Many of our customers rely on the Amazon Web Services (AWS) Well-Architected Framework as a guide to build safe, secure, and performant applications in the cloud. AWS offers the Well-Architected Review (WAR) Tool as a centralized way to track and trend adherence to Well-Architected best practices. It allows users to define workloads and answer a set of questions regarding operational excellence, security, reliability, performance efficiency, and cost optimization.

2020 is nearly over, and we’d like to take a couple of minutes to reflect on our year as well as provide a sneak peek into what you can expect from us in 2021. Although it has been a year full of distractions, the CFEngine team has continued to make significant strides when it comes to product improvements and new features that help our users.

The Domain Name System (DNS) is a naming system for computers, services, or other resources connected to the Internet or a private network. DNS translates domain names to the numerical IP addresses needed for locating and identifying computer services and devices. For decades It’s been an essential component of the Internet. It’s an essential part of Kubernetes as well, and is used to determine how workloads connect to Kubernetes services as well as resources outside the cluster.

The FireEye breach on Dec 8, 2020, was executed by a “nation with top-tier offensive capabilities.” These hackers got a hold of FireEye’s own toolkit, which they can use to mount new attacks globally. What does this mean for you? Mandiant is a leading Red Team/Penetration Testing company with a highly sophisticated toolkit, called the "Red Team tools." These are digital tools that replicate some of the best hacking tools in the world.

One of the lasting changes brought about by the COVID-19 pandemic is that it forced organizations to rethink the concept of a workspace. As remote work became inevitable, IT teams had to enable the secure transition to remote work almost overnight. Opening up offices, on the contrary, will likely be executed in planned phases. A United States Department of State advisory recommends that workforces return to an office in three phases, with the employees most at risk coming in at a later stage.

Cloud environments are always susceptible to security issues. A significant contributor to this problem is misconfigured resources. Traditional IT Infrastructure was somewhat static; server hardware only changed every few years. With few changes occurring, security was also more static. The modern cloud environment is a much different challenge. In cloud environments, servers, services, and storage are created with automation, resulting in a dynamic and potentially ever-changing server environment.