We recently started using GitHub Security Advisories as part of our workflow for pushing out security releases. This post will give a brief introduction on how they work, how we use them, some of their limitations, and how we overcome them. We are still experimenting with this workflow, but the information could still be helpful for some while others might have suggestions how we could do things better.
CloudOps is on the up. This is in part due to the rapid acceleration of the shift to cloud that was caused by the pandemic. The shift allowed companies to innovate faster, enjoy greater flexibility and scalability, and become more cost efficient. Many organizations who rapidly adopted cloud or increased their usage now realize that they need to better manage their cloud investments in order to fully embrace these benefits.
Serverless lets you deploy applications far away in a data center of a cloud provider. This relieves you of the lion’s share of operational burdens. The more you buy into your cloud provider’s ecosystem, the less you have to do yourself: no more OS updates or database bugfix installations. But you still need to do some operation-related work on your own. For instance, monitoring your application to know what’s going on in that far away data center.
The Splunk Threat Research Team has assessed several samples of Trickbot, a popular crimeware carrier that allows malicious actors to deliver multiple types of payloads.
As we start to see big moves from monolith deployments to microservices, the adoption of Kubernetes has become top of mind for many SREs. Organizations can leverage the open-source system to automate deployments, scale, and manage containers, making Kubernetes one of the primary solutions for delivering workloads. However, maintaining the system can be difficult and, in some cases, overwhelming.
Today, the Kubernetes community made the 1.22 release candidate available, a few weeks ahead of general availability, planned for August the 4th. We invite developers, platform engineers and cloud tech enthusiasts to experiment with the new features, report back findings and bugs. MicroK8s is the easiest way to get up and running with the latest version of K8s for testing and experimentation.
Exploring the Internet and accessing SaaS applications via a web browser such as Google Chrome, Firefox, or Microsoft Edge is commonplace today. At times, end-users visiting apps through multiple channels face performance issues of slow Wi-Fi (Network) speed, increased page response times (TTFB), and long page load times resulting in end-user dissatisfaction and frustration.
On May 12, 2021, President Biden signed an executive order calling on federal agencies to improve their cybersecurity practices. Following the recent SolarWinds and Colonial Pipeline attacks, it is clear that security incidents can severely impact the economy and civilians' day-to-day lives and that cybersecurity needs to be a high-priority issue. We encourage you to read the full executive order.
