Operations | Monitoring | ITSM | DevOps | Cloud

According to a recent study, 96% of applications in the enterprise market use open-source software. As the open-source landscape becomes more and more fragmented, the task to assess the impact of potential security vulnerabilities for an organisation can become overwhelming. Ubuntu is known as one of the most secure operating systems, but why? Ubuntu is a leader in security because, every day, the Ubuntu Security team is fixing and releasing updated software packages for known vulnerabilities.

Coronavirus is changing everything. But amid all the talk of shut-downs, quarantine, and stock market crashes, another huge impact of the current crisis has been a little overlooked: it’s consequences for cybersecurity. With hundreds of thousands of employees now working from home – in the US, Europe, and all over the world – many companies have had to rapidly put in place systems for them to connect their home devices to corporate networks.

A unified cloud infrastructure data model is fundamental for enterprises using multiple cloud vendors. Enterprise customers prefer to use multiple cloud vendors as a way to prevent being locked in and dependent on specific platforms. According to Gartner the top vendors for cloud infrastructure as a service in the years 2017-2018, are Amazon 49.4%, Azure 12.7% and Google with 3.3%.

It’s now day 3 since UK PM Boris Johnson instructed the nation to stay at home and begin self-isolating and remote working to limit the spread of Covid-19. We’re all starting to realise life may not be going back to ‘normal’ anytime soon. Aside from our nation’s unsung heroes (the NHS, Supermarket Staff, Teachers, Postal Workers, Waste Collectors, the list goes on – thank you!), many are now turning to remote working.

We are thrilled to let you know that Uptrends is now certified ISO 27001 compliant. The ISO (International Organization Standardization) sets security requirements that a company must meet before an accredited auditor can grant the certification. If you’re familiar with the certification process, you know that it takes a considerable amount of time and work; however, the benefits that it brings for our company and our clients are worth the effort. Let’s take a look.

Security information and event management, or SIEM, has become part of the vocabulary of every organization. SIEM solutions gather events from multiple systems and analyze them—both in real time and through historical data. SIEM costs—as cyber security costs in general—can be high, but there is a tradeoff if you opt for the FOSS route (free and open source solutions).

Container use continues to grow, and Kubernetes is the most widely adopted container orchestration system, managing nearly half of all container deployments.1 Successful integration of container services within the enterprise depends heavily on access to external resources such as databases, cloud services, third-party application programming interfaces (APIs), and other applications. All this egress activity must be controlled for security and compliance reasons.

Last month, we hosted a webinar, Hunting for persistence using Elastic Security, where we examined some techniques that attackers use in the wild to maintain presence in their victim’s environment. In this two-part blog series, we’ll share the details of what was covered during our webinar with the goal of helping security practitioners improve their visibility of these offensive persistence techniques and help to undermine the efficacy of these attacks against their organization.

Uh oh, the site’s certificate has expired. How do we generate a new one? Where’s the private key? Which servers need the new cert? What even goes in the cert? If this sounds all too familiar, rest assured you’re not alone. Outages due to expired certs are far too common and it happens to sites of all sizes (one recent example includes Microsoft Teams going down for several hours due to an expired cert). Disruptions like this are entirely preventable with proper monitoring in place.

Like many of my peers, my role as a Chief Security Officer (CSO) has dramatically changed as we work to understand and adapt to COVID-19. It’s hard to believe that just a few weeks ago, my mind was focused on things such as FedRamp and the California Privacy Act (CCPA), now the majority of my time is focused on ensuring our employees safety and productivity, so they can continue to deliver products and support our customers and partners.