Many enterprise software hopefuls tackle the final stretch to becoming a mature offering through the development of an easy-to-use management GUI. This is especially true of DevOps and automation tools, as quite a few solutions have recently rounded out their platforms with web-based UI consoles for easier, visual management of resources and services.
Despite seeming like somewhat of a no-brainer, using the power of the cloud to combat cloud-based security threats has really only come into vogue recently. As organizations continue to move their infrastructures out of physical data centers into the cloud, traditional methods for securing IT resources are becoming increasingly ineffective. Using cloud-based collective intelligence and virtualization to inform threat detection methods is fast becoming a standard practice, and for many security products—a central ingredient to an effective multi-pronged approach to combating cyber attacks.
Puppet and Chef have both evolved significantly since we covered them last—suffice to say, we’re long overdue in revisiting these two heavy-hitters. In this article we’ll take a fresh look at their core components along with new integrations and expansions that continue to position them as leading enterprise IT automation platforms.
Either you’re reading this because the question has been puzzling you secretly, or you’ve arrived to protest this admittedly incongruous comparison. Fortunately, both sides of the fence are covered here.
In this article we’ll compare and contrast their features and benefits, but not before clearing up some popular misconceptions about the two big data platforms. We’ll then delve into each respective platforms’ attack surfaces/vulnerabilities and evaluate them from a security angle.
The information security (infosec) space is for the most part divided into two camps: established players using a combination of old/new tactics for combating cybercrime, and market entrants attempting to rethink security from the ground up. Attack methods are increasingly sophisticated and require novel approaches for detection and remediation—since very little is understood about the next generation of threats, opportunities abound for both incumbent leaders and upstarts alike. And with targeted attacks and advanced persistent threats (APT) on the rise, newer players with innovative approaches to security are seeing ample opportunities for supplanting longstanding market leaders and their aging security products.
Splunk and Sumo logic are two competing big-data analytics, machine data, and log management solutions designed mainly for IT operations and security use cases. Albeit fierce competitors on many fronts, the two also take different approaches to the problem space and cater to slightly different markets. Splunk is more enterprise-focused and geared towards on-premise solutions, whereas Sumo Logic is the plucky innovative startup offering a cloud-based offering at lower price points. Let’s look at them in more detail.
How good can free be? Or perhaps a more fitting question is whether free can be good enough for securing one’s enterprise against current and future threats. To answer this, we’ll be comparing the popular open source host-based intrusion detection system (HIDS) OSSEC with commercial offering Tripwire Enterprise to find out if that pretty penny spent can indeed lead to a stronger security posture.
As information security (infosec) models continue to evolve in response to the expanding threat landscape, new generations of tools are emerging that take different approaches to securing IT infrastructures. The question for legacy security vendors is how well their respective solutions will hold up in the face of today and tomorrow’s threats, and whether emerging models will supplant long-standing approaches to security. Many existing solutions were created before the advent of the cloud, and though effective for years—hold diminishing value as new attack methods like polymorphic malware and advanced persistent threats (APT) become increasingly commonplace.
This dire need for innovation in the security space is giving upstarts like Tanium ample traction, even as stalwarts like Tripwire augment and retrofit their solutions to address a new era of threats.
In a few short years DevOps has gone from a fringe movement to a must-have for any IT leader. There's a lot of buzz around it, but there's alot of practical knowledge in there as well. Provisioning environments, deploying applications, maintaining infrastructures--these are all critical yet delicate tasks traditionally done by hand. What if we could get a machine to do all that stuff for us, not just saving hours of work but also removing the element of human error?
The following is a comparison of two leading open-source host-based intrusion detection systems (HIDS): Open Source Tripwire and OSSEC. Both are competent HIDS offerings with distinct benefits and drawbacks that warrant further analysis.