Operations | Monitoring | ITSM | DevOps | Cloud

Machine learning has become an important component of many applications we use today. And adding machine learning capabilities to applications is becoming increasingly easy. Many ML libraries and online services don’t even require a thorough knowledge of machine learning. However, even easy-to-use machine learning systems come with their own challenges. Among them is the threat of adversarial attacks, which has become one of the important concerns of ML applications.

Manually managing groups on a large infrastructure can be a tedious task, and is therefore best suited through automation software like CFEngine. Unfortunately - at time of writing - CFEngine does not have any built-in promise types for managing groups. But fear not; in CFEngine 3.17, custom promise types were introduced.

Cybersecurity Awareness Month, now in its 18th year, is an opportunity to highlight the continually escalating conflict that is, for the most part, hidden from the public – unless it becomes media-worthy. Every day, those who are responsible for security (IT staff, threat and security analysts to CISOs) face new challenges. Digital transformation has accelerated at hyperspeed because organizations are focused on adjusting to COVID-19 disruptions.

Achieving comprehensive security for the products delivered and deployed by organizations is becoming more difficult, due to a variety of factors. A key one is the growing volume, variety and complexity of software and connected devices in use. Another is the overwhelming risk of inherited software supply chain exposures. The result: Companies struggle every day to provide software with optimal security and protection against malicious activities, takeovers, data theft, and commercial sabotage.

Typically, an infrastructure is made up of numerous critical services which should not be exposed to everyone. In this blog by Uzziah, learn how Cloudflare Access enables you to protect internal services that you’d rather not expose to everyone.

The Forge team at Puppet has been hard at work for the past few months building out a malware scanning framework in order to help folks be more proactive about their security posture. Now, to be clear, this doesn't replace your own security mitigations. You should still audit untrusted code. You should still run your own virus protections. There are many layers in a robust security profile, and this is only one of them.

Making security an intrinsic part of a DevOps pipeline is a “must-have” for organizations looking to secure their applications earlier in the development process. The combination of JFrog Artifactory and JFrog Xray enables organizations to build security into all phases of their software development lifecycle, so they can proactively detect and mitigate open source software (OSS) security vulnerabilities and license compliance issues that impact their software.

Digital workplace solutions have played a huge role in streamlining the shift to remote work. It has improved the employee experience and organizational productivity and made work-from-home almost as smooth as in-office work. While it has certainly made work life easier for both employees and managers alike, from a cybersecurity standpoint, having a single integrated interface with all the data from the organization in one place leaves the company vulnerable.

Recently, I started to read the invaluable book Software Engineering at Google. It’s a great book by Google, describing their engineering practices across many different domains. One of the first chapters discusses the matter of making a “scalable impact,” which I find very interesting, and something that I believe has been overlooked by many organizations.