The server environment is complex and if you’re managing thousands of Linux servers, the last thing you want is for an operating system vendor to do something completely unexpected.
That is exactly what Red Hat, the parent company of the CentOS Project, did when it suddenly announced a curtailment of support for CentOS 8 – sending thousands of organizations scrambling for an alternative.
Continue reading “Winter is Coming for CentOS 8”
Let’s face it – everyone’s had just about enough. Exploits are everywhere, and it’s almost impossible to deal with the problem to a watertight degree.
Some organizations make a solid effort, deploying cutting-edge vulnerability management solutions and live patching to minimize the impact of vulnerabilities, but many others struggle, and some make no effort at all.
This lack of action creates opportunities for malevolent actors, and the Cybersecurity and Infrastructure Security Agency (CISA) had seen so many successful exploits that it felt it needed to draw a line – forcing the agencies it has authority over to act.
That’s why, on November 3, CISA issued a new directive that compels civilian federal agencies to address 306 critical vulnerabilities that CISA found commonly leads to successful exploits.
Continue reading “What does the critical CISA directive mean and how should you respond?”