Operations | Monitoring | ITSM | DevOps | Cloud

Security

The latest News and Information on CyberSecurity for Applications, Services and Infrastructure, and related technologies.

Comparing Docker Security tools

There are quite a few Docker security tools in the ecosystem; how do they compare? Everyone starts with image vulnerability scanning, but that's just the beginning and usually stops where your CI/CD pipeline ends. That’s why we created this extensive list of 20 container and Docker specific security tools that can help keep containers secure in production.

Security Through Automation

Today’s approach to securing IT infrastructure is passé. In a dynamic world of unpredictable and often frequent infrastructure changes, the traditional approach to security falls short. It is no longer sufficient to just scan frequently for vulnerabilities and then try to interpret this data in real time without (human) error. Additionally, despite smart analytics, this approach to illuminating security issues and remediating them is extremely time consuming.

User Story: The CloudSploit CloudFormation Scanning API

At CloudSploit, one of our biggest satisfactions is learning more about how our users actually use our product. While we can look at charts, graphs, and usage statistics, nothing beats an actual walkthrough by an enthusiastic user who has incorporated CloudSploit into his or her company’s architecture.

The Importance of Continual Auditing in the Cloud

The concept of “the cloud” is an amazingly powerful and novel solution for many providers and users. The idea of shifting from physical infrastructure to the digital space is an attractive one, especially when consideration is given to the impact of such a migration in terms of economy, ease of access, and ease of use. Due to this alluring nature, many organizations have rushed to adopt cloud-based solutions in recent years, and have garnered a large amount of success.

My Let’s Encrypt mistake

SSLping was born as a side project. It’s useful to people, which is cool, but today it was also helpful to me! I use it to monitor my HTTPS websites. This morning, my own SSLping project sent me an email about how my website https://hire.chris-hartwig.com is about to expire (in 10 days): it’s using Letsencrypt, and it’s been 80 days since I installed the cert.