CISO's Guide to Cyber Resilience

Cyber resilience is not just about maintaining strong IT security. It's about effectively managing all of the risks associated with doing business in today's digital landscapes.

The Executive's Guide to Managing Cyber Risk

Regardless of what stage of digital transformation an enterprise finds itself at, the same risks and challenges await at every turn– namely, in the areas of security, compliance, and data management.

The Network Administrator's Guide To DevOps

For systems and network administrators, DevOps tends to evoke a certain degree of apprehension; many even claim to see the writing on the wall and predict the eventual demise of the network administrator role.

DevOps Pushes Agile to IT's Limits

Learn key insights on the similarities and differences between Agile and DevOps as well as some key challenges and considerations when moving to DevOps.

IT Compliance for Banking and Finance

Banking and financial organizations face daunting challenges as the industry continues to transition into the Information Age. Firms may face a myriad of challenges to attain compliance, but ultimately realize superior gains and opportunities from the resultant changes.

DevOps Lessons for CIOs

DevOps bridges the gap between developers, operations and QA in IT teams. As an executive, you always need to adapt to new methodologies that make your teams more efficient. But where do you start with DevOps in the Enterprise? Learn key DevOps lessons using our free ebook.

The DevOps Career Guide

With the DevOps buzzword now reaching into job postings and position titles, it's time to learn what is expected of a DevOps professional. Like it or not, those who were formerly only Devs now need a basic understanding of Ops and vice versa. This guide will help you navigate potential pitfalls that you'll find along the way.

The ITIL Guide To DevOps

Get your enterprise up to date with improved ITIL processes using DevOps. This eBook will step through the major ITIL processes, outline what typically goes wrong, and examine how application of DevOps principles and tools can help.

HIPAA Compliance Without The Headache

Information technology is a crucial albeit costly endeavor for HIPAA-impacted organizations. Let us help you alleviate that headache with our handy HIPAA Compliance eBook.

PCI Compliance Without The Headache

Since the inception of PCI DSS, organizations have struggled to understand, implement, and comply with its guidelines. Let us help you alleviate that headache with our handy PCI Compliance eBook.

Continuous Security Monitoring for DevOps

Fending off cyber attacks and maintaining security may be business as usual for enterprise IT, but vigilant organizations in recent years have been boosting their security measures in response to both increasing cyber crime and heightened control requirements from regulatory bodies.

The DevOps Toolchain

With a variety of functions to fill, and jillions of tools to choose from, selecting the minimum number of tools that can get the job done right is a formidable task. To help with planning for large scale continuous delivery initiatives, we've created the DevOps Toolchain eBook.

DevOps: A Cynic's Guide

You’ve heard about DevOps. Some of it sounds good, some of it sounds like bullshit. This book cuts through the DevOps culture war to explain a common-sense understanding of DevOps practices, pitfalls, and realistic expectations. If you think anything named DevOps has to be good, this book isn’t for you.

A Beginner's Guide to Cybersecurity Insurance

Like drivers and the inevitable car accident, all businesses will likely suffer a data breach at some point.

The Non-Technical Guide to Cyber Risk

You don’t need to be an IT security expert to grasp the fundamentals of cyber risk. Learn foundational knowledge and language for understanding and managing cyber risk in today's digital landscape.

Patch Management for DevOps

You’ve certainly heard it before, but it’s worth repeating again: unpatched and out-of-date systems are a leading cause of security incidents.

The Four Prerequisites for DevOps Success

Before you say "shut up and take my money" to the DevOps thought lords, you might want to spend a second learning what makes DevOps initiatives succeed or, more importantly, what makes them fail.

The Corporate Consequences of Cyber Crime: Who’s Liable?

Companies have responded to these attacks with various tools, such as anti-virus, malware and other endpoint protection, intrusion detection and prevention systems, and others. But despite these additions, data breaches have been increasing steadily over the past five years.

DevOps for Windows

As more Windows/Microsoft solutions move toward open source, you can certainly expect Windows-centric team cultures to follow suit.

Cyber Resilience for the C-Suite

Data breaches have been increasing steadily over the past five years. Simply adding more layers is not a sustainable approach. A deep understanding of your company and IT infrastructure is required.

The Resilient Cloud: Using AWS and S3 in the Enterprise

What cloud computing offered was a way to outsource the data center to a platform that could operate at scale. Like all new technologies, the cloud comes with its own set of risks.

Website Security Checklist

Putting a website on the internet means exposing that website to hacking attempts, port scans, traffic sniffers and data miners. If you’re lucky, you might get some legitimate traffic as well, but not if someone takes down or defaces your site first.

Email Security Checklist

Email is as important as the website when it comes to security. As a channel for social engineering, malware delivery and resource exploitation, a combination of best practices and user education should be enacted to reduce the risk of an email-related compromise.

Server Security Checklist

Servers might run okay out of the box, but before you put it in production, there are 10 steps you need to take to make sure it’s configured securely. The details of these steps may vary from distribution to distribution, but conceptually they apply to any flavor of Linux.

Password Security Checklist

Chances are you have a LinkedIn account, and if you had one back in 2012, it was probably one of the compromised accounts from the recent LinkedIn incident. Do you still use that password anywhere? Our 9 step password security checklist will help you secure your accounts, whether you’re a billionaire CEO or just someone who likes to post funny cat videos.

UpGuard and ServiceNow

UpGuard integrates seamlessly with ServiceNow to extract detailed insights from your IT assets including change information to help you fight against configuration drift.

Understanding NERC Compliance

A properly configured, secured and tested environment not only makes compliance easier and less costly, but can reduce costs and administrative overhead across the board.

When Your Security Provider Gets Hacked

The very software you’ve put in place to protect your data is exposing it instead. This nightmare scenario has turned into reality for some companies when major security software was compromised or had fatal flaws that exposed sensitive information to unknown third parties.

Microsoft's DevOps Toolchain

The fact that one has to “make a case” for Microsoft in the DevOps sphere puts them at a disadvantage, especially competing against major open source options with large community bases and proven performance.

UpGuard and ServiceNow at ICE-NYSE

When Intercontinental Exchange decided to take its IT compliance and security to the next level, it decided to leverage its existing ServiceNow (NYSE: NOW) ITSM platform. The company was also working with UpGuard—a leading cyber resilience platform provider and ServiceNow partner—to ensure the integrity of its IT environment.

Configuration Testing for Build Agents

The team at VersionOne needed to be able to test thousands of builds per release. With a Jenkins and Chocolatey pipeline they could generate the builds quickly but had lost visibility into the configuration of each. UpGuard gave them the visibility to spot differences between build agents and successfully automate their build process.

Containerizing Apache with Docker

A financial services provider started using UpGuard to keep an eye on Apache servers that had grown difficult to maintain. With visiblity from UpGuard they were able to roll back configuration drift, putting them in a position to increase build consistency by containerizing resources. UpGuard provides native support for Docker and let them make a sizable change to their pipeline with a safety net.

How to Migrate a Data Center in 48 Hours

An Australian bank needed to migrate a data center they acquired. Naturally this was a sensitive project with huge amounts of money on the line. They chose to automate their testing process with UpGuard because it could gather requirements directly from the source images, removing the capacity for human error.

Fighting Configuration Drift in Healthcare IT

The Burgess Group experiences rapid growth and as a result introduced new sources of configuration drift in their release process. UpGuard gave them a way to test environment configurations before release and to easily detect any untracked changes.

Getting Visibility and Preventing Drift

One hundred of Liquidity’s Linux servers were in need of visibility and consistency and they were not willing to take a chance on their business-critical systems. UpGuard identified significant gaps in processes between developers, and incentivized the introduction of automated environment build and deploy features, which had previously been disregarded.

Change Detection and Integrity Monitoring

Discovering configuration changes and managing drift is critical–but the ability to correlate them to poor user experience and failing software is invaluable. For the CFA Institute, problems with lack of visibility were manifest in application failures on the production side. UpGuard enabled it to catch those flaws and misconfigurations before reaching end-users on an ongoing basis.