Operations | Monitoring | ITSM | DevOps | Cloud

Continuous Delivery for Puppet Enterprise (PE) is a tool for streamlining and simplifying the CI/CD process of your Puppet code. Continuous Delivery for PE offers a prescriptive workflow to test and deploy Puppet code across environments. ServiceNow includes a powerful Flow Designer. Why not combine Continuous Delivery for PE pipelines with the ServiceNow Flow Designer to improve and automate your change management process even further?

On March 29, 2022, a critical vulnerability targeting the Spring Java framework was disclosed by VMware. This severe vulnerability is identified as a separate vulnerability inside Spring Core, tracked as CVE-2022-22965 and canonically named “Spring4Shell” or “SpringShell”, leveraging class injection leading to a full remote code execution (RCE).

This last decade has seen abundant changes in the way businesses operate. Digital transformation is no longer a new term, however, is still relevant. It has resulted in virtual establishments superseding the popularity of brick and mortar setups, becoming the prime choice of business operations.

In today’s digital environment, no company is immune to cyberattacks. In fact, more than one-third of organizations worldwide have experienced a ransomware attack or breach that blocked access to systems or data, according to IDC.1 From the Capital One incident to the SolarWinds attack, businesses and organizations of all facets and sizes are at the forefront of such threats.

The cloud is easy and powerful—until it’s not. Once companies have customers, commitments, and compliance concerns, they often have to create cloud operations teams to manage the cloud on behalf of their fellow employees. Often, organizations that migrate to the cloud find themselves hampered by inefficient cloud operations if they haven’t standardized their IT procedures for operability.

Since 2018, General Data Protection Regulation (GDPR) has been on everyone’s lips – and for good reason. It’s the gold standard for consumer protection. While privacy laws present challenges to enterprises big and small, we can’t escape the reality that consumer data is constantly mined and sold.

Gartner recently released a report highlighting the top trends in cybersecurity for 2022. They discuss how businesses must reframe their security practices, rethink their technology, and adopt new responses to modern threats. This is in line with DevSecOps trends that we see in the market and hear about from our customers. Companies that are working in this way are taking a more holistic approach to cybersecurity by adopting tools that speed up and, when possible, automate security.

During major incidents, it’s crucial that all stakeholders are provided with the status updates they need. Those communications however need to be tailored to what the stakeholder actually needs, and provided in a streamlined format that works best for them. Just like alert fatigue, communication fatigue can be detrimental during an outage or other service reliability issue.

Software programs today can be likened to a complex stew, with multiple ingredients sourced from disparate places. In software, open-source tools are a major ingredient. According to the 2020 Open Source Security and Risk Analysis (OSSRA) report produced by the Synopsys Cybersecurity Research Center, 99 percent of the codebases contain at least one open source component, with open source comprising 70 percent of the code overall.

Go, an open-source programming language backed by Google, makes it easy to build simple, reliable, and efficient software. Go’s efficiency with network servers and its friendly syntax make it a useful alternative to Node.js. All network applications need well-tested features, and those developed in Go are no different. In this tutorial, we will be building and testing a simple Go blog.