Operations | Monitoring | ITSM | DevOps | Cloud

Here are the latest StatusHub updates for the last 3 months and news on the progress of our new control panel.

Healthchecks.io pinging API has always been based on UUIDs. Each Check in the system has its own unique and immutable UUID. To signal a start, a failure, or a particular exit status, clients can add more bits after the UUID: This is conceptually simple and has worked quite well. It requires no additional authentication. The UUID value is the authentication, and the UUID “address space” is so vast nobody is going to find valid ping URLs by random guessing any time soon.

It can be challenging to manage enterprise infrastructure across hybrid cloud and on-premises environments with accurate and timely tracking asset details — especially if you don't know what you have. The more systems deployed, the more visibility is necessary for your IT operations teams to meet critical business Service Level Agreements successfully.

Hi, it’s me... Back again with something exciting: Puppet’s new Compliance Enforcement Modules, or CEMs. We’ve been working on some pretty cool stuff since we launched Puppet Comply last year. Lots of great feedback has come in, and we’re thankful for every opportunity we get to show our customers how we can help. This feedback comes in many forms, but one of the things we’ve heard time and time again is that achieving compliance is still hard.

We’ve all seen the headlines. It’s no secret companies are being forced to re-examine the employee experience and what the future of work will look like in a post-pandemic world. With the adaptation to remote work, the pandemic created a new normal—where office and home life are blended, and people became accustomed to more flexibility. Now that flexibility is a benefit people don’t want to lose.

Typically, an infrastructure is made up of numerous critical services which should not be exposed to everyone. In this blog by Uzziah, learn how Cloudflare Access enables you to protect internal services that you’d rather not expose to everyone.

If you've been using Let's Encrypt for a while, you may have noticed that their certificates are signed by a root certificate titled DST Root CA X3. That root certificate is set to expire in a few hours. Any certificates still signed by that root will no longer be valid. But luckily, that shouldn't form a problem for most Let's Encrypt users. For a while now, new SSL issuances by Let's Encrypt have issued certificates against DST Root CA X3 (the one that is about to expire) and ISRG Root X1.

Not so long ago, development teams working for the U.S. Department of Defense could take anywhere from three to ten years to deliver software. “It was mostly teams using waterfall, no minimum viable product, no incremental delivery, and no feedback loop from end users,” Nicolas M. Chaillan, Chief Software Officer of the U.S. Air Force, said in a CNCF case study. “Particularly when it comes to AI, machine learning, and cybersecurity, everyone realized we have to move faster.”

Modern software development is evolving rapidly, and while the latest innovations allow companies to grow through greater efficiency, there is a cost. Modern architectures are incredibly complex, which can make it challenging to diagnose and rectify performance issues. Once these issues affect customer experience, the consequences can be costly. So, what is the solution? Observability — which provides a visible overview of the big picture.

The Forge team at Puppet has been hard at work for the past few months building out a malware scanning framework in order to help folks be more proactive about their security posture. Now, to be clear, this doesn't replace your own security mitigations. You should still audit untrusted code. You should still run your own virus protections. There are many layers in a robust security profile, and this is only one of them.