UpGuard Blog

The Best Way to Measure Cyber Risk

How UpGuard Monitors Linux Systems for Meltdown and Spectre

Protecting Against Meltdown and Spectre on Windows

Minimizing Cyber Risk in Microsoft Environments

Inside the Security Ratings for the Riskiest Government Contractors

Preventing Data Breaches

Securing GitHub Permissions with UpGuard

What Constitutes a Company's Web Presence?

Security Ratings Explained

Resilience in the Age of Automated Hacking

What are Security Ratings?

UpGuard CyberRisk and Fair and Accurate Security Ratings Principles

Infrastructure Indexing: or, Why Server Headers Matter More than Ever

Caught In The AWS Tarpit

Cyber Resilience: What It Is and Why You Need It

How to Build a Sustainable Digital Business in the Cloud

How Can Cloud Leaks Be Prevented?

Why Do Cloud Leaks Matter?

Why Do Cloud Leaks Happen?

What Are Cloud Leaks?

Procedures: Runbook Automation that Works

Check your Amazon S3 permissions. Someone will.

Assessing Critical Cyber Risks with UpGuard

5 Biggest Takeaways From WannaCry Ransomware

UpGuard Capability: Demonstrating DFS 23 NYCRR 500 Compliance

Visualizing Cyber Risk with UpGuard's Home Page Dashboard

Monitoring AWS with UpGuard: Instances, Load Balancers, and Security Groups

UpGuard Welcomes Security Expert Chris Vickery

Discovering Important Changes With UpGuard's Real Time Forwarder

UpGuard and Puppet - Fits Like a Glove

Data Crunch: Stats or Scoreboards?

Cyber Resilience Challenge: Coke vs Pepsi

US Air Force Suffers Massive Data Breach

What You Need to Know About the Cloudbleed Bug

Windows RSoP and GPO Scanning Now Available in UpGuard

Cyber Resilience Showdown: AT&T vs Verizon

Which Fast Food Chain is Next in Line to Get Hacked?

How Cyber Resilient Are The Top Online Banks?

Are Leading IoT Vendors Putting Customers at Risk?

How Secure Are the World's Leading Airlines?

Shorten Your Detection Cycle with UpGuard's Events System

CES 2017 Highlights: Which Vendors Are Putting Consumers at Risk?

Top 11 Cybersecurity Predictions for 2017

Grinches Out in Full Force Scamming Online Holiday Shoppers

How Resilient Are the World's Leading Online Learning Providers?

How Secure Are the Leading Travel Aggregator Websites?

2016: The Year of Preventable Hacks

2016 DevOps Year in Review

2016: The Year of the Spearphish

Vulnerabilities vs Misconfigurations

How Resilient Are The World's Leading Video Game Companies?

How Safe Is Your Cyber Monday?

Etcd Monitoring Now Available in UpGuard

Improved Control with Policy Variables and Overrides

How Much Are Service Outages Costing the Airline Industry?

The New OAuth Flaw That Leaves Over a Billion Mobile Accounts Exposed

Hack The Vote!

Resilience Is the Lifeblood of Digital Health

New York Cybersecurity Regulations Explained (Updated)

How Lack of Visibility Resulted in the Most Devastating Data Breach to Date

How Risky Partners Increase Your Cyber Risk Exposure

How Secure Are the World's Leading ERP Vendors?

Why Rugged Devops Is Important for Enterprise Cyber Resilience

Achieving Cyber Resilience When Attackers Hold the Trump Card

Paid-to-click Surveys: Your Opinions Don't Matter to Cyber Attackers

Spotify Resets User Passwords to Protect Against Third Party Data Breaches

Why Pen Testing is Not Enough To Prevent Data Breaches

Are Cloud Storage Providers Dropping the Box on Security?

How Secure Is Electronic Voting in Today's Digital Landscapes?

Why the Padlock Isn't Good Enough

Are Enterprises Thinking About Security All Wrong?

Why CEO Approval Ratings Matter for Risk Assessments

How Secure are the Top Online News Sites?

It's Time to Fix Technological Trust

UpGuard’s Digital Transformation in 3 Waves

The Windows Server Hardening Checklist

Cybersecurity is Not an Olympic Sport

The Biggest Threat to ATM Security Isn't Card Skimming but Misconfiguration

The LastPass Vulnerability and the Future of Password Security

Re-Energize Existing Software Through Integration

Prime Day: How Amazon Handles Cybersecurity

All Bets Are Off on Casinos and Cybersecurity

When it Comes to Security, Knowing is Only Half the Battle

Just How Risky is Crowdfunding?

Is Symantec's Latest Failure the End of Enterprise Security?

Can Fast Food be Bad For Cybersecurity?

Buying a Computer Online Soon? Acer Data Breach Highlights Retail Danger

Is Employee Happiness Affecting Cybersecurity?

Why Should I Care About Cyber Risk?

ATM Skimming and The Future of External Threats

How Secure Is Your Cell Phone Provider?

The Password Security Checklist

UpGuard: An Adaptable NERC Compliance Solution

The Importance of Being Securely LinkedIn

Almost Compliant With NERC CIPv5? CIPv6 is On Its Way

Important Changes in NERC CIP Compliance Between v3 and v5

Inside Salesforce.com's $20 Million Dollar Firmware Bug

11 Steps to Secure SQL

Microsoft May Have Just Stolen the Future from Apple

How to Build a Tough NGINX Server in 15 Steps

It's Like Updating OpenSSL All Over Again

Cybersecurity and the State

The Email Security Checklist

The Website Security Checklist

The Nightmare Scenario: When Your Security Provider Becomes a Security Problem

10 Essential Steps for Configuring a New Server

Tax Day 2016: Auditing the IRS, E-file and Tax Software Websites

Top Retailers Who Should Know Better

Security Through Visibility

A New Season for Baseball and Cyber Threats

The Healthcare Security Epidemic

Flash is Trash

Gambling with Security: Online Sports Betting, March Madness Edition

Write Once, Infect Anywhere, or: The Rise of Cross-platform Malware

The Amex Partner Data Breach and Downstream Liability

Usability: A Security Concern?

Using UpGuard to Validate Your CIS Critical Security Controls for Effective Cyber Defense

What is Digital Resilience?

The Cost of Downtime At The World's Biggest Online Retailer

Cybersecurity Incidents Cost Companies Hundreds of Billions in 2015

10 DevOps Communities to Follow If You Need to Get Things Done

Team Mimr's Experience at UpGuard

Making Your Organization Digitally Resilient to Natural Disasters

#RSAC: Put Your Money Where Your Mouth Is

Hackers Publish Time Warner Business Database

Is DevOps the Latest Secret Weapon in the Hacker's Tool Chest?

Revisiting the Perils of Wifi on Planes

UpGuard And Retrospective Security

Remediating The glibc DNS Bug Or: How To Survive An Inherently Flawed Digital Landscape

Looking for Love in All the Wrong Places

The Need for Complete Risk Assessment

Why Companies Will Keep Getting Breached In 2016 And Beyond

How CSTAR Works

What's In the Website Risk Grader?

Understanding Risk in the 21st Century

Casino Data Breaches And Doubling Down On Digital Resilience

Bringing Digital Resilience Back to the Digital Economy: ScriptRock Becomes UpGuard

Fixing The New OpenSSH Roaming Bug

Snoop Dogg to Server Admins: "Fix Your Sh*t"

7 Hackable IoT Devices To Watch Out For At CES 2016

The Mysterious Case Of The Leaked Voter Database

Top 10 Data Breaches Of 2015—A New Year's Day Retrospective

The OPM Data Breach And Threat Of Compromised Nuclear Data

Sanrio's Data Leak And The New Data Privacy Normal For Minors

Exorcising Juniper Networks And FireEye's Ghosts of Christmas Past From Your IT Infrastructure

Introducing Friction-Free DevOps from Docker and… HP?

DevOps Year in Review 2015

The VTech Data Breach And Exploding Teddy Bears

Grokking The DevOps Toolchain

Inside Microsoft’s Open Source And DevOps Initiatives For The Enterprise

The New Linux Encoder Ransomware And Rising Data Hostage Crisis

Four Winds Casino Data Breach Is Not The First—Or The Last—Of Its Kind

Will Software-Defined Security Usher In A New Era Of Digital Resilience?

The "Hacking" Of 000webhost—Or Why Free Should Never Be Synonymous With Unsecure

[Infographic] Trick-or-Threat: If Cyber Attacks Were Monsters

Gotta Get Back In Time: New NTP Vulnerabilities and NTPSec

2016's Presidential Candidate Websites: Who Sucks at the Internet?

Why We Made Our Vulnerability Assessment Free for Everyone

DevOps and Integrity at FinDEVr San Francisco

Free and Easy: A Guide to Your New Vulnerability Scanner

Can DevSecOps Save The U.S. Government From Certain InfoSec Doom?

Today's Banking And Finance: Convenient, Ubiquitous, And Highly Perilous

Latest Pawn Storm Campaign Exploits Adobe Flash Zero-Day Vulnerability

On Experian’s Poor Cyber Security Credit Rating

Critical Security Flaw Impacts All Versions Of Windows

Everything’s Amazing And Nobody’s Secure

Systema Systems' Data Exposure and Cloud Security For The Insurance Industry

Getting Familiar with Our Updated Policies Feature

Improved Policies Make Testing and Compliance Even Easier

Company Values

Using UpGuard’s Integration With Remedyforce To Build Your IT Helpdesk In The Cloud

Closing The Loop On Notifications with UpGuard and Slack

Fear Of An IoT Planet

FireEye, Kaspersky Labs' Zero-Day and Application Stack Vulnerabilities

Group Differencing: How We Designed Our Variance Report

HTTPS Everywhere And The Future Of Unencrypted Websites

Introducing UpGuard's Powerful New Configuration Search Engine

Know What You Have: Baselining, Change Anomalies, and Group Differencing

The Lucrative Rewards of Hacking Higher Education

Your Secret's Safe With No One: Lessons Learned From The Ashley Madison Hack

Fixing Oracle's Latest Zero-Day and 193 Other Vulnerabilites

How To Fix The OpenSSL Alternate Chains Certificate Forgery Bug

What You Need To Know About The Leap Second Bug

Full Stack Blues: Exploring Vulnerabilities In The MEAN Stack

Sound Security Strategies from Cisco's 2015 Annual Security Report

Congrats Golden State Warriors, You’ve Just Become Cybercrime Target #1

How Effective Is Your Security Against $50 Million Dollar Malware?

Which Web Programming Language Is The Most Secure?

Rolling Your Own Continuous Security Toolchain

Database Node Type Now Available in UpGuard

Rethinking Information Security To Battle POS RAM-Scraping Malware

Why Security Needs DevOps: OpenSSL and Beyond

Insights from Verizon's 2015 Data Breach Investigations Report

Secure Your Hosts from VENOM

Can DevSecOps Save The Healthcare Industry?

Lenovo and Security Lessons Learned

WordPress' Zero Day Vulnerability and Weaponized Code

The Ongoing Perils of Wifi on Planes

UpGuard for IoT

ChefConf 2015 Debriefing

3 Steps for Integrating Security into DevOps

Generating Chef Recipes from Existing Configs

Declarative vs. Imperative Models for Configuration Management: Which Is Really Better?

Another Day, Another OpenSSL Vulnerability

UpGuard and COBIT for SOX Compliance

Apple's $20M Configuration Problem

Don’t Make An Anthem Out Of Compliance

Getting Started with the UpGuard Connection Manager

Testing for Samba CVE-2015-0240 with UpGuard

Putting the FREAK (CVE-2015-0204 ) on a Leash

An Overview of Amazon AWS and UpGuard (Part 2 of 2)

UpGuard Tasks: a Lightweight Tracking System for Ops

Jon Hendren, DevOps Thought Leader; and Other Lessons on Twitter's Advertising Algorithm

An Overview of Amazon AWS and UpGuard (Part 1 of 2)

Agent vs Agentless, and Why We Chose Agentless

AUDIO: Alan Sharp-Paul On Not Automating What You Don't Understand

Scan Your Entire Environment For GHOST With UpGuard

Our Experience with Golang

Monitoring AWS Security Groups with UpGuard

Two Factor Authentication for UpGuard

Chopping Up the Can: How to Get More Done

What's new in DevOps? Anything?

Tracking Your CloudFlare DNS Configuration

CoreOS Takes a Swipe at Docker

Using UpGuard to Validate Windows SChannel Update

Trip Report: DevOps Enterprise Summit 2014

Security Notice - POODLE Vulnerability Remediation

Shell Shock Demands the Question: Why Aren't You Monitoring Config?

UpGuard Sponsors DevOps Thought Leadership

Why ShellShock Isn't Over Yet

DevOps: Who Does it Best?

Where DevOps Starts: Developers, Implementers, and Leaders

Configuration Drift: The Cost of Complexity

Packing Heat With CloudFlare

UpGuard Diary - Post 1: Connect and scan a Linux server using SSH

Trip Report: DevOpsDays Boston 2014

Schrodinger's DevOps - Why You Need Visiblity Before Automation

Five IIS Settings You Need to Check Today

Controlling SQL Configuration Drift Revisited

What Are the Minimum Requirements for DevOps?

I Got a New DevOps Job....Now What?!

Guest Blog: DevOps is Not Difficult, It’s Common Sense

The Problem with Defining DevOps

5 Steps to Implementing DevOps Where Agile Rules [infographic]

DevOps Requires New Job Skills & Roles

Top 10 Online Resources about Agile Development

S**t I Heard at the DevOps Summit

2014 State of DevOps: DevOps Going Mainstream in the Enterprise

UpGuard Launches IT Automation Partner Ecosystem

No Silver Bullet for DevOps

Why Enterprises Struggle with IT Automation

UpGuard DevOps Blog - New & Improved

5 Dysfunctions of a DevOps Team: Team Assessment

5 Dysfunctions of a DevOps Team: Inattention to Results

Top 5 DevOps Reading List

Detecting Heartbleed with UpGuard

Changing Org Structures for the Sake of DevOps?

5 Things About Configuration Management Your Boss Needs To Know

DevOps Buzzword Bingo

Q&A with Mike Kavis on Enterprise DevOps and Driving Organizational Change

Heartbleed Update

Controlling DNS Configuration Drift

5 Dysfunctions of a DevOps Team: Avoidance of Accountability

DevOps Pushes Agile to IT's Limits

DevOps Stats for Doubters

Configuration Management in the Real World – One Company’s Story

Monitoring Database Nodes to Remediate Configuration Drift

UpGuard Your ASP.NET Applications

DevOps Pioneer joins UpGuard Advisory Board

What DevOps can learn from Mainframe Developers

5 Dysfunctions of a DevOps Team: Lack of Commitment

Enterprise DevOps & the Cloud

Zero Sum DevOps - IT Automation as a Collaboration Killer

You're Doing DevOps Wrong. Automation in the Enterprise.

PowerShell Desired State Configuration (DSC) with UpGuard

Liquifying your Infrastructure with UpGuard and Docker Containers

5 Dysfunctions of a DevOps Team: Fear of Conflict

Understanding & Controlling IIS Configuration Drift

Catch My Configuration Drift

10 Things I Hate About DevOps

5 Dysfunctions of a DevOps Team: Absence of Trust

10 Things I Love About DevOps

DevOps and Kanban - Match Made in Heaven

What's new in UpGuard - January 2014

Gmail outage reminds us that IT automation is not enough

DevOps: Quantity over Quality

DevOps vs. Bitcoin - Which is More Polarizing?!

Don't put security in DevOps, turn DevOps into security

Getting Big Fast: DevOps Lessons Learned from the Dropbox Outage

Achieving Your DevOps Zen State

United Way of the Bay Donation

DevOps Conferences Reference Site

4 Steps To Make Your DevOps Initiative Successful [infographic]

State of DevOps: InformationWeek Nails It

2013 DevOps Year in Review

Sensible Ansible with UpGuard

Comparing Containers and Generating Dockerfiles with UpGuard

DevOps vs The Enterprise [video]

It's Time We Talked About DevOps

UpGuard: Getting Started Video Series

Puppet, Now for Neckbeards: A Developer's Thoughts on PuppetConf

If the Phoenix Project had UpGuard

Cormac McCarthy on Application Configuration

What does QA Mean for DevOps?

Top 6 Resources for ITSM Professionals

Is the DevOps Movement Leaving the Enterprise Behind?

6 DevOps Myths to Avoid

DevOps Lessons for CIOs

The Adventures of DevOps Dave - Don't Believe the Hype

Misconfigurations: The Hidden IT Project Killer

Chef and Puppet Won't Fix Your CMDB Problem

Twitter Could Avoid Outages With Executable Documentation

The Adventures of DevOps Dave: Declaring Success in Enterprise DevOps

Getting Started with Puppet - Hello World!

ITIL Guide to DevOps - eBook

The Adventures of DevOps Dave: The DevOps Team

What If Enterprise IT Built Race Cars?

Weekly Recap - Google I/O, the Expanding Cloud, Configuring CERN, and More

Puppet vs CFEngine

IT/DevOps Shirts to Gift For Mother's Day

5 Tools to Aid DevOps

Weekly Recap - the Future of Data Centers, Cloud Taxation, iOS 7, and More

The Cloud and DevOps

April Product Update

Weekly Recap - #ChefConf, Security, Cloud, and More

DevOps and Test Automation

5 Important Skills for Automation Experts to Have

Weekly Recap - Devopsdays London, the Woz, Open Networking Summit, and More

Weekly Recap – Cloud Computing, SDN, DevOps, and More

10 Sample DevOps Interview Questions

Configuration Automation - a Maturity Model

Making a Startup Explainer Video in 3 Steps

Techno Arms Dealers & High Frequency Traders

Introducing DevOps where ITIL rules - The Enterprise

Where Can I Learn More About DevOps?

It's Audit Time so Panic and Freak Out.

The Best DevOps Resources Online

What is DevOps (really)?

DevOps Dave: Devs and Ops in Trench Warfare

Puppet vs. Chef Infographic

DevOps Dave: Buried in Logs

5 Big Influencers in Software Defined Networking

Configuration Testing in the Enterprise

Operational Acceptance Testing

Why Configurations Must be Tested

DevOps for High Frequency Trading

10 IT Automation Conferences to Attend

Automated Configuration Testing, the Agile Infrastructure Enabler

March Product Update

Configuration & Security Management for DevOps

Stop Automating, Start testing - How to Buy in Using Puppet and Chef

DevOps Dave: The Adventures of a DevOps Professional in the Enterprise

PMLC, ALM, and Configuration Management

IT Automation and It's Relationship With Configuration Testing

Devops and the Death of the CMDB

Configuration Tests as Automation Requirements

The Case For Sector Focused Cloud Providers

Configurations as a Service

Application Configuration Testing

Welcome Our Robot Overlords

Wasting Time Manually Testing

Environment Configuration Testing 101

DevOps and ITIL Basics

Release Testing Basics

Configuration Testing 101

DevOps Basics

Do DevOps tools really exist?

The Top 5 CIO's of 2012

Top 5 Configuration Errors in the Cloud for 2012

Hackagong - There's Something in the Water Down There

October Announcements!

I Don't Need to Test My Configurations. My Deployments are Automated

We Are (On) the Robots

Just the Beginning

Infrastructure as Code! You've Got Tests, Right?

Taking the Pain Out of Datacenter Migrations

ScriptFest 2012!

UpGuard Early Access - Get Your Invite!