Articles

Secure Rsync in the Enterprise

Introduction

Utilities in the Enterprise

Modern enterprise data centers are a complex mix of different technologies geared towards accomplishing business goals. Some of these technologies are pricy, big-name business solutions, but some are simple tools and utilities, facilitating processes. Linux sysadmins have been using rsync (remote synchronization) to move and mirror files for two decades, though versions of it now run on nearly every platform. Its lightweight build, small footprint, and usability make it a good choice for simple file copy operations. But this same asset is also a liability for many utilities: designed purely for functionality, they may not automatically account for potential risks to enterprise data. To successfully use rsync in the enterprise means protecting the data being transferred through it from accidental exposure.

Filed under: IT security, rsync

UpGuard Helps You Find The Right Steps

It is increasingly hard to trust your technology as it scales along with your business. New servers, network appliances or applications are constantly added to your IT environment in costly efforts to optimize your business needs. With increasingly strict regulatory rules in place, this leaves many of us worried about IT backlash.

Filed under: upguard, process, Procedures

UpGuard Procedures: Digitize Runbooks. Reduce Poor Documentation.

Most engineering teams we connect with tell us they do not have any runbook repositories of documentation for logging their processes.

Filed under: process, Procedure, Runbook, Procedures, processes

Configuration Monitoring on Ubuntu OS

Introduction

As the most common Linux distro, configuration monitoring for Ubuntu OS requires straightforward scan setups and easy to understand visualizations of change.

Filed under: Ubuntu

BitSight vs SecurityScorecard

When it comes to assessing enterprise cyber risk, leading vendors are taking different approaches to quantifying and evaluating digital risk exposure. BitSight and SecurityScorecard are two companies that focus strictly on external measures of cyber risklet's see how they stack up in this comparison.

Filed under: security, digital resilience, cybersecurity

SaltStack vs Ansible Revisited

It's been a while since we last covered these two leading IT automation solutions—suffice to say, both SaltStack and Ansible have evolved significantly since then. Let's take a fresh look at how they compare when it comes to enterprise-grade IT automation and orchestration.

Filed under: IT automation, ansible, salt, IT management

Cavirin vs RiskRecon

The emergence of the cyber risk assessment space marks a strategic shift in how enterprises handle digital threats, from traditional, ineffective security-centric approaches to blended frameworks that combine layered security and risk management. Let's see how Cavirin and RiskRecon stack up when it comes to measuring enterprise cyber risk.

Filed under: security, cyber risk, digital resilience, Cavirin, RiskRecon

Rapid7 vs Qualys

According to the Forbes Insights/BMC second annual IT Security and Operations Survey, 43 percent of enterprises plan on redoubling their patching and remediation efforts in 2017, citing patch automation investments as having the best ROI among security technology purchases in 2016. It's not hard to understand why: the same survey reveals that known security vulnerabilities continue to cause the majority of data breaches and security compromises. Rapid7 and Qualys are two leading cybersecurity vendors in the vulnerability management space—let's see how they stack up in this comparison.

Filed under: security, vulnerabilities, cybersecurity, Rapid7, Qualys

Arachni vs OWASP ZAP

Penetration testing (pen testing) is crucial for developing and maintaining hardened, attack-resilient systems—these can be applications, nodes, or entire networks/environments. Specialized tools are readily available for discovering vulnerabilities and security gaps in these systems; in this comparison, we'll compare Arachni and OWASP Zed Attack Proxy (ZAP), two popular security suites for application-level pen testing.


Filed under: security, data breaches, vulnerabilities, continuous security

Docker vs CoreOS Rkt

Unless you've been hiding under a rock in a datacenter from the last century, chances are you've heard of Docker, the leading software container solution on the market. And if so, you've likely heard of its chief competitor CoreOS as well. Let's see how the two stack up in this comparison.

Filed under: devops, docker, coreos, containers, IT operations

UpGuard Inc

The world's first cyber resilience platform.

Learn More
ADP Rackspace New York Stock Exchange PayTrace Backcountry CFA Institute