Operations | Monitoring | ITSM | DevOps | Cloud

SSO is often accomplished by using Lightweight Directory Access Protocol (LDAP). While LDAP has a variety of use cases, in this post, I’ll focus on authentication — specifically, how to use LDAP authentication for single-sign on (SSO) with Sensu Go. First off, a quick overview of Sensu authentication.

Using open source code makes it easier to build applications, but the freely available nature of open source code introduces the risk of pulling potential security vulnerabilities into your environment. Knowing whether or not customers are actually accessing the vulnerable parts of your application is key to triaging security threats without spending hours fixing an issue that doesn’t affect end users.

Stormshield and SonicWall are popular firewalls used to monitor network traffic for malicious actors. Firewalls can help detect all kinds of attacks, like brute force logins, DDoS, and SQL Injection, but they just make up a piece of the security puzzle. Most teams will have many other security tools that address different kinds of vulnerabilities and attacks.

As a Senior Solutions Engineer helping customers deploy cloud-native technologies, I have been using Docker and Rancher for more than five years. Heck, I even helped steer Rancher for offline use when it was the 0.19 release. I have loved the product and company for YEARS. We all know how complicated it is to set up Kubernetes, and customers love Rancher because it simplifies that rollout.

The conventional monitoring solution focussed primarily on analysing the performance of the network. Gradually, the scope of such tools increased and they are now packed with a host of security features. Focus is now more towards Forensic analysis, security threats analyzer, TCP analyzer, Firewall monitoring, Auditing and Compliances. So, how do you know which network security monitoring tool is essential for you? Which technique will provide the best ROI for your business?

Common Vulnerability Scoring System (CVSS) scores have been viewed as the de facto measure to prioritize vulnerabilities. Vulnerabilities are assigned CVSS scores ranging from one to 10, with 10 being the most severe. However, they were never intended as a means of risk prioritization. If you’ve relied on CVSS scores alone to safeguard your organization, here’s why you’re probably using them incorrectly.

An Elastic Security Advisory (ESA) is a notice from Elastic to its users of a new Elasticsearch vulnerability. The vendor assigns both a CVE and an ESA identifier to each advisory along with a summary and remediation details. When Elastic receives an issue, they evaluate it and, if the vendor decides it is a vulnerability, work to fix it before releasing a remediation in a timeframe that matches the severity.