ScriptRock was created to answer the fundamental questions of configuration management: how are my systems configured, are they configured correctly, what's changed since yesterday, what's for lunch– the stuff you absolutely need to know. In its first release, ScriptRock satisfied the first three by scanning and recording configuration state, continuously testing with policies, and giving users the ability to difference configuration state over time or between nodes. But one thing was missing: the ability to difference a group of nodes all at one time.
For those still holding out for a better alternative to SSL, it’s time to give up the ghost. Though implementations like OpenSSL have seen many a vulnerability as of late, the protocol remains the best ubiquitous technology we have for end-to-end encryption. And with Google’s announcement last year regarding SSL’s impact on a website’s search rankings, the question stands: why are so many organizations still holding out on implementing SSL site-wide?
From rudimentary topologies to multi-cloud deployments, ScriptRock was designed to provide end-to-end visibility for all types of infrastructures. Our platform gives organizations unprecedented macro and micro-level visibility in even the most complex and heterogeneous IT environments. And now—with ScriptRock’s powerful new Search feature—identifying and locating items of interest or concern is as easy as typing text into a search box.
This might be a little controversial, but we think software pricing should be straightforward and easy to understand. We know this is a radical stance in the world of enterprise software, but bear with us on this one. In our experience, if we're going to pay for something we want to compare products based on features, not break out Excel to calculate the price tag. We're betting you feel the same way, and that's why we're simplifying our pricing structure.
We've just released a sweeping update to ScriptRock. It's really, really big– we've changed the core visualization of our product and added large features that seemed impossibly ambitious when we started. For all the changes, the unifying purpose of every feature in ScriptRock remains the same: to empower developers and administrators to know what they have so they can maintain quality in complex, changing environments.
In a news flash buried beneath a slew of other notable security news items, UCLA Health revealed last week it was the victim of a massive data breach that left 4.5 million patient records compromised. Like previous attacks on Anthem and Premera Blue Cross, the intrusion gave hackers access to highly sensitive information: patient names, addresses, date of births, social security numbers, medical conditions, and more. And while matters around healthcare IT have taken center stage as of late, the ineffective security at leading institutions of higher education and research is equally distressing.
For those of you harboring secrets behind a website paywall, a word of warning: your skeletons are now easy targets for cyber criminals and nefarious 3rd parties around the globe. The recent data breach and compromise of 3.5 million Ashley Madison user accounts may turn out to be largest case of broad-scale extortion the world has ever seen, but for many—the outcome is hardly surprising.
Oracle released a critical patch on Tuesday to fix a whopping 193 new security vulnerabilities across its line of database solutions and products. Included in the update are fixes to 25 vulnerabilities in the Java platform alone, including a new high-risk, zero-day vulnerability already used in several high-profile, yet-to-be publicized attacks.
Good configuration management (CM) makes the world go 'round, misconfigurations makes it grind to a halt. If in doubt, consider for a moment that in the last couple years CM issues have crashed an Airbus, leveled a billion dollar financial firm, and somewhat surprisingly—disrupted the cloud services of one of the world’s largest technology companies.
The OpenSSL Project Team announced a high severity bug in their open source implementation of SSL today that could allow the bypassing of checks on untrusted certificates (read: man-in-the-middle attacks). Find out which versions of OpenSSL are impacted, and what you need to patch this critical vulnerability.