Since 2003, with the sponsorship of the U.S. Department of Homeland Security (DHS), October has been recognized as National Cyber Security Awareness Month. As with other important issues that have “designated months,” like Bullying Prevention Month and Domestic Violence Awareness Month (both also recognized in October), these are issues that deserve year-round attention, not limited to 31 days in October.

DevSecOps combines the responsibilities of development, security and operations in order to make everyone accountable for security in line with the ongoing activities conducted by development and operations teams. DevSecOps tools serve to assist the user in minimising risk as part of the development process and also support security teams by allowing them to observe the security implications of code in production.

When working with CFEngine, it’s common to hear advice about separating data from policy. Separating data from policy allows for separation of concerns, delegation of responsibilities and integration with other tooling. Each organization is different, and a strategy that works well in one environment may not work as well in a similar environment of another organization, so CFEngine looks to provide various generic ways to leverage external data.

The Domain Name System (DNS) makes it possible for users to access websites using domain names, like wikipedia.org, in place of nine-digit IP addresses. Due to its ubiquitous nature, DNS can be used to block access to selected websites, which is commonly known as DNS filtering. Many companies see security and productivity benefits from implementing this strategy where appropriate. Read on as we explore some of the key details around how DNS filtering works and how it can be beneficial.

Kibana is the most popular open-source analytics and visualization platform designed to offer faster and better insights into your data. It is a visual interface tool that allows you to explore, visualize, and build a dashboard over the log data massed in Elasticsearch clusters. An Elasticsearch cluster contains many moving parts. These clusters need modern authentication mechanisms and they require security controls to be configured to prevent unauthorized access.

This is the first of a four-part security blog series covering why ScienceLogic is listed in the DoDIN APL catalog, what this means for monitoring critical IT infrastructure, and why APL certification is relevant for all organizations. Part one is all about trust and transparency—foundations for a secure platform.

The new year is just around the corner, meaning we’ll be ringing in 2022 before we know it. So how did your MSP fair in 2021? Did you achieve the sales and revenue goals you set? Net new customer acquisition continues to be the #1 challenge facing MSPs today. And because most businesses already have an MSP they are using, the struggle is real. So the test becomes, how can I set myself apart?

Containers have changed how applications are developed and deployed, with Kubernetes ascending as the de facto means of orchestrating containers, speeding development, and increasing scalability. Modern application workloads with microservices and containers eventually need to communicate with other applications or services that reside on public or private clouds outside the Kubernetes cluster. However, securely controlling granular access between these environments continues to be a challenge.

A common cliché in cybersecurity is, it’s not a question of if you get attacked, but when. We witnessed this firsthand when our former parent company was part of a major attack last year. While N-able products weren’t affected, it was difficult to watch friends and colleagues deal with the aftermath of an event of that magnitude.

The cloud not only ushered in a different way of developing and deploying software, but it also introduced a fundamentally different security reality, presenting new challenges to teams responsible for keeping environments secure. Designed to be dynamic, cloud environments can be in a near-constant state of change, with infrastructure resources spun up and down multiple times a day to support cloud applications.