs stored? There’s a short answer, and a long answer. The short answer, that will satisfy your needs in the vast majority of cases, is: From here you need to ship logs to a central location, and enable log rotation for your Docker containers. Let me elaborate on why with the long answer below.

Resilience in Action is a podcast about all things resilience, from SRE to software engineering, to how it affects our personal lives, and more. Resilience in Action is hosted by Blameless Staff SRE Amy Tobey. Amy has been an SRE and DevOps practitioner since before those names existed. She cares deeply about her community of SREs and wants to take what she’s learned over the 20+ years of her career to help others. In our very first episode, Amy chats with Netflix software engineer Lorin Hochstein.

Containers are becoming the new computing standard for many businesses. New technology does not protect you from traditional security concerns. If your containers handle any sensitive data, including personally identifiable information (PII), credit cards or accounts, you’ll need to take a ‘defense in depth’ approach to container security. The CI/CD pipeline is vulnerable at every stage, from build to ship to runtime.

TLS (and the previously used SSL) protocols make the web go round. They are fundamental when establishing a link between two computers, creating a very special mathematical relationship signified by the all-encompassing gesture of friendship: the handshake. So fundamental, in fact, that we probably take them for granted when we shouldn’t. The user relies on TLS encryption every day to protect data and the integrity of a session.