first_imgMore information about the Fan is available in a separate blog post from Kirkland.Mashape announces analytics platform for APIs and microservicesAPI management software provider Mashape has announced the release of Mashape Analytics, a real-time analytics platform for APIs and microservices.The open analytics platform is designed specifically for API and microservice architectures for use by DevOps professionals and developers. The platform also provides BI and visualization capabilities, and can provide visibility into microservices hosted inside Docker containers. Main features of Mashape Analytics include: Real-time insights: API performance, consumption and usage analysis in real time Instant Replay: Individual API calls can be replayed to debug issues and optimize speed Custom Dashboards: Simple dashboards allow users to create reports, set up filters and sort by API properties API Logs: A way to log activity occurring between microservices and inspect bottlenecks Alerts: A tool for preventing overloading and resource mismanagement, alerts keep users informed and updated on the status of their API Kong Compatibility: Mashape Analytics integrates into Kong, Mashape’s recently released open-source API management platform. Canonical has introduced the Fan, an overlay network system in Ubuntu for containers on Amazon Web Services and Google Compute Engine.The Fan is a free scalable address-expansion mechanism for both application-centric containers such as Docker or Rocket, or full-machine containers such as LXD, according to an announcement from Dustin Kirkland of Canonical’s Ubuntu product and strategy team. The Fan expands address space by 250x on each container host, he said, with a new approach to solving address shortages in large-scale container density by using “overlay networking” to allocate hundreds of IP addresses to each VM.“We recognized that container networking is unusual and quite unlike true software-defined networking, in that the number of containers you want on each host is probably roughly the same. You want to run a couple hundred containers on each VM,” wrote Canonical CEO Mark Shuttleworth in a blog post.“So we came up with the ‘fan.’ It’s called that because you can picture it as a fan behind each of your existing IP addresses, with another 250 IP addresses available. Anywhere you have an IP you can make a fan, and every fan gives you 250x the IP addresses. More than that, you can run multiple fans, so each IP address could stand in front of thousands of container IP addresses.”last_img read more

Read More

first_imgTeddy Reed, security engineer at Facebook, showed off an open-source tool his team built in order to counter this new threat: OSQuery. It works by hooking into the end machine’s stream of events at the kernel level. These events are pushed upstream to a monitoring console, and thus administrators and developers can use the tool to gain insight into events happening on networked machines.Such event notifications can be triggered for something as trivial as the insertion of a USB plug, or as major as a kernel panic or firmware update. Reed said that having OSQuery on every computer is useful, but the type of computer determines the importance of those notifications.On a developer’s laptop, for example, many unique USB devices may be randomly plugged in and brought online. On a server, however, anything plugged in via USB should immediately set off a red flag, as it’s a rare occurrence.Reed encouraged the audience to try OSQuery, and then offered to help any users who wished to integrate it into an odd stack. He said this tool provides a form of security he called attestation. “Owner controller attestation will make devices safer,” he said. Digital security is tough to get right, and on the software side of the equation, it’s even harder. Traditionally, software security has come in the form of edge-of-network devices, like firewalls and intrusion detection systems. It is the software itself, however, that often offers up the exploitable surface area to an attacker.USENIX Enigma, a new conference from the USENIX Advanced Computing Systems Association, brought attendees new ideas in software security, ranging from a new type of binary scanner to cutting-edge firmware-monitoring tools employed by Facebook.(Related: The biggest software issues still persisting, according to Cigital)In a world where the firewall cannot save the network from all the evils online, end-point security becomes paramount. This is compounded by the fact that some of the newest and most dangerous security exploits online involve firmware replacement and poisoning.last_img read more

Read More