Operations | Monitoring | ITSM | DevOps | Cloud

I recently found out Travis CI is ending its free-for-opensource offering, and looked at the alternatives. I recently got badly burned by giving an external CI service access to my repositories, so I am now wary of giving any service any access to important accounts. Github Actions, being a part of Github, therefore looked attractive to me. I had no experience with Github Actions going in. I have now spent maybe 4 hours total tinkering with it.

The Kinsing attack has recently been reported by security researchers, and it is well known for targeting misconfigured cloud native environments. It is also known for its comprehensive attack patterns, as well as defense evasion schemes. A misconfigured host or cluster could be exploited to run any container desired by the attacker. That would cause outages on your service or be used to perform lateral movement to other services, compromising your data.

Elasticsearch was designed to allow its users to get up and running quickly, without having to understand all of its inner workings. However, more often than not, it’s only a matter of time before you run into configuration troubles. Elasticsearch is open-source software that indexes and stores information in a NoSQL database and is based on the Lucene search engine. Elasticsearch is also part of the ELK Stack.

For those on an ITIL journey, ServiceNow appears to be the service to beat. ServiceNow has tremendous flexibility and thousands of different workflows to support your business. And if you’re using SCOM to populate your CMDB, you’re leaps and bounds ahead of the average organization. Sadly, that flexibility comes with the cost of being stuck inside of the ServiceNow web interface.