SOCMDB – a Security-oriented CMDB – Why and How

SOCMDB - security oriented CMDB configuration management data base database

The idea of a configuration management database (CMDB) is that it should be able to tell you all the interesting attributes of your environment. It’s not hard to imagine that just the right CMDB could be a great help in securing your systems and improving your security posture. In this article we’ll look in more detail at what a Security-Oriented CMDB (SOCMDB) should look like – and why you should care.

Assimilation Release 1.1.3 (“Leap Day”) is now out!

New Assimilation Release 1.1.3

We just put out a new Assimilation release with a few bug fixes, and a few new features. The new features center around visualization, security, with even more emphasis on helping you “eat the elephant” of getting you into a better security posture. In this post, we’ll explain more in detail what these features are and how they will help you improve and maintain your security posture.

SMART Alerting for security and operations

SMART alerting blackboard

S.M.A.R.T. goals are a good idea when setting goals for yourself, or for your company. In this article I discuss how to make your operational and security IT alerting more effective and less noisy by creating SMART alerting – Specific Measurable, Actionable, Relevant and Timely. In this article we explore the idea that alerts for both cybersecurity and operational issues should be SMART alerts.
Alerts that make sure you fix the things that need fixing and don’t waste resources when acting on noisy alerts.

Linux Magazin highlights “Innovative” Assimilation Suite

Picture of Alan Robertson from the German publication Linux Magazin

Back in November of last year, I presented at the Open Source Monitoring Conference (OSMC) – and the talk went really well. Just today I found out we’ve been featured in the German publication Linux Magazin – and they said some very nice things about us in their article about the OSMC. I wrote a bit […]

System Management Survey

Survey form - for taking surveys ;-)

If you manage, secure, or plan for IT environments or DevOps, we’d love for you to take our System Management survey. Right now, we’re busy planning on how to make the Assimilation Suite better in 2016. Your responses will be a huge help in giving us a sharp focus on how best to improve IT management for you and others in the IT community. If you can help us out, we’ll send you a small token of our appreciation

Assimilation Release 1.1.2 “Happy 2016” is out!

Download Assimilation Release 1.1.2 - the Happy 2016 release

On January 2nd we put out version 1.1.2 of the Assimilation System Management Suite – the Happy 2016 release. This release adds enhancements related to best practice analyses and adds support for openSUSE, Scientific, and ScientificFermi Linux – along with a few bug fixes. We also have some surveys that we’d love for people to take – to help direct us in our future work.
As we have in the past, we offer supported free trials of the Linux version of our system management suite – just follow the download link and the instructions you’ll find there.

Assimilation Monitoring Rules – Keys to Automated Monitoring

ruler with level - Assimilation Monitoring Rules - pun intended. No apologies ;-)

The Assimilation System Management Suite monitors servers and services automatically – which is way cool! This article explains how to create Assimilation monitoring rules which teach the Assimilation software when and how to use monitoring agents. These rules are the keys to fully automated monitoring. When your monitoring is fully automated, complexity goes down, and availability goes up.

Download new Assimilation Release 1.1.0 – Free Trial!

Download Assimilation Version 1.1.0

Those of you who’ve been following my blog for a while know something about the Assimilation System Management Suite – how it provides an always up-to-date CMDB, integrated monitoring, continuous security monitoring, and an up-to-date network map – in an incredibly scalable way with near-zero configuration – and how it does all this without setting of network security alarms.

If you haven’t given it a try yet, now is the perfect time – because we just announced version 1.1.0 of the Assimilation Suite, and to celebrate we’re offering a limited number of supported free trials.

What Aren’t You Monitoring?

monitoring trends from James Turnbull - image from the great folks at

The three pillars of IT security are confidentiality, integrity, and availability. Most of the press coverage is all about confidentiality – at least until we have an airline or two or three have trouble with availability ;-). Of course, availability is also a key dimension of server management with significant operational dimensions. Those of you who know me, know I have a deep expertise in availability. Unsurprisingly, in this post, I’m going to concentrate on availability – and the necessity of monitoring everything, and knowing that you’re monitoring everything.