Vulnerabilities vs Misconfigurations

Vulnerability assessment is a necessary component of any complete security toolchain, and the most obvious place to start for anyone looking to improve their security. Ironically, starting with vulnerability assessment can actually degrade ...

UpGuard: An Adaptable NERC Compliance Solution

The North American Electric Reliability Corporation (NERC) creates regulations for businesses involved in critical power infrastructure under the guidance and approval of the Federal Energy Regulatory Commission (FERC). A few of these, the ...

The Email Security Checklist

You’ve hardened your servers, locked down your website and are ready to take on the internet. But all your hard work was in vain, because someone fell for a phishing email and wired money to a scammer, while another user inadvertently ...

Five IIS Settings You Need to Check Today

If you’re working with IIS then you know that preventing configuration drift is as important as it is time consuming. In the best case scenario you’re monitoring configs daily to keep development, testing, and deployment running smoothly. ...

Configuration Management in the Real World – One Company’s Story

Trying to translate the concept of Configuration Management for those who do not understand its efficacy is like explaining surfing to an Inuit. It is simply not an inherent part of their culture. Without question, the benefits of ...

Configuration Testing in the Enterprise

Many enterprise network workers are now adopting automation technology as a means of completing operational tasks, and of creating a more efficient environment within an IT enterprise. One of the advantages of adopting IT automation is ...

Automated Configuration Testing, the Agile Infrastructure Enabler

OK, so I probably just closed out 100 games of Bulls**t Bingo in the title of this blog post but I'll stand by it. You want actual agility in what you do? You need a safety net. That safety net is automated testing.

Configuration & Security Management for DevOps

Configuration testing should not only be an essential step in the overall development process, but also important in the process of installation of new apps for use on web and application servers. Without proper testing, apps can often ...

Application Configuration Testing

Application Configuration Acceptance Testing - Huh?

Configuration Testing 101

Before delivery to the intended party, a system should be tested to figure out whether the requirements set forth in the contract have been met. Configuration acceptance testing is the fundamental means to assuage all doubts that the ...

Infrastructure as Code! You've Got Tests, Right?

You've used Chef/Puppet to automate your infrastructure, you can provision your virtual environment from scratch and deploy all your applications in minute. It’s magical. You've achieved Configuration Management Nirvana. What you've built ...
All posts