January 2020 - TuxCare

How to Become Compliant with KernelCare – Case Study with Efinity

Case-study-effinity

KernelCare Client, Efinity, deal with clients in fourteen countries. This means that the system has to deal with a lot of data – much of it personal data – and must be watertight. In the light of recent data breaches, Efinity kept getting compliance questions from their customers: did they have the SOC 2 certification?

Continue reading “How to Become Compliant with KernelCare – Case Study with Efinity”

Secure Devices with KernelCare IoT

IoT1

Last year we ported KernelCare to run on Arm processors.

There was such a massive response to this announcement, that we’ve worked on expanding KernelCare’s Arm support to more Linux distributions, those focusing on IoT device development and deployment.

So today we’re happy to announce the release of KernelCare IoT.

Continue reading “Secure Devices with KernelCare IoT”

New KernelCare+ patches Linux libraries and kernels

KC+-min

You want more—more protection for business-critical applications running on Linux, applications that depend on glibc and OpenSSL.

As with the kernel, vulnerabilities in glibc or OpenSSL can’t wait to be patched.

That’s why, last November, we announced KernelCare+, an enhanced variant of KernelCare, one that patches vulnerabilities in essential user space libraries in addition to those in the Linux kernel. And as with KernelCare’s Linux kernel live patching, KernelCare+ updates applications without affecting their operational state—no restarts, no reboots.

Continue reading “New KernelCare+ patches Linux libraries and kernels”

Developer Tutorial: Live patching Debian 10 Linux kernel with Kpatch

Debian10.2

Live patching is a way of updating a Linux kernel without interruption.

Because kernel updates don’t take effect until the system is rebooted, Linux kernel live patching is most commonly used to patch severe Linux kernel vulnerabilities without rebooting servers.

Aside from improved service continuity and uptime, organizations with large server fleets also use live patching to avoid the administrative overhead associated with the coordination and planning needed to reboot multiple systems.

This tutorial will show how to use Kpatch to change the behavior of a running Debian 10 kernel without stopping it, changing the contents of /proc/uptime (and the uptime command) so that the system’s reported uptime is 10 years greater.

Continue reading “Developer Tutorial: Live patching Debian 10 Linux kernel with Kpatch”

Resources

State of Enterprise Linux Cybersecurity ... Read More State of Enterprise Linux Cybersecurity ...
Dangerous remotely exploitable vulnerability ... Read More Dangerous remotely exploitable vulnerability ...
Securing confidential research data ... Read More Securing confidential research data ...
State of Enterprise Vulnerability Detection ... Read More State of Enterprise Vulnerability Detection ...
Demand for Rapid Risk Elimination for ... Read More Demand for Rapid Risk Elimination for ...
TuxCare Free Raspberry Pi Patching Read More TuxCare Free Raspberry Pi Patching