HOS Newsletter – September 2024

Sep 30, 2024 | Newsletter

Sign up for our newsletter and get a quick recap of last month’s top stories, plus stay in the loop on key alerts like updates, outages, and security warnings.

SUBSCRIBE to this One Newsletter today and you can UNSUBSCRIBE from all the rest.

 – Your Friendly HOS Admins

Important Jira Service Management Changes Effective October 2024

Jira Service Management is updating its pricing and packaging, effective October 16, 2024, to enhance alignment with industry standards and support innovation. Key changes include moving advanced incident, problem, and change management features from Free and Standard plans to Premium and Enterprise plans, along with a shift to consumption-based pricing for Assets and Virtual Service Agent features. Customers will be notified of how these changes affect them by September 17, 2024, and those who exceed new limits will need to optimize usage. The updates aim to improve service offerings while ensuring customers can access powerful ITSM solutions.

https://www.atlassian.com/blog/announcements/jsm-cloud-pricing-packaging-update

 

Stay Secure: September 2024 Security Bulletin

The September 2024 Security Bulletin from Atlassian highlights six high-severity vulnerabilities recently addressed in various product updates, discovered through their Bug Bounty program and rigorous testing processes. Users are advised to patch their instances to the latest versions to mitigate these vulnerabilities, as security is a shared responsibility between Atlassian and its customers. For detailed information on affected products, fixed versions, and security best practices, visit the Vulnerability Disclosure Portal and check the linked product release notes.

https://confluence.atlassian.com/security/security-bulletin-september-17-2024-1431249025.html

Boosting Security in Slack: Tips and Features for a Safer Workspace

Trust and security are the foundation of Slack, which has delivered top-tier security, performance, and availability for over a decade. While Slack implements enterprise-grade security measures like encryption, two-factor authentication, and identity management, organizations also play a critical role in safeguarding data by applying security best practices. With features such as audit logs and data loss prevention, Slack empowers companies to manage security challenges effectively. Discover more about how Slack’s security features can protect your organization’s data by clicking below

https://slack.com/blog/news/secure-your-slack-data

Stay Competitive: The Key Benefits of AI in Your Workflow

Artificial intelligence (AI) empowers teams to work smarter by automating tasks and providing data-driven insights for better decision-making. By integrating tools like natural language processing (NLP) and large language models (LLMs), businesses can enhance productivity and innovation. Focusing AI efforts on specific tasks while understanding its strengths and limitations ensures effective use. Click below to learn how AI can revolutionize your company’s workflows and keep you ahead of the competition!

https://www.atlassian.com/blog/artificial-intelligence/a-guide-to-adopting-ai-features-in-your-company

GitLab Releases Critical Patches: Upgrade Now to Address Security Flaws

GitLab has released critical patch versions 17.3.2, 17.2.5, and 17.1.7 for both Community and Enterprise Editions, addressing significant security vulnerabilities and bugs. These updates fix various issues, including critical flaws like unauthorized access and denial of service, and high-severity vulnerabilities such as SSRF and code injection. It is strongly recommended that all self-managed GitLab installations upgrade to these versions immediately to ensure security.

https://about.gitlab.com/releases/2024/09/11/patch-release-gitlab-17-3-2-released/

New Bitbucket Pipelines Runtime Launching with Up to 8x Faster Builds

Atlassian is set to transition all Bitbucket Pipelines to a new CI/CD runtime by September 17, 2024, which promises up to 8x faster builds with enhanced performance. The new runtime offers dedicated CPU cores for each build, eliminating previous resource discrepancies and significantly increasing compute power for 2x builds. This migration will also affect IP address allocations, so users should update their IP allow-listing configurations accordingly.  Read more below!

https://bitbucket.org/blog/migrating-pipelines-1-2x-steps-to-our-new-ci-cd-runtime

AWS Weekly Roundup: AWS Parallel Computing Service, Amazon EC2 status checks and more

With Sepetember here AWS Re:Invent 2024 is just three months away, and anticipation is building for the latest services and exciting announcements in Las Vegas. Stay ahead of the curve with new AWS innovations like the Parallel Computing Service and enhanced EC2 features, highlighted in this week’s September roundup.

https://aws.amazon.com/blogs/aws/aws-weekly-roundup-aws-parallel-computing-service-amazon-ec2-status-checks-and-more-september-2-2024/

 

Simplify Compliance with Jira Cloud: Expert Tips and Best Practices

Managing regulatory requirements in Jira Cloud is essential for staying compliant in regulated industries. Experts from SPK and Associates shared practical tips in a recent webinar, emphasizing the use of custom workflows, audit trails, and automation to simplify compliance. By following these best practices, organizations can streamline their regulatory processes and maintain ongoing compliance.

https://www.revyz.io/blog/managing-regulatory-requirements-in-jira-cloudbest-practices-and-insights

From Threats to Solutions: The Advantage of Managed XDR

Despite ongoing advancements in cybersecurity, threats and breaches continue to escalate, creating a challenging environment where attackers often gain the upper hand. Managed Extended Detection and Response (XDR) solutions offer a way to address this issue by providing comprehensive coverage, enhanced visibility, and effective threat management, especially for organizations struggling with limited resources and expertise. These managed services help bridge the gap between advanced security needs and the scarcity of skilled professionals, allowing businesses to scale their defenses efficiently and effectively.

 https://www.alertlogic.com/blog/achieving-xdr-outcomes-with-a-managed-approach/

Mastering Exploratory Testing: A Creative Approach to Uncovering Hidden Software Defects

Exploratory Testing is a dynamic, hands-on approach to software testing that encourages testers to creatively explore applications, uncovering issues that might be missed by predefined test cases. Here you’ll learn how to effectively train your team for exploratory testing, ensuring they are well-prepared to identify and report critical defects

 

https://www.getxray.app/blog/how-to-train-your-team-for-exploratory-testing

NetBrain Technologies: A 2024 SC Award Finalist for Best Threat Management

NetBrain Technologies has been named a finalist for the 2024 SC Awards in the Trust Award category for Best Continuous Threat Exposure Management Solution, highlighting its advanced network security automation. The SC Awards, celebrating 27 years, recognize exceptional achievements in cybersecurity, with finalists showcasing leading-edge solutions and leadership. NetBrain’s Next-Gen platform automates network security assessments, ensuring compliance and detecting configuration drift to prevent potential breaches, with winners to be announced on September 17, 2024.

 

https://www.netbraintech.com/news/selected-as-2024-sc-awards-finalist/

Behind the Scenes of Snipe-IT v7: A Smooth Launch and Team Reflections

The recent release of Snipe-IT v7 has been the smoothest in its 13-year history, with only minor post-launch updates due to community feedback. This success is attributed to thorough pre-release testing, careful planning, and consistent integration practices that minimized merge conflicts. Despite the delay in release, the team prioritized software quality over deadlines and used real-time error monitoring to address issues swiftly. However, the team learned the importance of better communication, recognizing that insufficient notice for launch times affected the developers’ sense of accomplishment and teamwork.

https://grokstar.dev/news/snipeit-releases/2024/07/v7-retrospective-what-worked-what-we-could-have-done-better/