CertKit Agent 1.8: Windows RDP, Windows Certificate Store, and Java keystores
We release some good stuff this week with the CertKit agent version 1.8 from our roadmap, along with some small usability fixes in the CertKit web application.
Operations | Monitoring | ITSM | DevOps | Cloud
The Place Where Modern Operations & Technology Come Together
The latest News and Information on CyberSecurity for Applications, Services and Infrastructure, and related technologies.
Introducing kosli evaluate: Rego Policy Evaluation for Your Compliance Data
If you’re evaluating compliance controls against your Kosli trail data today, there’s a good chance you’ve written some glue code to make it work. A script that pulls trail data from the API. Another that downloads attestations one by one. Something that mangles the JSON together into a shape that your chosen compliance engine can evaluate. And then that engine itself, whether it’s OPA, a custom Python script, or something else, installed and configured in your pipeline.
Why True Operational Security Requires an Unmanaged Cloud VPS
When deploying infrastructure for sensitive communications, penetration testing, or privacy-centric applications, your threat model must account for the human element. Handing over the root access of your server to a "managed" hosting provider fundamentally breaks that model. In 2026, serious security practitioners know that true OPSEC cannot exist in an environment where support staff have administrative backdoors into your operating system.
Sponsored Post
From Silos to Collaboration: How to Democratize Data in Product Analytics
Companies who develop software products generate massive quantities of product performance and user engagement data that can be analyzed to support decision-making about everything from feature planning and UX design to sales, marketing, and customer support. Leveraging product data throughout the enterprise represents a significant opportunity to achieve a competitive advantage, but challenges like siloed data systems, poor data literacy, and the complexity of data analytics in the cloud can prevent organizations from making full use of their raw data.
Why Authorization Management in Microsoft Dynamics Is a Security Gap Most IT Teams Overlook
Enterprise security strategies tend to focus on perimeter defense. Firewalls, endpoint protection, email filtering and network segmentation receive the bulk of attention and budget. Those investments are justified. But they create a blind spot in environments where the real risk sits inside the system, not outside it. Microsoft Dynamics 365 and Business Central are used by thousands of organizations to manage finance, procurement, inventory and customer data. The users who access those systems every day have permissions that determine what they can see, change, approve and export.
It's Time to Rethink Untrusted Code in Your Pipeline | Harness Blog
The catastrophic TeamPCP exploit in March 2026 demonstrated that "open execution" models, in which third-party code runs with full privileges, have made CI/CD pipelines a primary target for global credential harvesting. There are better architectures. On March 19th, the risks of running open execution pipelines — where what code runs in your CI/CD environment is largely uncontrolled — went from theoretical to catastrophic.
Let's Encrypt simulated revoking 3 million certificates. Most ACME clients didn't notice.
On March 19th, Richard Hicks, one of our customers, emailed us about a certificate that had renewed after only a week. It was a 90-day certificate and he had not initiated the renewal. That’s the kind of thing that sends you straight to the logs. We found the answer right away. The certificate’s ARI renewal window had been shortened dramatically.
How to Harden Ubuntu SSH: From static keys to cloud identity
30 years after its introduction, Secure Shell (SSH) remains the ubiquitous gateway for administration, making it a primary target for brute force attacks and lateral movement within enterprise environments. For system administrators and security architects operating under the weight of regulatory frameworks like SOC2, HIPAA, and PCI-DSS, default SSH configurations are an “open door” that represents an unacceptable risk.
Mastering CompTIA Security+ SY0-701 Certification for a Strong Cybersecurity Career
Cybersecurity has become one of the fastest-growing fields in the IT industry, and earning a globally recognized certification is one of the best ways to enter this domain. The CompTIA Security+ certification is widely respected because it validates essential skills in risk management, network security, cryptography, and threat detection. This certification is especially valuable for beginners and intermediate IT professionals who want to build a strong foundation in cybersecurity principles and practices.