Jetstack launches Jetstack Secure
Jetstack, a Kubernetes product and services provider and Venafi company, has announced the launch of Jetstack Secure, its flagship product that extends the core value of the cert-manager open source project. The company said that Jetstack Secure delivers protection and full visibility of machine identities to cloud native platform and security teams. This includes public trusted certificates for ingress TLS, as well as private certificates for intra-service mTLS with service mesh.
Jetstack Secure deploys easily using Kubernetes resources. It includes an open source agent, and is backed by a reliable and scalable SaaS managed by Jetstack. The full interface can be set up to run for free on a single cluster, and customers can upgrade for advanced multi-cluster and alerting capabilities.
Matt Bates, Jetstack CTO and co-founder, said, “We’ve seen first-hand from our work with customers that adopting cloud native technologies and modern microservices architecture very quickly leads to a significant growth of TLS certificates – from ingress TLS, to intra-service mTLS, Kubernetes webhooks and more. As infrastructure scales and clusters accumulate, a very high level of automation is needed to ensure certificates are consistent and kept up-to-date. Automating the certificates’ life cycle, to keep workloads protected, is the core value of cert-manager.”
He added, “With Jetstack Secure our customers can see a detailed view of each cluster and an instant visual status of all workload certificates, including their association with Kubernetes resources. Crucially, it will identify and help to mitigate issues that can cause operational or security risk.”
Open source intelligence (OSINT) market to reach US$ 11.86 billion by 2026
The global open source intelligence market size can grow at a CAGR of 17.4 per cent during the forecast period (2020-2026) to reach US$ 11.86 billion by 2026, as per a report by Market Research Future. The market stood at a little less than US$ 3.83 billion in 2018.
Availability of open source data and rise of cyber threats are likely to drive the market demand significantly. Social media platforms accumulate data pertaining to location, community, interests, and likes for informing government agencies of any possible threats.
The report added, “The use of relevant information on organisations based on employee experience and devoid of reputation management firms can drive the market. Actionable insights on people and companies for sensitive information are likely to be witnessed in the coming years. Organisations can glean data in real-time from a wide range of sources for gaining awareness and performing location-based investigations. Quantification of risks, events, and consequences can assist decision makers. But large volumes of data lakes and lack of skilled personnel can hinder market growth.”
The COVID-19 pandemic has driven people to stay within the limits of their homes and has increased Internet usage. Greater reliance on blogs, discussion forums, vlogs, and other digital platforms can bode well for the OSINT market. OSINT tools can accumulate data from these sources to predict future trends.
The report said that remote working has created the challenge of malicious attacks by cybercriminals. This can be overcome with the help of OSINT tools. Intelligence agencies can gain useful insights from public resources and overcome any potential threats to nations.
Guardicore unveils IPCDump, an open source tool for tracing interprocess communication on Linux
Guardicore has announced the availability of IPCDump, a new open source tool for tracing interprocess communication on Linux. It said that the tool covers most interprocess communication (IPC) mechanisms, including pipes, fifos, signals, UNIX sockets, loopback-based networking, and pseudoterminals. It is useful for debugging multi-process applications and gaining transparency into how they communicate with one another in their IT environment.
Guardicore VP of Research Ofri Ziv said, “IPCDump is the natural byproduct of our talented R&D team’s efforts to push the technical boundaries of our segmentation platform. Rather than let it go to waste, our team wanted to show our commitment to the development and security communities by sharing a useful open source debugging tool.”
Modern applications have distinct processes that plug into one another in a black box, creating significant challenges for developers when something breaks.
This issue is particularly true for debugging complex multiprocess applications. IPCDump solves this problem by tracing both the metadata and contents of apps’ communication, and tracing IPC between short-lived processes.
Security practitioners can also use the open source tool to explore how business apps communicate with internal and external systems. IPCDump can also easily track short-lived processes’ creation and destruction, a tedious task that typically requires security and IT teams to check port numbers against netstat manually. It comes with support for pipes and FIFOs, signals (regular and real-time), UNIX streams and datagrams, and pseudoterminal based IPC. It also comes with event filtering based on process PID or name, and human-friendly or JSON-formatted output.
CloudLinux releases AlmaLinux Beta
AlmaLinux, the open source enterprise-level Linux distribution created as an alternative to CentOS, has been released in beta with most RHEL packages and is ready for community testing. A stable release is planned for the end of Q1 2021.
CloudLinux’s founder and CEO, Igor Seletskiy, said, “As promised, the main development and maintenance were done by the CloudLinux team. And now we appeal to the community for its contributions. In the spirit of the community-driven initiative, we now require assistance with testing, documentation, support and planning the future roadmap.”
AlmaLinux is a 1:1 binary fork of Red Hat Enterprise Linux (RHEL), backed with a US$ 1 million annual sponsorship by CloudLinux, with support provided until at least 2029. It is being developed with collaboration from the Linux community via public repositories and packages. The company said that the GitHub page is also published and the finalised source code will be added once the stable release has been completed. An important tool released with the AlmaLinux beta is the bug tracker. CloudLinux will work closely with bug tickets to further develop AlmaLinux and deliver the stable release.
JFrog and Docker team up to combine the power of JFrog Artifactory and Docker Hub
JFrog Ltd has announced an agreement with Docker to provide developers unlimited (for SaaS users), high-performance premium access to quality and trusted application components on Docker Hub, in order to streamline developer experience and scale the use of containers in the enterprise. The agreement also provides dedicated support mechanisms for mutual customers.
JFrog Artifactory, also known as the ‘Database of DevOps’, is a software package management solution used by thousands of customers to host and manage their software artifacts, container images, and Helm Charts. JFrog users often mirror container images hosted on Docker Hub. SaaS subscribers of JFrog’s DevOps platform (including those who use the free subscription offered on AWS, GCP, and Azure) will benefit from uninterrupted access to Docker Hub and Docker Official Images through JFrog Artifactory.
The partnership will see access to high-quality content in Docker Hub, including Docker Official Images and content from Docker Verified Publishers. It will also see an industry-best developer experience for building, sharing, and delivering cloud-native applications and dedicated channels to support mutual customers, according to the company.
Scott Johnston, CEO of Docker, said, “At Docker, our mission is to help developers bring their ideas to life by conquering the complexity of app development. The combination of Docker with the immensely popular JFrog Artifactory, which can scale with very large workloads, reduces friction for developers and gives them confidence in their application components, allowing them easy onboarding to a Docker subscription and more time to focus on building great apps. We are excited to work with JFrog on this initiative, and look forward to our continued partnership to enable high-velocity cloud-native application development for our joint customers.”
Infinite Devices and Scalytics announce strategic partnership
Infinite Devices has announced a strategic partnership with Scalytics, an open source ML/AI-ops platform and maintainer of Apache Wayang, to create Infinimesh, an open source AIoT platform. The combination of two leading open source platforms, will work to help organisations across numerous industries implement a scalable Kubernetes based IoT platform designed to capture real-time data with any cloud or hybrid environment. The Scalytics
ML/AI-ops platform empowers the user to use the best data analytics framework at execution time.
Alexander Alten, founder of Infinimesh and executive president of Infinite Devices, said, “Security gaps and weak points in open source platforms are always a major risk. Our open source platform Infinimesh is the first cloud native, scalable IoT platform that guarantees 100 per cent data privacy and data compliance for Wayang.”
Redis Labs appoints Taimur Rashid as chief business development officer
Redis Labs has named Taimur Rashid as the company’s chief business development officer. He brings nearly two decades of experience in incubating new market opportunities and expanding the market reach for enterprise software companies, having worked the past 15 years with leading cloud service providers.
Rashid will be responsible for leading cross-functional projects to nurture and grow markets, including the emerging role Redis is playing in artificial intelligence use cases and the accelerated adoption of cloud-native architectures by Global 1000 companies. He will help the company continue to deliver native managed services that enable customers to engage deeper with Redis and grow into premium services.
Rashid said, “I’ve admired how Redis Labs has not only expanded the capabilities of Redis to power modern applications, but also developed new technologies to help enterprises explore data layer strategies that enable real-time use cases. I’m excited to not only make it easier for our partners to sell and help our customers grow with Redis, but also for businesses to build on top of Redis too.”
Microsoft joins Rust Foundation
As per a blog post by Microsoft, it is joining industry partners as one of the founding members of the Rust Foundation. The foundation is a new independent organisation established to steward the Rust programming language and ecosystem, and support Rust’s maintainers.
The post by Nell ShamrellHarrington, principal software engineer, Microsoft, and board director at the Rust Foundation, said, “As Rust’s popularity has grown, it has continued to demonstrate outstanding language stewardship and a strong track record of keeping Rust true to its goals of performance, reliability, and productivity. It has been a joy for me to contribute to this success as the lead editor of This Week in Rust, and as a member of several Rust working groups and teams.”
The post adds that any open source project—especially a language ecosystem— is only as strong as its community of users and contributors. The creation of the Rust Foundation ensures that Rust will remain driven by and for the global Rustacean community.
As per the blog post, open source software and languages are of critical importance both to Microsoft and to the entire tech industry. This is especially true for systems programming languages like Rust.
Shamrell-Harrington added, “As Rust usage in Microsoft grows, we know it is not enough to only use it as open source software. We must also contribute back to it. Joining the Rust Foundation is a way for us to financially support the project, contribute back to the project, and engage more deeply with the Rust community.”
Styra announces strategic hires to senior leadership team
Styra, Inc., the founders of Open Policy Agent (OPA) and leaders in cloud-native authorisation, have announced two strategic hires to its senior leadership team.
Steve Erickson and Paul Murphy will serve as vice presidents of engineering and sales, respectively, to support the company’s innovation and growth. The company also shared its 2020 results, including over 300 per cent growth year-over-year, 90 per cent headcount growth and record-breaking open source success with OPA.
The new hires bring proven policy and open source experience to help Styra expand its rapidly growing customer base, support the OPA community, and provide more teams access to the Styra Declarative Authorization Service (DAS), giving them guardrails for Kubernetes and microservices.
Steve Erickson will be bringing deep policy security expertise to the engineering team as VP. In his time as an engineering leader at Illumio, Erickson was responsible for end-to-end policy management, distribution and enforcement capabilities within the Illumio Core and Illumio Edge products.
Paul Murphy comes to Styra with a strong cloud-native background. In his role with FOSSA, Murphy was the head of global sales. Before that, he ran sales for Sysdig.
Murphy added, “Styra is a rocket ship, and I’m thrilled to be on board and part of the team that built both OPA and Styra DAS. I am passionate about the speed, automation and portability that cloud-native can provide, and I’ve helped countless companies make their digital transformations and embrace the cloud. Here at Styra, I’ll be helping our customers get more from OPA, so they can move to the cloud while also minimising risk, mitigating errors and ensuring that deployments are both secure and compliant.”