Driving agility through systems of differentiation

driving-agility-image

Data-driven application development, an area that until recently was limited to only IT teams, is increasingly falling under the radar of business leaders. One reason for this is the need to align technology with the business to enable differentiation and innovation.

So, when developing modern applications, Gartner encourages organizations to consider three different system layers as per its Pace Layered Application Strategy. These are:

Read More

Why being #DataFirst makes for a great return on investment(RoI)?

ROI_Blog_Image

At CAPIOT we have been advocating leveraging the #DataFirst approach for sometime now. We often get questioned by stakeholders on how being data-first helps deliver better RoI for digital initiatives across the enterprise.  

In this post, we focus on how decision-makers can calculate the return on investment (RoI) of data-first approaches. We examine two different scenarios and demonstrate the cost savings generated from data service platforms, owing to the advantages of reusability and easy maintenance.

Read More

Security Alert: CVE-2018-1210001

This Security Alert addresses CVE-2018-1210001, a vulnerability in specific versions of Kubernetes, the deployment and orchestration platform used in Omni Data Platform and XCRO.

Excerpt: With a specially crafted network request, any user can establish a connection through the Kubernetes application programming interface (API) server to a backend server. Once established, an attacker can send arbitrary requests over the network connection directly to that backend. These requests are authenticated with the Kubernetes API server’s Transport Layer Security (TLS) credentials.

This vulnerability puts the entire cluster at risk by allowing the attacker to issue unauthenticated requests via the Kubernetes API layer.

Affected component:

Kubernetes API server

Affected Kubernetes versions and patches:

  • Kubernetes v1.10.0-1.10.10 (fixed in v1.10.11)
  • Kubernetes v1.11.0-1.11.4 (fixed in v1.11.5)
  • Kubernetes v1.12.0-1.12.2 (fixed in v1.12.3)

Affected CAPIOT products:

  • Omni Data Platform v1.x
  • XCRO v.4.x
  • XCRO v.5.x

Mitigation:

If the Kubernetes API has not been exposed outside of the cluster, or the Kubernetes environment sits in an on-prem / air gapped environment, the probability of having been attacked is significantly lesser. However it is highly recommended to upgrade your Kubernetes platform to the latest patch that has been released immediately.

Support:

Please contact support@capiot.com for any further assistance or details on this security alert.

References: