Show posts tagged:
modules

Security holiday calendar - Part 1

As it was well received last year, we decided to do another security-focused holiday calendar this year. The concept was roughly the same, but instead of only adding security hardening modules, we’ve also added in some other security advice and blog posts to improve the variety. Now that we’re halfway through to 24 (or 25), let’s recap the first half of the calendar. The problematic remote shell (rsh) (1/25) Remote shell (rsh) allows you to log in and send commands to another computer over the network.

December 12, 2022

Building a Compliance Report based on inventory modules

In CFEngine Enterprise we collect information from each system in the infrastructure as inventory. Some inventory is available by default, and more can be added using modules or writing policy. You can use inventory information to create a Compliance Report with checks that determine if the information complies with your security requirements. In this blog post, we will use some modules from CFEngine Build which provide inventory data, and build a Compliance Report on top of those.

Posted by Craig Comstock
December 9, 2022

Updates, upgrades, and uptime

All software of any significant size has bugs, vulnerabilities, and other weaknesses. This includes the operating system (OS), libraries, command line tools, services and graphical applications. Across your infrastructure, you should have an overview of what operating systems and software you have installed. Additionally, automated ways of upgrading the OS, as well as packages are desirable. Finally, ways of highlighting problematic hosts (with old operating systems and software) and prioritizing them helps your efforts to upgrade and secure your machines.

December 2, 2022

CFEngine Build System version 3

Our beloved cfbs CLI tool for working with CFEngine Build is rapidly evolving. At the time of writing, we are currently at version 3.2.1. Thus I would like to take this opportunity to talk a bit about the latest and greatest features; including support for users to manipulate input parameters in modules, as well as a couple of new build steps. If you haven’t yet got a hold of the latest version of cfbs, you can update it with pip using the following command:

Posted by Lars Erik Wik
November 15, 2022

Scary stories you won't believe until they happen to you!

For halloween this year, we wanted to share some scary scenarios along with security recommendations to help avoid them. All the names, companies and characters are made up, but the events and experiences are based on things which could happen, or have happened in the real world. 1. Horrors of the logging library Mary the sysadmin looks over at her monitoring system, noticing an increase in requests with special characters. She recognizes the strings as log4shell vulnerability exploit attempts.

October 27, 2022

CFEngine 3.20 released - Modularity

Today, we are pleased to announce the release of CFEngine 3.20.0! Over the past few years we’ve focused on ease of use, new user experience, and out of the box value, giving you the ability to do much more through only the Mission Portal Web UI. This has resulted in several important steps forward; policy analyzer, compliance reports, host specific data (CMDB), and CFEngine Build with custom promise types and other modules.

July 1, 2022

Show notes: The agent is in - Episode 14 - Sneak peek of CFEngine 3.20

Interested in seeing what’s around the corner in CFEngine Enterprise? Herman (Product Manager) walks us through the features that we will find in the upcoming release of CFEngine 3.20. Being a non-LTS release, it’s a great opportunity to try out new features and get your feedback in before our next LTS series. Video The video recording is available on YouTube: At the end of every webinar, we stop the recording for a nice and relaxed, off-the-record chat with attendees.

Posted by Nick Anderson
June 30, 2022

CFEngine Build System version 2

A while back we released version 2 of cfbs, and even though we release versions of this tool quite frequently, without announcing it on the blog, we thought this was a good opportunity to talk a bit about the tool, what’s new and our direction with it in the future. The reason why we called this the “2.0” release is that we are trying to follow semantic versioning, and there were some big new features in the release which could be considered breaking changes.

June 14, 2022

Show notes: The agent is in - Episode 13 - Custom promise types

Interested in extending the CFEngine DSL to support your own custom promise types? Herman (Product Manager) walks us through implementing custom promise type in python. Video The video recording is available on YouTube: At the end of every webinar, we stop the recording for a nice and relaxed, off-the-record chat with attendees. Join the next webinar to not miss this discussion. Links Example code Library for custom promise types in python Learning CFEngine Thinking in Promises Connect on LinkedIn w/ Cody, Craig, Herman or Nick All Episodes

Posted by Nick Anderson
May 26, 2022

Student competition - Build a module and win cash

The CFEngine team is pleased to announce a competition for students in Norway. We want you to write a module in Python, and submit it to CFEngine Build. Your module will be Open Source (MIT License), available for our community of users worldwide. CFEngine is a programming language, and modules can be added to do whatever the user needs, so the possibilities are endless. You can look at some examples for inspiration at the end of this blog post.

April 7, 2022
Get in touch with us
to discuss how we can help!
Contact us
Sign up for
our newsletter
By signing up, you agree to your email address being stored and used to receive newsletters about CFEngine. We use tracking in our newsletter emails to improve our marketing content.