Integrating TA-Nix with Splunk App for Infrastructure

Previous articles in our series have introduced the Splunk App for Infrastructure (SAI) and provided getting-started guidance for Linux and Windows using native metric-collection tools such as collectd and perfmon. But did you know you can also use your existing Splunk Universal Forwarders (UF’s), together with the Splunk Add-on for Unix and Linux (TA-Nix) to send both the metrics and logs without the need of additional agents?


Introducing HA MicroK8s, the ultra-reliable, minimal Kubernetes

15th October 2020: Canonical today announced autonomous high availability (HA) clustering in MicroK8s, the lightweight Kubernetes. Already popular for IoT and developer workstations, MicroK8s now gains resilience for production workloads in cloud and server deployments. High availability is enabled automatically once three or more nodes are clustered, and the data store migrates automatically between nodes to maintain quorum in the event of a failure.


Building competitive advantage by adopting cloud-native approach

With the economies of many countries heading towards recession, increasing regulations, growing security threats and increasing costs, financial services firms need practical solutions, now more than ever. Many of the financial technology firms (‘fintechs’) and mobile app-based challenger banks have taken advantage of modern application architectures and DevOps practices that are associated with cloud native technologies.


Canonical expands collaboration with NVIDIA to bring AI to the edge

Canonical has been working closely with NVIDIA for many years to fuel innovation and support open source software with the power of accelerated processing. That already allowed us to jointly deliver GPU acceleration into Linux, OpenStack and container workloads on traditional datacenter servers. We continued working together, with Ubuntu forming the base operating system for NVIDIA DGX systems, including the latest NVIDIA DGX A100 system.

Configure and apply hardening rules in minutes with Ubuntu CIS Benchmark tooling

CIS benchmark has hundreds of configuration recommendations, so hardening a system manually can be very tedious. To drastically improve this process for enterprises, Canonical has made CIS automation tooling available to its Ubuntu Advantage for Infrastructure customers and Ubuntu Pro users on the public cloud (Azure, AWS).

How to make snaps and configuration management tools work together

In environments with large numbers of client machines, configuration management tools are often used to simplify and standardize the target state of each host in a seamless, automated and consistent manner. Software like CFEngine, Chef, Ansible, and others offer a high degree of granular control over software packaging and system configurations.


What makes ARMO customers immune - by design - against vulnerabilities like the recently discovered CVE-2020-14386?

CVE-2020-14386 is yet another severe vulnerability that was recently discovered in the Linux kernel. It reminds us that the fight against vulnerabilities is not over. This particular one allows a regular application to escalate its privileges and gain root access to the machine. Indeed, it sounds scary.


Detecting CVE-2020-14386 with Falco and mitigating potential container escapes

On September 14, CVE-2020-14386 was reported as a “high” severity threat. This CVE is a kernel security vulnerability that enables an unprivileged local process to gain root access to the system. CVE-2020-14386 is a result of a bug found in the packet socket facility in the Linux kernel. It allows a bad actor to trigger a memory corruption that can be exploited to hijack data and resources and in the most severe case, completely take over the system.