DevOps – Linux.com

Critical Bluetooth Flaw Exposes Android, Apple & Linux Devices to Takeover

Linux.com Editorial Staff — Thu, 07 Dec 2023 12:33:39 +0000

Attackers can exploit a critical Bluetooth security vulnerability that’s been lurking largely unnoticed for years on macOS, iOS, Android, and Linux device platforms. The keystroke injection vulnerability allows an attacker to control the targeted device as if they were attached by a Bluetooth keyboard, performing various functions remotely depending on the endpoint.

Linux Foundation Newsletter: October 2023

Linux.com Editorial Staff — Thu, 19 Oct 2023 13:46:11 +0000

This month’s newsletter will be one of our biggest ever! In October, our communities met in person at the Open Source Summit Europe in Bilbao and KubeCon + CloudNativeCon + OSS in Shanghai, China. At OpenSSF’s Secure Open Source Summit in Washington, DC, we continued advancing important conversations to improve the security of software supply chains. We had a record month at LF Research, with four new reports published since our last newsletter on brand new topics, including the mobile industry and Europe’s public sector, and year-over-year trends specific to European open source and the state of the OSPO. And, of course, there’s lots of project news for you to catch up on, including the announcement of OpenPubkey, a zero-trust passwordless authentication system for Docker.

Read the October Newsletter at the Linux Foundation Blog

The post Linux Foundation Newsletter: October 2023 appeared first on Linux.com.

Linux Foundation Annual Report 2022: Leadership in Security and Innovation

Linux.com Editorial Staff — Thu, 08 Dec 2022 18:37:11 +0000

In 2022, the Linux Foundation, in collaboration with our community, engaged in new initiatives to secure the software supply chain, enabled innovations with social, economic, regional, and environmental impact, supported open industry standards, and continued to embrace diversity and inclusivity. Read the report today.

The post Linux Foundation Annual Report 2022: Leadership in Security and Innovation appeared first on Linux.com.

How to Manage Linux Endpoints with Automation

Thu, 14 Apr 2022 13:24:52 +0000

Endpoint security is traditionally treated separately from the broader network security plan, and usually falls under responsibility of the IT admins team rather than the security team. However, endpoints are becoming a more critical part of the extended network ecosystem as many organizations will continue encouraging remote work after the Great Office Return.

The IT admins approach not only limits visibility and control but also makes it difficult to assess a device’s security level. It’s challenging to take the necessary automated steps in the event of a compromise due to a lack of access to vital threat intelligence. These challenges are even greater for Linux users, which is the preferred system of many developers and DevOps-led organizations.

Stack Overflow’s 2020 developer poll cites that professional developers will increase by more than 28 million by 2024. Thus, long-term integration and automation of Linux systems and infrastructure into IT operations is an even bigger priority for organizations moving forward.

Why organizations lack control and visibility over their Linux endpoint devices

Unfortunately, Linux infrastructure is not generally straightforward to automate. Without extra tooling, some administrators may face a long road to achieving their automation targets in the first place. To automate Linux systems, IT administrators must have complete control over their security and configuration settings. They must also possess the ability to monitor systems afterward to ensure everything is running smoothly.

Challenges of Linux endpoint management

Many endpoints currently connected to corporate networks are not official corporate assets. IT departments can’t quickly assess or monitor them to ensure they get the updates and patches they need because they don’t own these devices. This makes them vulnerable to threats, but it also makes them a relatively unknown threat vector, posing a threat to the entire fleet of devices.

Another significant barrier to visibility is mobility. Endpoint devices were once considered corporate assets kept behind the corporate firewall. Users of these endpoint devices today can connect to corporate resources, access corporate data, and even work on it using a variety of applications. They don’t need to be connected to a VPN to access physical or cloud-based resources. This is becoming more common across organizations of all sizes.

These devices spend the majority of their time related to non-corporate network resources which significantly reduces IT visibility. According to a 2020 Ponemon Institute report titled “The Cost of Insecure Endpoints,” two-thirds of IT professionals admit to having no visibility into endpoints that connect to the network regularly when they work outside of it.

There is also the challenge of Shadow IT. Employees can easily install and run traditional and cloud-based applications on their phones and computers and on corporate-owned assets assigned to them without having to go through IT. If IT administrators don’t have insight into all of the programs operating on these devices, they won’t be able to verify that essential access controls are in place to mitigate threats or govern the spread of data and other business assets. Self-compliance and security are not ideal for Linux endpoints.

Why manage your Linux devices in real-time?

Having complete visibility over IT asset inventory for security and productivity monitoring is critical to helping identify and eliminate unauthorized devices and apps.

What should IT teams monitor in real-time? Important metrics to keep an eye on include the number of unknown, checked-in, and total devices in the fleet, as well as devices installed and outdated and rarely used apps. IT professionals should look for a tool that keeps a constantly updated and monitored inventory of IT assets, including Linux.

Maintaining endpoint health with security controls is another advantage of managing Linux devices in real-time. Every day, numerous activities take place at an endpoint. It is critical to keep an eye on everything, including suspicious activity.

IT practitioners need a tool that conducts regular endpoint health checks to protect your endpoints, enforces firewall policies, quarantines or isolates unnecessary devices, kills rogue processes and services, hardens system configurations, and performs remote system tune-ups and disc clean-ups. This will help identify and eliminate unauthorized devices and applications.

Otherwise, allowing any random device or application in the network will gouge a hole in IT security and employee productivity. That’s why disabling or blocking illegal devices and programs from entering your network is critical.

Moreover continuous monitoring and remediation must be enabled. Continuous monitoring of your endpoints requires security tasks to be executed periodically. Chef Desktop helps achieve this without worrying about connectivity and maintenance issues and helps to ensure that endpoints remain in the desired state

Conclusion

Long-term integration of Linux systems and infrastructure into IT operations is common in organizations that have them.  Continuous monitoring of endpoints requires security tasks to be executed even remotely, without relying on physical access of devices. IT administrators must have complete control over their security and configuration settings to automate Linux systems, as well as the ability to monitor systems after the fact to ensure everything runs smoothly. 

IT managers must reduce costs and optimize time by leaning off manual processes. Instead, they should configure the entire linux fleet in a consistent, policy-driven manner. This boosts efficiency and productivity as well as maintains detailed visibility into the overall status of the Linux and desktop fleet. Easy-to-implement configuration management capabilities can assist IT teams in managing and overcoming some of the challenges they face when managing large Linux laptop fleets.

AUTHOR BIO

Sudeep Charles is a Senior Manager, Product Marketing at Progress. Over a career spanning close to two decades, he has held various roles in product development, product marketing, and business development for application development, cybersecurity, fintech and telecom enterprises. Sudeep holds a Bachelor’s degree in Engineering and a Master’s in Business Administration.

The post How to Manage Linux Endpoints with Automation appeared first on Linux.com.

Download the 2021 Linux Foundation Annual Report

Linux.com Editorial Staff — Wed, 08 Dec 2021 23:42:44 +0000

In 2021, The Linux Foundation continued to see organizations embrace open collaboration and open source principles, accelerating new innovations, approaches, and best practices. As a community, we made significant progress in the areas of cloud-native computing, 5G networking, software supply chain security, 3D gaming, and a host of new industry and social initiatives.

Download and read the report today.

The post Download the 2021 Linux Foundation Annual Report appeared first on Linux.com.

Microsoft’s Dapr Becomes CNCF Incubation Project

Swapnil Bhartiya — Wed, 08 Dec 2021 23:34:49 +0000

Microsoft recently contributed its Dapr (Distributed Application Runtime) project to CNCF, which has been accepted at the foundation as an incubating project. We sat down with Dapr founder Mark Fussell to learn more about the project.

The post Microsoft’s Dapr Becomes CNCF Incubation Project appeared first on Linux.com.

Understanding Security In The Cloud Native World

Swapnil Bhartiya — Wed, 08 Dec 2021 23:31:37 +0000

CNCF Security TAG recently conducted a micro-survey to better understand cloud-native security. We sat down with Brandon Lum, CNCF Security TAG Co-Chair, and IBM Research Engineer to talk about the micro-survey and deep dive into how the security landscape has changed are people are embracing cloud-native technologies.

The post Understanding Security In The Cloud Native World appeared first on Linux.com.

Understanding Open Source Supply Chain Security

Swapnil Bhartiya — Wed, 08 Dec 2021 23:28:31 +0000

Open Source Software supply chain security has become a hot topic recently after an executive order by the Biden administration. We sat down with Chris Wright, Senior Vice President and Chief Technology Officer at Red Hat, to better understand open source supply chain issues and what efforts are there to ensure the security of the open-source supply chain.

The post Understanding Open Source Supply Chain Security appeared first on Linux.com.

2021 Open Source Jobs Report (VIDEO)

Swapnil Bhartiya — Wed, 27 Oct 2021 18:33:27 +0000

The Linux Foundation announced the 9th annual Open-Source Jobs report that offers great insights into the supply and demand of critical skills needed by companies embracing cloud native technologies. To deep dive into this report, we hosted Clyde Seepersad, SVP & General Manager, Training & Certification, The Linux Foundation.

The post 2021 Open Source Jobs Report (VIDEO) appeared first on Linux.com.

How eBPF Streamlines the Service Mesh (TNS)

Linux.com Editorial Staff — Tue, 26 Oct 2021 16:16:01 +0000

Liz Rice writes at The New Stack:

There are several service mesh products and projects today, promising simplified connectivity between application microservices, while at the same time offering additional capabilities like secured connections, observability, and traffic management. But as we’ve seen repeatedly over the last few years, the excitement about service mesh has been tempered by practical concerns about additional complexity and overhead. Let’s explore how eBPF allows us to streamline the service mesh, making the service mesh data plane more efficient and easier to deploy.