SOCMDB – a Security-oriented CMDB – Why and How

SOCMDB - security oriented CMDB configuration management data base database

The idea of a configuration management database (CMDB) is that it should be able to tell you all the interesting attributes of your environment. It’s not hard to imagine that just the right CMDB could be a great help in securing your systems and improving your security posture. In this article we’ll look in more detail at what a Security-Oriented CMDB (SOCMDB) should look like – and why you should care.

How the right CMDB can improve your security posture

How the right CMDB can improve your security posture

In a couple of earlier blog posts, I wrote an article about what characteristics would make a CMDB suitable for a “modern” DevOps-like environment. The first article talked about what characteristics one would like in such a CMDB. The second article evaluated the Assimilation Suite in terms of those characteristics. This article discusses how a CMDB can improve your security posture.

In today’s blog post, I’d like to do something similar – but looking at a CMDB from a security perspective. That is, this blog post is the first part of a discussion of what a security-oriented CMDB ought to look like and how it can improve your security posture.

How I Give Fun Talks

give fun talks

I couple of weeks ago, I gave my first ever talk at a security conference and had a great time at the Las Vegas B-sides conference (BsidesLV). I had a great time there, met some great people there. This note gives an overview of how it went, and gives a little information on how I give talks.

Assimilation 2016 Security Roadmap

Past Present And Future Signpost Showing Assimilation Cybersecurity Evolution (Roadmap) 2016 Security Roadmap

About a year ago, we created a security roadmap for the Assimilation Project. It’s time to update it and see how we’ve progressed since then – hence our Assimilation 2016 Security Roadmap. The Assimilation Security software concentrates on low-noise automated security tools. We expect to enhance our capabilities in best practice analyses, checksum integrity analyses, patch […]

Assimilation Subgraph Queries and Visualization

assimilation subgraph queries

In the 1.1.7 release of the Assimilation System Management Suite, we added a completely new type of query – the subgraph query. What’s really cool about subgraph queries is that they are exactly what’s needed for visualization. So, this article is about Subgraph Queries and Visualization – what they are, how they relate to each other and why this is totally cool.

The Unknown Unknowns

The Unknown Unknowns

Recently, Security Week featured a great article by Emily Ratliff about “Unknown Unknowns” which explains really well how it is that the things you don’t know are those most likely to bite you. This kind of advice about what you don’t know biting you is ancient and dates back thousands of years before computers were invented.

Assimilation Release 1.1.7: “From The Heart” for Salt Lake City DevOpsDays

Assimilation Release 1.1.7

We’re proud to announce Assimilation Release 1.1.7. This release of the Assimilation System Management Suite has two major emphases – adding support for Docker and Vagrant, and adding subgraph queries for visualization. These are exciting features which provide capabilities which extend the reach and usefulness of the Assimilation Suite.