If you manage applications running on cloud platforms, you likely depend on multiple cloud vendors and services. These could be infrastructure providers like AWS, GCP or Azure. A vulnerability in any of these services could potentially impact your applications and your users. A cloud platform has many moving parts, many of which are dependent on other third-party providers.

With the nearly unmatched reliability and scalability offered by the 12-factor application design pattern, microservice-based designs have become a fundamental architectural pattern for modern applications. A whole industry of cloud providers has sprung up to offer management of the sophisticated middleware and infrastructure services that make this possible. Amazon Web Services (AWS) is among the largest of them.

AWS Elastic Container Service for Kubernetes (EKS) is a managed service ideal for large clusters of nodes running heavy and variable workloads. Because of how account permissions work in AWS, EKS's architecture is unusual and creates slight differences in your monitoring strategy. Overall, it's still the same Kubernetes you know and love.

We all know that testing new ideas on physical IT infrastructure requires a massive upfront cost. That's why businesses adopt cloud infrastructure setups. These setups offer on-demand resources, which allow you to start new projects and pay for only what you use. This eliminates the need for expensive hardware and maintenance, enabling flexibility that organizations require.

When you have a piece of data tucked into your logs or span tags, how do you dig for that bounty of insight today? Commonly this sort of data will be numeric, like a purchase total or number of units. Wouldn’t it be nice to easily turn that data into a metric timeseries? The Sum Connector in OpenTelemetry does just that, allowing you to create sums from attributes attached to logs, spans, span events, and even data points!

To confirm cyberattack occurrences and build or enhance cyber-defense strategies, threat intelligence teams use a lot of information, including Indicators of Compromise (IoCs). These IoCs are actually forensic data that are critical in: The relevance of IoCs cannot be downplayed, but they're not all that’s needed in building an effective cybersecurity strategy. In this article, we’ll explore indicators of compromise, their types, and their relevance to threat intelligence teams.

Over the past year, I’ve noticed some interesting trends in my work with state and local governments. Across my conversations with organizations in this space, there’s a common thread: teams are getting creative about maximizing their limited resources. With budgets either flat or shrinking and operational demands increasing, these teams face tough choices. They’re being asked to maintain or improve services while working with the same, or in some cases, fewer resources than before.

Ever wondered how many NetFlow exporters or edge routers you have configured on your core switches? What if I told you that every exporter uses ~0.2% bandwidth in overhead? While that may not seem like much (and it has been a few years since most network engineers were worried about CPU overhead for NetFlow exports), older hardware and network OS versions may be more sensitive to having multiple flow exporters configured.

A few weeks ago, members of Mezmo were at Kubecon and attended several sessions. You can see a post with my recap and session highlights. Today, though, I’m going to discuss three sessions that my colleagues found interesting for our peers in Observability.

IIS (Internet Information Services) is a web server developed by Microsft, shipped as a part of the Windows Server services. It’s used to host and manage web applications and services. IIS is a particularly robust web server solution that is tightly integrated with the Windows operating system, making it a natural choice for organizations that rely on other Microsoft products.