March 2021


Five worthy reads: The unexpected costs following a cyberattack

Five worthy reads is a regular column on five noteworthy items we’ve discovered while researching trending and timeless topics. In this edition, we’ll learn about the worst data breaches that happened recently, their impact, and the cost of data breaches for companies. The COVID-19 pandemic has not only had an impact on the mental and physical health of employees, but on the digital health of organizations around the world.


Collect Amazon CloudWatch metrics faster with Datadog using CloudWatch Metric Streams

Having quick access to metrics and health signals from your AWS environment is paramount to identifying issues expediently and monitoring the effects of any deployed fixes. Datadog is proud to partner with AWS for the launch of CloudWatch Metric Streams, a new feature that allows AWS users to forward metrics from key AWS services to different endpoints, including Datadog, via Amazon Kinesis Data Firehose with low latency.


4 team culture tips to improve retention in Customer Support

It is no news that team culture can impact staff retention, happiness and productivity. Gallup found that engaged employees were 59% less likely to search for a new job in the next 12 months. This is especially true for Customer Support teams who are on the front-line, dealing with customer issues, complaints and queries each day. Without a solid team culture around them to help them through the challenges, many will opt to move on.


Application security automation for GitHub repositories with Snyk

Snyk provides a wide array of integrations and a pretty comprehensive API to enable you to deploy Snyk across the SDLC and monitor all the code your organization is developing. Of course – this is not always simple. At scale, ensuring Snyk is monitoring all your repositories becomes more challenging. As you grow, more code is added in the shape of new repositories. Not only that, existing repositories keep on changing.


How to choose the best enterprise Kubernetes solution

While containers are known for their multiple benefits for the enterprise, one should be aware of the complexity they carry, especially in large scale production environments. Having to deploy, reboot, upgrade or apply patches to patches to hundreds and hundreds of containers is no easy feat, even for experienced IT teams. Different types of Kubernetes solutions have emerged to address this issue.


Redscan research suggests cyber security improvements in the NHS despite COVID pressures

The scale of the challenge facing the healthcare sector, even before COVID-19, was significant. In 2020, it became even more pressing with constant reports of critical infrastructure being targeted by cybercriminals. To understand the unique challenges within the NHS, we submitted a Freedom of Information (FOI) request to every trust in the UK.* The results, when compared with those in relation to a previous request in 2018, suggest improvements in cyber security across the NHS. Key Findings


Top In-Demand Cybersecurity Skills in the Upcoming Years

Hey there, We recently ran a series of webinars* on how different-sized cybersecurity teams modernized their security operations and embedded polling questions within the webinars to gather some feedback. A set of possible answers was selected based on the ENISA NIS Investments report. In this blog post I’d like to share the results of the polls and the conclusions we can draw from them.



Is it important to your customer to understand the distinction between IT Operations Management (ITOM) and IT Service Management (ITSM)? Most likely not. Your customers are only concerned with how quickly you solve their problems. It makes no difference to them which application or infrastructure you use. So why should you, as an organization, be concerned about the meaning of these concepts, how they align, how they differ, and why they matter?


How we approached IT incident predictions through chaos theory

In this blog, we have introduced the basics of chaos theory and complex systems, including how system incidents and failure prediction have been tackled in the past through deep learning. We have also offered ideas on how chaotic time series analysis can be leveraged to approach this problem. IT teams in large technology companies spend years building networked systems and connected applications. Now, especially in the middle of a worldwide pandemic, software reliability is paramount.


Are we measuring customer experience (CX) the right way? 

Many of the current customer experience metrics used are failing. This is why some businesses who have good NPS scores still lose customers. So, what measures do we need to put in place to drive success? How important is it to make it easy for customers to interact with you? Perhaps we should be paying more attention to emotions and sentiment, as they can reveal more about the state of our relationships with customers and potentially offer clearer insights into customer behaviour.


Not knowing real time asset intelligence is a non starter

Complexity breaks correlation. Intelligence brings cohesion. This simple principle is what makes real-time asset intelligence a must-have for AIOps that is meant to diffuse complexity. To further create a context for the user, it is critical to understand service dependencies and correlate alerts across the stack to resolve incidents. CMDB systems have been useful to break down configuration items into logical layers. But, that’s not enough because they can become outdated very soon.


Exposing More Public Endpoints for Sending Metrics and Errors to AppSignal

Today, we launch a new feature: sending metrics and errors to AppSignal over our “Public Endpoint” API. AppSignal has many web frameworks, databases and background job frameworks automatically instrumented when you want to monitor a Node.js, Ruby or Elixir app. If you have code running on serverless architecture such as AWS Lambda, you can’t run our agent, so our standard integration with all of the out-of-the-box magic won’t work.


Role of Encryption in GDPR Compliance

Encryption has been a hot topic of discussion during the implementation phase of most data privacy laws. In the age where organizations are dealing with large volumes of data each day, the protection of this sensitive data is critical. The data, which is seen as a business-critical asset for organizations, should be protected against malicious hackers looking for opportunities to steal the data.


How Does Insider Threat Detection Work & Why is it Crucial?

Attaining a strong cyber security posture is a multi-layered process and includes various essential components. Among those, insider threat detection holds unignorable importance. Therefore, it is crucial to obtain a deeper understanding of what insider threat detection is. Basically, an insider threat is a security risk that’s originated within the boundaries of the organization itself. Unlike outside attacks, insider threats are mainly caused by employees.


Top Configuration Management Tools: Chef vs Puppet & More

In this latest consideration guide created to assist IT operators in which tools they choose for a range of different processes and activities, we’ve gathered a range of insights from some of our favourite specialists to take you through the essentials tools of configuration management. Configuration management is a systems engineering practise that ensures consistency of the configuration supporting both software and hardware of a company or product.


Cloudera Data Platform extends Hybrid Cloud vision support by supporting Google Cloud

CDP Public Cloud is now available on Google Cloud. The addition of support for Google Cloud enables Cloudera to deliver on its promise to offer its enterprise data platform at a global scale. CDP Public Cloud is already available on Amazon Web Services and Microsoft Azure. With the addition of Google Cloud, we deliver on our vision of providing a hybrid and multi-cloud architecture to support our customer’s analytics needs regardless of deployment platform.


The new Google algorithm update and what you need to do before May

In May 2021, Google will be putting their new algorithm live which will have a direct impact on your page rankings in their search engine. Unfortunately, no one can hide from this new algorithm change, it will affect everyone who owns a website, especially those that don’t adhere to the new changes that are coming. Google’s update is to further improve user experience on the web.


Transforming WebSphere ND on AIX to WebSphere Liberty containers using CloudHedge's App Modernization platform

In my last post (read here), we saw how CloudHedge enables enterprises to execute the transformation of WebSphere ND on Linux Apps to WebSphere Liberty Container in a non-intrusive way. As an addition to the previous post, this one talks about transforming WebSphere ND on AIX to WebSphere Liberty containers using CloudHedge’s App Modernization platform.


Log management left of boom

The phrase “left and right of boom” has been adopted by the cybersecurity industry as a way to talk about security measures before and after an incident. As we explained in session 3 of our Advanced Log Management Course, log management plays a critical role both left and right of boom. In this blog post, we’ll take a closer look at log management best practices left of boom. Next week, we’ll look at right of boom.


How To Conduct A Website Security Check

By one estimate, more than 30,000 websites get hacked every day. Viruses, malware, spam, and DDoS attacks constantly threaten your organization’s valuable information. Customers trust you to maintain website security; so how can you make sure your site is as secure as possible? Follow this website security checklist to make sure you have all your bases covered when it comes to securing your business site.


Four Ways to Reduce Patient Churn in Healthcare

Maximum patient satisfaction is achieved through an organization’s ability to provide effective and timely care. Healthcare staff realize that poor clinical care leads to dissatisfaction, frustration and ultimately, patient churn. To reduce patient churn, hospitals must focus on what matters the most—effective care team communication, collaboration and decision making. Patient loyalty and positive word of mouth ensures that an organization continues to generate revenue.

Intro to CircleCI Arm Compute Resource Classes

Arm Compute Resources Classes is a new feature in Preview from CircleCI which enables developers to execute CI/CD pipelines on Arm64 architectures. Join Angel Rivera, Senior Developer Advocate, and Alexey Klochay, Arm Compute Product Manager, both from CircleCI, to learn more about The Arm Compute preview program and how to easily implement them into CI/CD pipelines.

Resource check profile - Monitor Windows event logs and Linux syslogs

Monitor the internal resources in your server such as event logs and syslogs to monitor specific events across all Windows and Linux servers. Internet-facing systems constantly confront the risk of security hacks and data theft. While you're monitoring key performance metrics of your servers, keeping an eye out for security incidents is also necessary. This can be achieved through event log monitoring for Windows servers, and syslog monitoring for Linux servers.

Monitoring critical windows services and processes

Along with server performance metrics, such as CPU, disk, and memory usage, it is important to monitor the performance of each service and process running on the server to completely analyze the load on the system resources. This video shows how Site24x7 helps you achieve that. Say you're monitoring a Windows server with Site24x7. Along with tracking the performance metrics of the server, you can also track the performance of critical services like MySQL, Apache, and PostgreSQL, and processes like redis-server.exe.

Monitor dependency and alert suppression

A network outage triggers multiple redundant alerts and burns out your alert balance. Site24x7's monitor dependency configuration helps you effectively handle the alert flood during an outage. Let's say you're monitoring your server with Site24x7, along with a few plugins hosted in it. Any downtime faced by the server will also affect the plugins, resulting in a flood of alerts for the server and the individual plugins.

Six Essential "Must Haves" for Your IoT Deployment

Too many vendor-based IoT blogs and articles go like this: These basic tenets are obvious and generally well understood by anybody in the orbit of IT. Missing here, however, is what are the essential elements that are needed to get your Internet of Things (IoT) project off the ground. What should you be looking for or careful not to miss?


Getting Started with Elastic Cloud: A FedRAMP Authorized Service

Elastic Cloud is available for US government users and partners who want to harness the power of enterprise search, observability, and security to make mission-critical decisions. Elastic Cloud is FedRAMP authorized at Moderate Impact level so federal organizations and other customers in highly regulated environments can quickly and easily search their applications, data, and infrastructure for information, analyze data to observe insights, and protect their technology investment.


The 5 Best Marketing Project Management Software

As soon as you install Bitrix24, discover sections devoted to CRM, communications, contact center, tasks and projects, and websites. Switch to different view modes and fully customize your company social timeline. Import prior contacts, leads, deals, invoices, and other types of records and customize how they are displayed and who can see what information.


Comparing Real User Monitoring and Synthetic Transactions

Written by Nick Cavalancia, Microsoft Cloud & Datacenter MVP The need for visibility into service availability and delivery quality has led to the rise in interest in monitoring Microsoft’s Office 365 services from the user perspective. With two different approaches available, what value do they each bring?


How to configure services in Squadcast: Best practices to reduce MTTR

With a rise in digital platforms, IT infrastructure has grown exponentially complex to a level where multiple application interdependencies coexist with varied architecture & oncall team types. This blog looks at how you can model your infrastructure in Squadcast to reduce your time to respond & resolve incidents.

eg innovations

9 Things We Learned From the Digital Workspace Survey

The Digital Workspace Survey conducted by eG Innovations and xenappblog is one of the largest surveys of its kind, generating over 1,050 responses from IT professionals around the world. 62% of the respondents worked for organizations using digital workspaces for their employees. The remainder came from various types of organizations providing support for digital workspaces. Below are just a few highlights from the report which is packed with insights.


How to Improve Core Web Vital Scores

From May 2021, Google is using ‘Core Web Vitals’ as a brand new ranking signal. Google states that business owners should monitor and improve their scores to avoid damaging their organic SEO. In this blog, we will explain how to improve Core Web Vitals scores. To discover the specific issues affecting your users’ experience, we strongly advise having a Core Web Vitals audit.


How BigQuery helps scale and automate insights for baseball fans

When looking at data, business decision makers are often blocked by an intermediate question of "What should I take away from this data?" Beyond putting together the numbers and building the results, data analysts and data scientists play a critical role in helping answer this question. Organizations big and small depend on data analysts and data scientists to help “translate from words to numbers, and then back to words” as sports analytics pioneer Dean Oliver once said.


Feature preview: Trigger agent runs and report collection from Mission Portal

If you are debugging issues with a host, it is quite common to want to make changes to CFEngine policy, and speed up the process of fetching, evaluating and reporting for that host. You can do this by running cf-runagent and cf-hub from the command line, now we’ve brought this functionality into Mission Portal.

super monitoring

Bigleaf with Big Problems: Does It Have the Solutions?

Your business seeks a high-performance, flexible, cost-effective, and more secure alternative to Multiprotocol Label Switching (MPLS). Welcome to software-defined wide area networks (SD-WANs)! An improvement over legacy dedicated MPLS circuits, SD-WAN solutions deliver easily manageable networks with a high quality of service (QoS). Yet, your IT team tells you that SD-WANs aren’t cloud-optimized or mobile-device friendly.


Intro to exemplars, which enable Grafana Tempo's distributed tracing at massive scale

Exemplars are a hot topic in observability recently, and for good reason. Similarly to how Prometheus disrupted the cost structure of storing metrics at scale beginning in 2012 and for real in 2015, and how Grafana Loki disrupted the cost structure of storing logs at scale in 2018, exemplars are doing the same to traces. To understand why, let’s look at both the history of observability in the cloud native ecosystem, and what optimizations exemplars enable.


Choosing Open Wisely

Since Snowflake’s inception we’ve had the needs of our customers as our North Star, with a clear focus on security and governance of data, continuous advances on performance and reduction of latencies, and relentless capabilities innovation. As part of our product development, we constantly evaluate where open standards, open formats, and open source can help or hinder our progress towards those goals. In short, it is a matter of degree.


Building a Go-to-Market Strategy for Developer Tools

As a YC alum and co-founder of Mattermost, I often get asked by early stage YC companies about what it’s like to build a commercial open source business. With the start-up’s permission, we’ve started recording some of the Q&A sessions, transcribing them and sharing the more popular questions on the Mattermost blog in short form articles.


Avoiding npm substitution attacks using NCM

NodeSource is excited to announce its latest NodeSource Certified Modules - NCM - release. NCM, provides developers and software teams with actionable insights into the risk levels that are present in your use of third-party packages. This release includes updates to avoid npm substitution attacks and also a GitHub Integration: Code risk, compliance and security action for PRs on Node.js.


How to prepare for changes in the workplace

Transitioning back to the office is becoming more of a possibility with each coming day. But managing the transition can leave you feeling overwhelmed. Where do you start? How will work be different after a year of working remotely? And how will you balance management of a remote and in-person workforce? The ServiceNow on-demand Back to Work webinar series can help you prepare for changes in the workplace post-COVID-19 in four key ways.


What's new in Kubernetes 1.21?

This release brings 50 enhancements, up from 43 in Kubernetes 1.20 and 34 in Kubernetes 1.19. Of those 50 enhancements, 15 are graduating to Stable, 14 are existing features that keep improving, and a whopping 19 are completely new. It’s great to see old features, that have been around as long as 1.4, finally become GA. For example CronJob, PodDisruptionBudget, and sysctl support.


5 AIOps Trends for 2021

Recently, there has been a steep rise in the research and utilization of Artificial Intelligence (AI). While AI once seemed like nothing more than a fantasy from a sci-fi movie, AI technology is now very much a reality in our everyday lives. Artificial intelligence and machine learning are involved in many of our daily tasks, from search engines that finish your thought, to pulling up directions in Google Maps, and how your Facebook and other social feeds are so perfectly catered to your interests.


Back Again: The Mobile Endpoint Is Now the Policy Enforcement Point in the Everywhere Workplace!

Several years back before the COVID-19 pandemic hit and the work-from-home shift took hold, we wrote a blog about how the mobile-centric zero trust framework removed the traditional perimeter security controls to protect the corporate enterprise network and all connected endpoints from cybercriminals.

Create Users Within Veracode Security Labs or by Using Your Company SSO

In this video, you will learn how to create Security Labs users from within the Security Labs interface. Veracode Security Labs provides interactive training labs that give developers practical security knowledge. Security Labs teaches security and application security (AppSec) skills through hands-on experience. The lab-based approach to developer enablement can improve the time it takes to resolve findings and help developers avoid introducing flaws into the code.

Tech Talk : Sauce Performance

This is a Tech Talk around Sauce Performance with one of our main Software Engineers on the Sauce Performance product, Farhan Iqbalhusain Chauhan and the Product Manager, Ada Bogatek. Farhan goes into a full demo in detail of exactly how Sauce Performance works within the Sauce platform and Ada explains the benefits this will bring to your business and exactly why front-end performance testing is important.

Part 1: Omnichannel Self Service for B2B Customer Support

Self-service is still good customer service. Offering an option for customers to help themselves can give your customer support reps more time to focus on improving the big-picture aspects of your service strategy. And the right customer support software makes it easy to give customers what they want when they need it.


Splunk SOAR Playbooks: Conducting an Azure New User Census

In January and February of 2021, the threat actor called Hafnium used a number of post-exploitation tools after gaining access to Exchange servers through a zero-day exploit. One of their persistence methods was creating new user accounts in the domain, giving them the ability to log back into the network using normal authentication rather than use a web shell or continue to re-exploit the vulnerability (which has since been patched).

squared up

Getting started with Dashboard Server

SquaredUp Dashboard Server lets you and your team create beautiful dashboards, for any tool or data, that you can share with everyone in your organization. Here’s a quick introduction to the product where we show you exactly what you can achieve, in no time at all. Let’s start with the three tabs on the top left of the screen: Getting Started, Next Steps, and Sample Dashboards. We’ll run through them one by one.


Sumo Logic joins AWS to accelerate Amazon CloudWatch Metrics collection

We are excited to join AWS for the launch of Amazon CloudWatch Metric Streams; a fully managed, scalable, and low latency service that streams Amazon CloudWatch metrics to partners via Amazon Kinesis Data Firehose. AWS and Sumo Logic customers can now leverage AWS Kinesis Firehose for Metrics Source for streaming CloudWatch metrics into their Sumo Logic accounts, to help simplify the monitoring and troubleshooting of AWS infrastructure, services, and applications.


Delivering high-performing global APIs with Apigee X and Cloud CDN

Organizations are increasingly investing in digital businesses ecosystem strategies to foster innovation and operate efficiently. These ecosystems connect various stakeholders--such as partners, developers, and customers--via application programming interfaces, or APIs. APIs allow various software systems to interface, and are thus the primary mechanism of value exchange within these ecosystems.


Defining Zero Trust Data Protection

The biggest fundamental shift in the era of digital transformation is that data is no longer on a CPU that the enterprise owns. Security teams focused on cloud must invest in the right technology to achieve more complete data protection, and we all need to ensure Zero Trust principles are applied everywhere data needs protection. At Netskope, we describe this as Zero Trust Data Protection. In its simplest form, Zero Trust means: Don’t trust the things you do not need to trust.


How To Instantly Boost the ROI of Your Hybrid Cloud

Advertising tycoon David Ogilvy famously remarked, “Half the money I spend on advertising is wasted; the trouble is I don’t know which half.” Replace the word “half” with “one-third” and “advertising” with “public cloud” and you’d describe what enterprises are grappling with right now. They know that not all of the cloud resources they’re paying for are being used, but they don’t know which ones those are.

Navigating the 5G Edge - Xhaul, Slicing and MEC

5G architectures are groundbreaking on several fronts.  Disaggregated RAN, virtualized core, edge cloud capabilities, and network slicing can all be combined to address an entirely new generation of use cases that create opportunities for disruptive operators to gain revenue and market share.      Most of these new technologies must be deployed very close to the customer network edge and require a nimble toolkit of fronthaul transport solutions, MEC solutions, and network slicing orchestration across all components.  This session will discuss these new ‘edge-related’ capabilities and how they can work together to maximize mobile operator differentiation.

Integrating Logging into CI/CD

In my experience, pipeline monitoring and management is traditionally either left for the last developer who deployed, or unmonitored entirely. This lack of centralized monitoring and production-level resiliency can lead to significant development delays or even bring pipeline and train deliveries to a grinding halt. But we can do better.


SQL Server Problems? Try These Tips First

When SQL Server is having performance issues, giving you error messages, or just running slowly, you need to figure out the root cause of the problem before making any changes. Don’t jump to conclusions—make sure you get a big-picture view of the issue. Start with these five troubleshooting tips to optimize your SQL Server performance.


Scaling Software Supply Chains Securely

Software supply chains are mission-critical for digital businesses, and as global conditions accelerate the growth in contactless interactions and transactions, many organizations are reviewing how to solve the challenge of scaling the volume and velocity of their software development and release processes to meet the digital demand. The latest JFrog Platform release delivers a rich payload of new capabilities to scale and secure the software supply chain for digital businesses.


Networked testing: economic considerations and financial impacts

Should you build an in-house QA team, or should you rely on software testing companies? The conversation around insourcing versus outsourcing looks very different for quality assurance than for other teams like engineering or product management. These teams offer very clear ROI from insourcing unless we’re talking about some side project that keeps getting deprioritized in the backlog, like a new API.


Leveraging ETL to Enable your Domain Driven Design

How much do you know about Domain-Driven Design (DDD)? It's a design approach to software development where the language and structure of software code match the business domain. The concept comes from a 2003 book by Eric Evans. And it influences software architects, information architects, data engineers, and computer science professionals who organize code and solve some seriously stressful software problems. Domain-Driven Design is a super-successful concept with brilliant business logic benefits.


Spring forward with BigQuery user-friendly SQL

Spring is here. Clocks move forward. The Sakura (cherry blossom) festival in Japan marks the celebration of the new season. In India, the holi festival of colors ushers in the new harvest season. It’s a time for renewal and new ways of doing things. This month, we are pleased to debut our newest set of SQL features in BigQuery to help our analysts and data engineers spring forward.


Why Is Traceability Important?

Full traceability is critical for many organizations, particularly those who need to meet regulatory compliance in their industry or minimize risk. In this blog, we discuss the importance of traceability by examining four real examples of where a lack of traceability caused issues for organizations, in some cases proving very costly. Related blog >> What Is Traceability?


Medical device security in a pandemic world

The pandemic has put a lot of things on hold over the last year, but medical device security shouldn’t be one of them. The millions of medical devices that help keep people healthy—and in many cases keep them alive—have drawn mixed reviews from security experts since the internet happened. Even more so in the past year since the pandemic happened. There is just about unanimous agreement that the benefits of those devices outweigh the risks.


5 Online Shopping Security Tips to Protect Your Data

Protecting yourself when paying online is very important. It’s a scary thought, but fraudsters have lots of ways to sneak in and steal credentials, bypass security and make victims of online shoppers. As we have discussed previously on this blog, criminals don’t just rely on traditional “hacks” to exploit technology. Increasingly, bad actors are using sophisticated bots to exploit business logic in order to breach security and carry out attacks.


TeamTNT: Latest TTPs targeting Kubernetes (Q1-2021)

In April 2020, MalwareHunterTeam found a number of suspicious files in an open directory and posted about them in a series of tweets. Trend Micro later confirmed that these files were part of the first cryptojacking malware by TeamTNT, a cybercrime group that specializes in attacking the cloud—typically using a malicious Docker image—and has proven itself to be both resourceful and creative.

Episode 12 | Employee Training in a Virtual Environment

The pandemic has resulted in changing infrastructure for providing training to employees in this work from home limitation of large gatherings environment. This episode will feature a special guest to discuss how we partner to bring the highest level of security training to our clients – in a high-tech manner that we believe is best in class and exceedingly useful in today's environment.

The Future Is Now; ARM's AARCH64 on the Rise - with Instana

AARCH64, sometimes also referred to as ARM64, is a CPU architecture developed by ARM Ltd., and a 64-bit extension of the pre-existing ARM architecture, starting from ARMv8-A. ARM architectures are primarily known for their energy efficiency and low power consumption. For that reason, virtually all mobile phones and tablets today use ARM architecture-based CPUs.


Conversational AI Chatbots- The Best Solution for Your Customer Engagement

Conversational AI chatbots are a new vector of artificial intelligence use case that makes the user experience satisfactory, providing immediate response. This technology enables users to converse with applications through various means, such as via text, voice, touch, or gesture, which are closely the same as humans. Users find it much more impressive as they can communicate with their vocabulary and terminologies.


Monitoring custom metrics with Netreo

All too frequently system administrators and developers need to keep an eye on critical signals generated by their production systems. However, if these signals are highly specific in nature, tracking them can be tough. Most monitoring systems stick to tracking standard metrics emitted by servers hosting applications. But what happens if you need to monitor a number of specific customers that have signed up in the last hour and custom metrics?


On-boarding Remote Workers with Service Watch

It’s been more than half a year since I joined Exoprise. When Covid-19 struck last year, it became clear that companies would expand their hiring requirements beyond local regions and find suitable candidates (just like me!). Remote work and the requirement for on-boarding remote workers no longer became a luxury. This is reflected in job portals and HR sites such as Indeed and Glassdoor where they began to insert a new tag “Remote WFH Option Available”.


Azure security 101: Security essentials, logs, authentication, and more

“Where necessity speaks, it demands”. This old saying seems particularly apt right now with the pandemic forcing organizations to completely change the way they think about their IT networks. That rapid shift to remote work has resulted in a massive demand for cloud-based services.

Sysdig Adds Unified Threat Detection Across Containers and Cloud to Combat Lateral Movement Attacks

Sysdig introduces continuous CSPM to the Sysdig Secure DevOps Platform, multi-cloud threat detection for AWS and GCP, and a new free-forever cloud security tier. With 70% of cyberattack breaches utilizing lateral movement, Sysdig uniquely detects and responds to threats across cloud and containers.

What is a Compliance Risk Assessment?

As global regulations for data privacy and cybersecurity continue to proliferate, the pressure for organizations to manage compliance risk grows. To meet the demand for greater compliance risk management and value for corporate stakeholders, compliance professionals must be sure they have a thorough understanding of their compliance obligations and potential vulnerabilities.


How to Analyze Incidents Better with the Right Metrics

An important SRE best practice is analyzing and learning from incidents. When an incident occurs, you shouldn’t think of it as a setback, but as an opportunity to grow. Good incident analysis involves building an incident retrospective. This document will contain everything from incident metrics to the narrative of those involved. These metrics aren’t the whole story, but they can help teams make data-driven decisions. But choosing which metrics are best to analyze can be difficult.


Managing Hybrid Teams: How Small Businesses Can Get It Right

For many small businesses, a hybrid workforce is the new normal, creating novel opportunities and unique challenges that organizations will need to navigate in the year ahead. Change is never easy, and the past year has been a constant exercise in disruption. From shifting consumer demands to a radical reorientation of workplace structures, most organizations are becoming even more proficient at navigating uncertainty than ever before.


Survey: 99% of Security Pros Struggling to Secure Their IoT & IIoT Devices

Organizations are increasingly introducing new Internet of Things (IoT) devices into their environments. According to Statista, the aggregate number of IoT devices deployed by organizations globally increased from 7.74 billion in 2019 to around 8.74 billion a year later. The market and consumer data firm reported that the next few years will see growth in all types of IoT devices, including Industrial Internet of Things (IIoT) offerings like smart monitors.


10 Best Cisco Switch Monitoring Tools for 2021

Network monitoring is critical to ensuring a business stays secure. Switches are crucial to the proper functioning of that network. Hence, continue reading about the ten best Cisco switch monitoring tools. Switches connect networks and serve as controllers that let organizations share resources and talk to each other for better productivity. Without them, organizations face crippled information sharing and resource allocation, not to mention unnecessary costs.


Managing CI/CD pipelines with Arm compute resource classes

CircleCI has released new Arm-based compute in preview. Arm processors and architectures are becoming widely available as development teams adopt them as compute nodes in many application infrastructures. Organizations that need to run microservices, application servers, databases, and other workloads in a cost-effective way will continue to turn to the Arm architecture.


Detect suspicious activity in GCP using audit logs

GCP audit logs are a powerful tool that track everything happening in your cloud infrastructure. By analyzing them, you can detect and react to threats. Modern cloud applications are not just virtual machines, containers, binaries, and data. When you migrated to the cloud, you accelerated the development of your apps and increased operational efficiency. But you also started using new assets in the cloud that need securing.


Cloud lateral movement: Breaking in through a vulnerable container

Lateral movement is a growing concern with cloud security. That is, once a piece of your cloud infrastructure is compromised, how far can an attacker reach? What often happens in famous attacks to Cloud environments is a vulnerable application that is publicly available can serve as an entry point. From there, attackers can try to move inside the cloud environment, trying to exfiltrate sensitive data or use the account for their own purpose, like crypto mining.


AWS CIS: Manage cloud security posture on AWS infrastructure

Implementing the AWS Foundations CIS Benchmarks will help you improve your cloud security posture in your AWS infrastructure. What entry points can attackers use to compromise your cloud infrastructure? Do all your users have multi-factor authentication setup? Are they using it? Are you providing more permissions that needed? Those are some questions this benchmark will help you answer. Keep reading for an overview on AWS CIS Benchmarks and tips to implement it.


Unified threat detection for AWS cloud and containers

Implementing effective threat detection for AWS requires visibility into all of your cloud services and containers. An application is composed of a number of elements: hosts, virtual machines, containers, clusters, stored information, and input/output data streams. When you add configuration and user management to the mix, it’s clear that there is a lot to secure!


Remediating Vulnerabilities with Puppet

Patching vulnerabilities can be daunting, especially if the information is confusing, and the process to deploy patches is long. There are going to be times where a zero day presents itself, and the vulnerability requires immediate action. Whether it’s a simple fix or not, the seriousness of some vulnerabilities can put organizations at risk. Deploying patches, especially for critical infrastructure, takes planning.

How SOAR Helps Service Providers Meet MSSP Challenges: A Conversation With Forrester Research

Joseph Blankenship and Chase Cunningham of Forrester Research joined Siemplify for a four-part video series. In the fourth and final part, the pair discusses the role of SOAR for service providers, how they can evaluate their own success, and what selection criteria should look like for end-users shopping for an MSSP – especially in the era of more demanding customers and the death of the “black-box” MSSP model.

Upgrades to SCOM Made Easy with Easy Tune - Deep Dive

It can be hard to move tuning between Management Groups when implementing a side-by-side upgrade, especially when you have an old chaotic Management Group where overrides aren't always stored in logical places. In this video, we show you how Easy Tune Enterprise can help with this migration process by capturing effective overrides from wherever they are stored (as CSV files) and then using Easy Tune to apply these to your new SCOM Management Group.

Upgrades to SCOM Made Easy with Easy Tune - 7 Minute Guide

It can be hard to move tuning between Management Groups when implementing a side-by-side upgrade, especially when you have an old chaotic Management Group where overrides aren't always stored in logical places. In this video, we show you how Easy Tune Enterprise can help with this migration process by capturing effective overrides from wherever they are stored (as CSV files) and then using Easy Tune to apply these to your new SCOM Management Group.

The Untapped Power of Key Marketing Metrics

Marketing and Site Reliability teams rarely meet in most organizations. It’s especially rare outside the context of product marketing sessions or content creation. With observability now pivotal to success, we should be looking to bring the two together for technical and commercial gains. In this piece, we’re going to explore the meaning of observability and its relevance to marketing metrics.


Unlocking Hidden Business Observability with Holistic Data Collection

Why do organizations invest in observability? Because it adds value. Sometimes we forget this when we’re building our observability solutions. We get so excited about what we’re tracking that we can lose sight of why we’re tracking it. Technical metrics reveal how systems react to change. What they don’t give is a picture of how change impacts the broader business goals. The importance of qualitative data in business observability is often overlooked.

outpost 24

SAST, DAST, SCA: What's best for application security testing?

With a 43% rise in data breaches tied to web application vulnerabilities according to Verizon, enterprise security teams are looking more closely at how security controls can be integrated to DevOps without impacting productivity. But with so many automated security testing tools (SAST, DAST, SCA) on the market, it’s important to understand the difference and when to use them to ensure robust Application Security.


Preventing YAML parsing vulnerabilities with snakeyaml in Java

YAML is a human-readable language to serialize data that’s commonly used for config files. The word YAML is an acronym for “YAML ain’t a markup language” and was first released in 2001. You can compare YAML to JSON or XML as all of them are text-based structured formats. While similar to those languages, YAML is designed to be more readable than JSON and less verbose than XML.


Windows containers on Kubernetes with MicroK8s

Kubernetes orchestrates clusters of machines to run container-based workloads. Building on the success of the container-based development model, it provides the tools to operate containers reliably at scale. The container-based development methodology is popular outside just the realm of open source and Linux though.


The NeoLoad Story Starts a New Chapter

Neotys is joining Tricentis! The leader in automated continuous testing now has the leader in automated continuous performance testing in its portfolio. Rarely is it so obvious that there’s such a perfectly snug fit between two companies. Neotys and Tricentis have had a strong partnership for many years, and we keep hearing from our customers that our offerings dovetail so seamlessly that this alliance should go further.


Most common types of cyber security attacks (includes threats & attack vectors)

The cyber threat landscape evolves every day following the most basic to more advanced types of cyber attacks that makes daily headlines. It is due to data breaches, causing reputational, financial losses and regulatory penalties. Our aim with this article is to update the reader on various types and categories of cyber attacks that help them make informed decisions about their business to identify what is important and how it should be protected.


What educational institutions need to do to protect themselves from cyber threats

Educational institutions are reaping the many benefits and new possibilities offered by online learning, but these new methods of educational instruction come with serious cyber security concerns. These institutions are also a prime focus for hackers because they often host a lot of sensitive data about teachers and students. Furthermore, schools and universities are an easy target because not every teacher or professor is technologically savvy.


In the rush to adopt machine learning, don't forget to empower human intelligence

Machine learning has gained popularity in cybersecurity, and for good reason: in the never-ending race against dwell times, security professionals are looking for an advantage. While machine learning can help reduce the mean time to detect and respond to a threat, organizations should be careful not to rely so much on machine learning that they forget to empower their most important asset: human intelligence.

Explore Prometheus Metrics with Infrastructure Monitoring

Metrics Explore is the feature for deep dives into Prometheus metrics. Similar to Kibana Discover, it allows for easy querying, pull-down list selections, and other ways to navigate your data. Best yet, you can explore important metadata for detailed metric analysis. There are a few ways to move around the metrics in your system. Get started by finding the Explore icon on the left-hand menu.


Synopsys CyRC named a CVE Numbering Authority

As a CVE Numbering Authority, Synopsys can assign CVE ID numbers and publish newly discovered vulnerabilities. The Synopsys Software Integrity Group has been helping organizations find and fix vulnerabilities in their software for nearly a decade. And now it will be able to help them and the broader software industry even more.


Q&A: Circonus Founder and CTO Reveals Key Decisions on Designing Circonus' Powerful Time-Series Database

Circonus’ time-series database, IRONdb, can ingest, compute, and analyze time-series data at greater volume and frequency than any other solution in the market. We realize that’s a bold statement, but we stand by it. In fact, IRONdb can ingest over a trillion measurements per second, giving companies the data granularity they need for better, more accurate monitoring. It also offers unlimited scalability and the highest data safety guarantees.


How to Perform a Basic Rolling Upgrade of a Kubernetes Cluster

In today’s digital landscape, users expect applications to be available at all times and developers are expected to deploy new versions of these applications several times a day. Both of these expectations can be met by upgrading your Kubernetes cluster. Kubernetes is constantly getting new features and security updates, so your Kubernetes cluster needs to be kept up-to-date as well.


The Future of IT Events: Conferences in a Post-Pandemic World

IT events and technology conferences, once mind-bogglingly big in-person learning and networking opportunities, have certainly changed a lot since 2020. What started out as optimistic postponing for safety concerns quickly transformed into a new reality of virtual-only presentations and even total event redesigns due to the coronavirus pandemic. Now a year later, the outlook seems the same: another cycle of virtual-only events. We have to ask, “Is this the new future for conferences”?


Cloud TCO (Total Cost of Ownership): What It Means and How To Perform a TCO Analysis

Investing in the right systems, assets, and infrastructure is critical to business success. It can be the difference between profitability and loss. Businesses employ several methods to determine the value of a product or service before purchase or adoption. One of those methods is the total cost of ownership. Total cost of ownership (TCO) is the sum of all costs involved in the purchase, operation, and maintenance of a given asset during its lifetime.

Dashboard Server Product Preview

How would your IT team be transformed if you could dashboard anything, for free? Find out on 25th March at 2pm as we introduce you to SquaredUp Dashboard Server. Combining the best of SquaredUp with a powerful Powershell integration, Dashboard Server allows you to dashboard virtually any data, and is made for IT pros looking for a tool that’s quick to implement, easy to set up, and effortless to maintain.

Getting started with cloud security

Your application runs on containers and talks to multiple cloud services. How can you continuously secure all of it? With Sysdig you can. Continuously flag cloud misconfigurations before the bad guys get in. And suspicious activity, like unusual logins from leaked credentials. All in a single console that makes it easier to validate your cloud security posture. It only takes a few minutes to get started.

The complete guide to customer relations

Cultivating long-term, meaningful customer relations is an important part of any business. It goes beyond offering an incredible product and encompasses the entire customer experience, which should be consistent across every interaction you have with your customers. According to a Microsoft report, 54% of consumers state that they have higher customer service expectations than they did previously. The pressure is on for businesses to differentiate themselves and take better care of their customers.


It's official - Civo Kubernetes is certified by CNCF

We're very proud to announce that we have been accepted by the Cloud Native Computing Foundation (CNCF) as a conformant Certified Kubernetes provider for our v1.20 Civo Kubernetes product based on K3s. Every small business starts with a goal of competing with the big fish of the industry, and a huge part of that is having the certification to prove you're providing a compatible service. We're now in the company of some really inspirational organisations...


Selling amid the ecommerce explosion: 4 success factors to consider

The new normal brought digital commerce to the forefront, with customers preferring remote sales, online ordering and payments, and contactless purchases. The question is, are organizations equipped to cater to these constantly evolving buyer habits? Let’s see how the right solution and strategic application development can help fuel growth in the digital economy.


Inserting Items

OneDesk allows you to create items such as tickets and tasks by adding them manually. Usually, you will need to fill out the internal creation form for that given item. However, inserting an item allows you to bypass filling out the form and to insert items with the inline item insertion function. This function lets you add multiple items into a given location quickly by providing the minimum amount of information needed, usually just an item name. You can use inline inserting to add any item types.


Want to visualize software development insights with Grafana? With our new Jira Enterprise plugin, you can!

A very fun part of my job as a Solutions Engineer at Grafana Labs is getting to learn the ins and outs of a new feature or play with a plugin while it is still in development. So, when I heard murmurs that our latest Enterprise plugin would be an integration with Jira, I felt the forsaken call of the agile sirens luring me back to my days when I worked as a technical writer on a product team.


Using Devo to Stop Black Kingdom ProxyLogon Exploit

Black Kingdom is targeting Exchange servers that remain unpatched against the ProxyLogon vulnerabilities disclosed by Microsoft earlier this month. It strikes the on-premises versions of Microsoft Exchange Server, abusing the remote code execution (RCE) vulnerability also known as ProxyLogon (CVE-2021-27065[2]).


Six Simple Steps to Your First CI/CD DevOps Pipeline in JFrog Pipelines

See how easy it is to get started, and start working with a simple “Hello World” DevOps pipeline. Along the way, you’ll learn some fundamental Pipelines concepts. Here’s what you’ll need: Login to your JFrog Cloud account with the JFrog Platform credentials provided to you by email.


Metrics for Monitoring Azure Event Hubs

Azure Monitor is a convenient tool designed to help you enhance the performance and accessibility of your various services and applications. A comprehensive solution, this tool helps teams analyze data from cloud-based and on-premises environments. In this post, we'll discuss the best metrics for monitoring Microsoft Azure Event Hubs, and how to get the most from the tool. Before we dive in; Get started with a quick demo of MetricFire today to take charge of your network performance!


10 Best Open Source Switch Port Monitoring Tools

Switch port monitoring is one of the most crucial facets of network management. It not only provides insights about network switch port status but CPU load, memory utilization, historical port utilization, and more. Investing in switch port monitoring improves network-related performance across your organization and optimizes port usage. As a result, you'll enhance security, reduce cybercrime, optimize networks, enhance compliance, and safeguard your entire IT infrastructure.


Network monitoring with Hosted Graphite

Network monitoring is the process of looking after your network with the help of various tools and techniques. These tools that are often called network monitoring systems constantly track various aspects concerning your network, such as bandwidth usage, traffic, etc. This tracking is important in case of outages as these systems notify the network administrator immediately. Moreover, network monitoring systems are essential for status updates so that you can improve your system’s efficiency.


Data Lake Opportunities: Rethinking Data Analytics Optimization [VIDEO]

Data lakes have challenges. And until you solve those problems, efficient, cost-effective data analytics will remain out of reach. That’s why ChaosSearch is rethinking the way businesses manage and analyze their data. As Mike Leone, Senior Analyst for Data Platforms, Analytics and AI at ESG Global, and Thomas Hazel, ChaosSearch’s founder and CTO, explained in a recent webinar, ChaosSearch offers a data analytics optimization solution that makes data faster and cheaper to store and analyze.


Secure coding with Snyk Code: Ignore functionality with a twist

When scanning your code with our secure coding tool, Snyk Code might find all kinds of security vulnerabilities. And while Snyk Code is fast, accurate, and rich in content, sometimes there is the need to suppress specific warnings. Typical example use cases arise in test code when you explicitly use hard coded passwords to test your routines, or you know about an issue but decide not to fix it.

Cisco Secure Application: from the engineers who built it

Today, protecting your digital business starts with the application. Discover why runtime application self protection solutions (RASP), like Cisco Secure Application, is a game changer for application and security teams. Learn how you can simplify vulnerability management, block attacks in real-time, and save time.

So You Wanna Be an SRE? Learn These 12 Skills

In a previous article on Site Reliability Engineering (SRE), we discussed the SRE role and why it’s in high demand. At the end of the article, some advice was given on how to become an SRE. It is not easy. But with the right determination, it can be done. This article will highlight the skills you need to become an SRE.


Preventing Recent Microsoft Exchange Vulnerabilities and Similar Attacks Using Netskope Private Access

On March 2, Microsoft released patches to address four zero-day vulnerabilities in Microsoft Exchange Server software. Those vulnerabilities, known collectively as ProxyLogon, affect on-premises Exchange Server 2013, Exchange Server 2016, and Exchange Server 2019. (Exchange Online, which is part of Microsoft 365, has not been affected.)


Leading with Observability: Key Considerations for Technology Leaders

By 2022, Gartner estimates that more than 3 out of 4 global organizations will be running containerized applications in production. With this comes a new set of monitoring challenges — ephemeral, short-lived infrastructure, complex service interdependencies and on-call developers who now need access to data for fast troubleshooting, just to name a few.


Manufacturing Has the Lowest Percentage of High-Severity Flaws but Needs to Improve Time to Remediation

The past 12 months have been especially challenging for the manufacturing industry. The pandemic affected in-person manufacturing jobs as well as supply and demand, causing many manufacturing companies to shut their doors or lay off valuable employees. Recognizing the vulnerable state of manufacturing companies, cybercriminals saw manufacturing as an easy target. In fact, the manufacturing industry saw an 11 percent increase in cyberattacks in 2020.


Why Prometheus isn't enough to monitor complex environments

Modern systems look very different than they did years ago. For the most part, development organizations have moved away from building traditional monoliths towards the development of containerized applications running across a highly-distributed infrastructure. While this change has made systems inherently more resilient, the increase in overall complexity has made it more important (and more challenging) to effectively identify and address problems at their root cause when issues occur.


Change is Inevitable: Just Ask GitLab, Buildkite, GitHub, Jenkins, Evolven, and More

If memory serves (it was over 20 years ago), that’s what the free t-shirt that Microsoft gave me for being an official Windows 98 beta tester said. And yes, being a beta volunteer required me to haul my desktop PC to Redmond, WA (from Seattle)…because…I guess that’s how it was done back then? I remember they gave us pizza, and I needed to install more RAM. As I said before, it was a while ago; however, the whole “change is inevitable” thing is still valid today.


Leveraging APM to Conquer Custom App Management Troubles

Though you might use custom-made apps for many reasons, there’s only one reason you deploy them: off-the-shelf solutions just can’t get the job done. Whenever operations are too complex for a commercial application already in place or whenever a new kind of digital business is launched, a custom app is necessary. This is true no matter what the business model is.


A Sanity Listicle for Mobile Developers

Just like that Mobile March Madness 2021 is almost in our rearview. Before we look to April, let’s recap some of our most notable mobile updates from this past month with a few tips on how to solve what matters faster and a sneak peek of what’s coming next. That’s right. We’re constantly improving our mobile monitoring solution independent of our alliteration-based marketing campaigns.


How to Overcome the Challenges of Securing a Fully Remote Workforce

One of the most significant changes to come out of the COVID-19 pandemic is the shift to remote work. By late 2020, 58% of U.S. employees worked at home at least some of the time, and this trend will likely continue. While a remote workforce can bring several productivity and morale benefits, it also creates some security challenges such as cyber threats. Most companies’ cyber defenses are designed to handle a single, centralized network in one location with standardized devices.


7 Best Project Task Management Software for Accountants

This is one of the most well-known brands in the project management sphere. It is powerful and versatile. For reasons of safety and confidentiality, large enterprises opt for its on-premise version. Small organizations generally prefer the cloud version. It easily integrates with Gmail inbox, Mailchimp and many other solutions.


How Xplenty Unlocked a Global Sales Brand's Post-Pandemic Potential

When COVID hit, multinationals went into a tailspin, scrambling for solutions to pandemic-related problems like suspended flights, social distancing, and stay-at-home orders. How could global brands function when operations are so interconnected? One global sales and marketing brand stayed calm in the crisis, innovating localized strategies that strengthened remote regional teams.


Digital transformation is all about people

The power of technology can transform organizations. Technology can create new workplaces and new ways of working—and bring new services and exciting opportunities to businesses and consumers alike. Delivering a major technology program is always a complex journey, full of challenges and, inevitably, a mix of triumphs and setbacks.


How to build modern data applications

With the steep rise of data, smart businesses have started capitalizing on this new oil to build a new type of products and services: data applications. Admittedly, the engineering and business development of data apps overlaps with their cousins - the trusty desktop app and the well-known web app, … But there is a core difference that sets data applications apart: they are first and foremost about the data they use to deliver value.


What Is Topology?

Topology is a multilayered map showing how everything in the IT environment is related. It's similar to Google Maps, which gives you a bird's eye view into an area and how everything is interconnected. Also, in Google Maps, you can see how traffic is flowing and which intersections may be causing bottlenecks. A view into topology allows similar visibility. You can see how components of an IT system are laid out to interact with each other.


Accelerating software projects using the feature design process

Every agile software engineering team wants to do these three things: The reality is that as we focus on improving one thing, sometimes it is at the expense of another. If we focus on accelerating feature development, feature quality could suffer. If we focus on improving feature quality, development could slow, potentially delaying the release. But what if we could have it all?

Appknox 7th Year Anniversary!

This week #knoxtars celebrate our seventh year in business. During this time we have continually secured businesses across multiple industries to build a safer mobile ecosystem We wish to thank every single team member past and current, clients and partners who we have worked with us over the years. We take great pride in our work and look forward to helping your business grow & add more feathers to our cap.

NEW Lenses: PostgreSQL & metadata to navigate your Kafka galaxy

When you’re one of many developers commanding streaming applications running in Apache Kafka, you want enough data observability to fly your own data product to the moon. But you also want to boldly go where no developer has gone before to discover new applications. At the same time, you don’t want to be exposed to sensitive data that summons you to your compliance team, crashing you back down to earth.


Balancing act: the current limits of AWS network load balancers

At Ably we provide a service that handles high volumes of client connections – multiple millions of concurrent WebSocket and HTTP streaming connections. Said connections are terminated by a set of frontend compute instances; distributing the connections among available instances is the role of one or more load balancers.


Monitor Fastly performance with Datadog

Fastly is an edge cloud platform that includes a content delivery network (CDN), as well as services for image optimization, video streaming, cloud security, and load balancing. These services are supported by a network of caches in different locations, which enables enterprise-scale companies to deliver applications to users as quickly as possible, even in times of peak traffic.


6 Underrated customer service metrics to elevate your customer relationships

If you're researching customer service metrics, you'll undoubtedly hear a few mentioned over and over, like CSAT and ticket backlog. While these common metrics are useful, they alone can't give you the complete picture you need to boost your customer service game. By focusing on these and ignoring other, lesser-known customer service metrics, you'll miss out on vital information that can help improve your customer service strategy and your team's performance.


Adaptive cybersecurity: 3 strategies that are needed in an evolving security landscape

Cybersecurity is no longer an outlandish concept to many business enterprise executives. What is still relatively unfamiliar to many organizations and their leadership, however, is the task of evaluating their cyber strategy and risk to determine how best to adapt and grow to stay secure while remaining competitive. Executives must initiate thorough evaluations of their existing cybersecurity strategies to figure out which types of new technologies and risk management strategies they need the most.


How to Measure Core Web Vitals

Core Web Vitals are a new set of performance metrics that will become part of Google’s ranking algorithm from May 2021. In this blog, we explain how to measure Core Web Vitals scores. There are many ways website owners can find out their Core Web Vitals scores. This includes: PageSpeed Insights, Search Console, Lighthouse, Chrome DevTools, Chrome UX Report, and the Web Vitals Extension.


OctoPerf v12.2 - Flexible license sharing, improved VU validation, XPath and JQuery

We’ve been working a lot behind the scenes for this release because we wanted to address the license sharing issue. Up until today it was only possible to ask us to share the license for you and sharing could only share every license you own. We had to completely refactor the way we handle licenses to allow you to decide on your own to share all or a fraction of your subscriptions. But that’s not all, we also worked on a VU validation with multiple iterations.


Why Real-Time Monitoring is So Important

No one can deny the importance of a proper monitoring system for the effective management of IT infrastructure. You need the most efficient solutions and monitoring tools to optimize performance, make the most out of your resources, and be able to deal with errors and failure conditions. While the traditional way of IT monitoring involves the use of reports, it does have certain limitations.

console connect

Why Your Business Should Consider Private And Direct Connections To Google Cloud

Although it entered the market later than Amazon and Microsoft, Google Cloud has established itself as one of the top 3 mainstream public clouds through its Platform-as-a-Service (PaaS) and Infrastructure-as-a-Service (IaaS) offerings, with a strong presence in Machine Learning, data analytics and AI (Artificial Intelligence). Google has also become known for an attractive pricing model for its cloud services.


Accelerated integration of Eventador with Cloudera - SQL Stream Builder

In October 2020, Cloudera made a strategic acquisition of a company called Eventador. This was primarily to augment our streaming capabilities within Cloudera DataFlow. Eventador was adept at simplifying the process of building streaming applications. Their flagship product, SQL Stream Builder, made access to real-time data streams easily possible with just SQL (Structured Query Language).


Kubernetes operators and Open Operator Collection integration - Juju 2.9

Following the Open Operator Collection announcement from November, Canonical is today proud to announce the availability of Juju Operator Lifecycle Manager (OLM) 2.9. This new release of Juju brings new capabilities for Kubernetes operators as well as smooth integration with the Open Operator Collection.

Credential management best practices for business process automations

This webinar recording gives you a clear picture of the various credential-related perils that can surface because of implementing business process automation (BPA) workfows in your enterprise. Ganesh, our in-house IT security expert will walk you through the risks associated with hard-coding privileged credentials within application scripts and also provide you with a handful of security best practices to mitigate the risks and fortify your IT infrastructure from credential exposure through PAM360.

Using SQL Clone with Githooks & Branch Policies in Azure DevOps

Switching branches quickly and testing Pull Request code when working on database changes is no easy thing, but fear not! Join Chris Unwin in this video to find out how you can set up SQL Clone to allow developers to preserve changes when switching branches, and how teams can review code against a live DB, rather than relying on the raw code in version control.

How we're graduating Grafana Agent experiments into the official Prometheus project

We’ve been experimenting with new ways to use and operate Prometheus over the past year. Every successful Grafana Agent experiment turns into an upstream contribution for the whole Prometheus community to benefit from. In this blog post, I go over the history of the Agent’s successful — and not so successful — experiments.


Data Lake Challenges: Or, Why Your Data Lake Isn't Working Out [VIDEO]

Since the data lake concept emerged more than a decade ago, data lakes have been pitched as the solution to many of the woes surrounding traditional data management solutions, like databases and data warehouses. Data lakes, we have been told, are more scalable, better able to accommodate widely varying types of data, cheaper to build and so on. Much of that is true, at least theoretically.


Continuous integration for React Native applications

Apache Cordova, since its release in 2009, has created a paradigm shift for mobile application development. Before Cordova, only developers who knew platform dedicated languages for a particular type of mobile operating system could develop native mobile applications. There was Objective-C for developing iOS apps, or Java for Android apps and platforms like Blackberry. Windows Phone also had languages dedicated to building their mobile applications.

Appian RPA - A Key Capability in Your Automation Toolbox

Introducing Appian RPA - a cloud-native technology for robotic task automation that increases efficiency, reduces errors, and lowers costs. Appian RPA is part of Appian’s full-stack automation, which combines RPA, workflow, decision rules, AI, and case management, giving you the right technology for the right use case.

Improve Your DevOps Strategy Through Platform Ops

Organizations looking to scale DevOps implementations, improve their DevOps strategy, and deliver production code fast and reliably should take note of Platform Ops. Platform Ops will reshape the way we deliver value to the customer by offering an internal marketplace of self-service capabilities to many different internal business consumers. Platform Ops is an implementation of broader DevOps strategy, philosophies, and principles.


Optimizing Alert Policies with Dynamic Destinations

Targeted reliable notifications are the core of any alerting solution. Blasting out emails may be good for quantity, but Enterprise Alert focuses on the quality, this means notifying the right people at the right time. We often see monitoring and ticketing solutions creating an incident and then relying on the emailed recipient to not only identify and handle the incident but also to close out the ticket that is raised.


Remaking APM for the Cloud-Native Era

Born some 15 years ago, Application Performance Management (APM) “strives to detect and diagnose complex application performance problems to maintain an expected level of service.” The cloud was barely born back then. The standard enterprise application was based on a three-tier architecture, with each tier neatly tucked away on its own OS instance and physical or virtual server.


Veracode Hacker Games: The Results Are In!

The first ever Veracode Hacker Games competition has come to a close, but were the flaws in favor of our brave competitors? Read on to find out. Over the course of the two-week challenge, students from several universities in the U.S. and the U.K. came together to explore vulnerabilities and threats that they’ll one day face on the job.

M-Files Administrator: Creating an Informative Workflow | Intelligent Information Management

Each document has a lifecycle, during which it is processed and edited. During the lifecycle, the contributors may change and different persons may be responsible for different decisions. However, it is important that every person participating in the process is aware of their own areas of responsibility and the working stage. The M-Files workflows enable modeling document lifecycles according to real world processes.

M-Files Administrator: Permissions in Workflows | Intelligent Information Management

Each document has a lifecycle, during which it is processed and edited. During the lifecycle, the contributors may change and different persons may be responsible for different decisions. However, it is important that every person participating in the process is aware of their own areas of responsibility and the working stage. The M-Files workflows enable modeling document lifecycles according to real world processes. You can set permissions for the workflows, workflow states and workflow state transitions.

10 Mistakes to Avoid When Sizing Cloud Resources

One of the most common concerns when moving to the cloud is cost. Given that cloud allows you to turn IT costs from CAPEX (long-term investments ex. in hardware equipment and software licenses) into OPEX (day-to-day operating expenses), it’s crucial to choose the right service and estimate it properly. In this article, we’ll look at the common pitfalls and discuss how you can avoid them to truly benefit from the cloud’s elasticity.

vmware tanzu

How Tanzu Observability Continuous Improvement Makes You More Successful

Did you know that the VMware Tanzu Observability by Wavefront engineering team not only listens to input from customers, but acts on that input to improve the overall Tanzu Observability experience? In fact, as a direct result of customer surveys, the Wavefront engineering team recently completed 30 days of improvement focused on query quality. I will quickly run through those improvements in this post.


What is Chatbot Design?

You may already be familiar with chatbots and how useful they are. So, in this article, we’ll go through everything you need to know about great chatbot design. We’ll show you the ins and outs so you can design chatbots that provide excellent customer service, convert more leads, and engage with your audience. We’ll also go through: By the end of the article, you will have everything you need to design not just any chatbot, but the right chatbot for you. Let’s get started.


Fighting Digital Payment Fraudsters in Real-time: A Winning Framework (Part 2)

A customer walks into a bank, asks a question at the information desk, and then leaves. Later that day an operations manager notices an unmarked USB device left on the counter. He doesn’t remember who might have left it, so he plugs it into his computer to see if he can potentially spot the owner. As the USB loads, the malware shuts down the entire system, while the hackers get the bank’s customers’ account details.


Testing Shell Commands with the Crystal CLI

FireHydrant uses a CLI for some developer actions, called fhd (FireHydrant developers). Previously, we might have distributed workflows among new developers by having them copy/paste or clone scripts down to their machines--but Crystal lets us encapsulate shared tooling in a compiled binary. This way, we have a CLI that developers can install quickly, and that works seamlessly with our other tools.


Missing Infrastructure

Software development by distributed teams is nothing new. But since 2020, it’s no longer just teams that are globally dispersed, it is the individual team members themselves. Remote working is the new normal. So in this unpredictable, “modern” world we’re in, how do you put together a solution that delivers for every single team member, no matter their location?


Build an Application-Aware Infrastructure with Cisco Intersight Workload Optimizer

For many organizations, applications are the business. But not all companies are aware just how critical an optimal infrastructure is to application performance. AppDynamics + Cisco Intersight Workload Optimizer supports intelligent, highly collaborative problem-solving between AppOps and InfraOps teams to build a truly application-supportive infrastructure for the modern enterprise.


Boost Permissions Management with JFrog on Azure through Active Directory SSO

When you’ve chosen Microsoft Azure to host your JFrog Cloud Enterprise or Enterprise+ subscription, you’ll naturally want to make good use of the services Azure provides for security and user administration. DevOps security starts with who has access to your builds, releases, and automation.


Using Policy Analyzer to develop and debug CFEngine policy

I have a setup at home where I keep a local git server running on a Raspberry Pi 3 which contains personal/work journal, dotfiles and a personal policy repository. It was set up manually so before adding a new git repository for a family password store I set about retrofiting the configuration in CFEngine. The goal in this blog is to ensure that what I have already is managed by CFEngine and that what I want to add, /srv/git/passwords.git, is created.


Best Practices for API Rate Limits and Quotas with Moesif to Avoid Angry Customers

Like any online service, your API users expect high availability and good performance. This also means one customer should not be able to starve another customer’s access to your API. Adding rate limiting is a defensive measure which can protect your API from being overwhelmed with requests and improve general availability. Similarly, adding quota management also ensures customers stay within their contract terms and obligations ensuring you’re able to monetize your API.


How Eliminating Network Choke Points Can Help the DoD Plan for the Next Wave of the Pandemic

At the start of the COVID-19 pandemic, military IT leaders raced to expand network capacity and upgrade infrastructure to ensure it could meet their mission-critical workloads and support telework. Their successful efforts have established a proof of their own abilities to adapt and scale their networks with speed and agility. As more DoD personnel telework and government and home networks are pushed to the max, here are three things they must consider as plans for the impact on IT systems.


3 Best Logging Add-Ons for Heroku as of 2021

Heroku is a powerful PaaS that helps developers easily and quickly launch and scale modern applications. In addition to its base features, it also offers Heroku Elements Marketplace, which has add-ons for expanding the functionality of the base platform. While Heroku has built-in logging for your applications in this platform, you may find that the default interface leaves something to be desired.


How ITOM visibility delivers peace of mind

The check engine light on a vehicle warns the driver when something under the hood needs attention. Wouldn’t it be nice if every organization had a similar flashing indicator to let them know when their Transport Layer Security (TLS) certificate is about to expire? Unfortunately, reality isn’t that simple. We tend to deal with the day-to-day maintenance of our vehicle in different ways.


Virtual Production Setup: The Entertainment Technology Center Case Study

When the world went remote, studios needed to limit the number of people on set. To support the shift to remote work, teams needed to learn and implement new software tools. Game technology — like Unreal Engine and Unity — were powerful enough to meet the demands for this rapidly changing industry. But what else does a virtual production setup need?


Optimizing the Docker Container Image for C++ Microservices

In previous posts, we covered the basics of a C++ Microservices deployment including: With those basics in place, this blog will focus on optimization of the container in a C++ Microservices deployment. We'll examine how to structure the Dockerfile and the resulting Docker image to reduce the number of layers and disk space used.

Shape of the New | Global Art Market Webinar Series - Part 2: Regulation and Risk

Our two-part roundtable webinar series on the future of the global art market, features guests from Hauser & Wirth, HMRC, Demif Gallery and The Society of London Art Dealers. Presented by Gareth Fletcher of Sotheby’s Institute of Art, the series explores change and transformation in the art market, from new technologies, ways of viewing and buying art, and market supervision, to digital art crime, the rise of African artists, and the illicit trade in art and antiquities.

NIST SP 800-172 (Formerly SP 800-171B) Release Couldn't Come at a Better Time

NIST’s timely new release of Special Publication (SP) 800-172 (formerly referred to in draft form as 800-171B) provides exactly what its title says, Enhanced Security Requirements for Protecting Controlled Unclassified Information: A Supplement to NIST SP 800-171. Yet it goes a step further to protect controlled unclassified information (CUI) specifically from APTs.


The Future of Qovery - Week #4

During the next seven weeks, our team will work to improve the overall experience of Qovery. We gathered all your feedback (thank you to our wonderful community 🙏), and we decided to make significant changes to make Qovery a better place to deploy and manage your apps. This series will reveal all the changes and features you will get in the next major release of Qovery. Let's go!


What Are Microservice Architectures?

In this article, we are going to look at Microservice architectures, their benefits, what makes them different from traditional monolithic architectures, and how to go about setting up monitoring and alerting for them. MetricFire is a Hosted Graphite, Grafana, and Prometheus service, where we help you set up and manage these open-source tools. If you would like to follow the steps in this blog, make sure to sign up for MetricFire's free trial and even book a demo session.


Black Kingdom Ransomware

Hot on the heels of 'Dearcry'[1], yet another ransomware threat has been observed as targeting Microsoft Exchange servers vulnerable to recently reported critical vulnerabilities[2]. Dubbed 'Black KingDom', this ransomware threat has reportedly been deployed through a web-shell that is installed on vulnerable Microsoft Exchange servers following the exploitation of the vulnerability chain that results in both remote code execution (RCE) and elevated privileges.

IT Spring Cleaning: Making the best of the current situation

Spring is just around the corner. And since we're at home a lot right now due to the coronavirus pandemic, it's all the more worthwhile to take some time for spring cleaning. But it's not just in our own four walls that the winter grumpiness should disappear; the IT landscape is also in need of a digital spring cleaning.

Why Is Customer Service Important: 4 Benefits You Cannot Overlook

When Jeff Bezos was asked by CNN what the single most important feature of Amazon’s success was, his response was telling – “the most important thing is to focus obsessively on the customer.”1 With 90% of American consumers citing customer service as an important deciding factor in doing business with a company or not, providing great customer service can give companies a competitive edge.2 But what exactly does good customer service entail?


Leading vs lagging indicators: what are they, and why do they matter for your business?

The main point of identifying and tracking specific metrics is to measure your progress toward specific goals. But not all metrics can give you the information you need right away. Lagging indicators take a long time to change, and show the later-stage results of your efforts. Leading indicators, on the other hand, measure the activities you think will help you reach your goal, and can be tracked on a more ongoing basis. Because of the different time frames required by leading vs.


Runbooks: What They Are and Why You Need One Yesterday

Let’s talk about The Legend of Zelda: A Link to the Past, and how it relates to DevOps. The game tasks our hero with finding three pendants, which unlock a Master Sword he can use to travel to an alternate realm and ultimately take down the bad guy. The US version of this SNES masterpiece came packaged with a fairly detailed instruction manual that contained an optional guide at the end to help locate the three pendants.


How to choose a Digital Risk Protection Service (DPRS)

Digital risks are an inevitable by-product of an expanding ecosystem, and an expanding ecosystem is essential to societies' progression into the fourth industrial revolution. This unsettling conundrum has given rise to a novel field of cybersecurity known as Digital RIsk Protection (DRP). But like all novel solutions, it can be difficult to identify the capable minority from the majority still finding their feet.


What is Digital Risk?

Digital risk refers to all unexpected consequences that result from digital transformation and disrupt the achievement of business objectives. When a business scales, its attack surface expands, increasing its exposure to outside threats. This makes digital risk an unavoidable by-product of digital transformation. Fortunately, digital risk protection strategies have been developed to mitigate digital risk so that organizations can continue confidently scaling their operations.


What is Digital Risk Protection (DRP)? You could be exposed.

Digital risk protection (DRP) is the practice of protecting organizations from cyber threats during digital transformation. Rather than reacting to cyber threats after they're discovered, cybersecurity strategies must shift to a proactive approach to protection. This is the key to supporting ecosystem expansion while mitigating risk.


Democratizing Data Across a Dynamic Business With Qlik

The retail and manufacturing industries have had many new challenges due to COVID-19. As a leading action sports apparel company, La Jolla Group has persevered during this time. Now more than ever we rely on a holistic view of our forecasting, sales and production data. We have democratized this data empowering users from across the business to make well-informed business decisions, quickly. That’s where Qlik has shown real superiority over other platforms like Power BI and Tableau.


Retailers must leverage data to survive this pandemic

Jamie Kiser, COO and CCO at Talend, explains why retailers, striving to ensure they’re not missing out on future opportunities, must leverage one thing: data. By utilizing customer intelligence and better data management, retailers can collect supply chain data in real-time, make better orders to suppliers based on customer intelligence. While major industries from tech to the public sector felt COVID’s pain points, not many felt them as acutely as retail.


Best 7 Automated Network Diagram Software + Guide

For your business’s network to thrive, you have to really know its details and intricacies. One of the best ways to understand your network is to make a network diagram, which is a visual representation of your network’s devices and how they connect to one another. You can manually create your own network diagram, which can help visualize complex networks. However, it can be difficult and time-consuming to build a coherent, accurate network diagram on your own.


SD-WAN vs. MPLS: how do they compare from a security perspective?

SD-WAN and MPLS are two technologies that are often perceived as either-or solutions. For many organizations, however, SD-WAN and MPLS can complement each other. This article will define and compare the technologies, explaining how, in many cases, they work together. We’ll also explore SD-WAN’s popularity and its role in enabling modern security architectures like SASE.


The Future of Work: How To Prepare Your Business for What's Coming

In 2014 when I co-launched my book, The Smarter Working Manifesto, I presented a slide during a conference that showed a picture of a human brain. I told the audience that this was my workplace, not an office building, shared workspace, or home setup. That 2014 audience thought I was kidding.


What Is a Network Diagram?

Network diagrams are not only handy to have, but provide a vital look at the network topology for your team, your company, and your peace of mind. Let’s look at what a network diagram is, and why it’s so important. A network diagram is, simply put, a schematic or map of your existing network that illustrates the nodes and their connections. Network diagrams are very useful at mapping out your elements and device interactions, as well as illustrating different network topology types.


SQL injection cheat sheet: 8 best practices to prevent SQL injection attacks

SQL injection is one of the most dangerous vulnerabilities for online applications. It occurs when a user adds untrusted data to a database query. For instance, when filling in a web form. If SQL injection is possible, smart attackers can create user input to steal valuable data, bypass authentication, or corrupt the records in your database. There are different types of SQL injection attacks, but in general, they all have a similar cause.


What is an SMB Port? How to check for open ports 445 and 139? SMB versions explained.

SMB stands for Server Message Block, once known as Common Internet File System, is a communication protocol for providing shared access between systems on a network. At a high level, it is a set of rules adopted to share files, printers in a network. SMB is a file sharing protocol that involves computers communicating with each other in a local network. This local network could be a small business within the same office or a multi-national company with offices around the globe connected to each other.

How to build & deploy Conversational IT Support in 10 Mins

This video shows how admins can build & deploy an effective conversational IT support chatbot in Teams in less than 10 minutes "We take you through Workativ Assistant, a SaaS no-code platform that builds, automates and deploys conversational AI chatbots with workflow automation. In this video, we will cover Chatbot Builder, Workflow Builder and Chatbot integration functionalities along with a end-user chatbot IT support scenarios.

How to build IT Helpdesk Chatbot in 10 Mins

This video presents how admins can build & deploy an effective IT helpdesk chatbot in Teams in less than 10 minutes "We take you through Workativ Assistant, a SaaS no-code platform that builds, automates and deploys conversational AI chatbots with workflow automation. In this video, we will cover Chatbot Builder, Workflow Builder and Chatbot integration functionalities along with a end-user chatbot IT support scenarios.

How to build Conversational AI Chatbot in 10 Mins

Deploy no code conversational AI chatbot using Workativ Assistant Platform within 10 minutes "We take you through Workativ Assistant, a SaaS no-code platform that builds, automates and deploys conversational AI chatbots with workflow automation. In this video, we would cover Chatbot Builder, Workflow Builder and Chatbot integration functionalities along with end-user chatbot scenarios for employee support

How to build & deploy Conversational HR Support in 10 Mins

See how an HR admin builds and deploys a powerful conversational HR support chatbot in Teams for employees in less than 10 minutes "We take you through Workativ Assistant, a SaaS no-code platform that builds, automates and deploys conversational AI chatbots with workflow automation. In this video, we would cover Chatbot Builder, Workflow Builder and Chatbot integration functionalities along with a end-user chatbot for HR support scenarios

How to build Virtual Agent in 10 Mins

Learn how to create an intelligent Virtual Agent with workflow automation capabilities in less than 10 minutes "We take you through Workativ Assistant, a SaaS no-code platform that builds, automates and deploys conversational AI chatbots with workflow automation. In this video, we would cover Chatbot Builder, Workflow Builder and Chatbot integration functionalities along with a end-user chatbot for employee support

How to build HR Chatbot in 10 Mins

See how an HR admin builds and deploys a powerful HR chatbot in Teams for employees in less than 10 minutes "We take you through Workativ Assistant, a SaaS no-code platform that builds, automates and deploys conversational AI chatbots with workflow automation. In this video, we would cover Chatbot Builder, Workflow Builder and Chatbot integration functionalities along with an end-user chatbot for HR support scenarios

HAProxy Enterprise 2.3 and HAProxy 2.4 Support the Financial Information eXchange Protocol (FIX)

A floor of commotion bustling with people holding phones and shouting out purchase and sell orders, some using hand signals to communicate over the noise. This was a common scene on Wall Street in the 1980s. Nowadays, transactions happen at the push of a button with traders sitting directly in front of a computer. In fact, the computer has made it possible to automate the buying and selling of securities, leading to an era of high-frequency, algorithmic trading.


Resource Roundup: Getting Started with InfluxDB Cloud on Google Cloud

Are you looking to get started with InfluxDB on Google Cloud? We’ve pulled together our top resources to help you get the most out of your time series data whether that’s coming from your Google Cloud infrastructure or your own application. Read how customers like Wayfair and Vera C. Rubin Observatory use InfluxDB on Google Cloud to solve their time series data collection and processing challenges to power their multifaceted, complex real-world use cases.

eg innovations

5 Key Capabilities That Your VMware Horizon Monitoring Solution Must Have

The success of any digital workspace technology depends on the user experience and VMware Horizon is no exception. There are many aspects of user experience. When a user first connects, the logon must happen quickly. When the user launches a client application (e.g., Microsoft Outlook, Google Chrome, etc.), the application must be available for user interactions within seconds.


Automated Clean-up of HAFNIUM Shells and Processes with Splunk Phantom

If you haven’t been living under a rock for the past few weeks, you've probably come across the recent Microsoft Exchange Server vulnerabilities and its associated exploits.Stop!!! The first thing you should do is to go and patch any Exchange servers you may be running, then you can come back and finish reading this blog. Microsoft's blog provides links to various tools to help in this regard.


How to cyber security: Minimize risk and testing time with Intelligent Orchestration

Integrating AST tools into your CI/CD pipeline shouldn’t compromise your development velocity. Learn how Intelligent Orchestration can help. Sometimes it feels like software development is at the crux of the collision between an unstoppable force and an immovable object. The answer to putting security in every phase of development is partly process and partly automating and integrating security testing into the build and test phases of development.

Are we forever doomed to software supply chain security?

The adoption of open-source software continues to grow and creates significant security concerns for everything from software supply chain attacks in language ecosystem registries to cloud-native application security concerns. In this session, we will explore how developers are targeted as a vehicle for malware distribution, how immensely we depend on open-source maintainers to release timely security fixes, and how the race to the cloud creates new security concerns for developers to cope with, as computing resources turn into infrastructure as code.