Operations | Monitoring | ITSM | DevOps | Cloud

It's time to break down the silos separating SREs from security engineers.

A data center typically employs between 30-200 people depending on the size and the intended project use. But only a fraction of those folks run the IT side. Besides swapping gear—the infamous “remote hands”—there isn’t much to do as long as there aren’t any outages, and rumor has it a data center is a nice place to sleep—it’s dark, cool, and the deep humming noise can have a pacifying impact on some.

Early this year, we set out on a journey to onboard a new cloud engineering team at JFrog. Many can relate to the challenges involved with onboarding a new team, these were amplified even more during the pandemic. However this blog post is not about COVID-19, it is about sharing our experience of fine-tuning the onboarding path for this unbeatable group. TL/DR: What it takes to build and onboard a team of junior engineers into the existing JFrog Cloud engineering team.

What can I say further about Ivanti’s mobile threat defense (MTD) solution for iOS, iPadOS and Android devices that has not already been mentioned in any of my previous blogs and quick video demos? If I was to state where Ivanti has a clear advantage over other unified endpoint management competitors, it is with Ivanti’s MTD solution.

We recently started using GitHub Security Advisories as part of our workflow for pushing out security releases. This post will give a brief introduction on how they work, how we use them, some of their limitations, and how we overcome them. We are still experimenting with this workflow, but the information could still be helpful for some while others might have suggestions how we could do things better.

CloudOps is on the up. This is in part due to the rapid acceleration of the shift to cloud that was caused by the pandemic. The shift allowed companies to innovate faster, enjoy greater flexibility and scalability, and become more cost efficient. Many organizations who rapidly adopted cloud or increased their usage now realize that they need to better manage their cloud investments in order to fully embrace these benefits.

Serverless lets you deploy applications far away in a data center of a cloud provider. This relieves you of the lion’s share of operational burdens. The more you buy into your cloud provider’s ecosystem, the less you have to do yourself: no more OS updates or database bugfix installations. But you still need to do some operation-related work on your own. For instance, monitoring your application to know what’s going on in that far away data center.

The Splunk Threat Research Team has assessed several samples of Trickbot, a popular crimeware carrier that allows malicious actors to deliver multiple types of payloads.

As we start to see big moves from monolith deployments to microservices, the adoption of Kubernetes has become top of mind for many SREs. Organizations can leverage the open-source system to automate deployments, scale, and manage containers, making Kubernetes one of the primary solutions for delivering workloads. However, maintaining the system can be difficult and, in some cases, overwhelming.

Today, the Kubernetes community made the 1.22 release candidate available, a few weeks ahead of general availability, planned for August the 4th. We invite developers, platform engineers and cloud tech enthusiasts to experiment with the new features, report back findings and bugs. MicroK8s is the easiest way to get up and running with the latest version of K8s for testing and experimentation.