ScriptRock Blog

Group Differencing: How We Designed Our Variance Report

ScriptRock was created to answer the fundamental questions of configuration management: how are my systems configured, are they configured correctly, what's changed since yesterday, what's for lunch– the stuff you absolutely need to know. In its first release, ScriptRock satisfied the first three by scanning and recording configuration state, continuously testing with policies, and giving users the ability to difference configuration state over time or between nodes. But one thing was missing: the ability to difference a group of nodes all at one time.

Read More

HTTPS Everywhere And The Future Of Unencrypted Websites

For those still holding out for a better alternative to SSL, it’s time to give up the ghost. Though implementations like OpenSSL have seen many a vulnerability as of late, the protocol remains the best ubiquitous technology we have for end-to-end encryption. And with Google’s announcement last year regarding SSL’s impact on a website’s search rankings, the question stands: why are so many organizations still holding out on implementing SSL site-wide?

Read More

Introducing ScriptRock's Powerful New Configuration Search Engine

From rudimentary topologies to multi-cloud deployments, ScriptRock was designed to provide end-to-end visibility for all types of infrastructures. Our platform gives organizations unprecedented macro and micro-level visibility in even the most complex and heterogeneous IT environments. And now—with ScriptRock’s powerful new Search feature—identifying and locating items of interest or concern is as easy as typing text into a search box.

Read More

ScriptRock's New Pricing Model


This might be a little controversial, but we think software pricing should be straightforward and easy to understand. We know this is a radical stance in the world of enterprise software, but bear with us on this one. In our experience, if we're going to pay for something we want to compare products based on features, not break out Excel to calculate the price tag. We're betting you feel the same way, and that's why we're simplifying our pricing structure.

Read More

ScriptRock Update: Data Visualization, Group Differencing, and Search


We've just released a sweeping update to ScriptRock. It's really, really big– we've changed the core visualization of our product and added large features that seemed impossibly ambitious when we started. For all the changes, the unifying purpose of every feature in ScriptRock remains the same: to empower developers and administrators to know what they have so they can maintain quality in complex, changing environments.

Read More

The Lucrative Rewards of Hacking Higher Education


In a news flash buried beneath a slew of other notable security news items, UCLA Health revealed last week it was the victim of a massive data breach that left 4.5 million patient records compromised. Like previous attacks on Anthem and Premera Blue Cross, the intrusion gave hackers access to highly sensitive information: patient names, addresses, date of births, social security numbers, medical conditions, and more. And while matters around healthcare IT have taken center stage as of late, the ineffective security at leading institutions of higher education and research is equally distressing.

Read More

Your Secret's Safe With No One: Lessons Learned From The Ashley Madison Hack

For those of you harboring secrets behind a website paywall, a word of warning: your skeletons are now easy targets for cyber criminals and nefarious 3rd parties around the globe. The recent data breach and compromise of 3.5 million Ashley Madison user accounts may turn out to be largest case of broad-scale extortion the world has ever seen, but for many—the outcome is hardly surprising.

Read More

Fixing Oracle's Latest Zero-Day and 193 Other Vulnerabilites

Oracle released a critical patch on Tuesday to fix a whopping 193 new security vulnerabilities across its line of database solutions and products. Included in the update are fixes to 25 vulnerabilities in the Java platform alone, including a new high-risk, zero-day vulnerability already used in several high-profile, yet-to-be publicized attacks.

Read More

Could Bad Configuration Management Spell The End For Big Finance?

Good configuration management (CM) makes the world go 'round, misconfigurations makes it grind to a halt. If in doubt, consider for a moment that in the last couple years CM issues have crashed an Airbus, leveled a billion dollar financial firm, and somewhat surprisingly—disrupted the cloud services of one of the world’s largest technology companies.

Read More

How To Fix The OpenSSL Alternate Chains Certificate Forgery Bug

The OpenSSL Project Team announced a high severity bug in their open source implementation of SSL today that could allow the bypassing of checks on untrusted certificates (read: man-in-the-middle attacks). Find out which versions of OpenSSL are impacted, and what you need to patch this critical vulnerability.

Read More

Subscribe to ScriptRock's DevOps Blog

About Us

We make a no-nonsense platform for maintaining consistency across environments. You can try it for free because we like you.