The latest News and Information on CyberSecurity for Applications, Services and Infrastructure, and related technologies.
Recently we introduced new feature where you can trigger agent runs and report collection from the Mission Portal UI. This required our daemon cf-execd to behave a bit differently when periodic agent runs occur. Previously the daemon would create a new thread in which to run cf-agent, capture output, wait for completion and move on. We changed the behavior so that the daemon forks itself and then fork/execs cf-agent as before, with the forked cf-execd processing agent run output.
A while back we released version 2 of cfbs, and even though we release versions of this tool quite frequently, without announcing it on the blog, we thought this was a good opportunity to talk a bit about the tool, what’s new and our direction with it in the future. The reason why we called this the “2.0” release is that we are trying to follow semantic versioning, and there were some big new features in the release which could be considered breaking changes.
Project Calico has offered a production-ready data plane based on eBPF since September 2020, and it’s been available for technical evaluation for even longer (since February 2020). The pre-requisites and limitations are simple to review, it’s easy to enable, and it’s easy to validate your configuration. So, there’s never been a better time to start experiencing the benefits! You do know what those are, don’t you? Don’t worry if not!
Cybersecurity is on the mind of every business leader, and for good reason: The number of data breaches rose 24% between 2020 and 2021, according to global ThoughtLab research co-sponsored by ServiceNow. Organizations everywhere need advanced security programs to navigate today’s fluid threat landscape. Here are three ways to help do that: 1. Create a framework Customers are increasingly concerned about data security.
Node.js is one of the best and most widely used Javascript runtimes used for building APIs. But, this popularity status has led to many hackers distributing insecure modules that exploit the Node.js application or provide a weak point for exploitation. In this tutorial, you will learn how to audit Node.js modules and also detect vulnerabilities in modules using npm audit.
Moving workloads to the cloud has many benefits, and one that is often overlooked is the opportunity to modernize your network. In a traditional “perimeter-based” architecture, users and devices are authenticated and authorized on a device-by-device basis when connecting remotely via VPN.
Errors are an inevitable part of building software. But while you can't eradicate them, you can definitely mitigate them. If you don't measure, track or resolve errors, you're ignoring a loss in revenue. It's time to pay attention to how much software errors are costing your company and take action, catching them early with methods like smarter testing and crash reporting. Using a few industry averages, you can put a number to the real cost of software errors in your company and start to plug cash leaks like wasted developer time and lost customers.
