Operations | Monitoring | ITSM | DevOps | Cloud

It’s that time again; we’re really happy to announce Calico v3.21! As always, thank you to everyone who contributed to this release! For detailed release notes, please go here. Alongside the usual-but-essential bug fixes and other improvements, there are some big new improvements to be aware of.

Cloud-native transformations come with many security and troubleshooting challenges. Real-time intrusion detection and the prevention of continuously evolving threats is challenging for cloud-native applications in Kubernetes. Due to the ephemeral nature of pods, it is difficult to determine source or destination endpoints and limit their blast radius. Traditional perimeter-based firewalls are not ideal fit for Kubernetes and containers.

In my previous post, Native SQL Server Backup Types and How-To Guide, I discussed the main types of native SQL Server backups and various backup options. Backups are critical to restoring databases quickly, but there isn’t much benefit to having backup files sitting around if you aren’t prepared and know when and how to perform the restores.

As developers, we’re passionate about creating and delivering high-quality software to our end-users and customers. Simply knowing that our software was shipped, deployed, and is being used is a great achievement. And it looks like we did a good job. Everything around us in our lives depends on high-quality software. Software needs to run for us to get water, energy, electricity, transportation, food, etc. Developers have a huge responsibility to keep this software updated and running efficiently.

The JFrog Security research team continuously monitors popular open source software (OSS) repositories with our automated tooling to report vulnerable and malicious packages to repository maintainers. Earlier this year we disclosed several malicious packages targeting developers’ private data that were downloaded approximately 30K times. Today, we will share details about 11 new malware packages that we’ve recently discovered and disclosed to the PyPI maintainers (who promptly removed them).

Do you remember when all applications were on-premises applications? Do you remember quarterly BSA (The Software Alliance) audits and press releases that identified companies for being out of compliance? Do you remember when big software manufactures were in the news because they were auditing school districts for software compliance? Have you read about any of this recently? Probably not.

There’s something common between AVD and eG Enterprise. Can you take a wild guess? Listening on open TCP ports is an extremely bad practice for cloud architectures, as it exposes products and services to accepting incoming messages from malicious parties. This is something eG Innovations avoids in our own products (see details). This is also a best practice adopted by Microsoft for Azure Virtual Desktops (AVD).

Outages on the Internet always catch you by surprise, whether you are the end user or the Head of SRE or DevOps trying to keep a clear mind while you execute your incident playbook. As people in charge of ensuring reliable services for our customers, our normal experience of outages involves surfing a deluge of fire alarms and video calls as we work to solve the problem as quickly as we can. We often forget, therefore, what an outage means to the end user.

We are super excited to release the second Release Candidate of Icinga DB! This release comes after many hours, days and months of experimenting, re-thinking and rebuilding our own code and marks a huge step towards a new data backend for Icinga.