Operations | Monitoring | ITSM | DevOps | Cloud

Security

The latest News and Information on CyberSecurity for Applications, Services and Infrastructure, and related technologies.

Docker scanning for Jenkins CI/CD security with the Sysdig Secure plugin.

In this blog post we’ll cover how to implement Docker Scanning for Jenkins with the Sysdig Secure Jenkins plugin. The plugin can be used in both freestyle and pipeline jobs to scan images and fail the build if the image fails a policy evaluation.

CloudReady Single Sign-On SAML Integration

Exoprise recently released support for Security Assertion Markup Language (SAML) 2.0 integration to enable CloudReady Single Sign-On (SSO) for user access to CloudReady. Exoprise always supported testing and monitoring web-based SSO like ADFS, Ping, & Okta but had not gotten around to finishing our integrated SAML support – well wait no longer – its here! No more letting users manage passwords in CloudReady unless you want to.

Scanning images in Azure Container Registry.

With the 2.0 release of Sysdig Secure, we’re excited to support new integrations with services Azure provides around containers and Kubernetes. Today we’ll be diving deeper into how to integrate Sysdig Secure with ACR (Azure Container Registry) to scan images for for security, compliance, and reliability.

Simplifying security auditing, Part 4: Securing web servers

Web servers are front-end facing applications that are vital for the daily operations of businesses. They are subject to attacks such as SQL injection, malicious URL requests, and the age-old classic, denial of service (DoS) attacks. While there are specialized web application security solutions that you can (and should) deploy, auditing web server logs is just as important for ensuring your web servers are secure and always up and running.

Restricting CFEngine to one CPU core using Systemd

In some performance critical situations, it makes sense to limit management software to a single CPU (core). We can do this using systemd and cgroups. CFEngine already provides systemd units on relevant platforms, we just need to tweak them. I’m using CFEngine Enterprise 3.12 on CentOS 7, but the steps should be very similar on other platforms/versions.

Simplifying security auditing, Part 3: Keeping insider threats in check

Insider threats are on the rise. In fact, both administrators and average employees are among the biggest security threats in an organization. When it comes to security auditing, there are two areas you need to focus on: Active Directory changes and individual user activity, particularly administrator activity.