Continuous monitoring is critical for ensuring that IT assets and controls meet business requirements and expectations—constantly assessing and validating them for quality, integrity, and security. This involves not only identifying infrastructure bugs and issues, but also issues with applications and their components. Deteriorating software performance and downtime can be just as devastating to the business as a data breach or security compromise, and is quite often a red flag for cyber attacks in progress. Two leading solutions, Datadog and SignalFx, can help you spot and decipher the smoke signals before your business goes up in flames.
When it comes to compliance, passing audits means providing adequate documentation that you've taken the necessary steps to secure your environment. Sometimes creating this documentation can be just as difficult as enacting the security measures themselves, so software solutions exist that are supposed to streamline the compliance documentation process and make it easy for both companies and auditors to determine compliance. Tripwire offers a compliance solution with their suite of products, while Industrial Defender, now owned by defense contractor Lockheed Martin, offers their Automated Systems Manager (ASM) product.
Despite espousing a common, layered approach to security these days, most enterprise security suites have taken markedly divergent paths to essentially arrive at the same location. For example, some solutions started out as intrusion detection and protection systems (IDPS) and gradually added on vulnerability detection and security information and event management (SIEM). Others began as penetration testing (pentesting) tools—or have built their offerings around pen testing—and similarly expanded their solutions to include other security mechanisms like endpoint protection and anomaly detection. Core Security and Rapid7 are two such enterprise security suites; let's see how they stack up in this comparison.
Most of us take SaaS availability and uptime for granted: we assume that our favorite cloud-based tools will always be available when we need them. For cloud service providers, however, meeting these expectations is a magnanimous effort, usually involving elaborate CI/CD toolchains and sophisticated frameworks for failover and continuity. Application performance monitoring (APM) solutions form part of these frameworks—in this comparison, we'll take a look at two such popular offerings, AppDynamics and Dynatrace.
Continuous security and vulnerability detection—both Tenable and Qualys have built industry-leading suites around these two cybersecurity disciplines. The latter in particular serves as a focal point for both vendors, with Tenable SecurityCenter and Qualys Enterprise going head-to-head for the top slot in the vulnerability management category. Let's see how the two stack up in this comparison.
Continuous Integration (CI) is one of the formative concepts behind DevOps, driven by a need to regularly integrate new and changed code back into the master repository, and is often combined with Continuous Delivery (CD) to achieve faster and more stable builds with automation. Teams compile software, and run it through a series of tests in a production-identical development environment to ensure the success of the build. The logic behind this is wonderfully simple, though it only came about in response to the problems of the traditional deployment cycle: the more often you build and test during development, the less you have to worry about each time. Instead of having a D-Day, where the software will finally be compiled and run in production for the first time, continuous building and testing makes the go-live date just another routine deployment.
Log analysis and security incident and event management (SIEM) tools have become staples of enterprise cyber resilience programs. For vigilant organizations, having infrastructure visibility into the transactions occurring behind the scenes is instrumental to maintaining a strong security posture. Splunk and SumoLogic are two leading platforms that serve this critical purpose—let’s revisit them again to see how their current offerings stack up.
Monitoring tools have come a long way since the early days of Big Brother. Today's solutions have evolved into powerful software troubleshooting and performance analytics platforms capable of deconstructing and analyzing the entire application stack—infrastructure up—for bugs and issues. Datadog and New Relic are leading vendors in this category; let's take a look at the two and see how they stack up.
People seem to have a hard time deciding what DevOps even is, much less how (or whether) it compares to a highly structured methodology like ITIL. To answer the big questions up front: no, you don’t have to choose between DevOps and ITIL; no, DevOps is not replacing ITIL or vice versa; no, DevOps will not solve all the problems of an ITIL environment, and no, DevOps will not be perfected by implementing ITIL. But building good IT processes is they key to resilience, and UpGuard can help.
As perimeter-based cyber protection falls to the wayside, a new breed of continuous security solutions are emerging that combine traditional endpoint protection with newer technologies like security information and event management (SIEM) and crowdsourced threat intelligence. These next generation security platforms attempt to address the needs of both traditional on-premise data centers as well as organizations with entire IT infrastructures in the cloud. Two vendors—AlienVault and Tenable—have products on the market that fall in this category. Let's see how they stack up in this comparison.
Services are the programs that run in the background on servers. All OSes come with a set of base services and most software utilizes services as well. Effectively managing servers means controlling these services—knowing what is there, what should and shouldn’t be running, whether or not services will automatically start on (re)boot and who the services should and shouldn’t run as. We’ll go through each of these pieces to see how a strong service management policy can help reliability and security in the data center and how configuration management and testing is key.
This article is part of our ongoing How-to series that focuses on ways to keep your environment ready and yourself sane in real world scenarios.
Most people associate DevOps with open source platforms and applications and with good reason. In the forward for the book Continuous Delivery with Windows and .NET, Dave Farley, who literally wrote the book on continuous delivery, writes, “I think it fair to say that some of the initial innovation in the Continuous Delivery space came from the Open Stack community.” But Microsoft has been pushing itself as a viable option for continuous workflows, offering its Azure cloud platform and its Visual Studio Online products as alternatives to Linux-based solutions.
Who provides better continuous security: the world's largest maker of networking equipment or the first cybersecurity firm certified by the U.S. Department of Homeland Security? Due to key acquisitions over the years, both Cisco and FireEye possess a comprehensive suite of enterprise security solutions. In this article, we'll find out how they stack up against each other when it comes to continuous enterprise cyber threat protection.
In terms of what they do and how they work, Tripwire and Puppet have little overlap. Tripwire is for monitoring changes and Puppet is for configuring servers. The reason for tracking changes and configuring servers, however, brings them together as two approaches to compliance automation and, ultimately, reducing risk in computing systems. We’re going to compare Tripwire to Puppet here, not necessarily as identical tools, because they do have mostly different functionality sets, but how they fit into an IT environment.
Users of Intel Security’s McAfee Vulnerability Manager (MVM) have a choice to make before that product hits end-of-life in early 2018. They can either follow Intel Security to Rapid7’s Nexpose vulnerability monitor, or reassess their needs and choose a new direction all together. Either way, IT operations for those customers should plan on a migration away from MVM within the next two years, which in most cases is enough work to justify at least examining the field of vulnerability management products. Tenable, with their SecurityCenter, has been a major competitor in this field, piggybacking on the success of their industry-standard Nessus vulnerability scanner.
With 13% of the overall web server market share, the high performance open source HTTP server Nginx is a rising star in the pantheon of web server heavyweights. Even the most hardcore of Microsoft aficionados are dropping IIS in favor of Nginx in Windows Server environments; for those with stringent performance/speed requirements, Nginx can't be beat. But like all web servers, the fastest growing solution on the market is not without its security shortcomings. The following are the top 10 ways to harden Nginx for Windows.
Cyber resilience is a fundamental change in understanding and accepting the true relationship between technology and risk. IT risk (or cyber risk, if you prefer) is actually business risk, and always has been. And the cybersecurity industry, for what it's worth, has generally avoided this concept because it goes against the narrative that their respective offerings—whether it's a firewall, IDS, monitoring tool, or otherwise—would be the one-size-fits-all silver bullet that can keep businesses safe. But reality tells a different story.