Operations | Monitoring | ITSM | DevOps | Cloud

Modern applications come in a variety of forms–monoliths, microservices, serverless functions, and containers to name a few–but at the heart of all of these are processes. Processes are the fundamental unit of execution that we use to run programs, and although we need processes to run our applications, software engineers rarely think about them.

Imagine the scenario: you get an urgent call from one of your customers. All her files seem to be corrupted. And then there’s that email demanding payment via Bitcoin for restoration. She needs your immediate help to get her business up and running. Later on, she’ll demand to know how you let her business be vulnerable to this attack. You had installed firewalls, required strong passwords, and conducted email phishing drills—and still your customer was attacked.

December 7 started as a typical, but busy, pre-holiday weekday. This included a mix of booming online retail sales ($33.9 billion spent during cyber week), packages flooding delivery services, and high online traffic. But much of that quickly came to a crawl. An outage of the AWS us-east-1 cloud region changed the good fortune for many websites and applications and impacted the lives of consumers across the United States and parts of Europe.

The recent Apache Log4j vulnerability CVE-2021-44228 dubbed Log4Shell is a big deal. By now there is no shortage of blogs, other write-ups, and analysis about why this vulnerability is an urgent issue and why there is a very good chance it applies to your environment. Here are some of the articles that dive into the gory details on this CVE.

Last Thursday, a researcher from the Alibaba Cloud Security Team dropped a zero-day remote code execution exploit on Twitter, targeting the extremely popular log4j logging framework for Java (specifically, the 2.x branch called Log4j2). The vulnerability was originally discovered and reported to Apache by the Alibaba cloud security team on November 24th. MITRE assigned CVE-2021-44228 to this vulnerability, which has since been dubbed Log4Shell by security researchers.

We’re excited to share with you that we have launched a completely new way to start using the JFrog DevOps Platform that you – as a developer – will love. We’ve provided a super-easy, developer-friendly path to discovering how Artifactory and Xray can help you produce safer apps, faster, getting started through the command line shell and IDE that you use every day.

WebPageTest recently completed a year as part of the Catchpoint family (yes, we acquired a company during the pandemic). In the past twelve months, we have built an entire WebPageTest team to power the developer experience around web performance. We’ve also launched initial premium experiences on the platform. Our developer community continues to contribute to the beloved open-source version, as well as share best practices with other users.

Let’s get to the point about data management: Businesses need data, but accumulating too much can be detrimental. Data overcrowding can corrupt IT professionals, turning them into greedy hoarders. Being indigestible with excessive repeated, outdated or banal information, the so-called ROT data, is bad. Companies of the world! The Devil tempts you with Big Data! Something that, if too much, could be harmful! We tell you all about it in this article.

Interpreting data and making fast decisions is critical for any leader in today's business world. But how is it done? Everyone remembers the old way of doing things where analysts would manually crunch the numbers and give a final output. This business intelligence would be presented to their boss, and decisions would be made. This batch way of running numbers and presenting them is not sustainable due to the massive amount of manual effort involved to recompile datasets and present them properly.

In our last blog, "Splunk Cloud Self-Service: Announcing the Admin Config Service (ACS)" we introduced our modern, cloud-native API that is enabling Splunk Cloud Platform admins to manage their environments in a self-service fashion. In this blog, we take a look at our latest effort to empower our customers: ACS private app management.