UpGuard and Puppet - Fits Like a Glove

Going from nothing to automation using one of the many tools available can be a daunting task. How can you automate systems when you’re not even 100% sure how they’ve been configured? The documentation is months out of date and the last guy to configure anything on that box has since left the company to ply his trade somewhere that will more fully appreciate his Ops cowboy routine.

Read More

Vulnerabilities vs Misconfigurations

Vulnerability assessment is a necessary component of any complete security toolchain, and the most obvious place to start for anyone looking to improve their security. Ironically, starting with vulnerability assessment can actually degrade an organization's overall defense by shifting focus from the cause of most outages and breaches: misconfigurations.

Read More

Important Changes in NERC CIP Compliance Between v3 and v5

While it’s not certain that society would become a zombie apocalypse overnight if the power grids failed, it is hard to imagine how any aspect of everyday life would continue in the event of a vast, extended electrical outage. Part of what makes electrical infrastructure resilient against these types of events are the North American Electric Reliability Corporation (NERC) regulatory standards, especially the Critical Infrastructure Protection (CIP) standards, which provide detailed guidelines for both physical and cyber security. The CIP standards evolve along with the available technology and known threats, so they are versioned to provide structured documentation and protocols for companies to move from one iteration of the standards to the next. But the jump from version 3 to version 5 involves many new requirements, so we'll look at some of the differences between the two and what they mean for businesses in the industry.

Read More

5 Things About Configuration Management Your Boss Needs To Know

As an IT manager or engineer, you can sometimes get so thick in the details that it can be challenging to step back and answer the fundamental questions. Sure, you wrote the scripts that automate your systems. You also train users to understand the tools that implement configuration management. However, you also struggle to answer why your business should have configuration management teams, automation and tools. Don't worry, if this has ever happened to you, remember that you’re not alone.

Read More

Controlling DNS Configuration Drift

We received a lot of positive feedback regarding our last article on Controlling SQL Configuration Drift so thought it might be a good idea to continue along that same theme of analysis and follow it up with an article about DNS configuration and some simple steps you can take to prevent configuration drift.

Read More

Configuration Management in the Real World – One Company’s Story

Trying to translate the concept of Configuration Management for those who do not understand its efficacy is like explaining surfing to an Inuit. It is simply not an inherent part of their culture. Without question, the benefits of Configuration Management can be challenging to grasp to the uninformed. One of the best ways to understand the benefits and use cases is to learn from other enterprise's experiences.

Read More

Monitoring Database Nodes to Remediate Configuration Drift

Controlling database configuration drift is a tricky subject. It's a topic that comes up frequently for us here at UpGuard and customers are always keen to know how they can go about taking control and simplify their configuration management processes. We've all experienced at some time or another that issue that was the result of a database migration that didn't complete, a column that has mysteriously changed data type or an old version of a stored proc or view being restored to a new database.

Read More

Gmail outage reminds us that IT automation is not enough

Gmail is amazing, but it isn't perfect. In both 2014 and 2016, the popular service suffered severe outages.

Read More

Puppet vs CFEngine

While most people think of Puppet and Chef when they’re thinking about Configuration Management tools, other alternatives exist. One notable example is CFEngine. In this post, we’ll compare

Read More

5 Important Skills for Automation Experts to Have

IT testing automation is an important concern of businesses, and a growing field in which IT professionals are able to make a name for themselves. If you are not already involved in automated IT testing, here are a few of the most important skills to have when holding an automation related position.

Read More

Techno Arms Dealers & High Frequency Traders

Today represents the hottest time to be in financial markets - nanosecond response times, the ability to affect global markets in real time, and lucrative spot deals in dark pools being all the rage. For companies who do business in these times, it is a technical arms race, worthy of a Reagan era analogy.

Read More

DevOps and ITIL Basics

There is a gap that exists between developers and operations in any enterprise dealing with complex and legacy system environments.

Read More

Infrastructure as Code! You've Got Tests, Right?

You've used Chef/Puppet to automate your infrastructure, you can provision your virtual environment from scratch and deploy all your applications in minute. It’s magical. You've achieved Configuration Management Nirvana. What you've built is repeatable, saves time, increases efficiency and removes human error.

Read More