Archives
-
Act now on Log4j/Log4shell vulnerability
Sumo Logic
Act Now on Log4Shell
Tuesday, December 21, 2021
10am SNST | 11am JST | 1pm AEST
Hello Mohammad,
In case you have not heard, Log4Shell, a zero day vulnerability within Apache Log4j, a popular Java logging library poses significant threats as it can be exploited for unauthenticated remote code execution.
Remote execution code, or RCE, can allow any bad actor behind a computer to run code on a server. If not handled promptly and properly, hundreds of millions of machines will be vulnerable.
Join this informative session in which Sumo Logic’s Chief Security Officer, George Gerchow and Roland Palmer, VP, Global Operations Center will discuss:
- Facts on Apache Log4j/Log4shell
- Determining if you are impacted
- Cloud Native Architecture, it matters
- Incident Response in the Cloud
- How Sumo Logic mitigates this vulnerability
- Q & A
Best regards,
Sumo Logic
Sumo Logic 305 Main Street, Redwood City, CA 94063
© 2021 Sumo Logic, All rights reserved.Unsubscribe 
by "Sumo Logic" <marketing-info@sumologic.com> - 08:01 - 16 Dec 2021 -
Learn From Your Peers | APAC Customer Stories
2021: A Year Driven by Customer Successes
Triquestra: Finding Success with TestComplete
As an additional benefit, automated testing with TestComplete mitigated the team’s dependency on individual knowledge, ensuring consistent testing across all features, every time. Greg explains their success with TestComplete in this 60 second video - watch it here!
Triquestra: Managing API Definitions & Domains with SwaggerHubCheck out this 60 second video on how Greg Cantlon, Head of Delivery at Triquestra, managed API definitions and domains with SwaggerHub.
Greg Cantlon explains that "By taking a design-first approach in SwaggerHub, our designers could start with a customer requirement and create an API specification, then have it reviewed by architects, developers, testers and customers, all before publishing and beginning development". Watch the short video here!
Triquestra: Adding Real Value with ReadyAPI
By using ReadyAPI to test during the build-out or testing of complex or flagship features, the team is later able to automate those tests once the feature is locked down, saving substantial time in future release cycles.
Greg Cantlon is pleased with the results. “In the area of APIs that are stable, we have examples of regression testing being reduced from two days to one hour.” Watch the short video here!
The Singularity: Implementing an API-First Approach to DevOps Automation
Discover how The Singularity used SwaggerHub as the single source of truth, to improve developer collaboration and productivity as well as leverage OpenAPI specifications to automate the DevOps pipeline for its government clients. Watch the session here!Share Your Success Story with the SmartBear Community
SmartBear Team
Quality isn’t just a goal. It’s the whole point.cliodhna.broder@smartbearmail.com
This email was sent to info@learn.odoo.com by SmartBear Software, 450 Artisan Way, Somerville, MA. 02145, 617.684.2600, www.smartbear.com. We hope you found this email of interest. However, we value your privacy. If you do not wish to receive future correspondence from us, please click here to manage mail preferences.
by "Cliodhna at SmartBear" <cliodhna.broder@smartbearmail.com> - 05:06 - 16 Dec 2021 -
Subject: [Update] Zero-day in the Log4j Java library 12.16.21
Zero-day in the Log4j Java library 12.16.21
We have published a new version of our collector, release 19.361-16, which has been updated to leverage Log4j 2.16.0 and address the vulnerability related to CVE-2021-45046.
We recommend upgrading to the latest version immediately.
Our previous release, 19.361-12, which was released on December 11, 2021, upgraded Log4j to 2.15.0 to fix the zero-day exploit affecting the popular Apache Log4j utility (CVE-2021-44228). However, it was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain non-default configurations and we subsequently upgraded our collector (again) to leverage Log4j 2.16.0.
Utilizing the latest collector will help minimize the risk stemming from any new information released surrounding this vulnerability. It is critical that all collectors installed are upgraded to the latest release to ensure that any potential undiscovered or undisclosed issues in prior Log4j versions are not exploitable.
Resources:
Sumo Logic Collector Release Notes
Collector Update Best Practices
Upgrade Collectors using the Web Application
Upgrade Collectors using the Command Line
Thank you again for your patience and partnership, and we will continue to provide updates as soon as we know more.
If you have any additional questions or concerns, please open a case with Sumo Logic Support (support@sumologic.com).
Jay from Sumo Logic Unsubscribe from our emails
by "Jay from Sumo Logic" <jschwegler@sumologic.com> - 04:10 - 16 Dec 2021 -
[Blog] Kubernetes & API Management - a match made in heaven?
[Blog] Kubernetes & API Management - a match made in heaven?
Hi MD Abul
As APIs grow in popularity, Kubernetes-based infrastructures must increasingly be able to handle the entire API lifecycle.
In our latest article, we explore the synergy between Kubernetes and API management, looking at:
• Why is APIM necessary?
• What is a service mesh?
• How APIM helps Kubernetes
• ...and much moreRead our blog post to learn more about how APIM platforms like Tyk are an ideal complement to your Kubernetes workflow.
Best wishes,
Tyk, 22 Technology Parkway, Atlanta, Georgia GA 30092, USA, +1 (404) 4511123
by "Budhaditya Bhattacharya" <budha@tyk.io> - 02:44 - 16 Dec 2021 -
[Update] Zero-day in the Log4j Java library (CVE-2021-44228 and CVE 2021-45046)
Zero-day in the Log4j Java library (CVE-2021-44228 and CVE 2021-45046)
- Sumo Logic Service: We have confirmed that our service is not vulnerable to Log4Shell.
- Sumo Logic Installed Collector: We recommend an immediate upgrade of all collectors to version 19.361-12.
Sumo Logic Service details:
- After review and analysis of our Log4j usage, we are confident that the service has never been vulnerable to the Log4j lookup vulnerability.
- Despite this, out of an abundance of caution, we have been working on updating all versions of Log4j used internally to the latest version.
Sumo Logic Installed Collector details:
We are confident that ordinary operation of our current release of our collector mitigates this vulnerability. That said, below is a Sumo Logic in-depth analysis of the situation as it relates to this vulnerability.
- Our collector does utilize Log4j for its internal audit logging operations, but by design, data passing through the collector is never logged. Potential attack vectors exist but require privileged access and advanced knowledge and skills to exploit, as our internal security teams have discovered.
- We do not believe our customers are at significant risk from external parties in the ordinary operation of our collectors, including at our latest release. Industry best practices recommend that you do not allow un-sanitized external inputs to drive internal environmental configuration
- Third party verification of the above is in progress.
Supply Chain details:
- We are actively working with our supply chain partners to understand their impact regarding this vulnerability.
Open Source Project details:
As previously mentioned,
- We found a small number of open source libraries published by us that included the vulnerable version of the library. Customers may or may not use them, but there is potential for downstream consumers to have vulnerabilities.
- The OS libraries will be updated and new releases are being done.
Thank you again for your patience and partnership, and we will continue to provide updates as soon as we know more.
If you have any additional questions or concerns, please open a case with Sumo Logic Support (support@sumologic.com).
Stacy from Sumo Logic Unsubscribe from our emails
by "Stacy from Sumo Logic" <stacy@sumologic.com> - 04:07 - 15 Dec 2021 -
Planning for 2022? See what’s next in BI and data
Generic Webinar
WEBINARBI & DATA TRENDS 2022
Interwoven:
The End of Competition
as We Know ItJanuary 11, 2022
What’s next in BI and data?
Nearly 4 out of 5 CEOs believe that remote collaboration will be a lasting shift after the pandemic.* Will it – and what else should you be preparing for?
Save the date for BI & Data Trends 2022 – our annual event – where you’ll learn about the top 10 trends to expect in the coming year, including:- The emergence of collaboration-mining
- The evolution of the dashboard
- The rise of data lineage and explainable BI
- The use of application automation to trigger action
Discover what’s next – so you can plan ahead. Register now to reserve your spot.
*Source: https://www.pwc.com/gx/en/ceo-agenda/ceo-panel-survey-emerge-stronger.pdf
January 11, 2022 - 9:30 IST / 12:00 SGT / 15:00 AETWebinar Speaker
Dan Sommer
Senior Director, Market Intelligence Lead
QlikQlikTech Singapore Pte Ltd. | 9 Temasek Boulevard, #27-01/03 Suntec Tower Two | Singapore 038989 | Tel: +65 6690 7000
Privacy Policy
This email was sent to info@learn.odoo.com. If you no longer wish to receive these emails you may unsubscribe at any time.
by "Qlik Webinars" <qlikwebinars@qlik.com> - 09:02 - 13 Dec 2021 -
Keep your eCommerce website and your ERP in sync [live demo]
Tray Email
Hi Md,
I hope you're all ready for the holiday break. In this last live group demo of 2021, we will show you how to sync Shopify and NetSuite to keep inventory details up-to-date. We'll also be giving out prizes during this one so you don't want to miss it!
Join automation expert Foster King on Thursday, December 16 at 10am PT / 1pm ET to learn how this is possible with low-code automation.
Sign up below or reply to this email and I'll add you to the registration list.Your hosts
Sander Buitelaar
MARKETING / HOST
Foster KingAUTOMATION EXPERT
© Tray.io Inc. 25 Stillman Street, San Francisco, CA 94107, United States
by "Sander Buitelaar, Tray.io" <sander@tray.io> - 01:06 - 13 Dec 2021 -
Intel® Cloud Computing | Embark on Your High-Performance Computing Journey With Intel
<span elqid="28040" elqtype="DynamicContent" class="remove-absolute" style="display: block"></span>
Intel Powers the Future
Dear Md Abul,
Leverage High-Performance Computing to Fuel Your Competitive Edge
Some of the world’s most important discoveries depend on high-performance computing (HPC). It’s the supercomputer behind clean fusion research, the powerful engine driving pioneering genome studies, and much more. Our customers use Intel® HPC products every day to enable world-changing projects—from climate research to finance, cloud to AI.
Now find out how AI can further augment the capabilities of HPC to enable new breakthroughs. Also, learn what factors IT decision-makers must take into account for this to be not only viable, but also scalable and attuned to end-user demand.
Read eGuide 
Would you like us to customize your emails further? If yes, click here to indicate your content preference.
Intel is committed to respecting human rights and avoiding complicity in human rights abuses. See Intel’s Global Human Rights Principles. Intel’s products and software are intended only to be used in applications that do not cause or contribute to a violation of an internationally recognized human right.
© Intel Corporation. Intel, the Intel logo, and other Intel marks are trademarks of Intel Corporation or its subsidiaries.
Other names and brands may be claimed as the property of others.This was sent to info@learn.odoo.com because you are subscribed to Industry Solutions. To view and manage your marketing-related email preferences with Intel, please click here.
© 2021 Intel Corporation
Intel Corporation, 2200 Mission College Blvd., M/S RNB4-145, Santa Clara, CA 95054 USA. www.intel.comPrivacy | Cookies | *Trademarks | Unsubscribe | Manage Preferences
by "Intel Corporation" <intel@plan.intel.com> - 08:14 - 12 Dec 2021 -
[Update] Zero-day in the Log4j Java library
Collector Update for SEC-INV-48: Zero-day in the Log4j Java library
We have published a new version of our collector, release 19.361-12, which we believe has the fix to the vulnerable Log4j dependency.
Utilizing the latest collector will help minimize the risk stemming from any new information released surrounding this vulnerability.
Resources:
- Sumo Logic Collector Release Notes
- Collector Update Best Practices
- Upgrade Collectors using the Web Application
- Upgrade Collectors using the Command Line
Thank you again for your patience and partnership, and we will continue to provide updates as soon as we know more.
If you have any additional questions or concerns, please open a case with Sumo Logic Support (support@sumologic.com).
Jay from Sumo Logic Unsubscribe from our emails
by "Jay from Sumo Logic" <jschwegler@sumologic.com> - 01:01 - 12 Dec 2021 -
Achieving API Standardization with SwaggerHub
Hi Abul,
If your team is looking to provide a consistent API experience to your consumers, standardization should be top of mind.
We recently recorded a webinar on this topic, titled Achieving API Standardization with SwaggerHub.
We reference data from our State of API report and showcase the top standardization features in SwaggerHub.
If you are interested, just click below. No registration. No waiting.
Stream this Webinar
In this 30-minute session, we cover:- Why API standardization is becoming critical
- How to use SwaggerHub as the single source of truth for your API definitions
- Setting style rules and real-time collaboration in SwaggerHub
- Starting to build your APIs with reusable assets ("domains")
Andrew Marotta,
Senior Marketing Specialist at SmartBear
This email was sent to info@learn.odoo.com by SmartBear Software, 450 Artisan Way, Somerville, MA. 02145, 617.684.2600, www.smartbear.com. We hope you found this email of interest. However, we value your privacy. Please click here to Unsubscribe or manage mail preferences. Privacy Policy.
by "Andrew from SmartBear" <swaggerhub-team@smartbear.com> - 05:35 - 11 Dec 2021 -
[Update] Zero-day in the Log4j Java library
Update SEC-INV-48: Zero-day in the Log4j Java library
Thank you for your continued patience and support; our investigation is still active, but we have determined the following:
Sumo Logic service:
- At this point, we believe the service is not vulnerable as we leverage a Java version that mitigates the vulnerability. We are continuing to monitor all possibilities.
- Additionally, we have controls on a network level that render this vulnerability less likely to be exploited.
- Out of an abundance of caution, we are updating all versions of Log4j in use to the latest release.
Sumo Logic collector:
- As of collector version 19.227-15 (released 10/2018), the JDK bundled with the collector was upgraded to 8u192. We anticipate that any collector at or above version 19.227-15 should not be affected by the known vulnerability.
- To mitigate further risk, please make sure that your Sumo Logic installed collector is using JDK of version more recent than 6u211, 7u201, 8u191, and 11.0.1, as these versions are less susceptible to the vulnerability.
- Since most collectors do not listen on the network and do not log anything that was received over the network, it should minimize any potential attack surface.
- We are working on releasing a new collector and will let you know when it’s available.
Open Source projects:
- A review found a small number of open source libraries we publish that included the vulnerable version of the library. Customers may or may not use them, but there is potential for downstream consumers to have vulnerabilities.
- The OS libraries have been upgraded and new releases are being done.
Thank you again, and we will continue to provide updates as soon as we know more.
If you have any additional questions or concerns, please open a case with Sumo Logic Support (support@sumologic.com).
Jay from Sumo Logic Unsubscribe from our emails
by "Jay from Sumo Logic" <jschwegler@sumologic.com> - 10:45 - 10 Dec 2021 -
[Webinar Invite] SwaggerHub User Management| The SmartBear Designer Series
Hey Abul,
Join us next Tuesday for the next installment of "The Designer Series". This month's session will center around the unveiling of the new User Management API available in SwaggerHub.
Managing software licenses and permissions is sometimes underappreciated. It impacts enterprises in two big ways: costs and security.
With SwaggerHub user management controls, you can:- Sort your employees into organizations, projects, and teams
- Sync to your LDAP or SSO
- Automate processes
- Manage access to the organization (without using the UI)
- And more
To join us for this session, you can register here: "The Designer Series: User Management in SwaggerHub"
Hope to see you there,
Andrew Marotta,
Sr. Marketing Specialist at SmartBearThis email was sent to info@learn.odoo.com by SmartBear Software, 450 Artisan Way, Somerville, MA. 02145, 617.684.2600, www.smartbear.com. We hope you found this email of interest. However, we value your privacy. Please click here to Unsubscribe or manage mail preferences. Privacy Policy.
by "Andrew from SmartBear" <swaggerhub-team@smartbearmail.com> - 09:47 - 9 Dec 2021 -
[White Paper] Effective API Management in Kubernetes
[White Paper] Effective API Management in Kubernetes
Hi MD Abul
With Kubernetes becoming more common in enterprise-class digital systems, there is a distinct need for the functionality and capabilities provided by an effective API management tool. Tyk's API management platform, together with the Tyk Kubernetes Operator, delivers what both dev and ops teams need.
In our latest white paper we look at:
• What the benefits of consistent API management are
• How organizations can centralize managing their APIs in a sustainable, long-term way
• How organizations are able to describe their entire API management system declaratively, from API definitions and security policies to developer portal configurations and API service catalog publishing
• ...and moreYou can download your copy here.
Best wishes,
Tyk, 22 Technology Parkway, Atlanta, Georgia GA 30092, USA, +1 (404) 4511123
by "Budhaditya Bhattacharya" <budha@tyk.io> - 02:44 - 9 Dec 2021 -
The Tyk Times: All things Kubernetes + The end of the ESB
The Tyk Times: All things Kubernetes + The end of the ESB
Hey MD Abul. We handpicked these articles to keep you up to date with what's going on at Tyk and in the API management world. Enjoy!
Should your developers learn Kubernetes?
Deploying an application on multiple connecting containers across multiple hosts, scaling them, and managing them can be a complex task. Kubernetes is a feasible alternative.
This open-source platform developed by Google automates the deployment and orchestration of your applications with the help of a powerful, extensible API. This article will examine the pros and cons of Kubernetes, so you can determine whether it’s the solution for your team.
How we did it: adding API management to Kubernetes
Tyk is leading the field in API management on Kubernetes. But how and why is our solution different from anything else on the market?
Read on to find out, as we take an in-depth look at Tyk on Kubernetes, courtesy of Go Engineer Geofrey Ernest and Head of Research and Development Ahmet Soormally.
Kubernetes and API Management: A match made in heaven
The need to develop applications that can quickly and efficiently exchange data and functionality is on the rise. This has led to the widespread use of APIs
As APIs grow in popularity, Kubernetes-based infrastructures must increasingly be able to handle the entire API lifecycle. This article explores the synergy between Kubernetes and API management.
The end of the ESB?
Here at Tyk we believe in making things better - that’s why we’re bringing together the tech community to share their views and help shape the future of systems integration.
We’re looking for participants with a variety of expertise in this field to take part in a one-hour online confidential roundtable discussion with Tyk thought leaders in this space. During the session, we’ll complete a series of design research activities (all hosted via Zoom).
We’re after your real world insights into requirements for modern and best in class systems integration as part of our ongoing product development in this area. Learn more about how you can take part by clicking the link below.
by "Martin Buhr" <martin.buhr@tyk.io> - 09:16 - 7 Dec 2021 -
User Management in SwaggerHub| The SmartBear Designer Series
Hey Abul,
Next Tuesday, we are hosting our next installment of "The Designer Series", our monthly tutorial to highlight a specific SwaggerHub use case. For this session, we are focusing on how you can leverage the new User Management API in SwaggerHub.
This new feature in SwaggerHub enables stronger governance of roles and access to APIs and the organization.
To join us for this session, you can register here: "The Designer Series: User Management in SwaggerHub"
Hope to see you there,
Andrew Marotta,
Sr. Marketing Specialist at SmartBear
P.S. If you can't attend but are interested in watching, just register and we will send you the recording after.
This email was sent to info@learn.odoo.com by SmartBear Software, 450 Artisan Way, Somerville, MA. 02145, 617.684.2600, www.smartbear.com. We hope you found this email of interest. However, we value your privacy. Please click here to Unsubscribe or manage mail preferences. Privacy Policy.
by "Andrew from SmartBear" <swaggerhub-team@smartbearmail.com> - 11:10 - 7 Dec 2021 -
Citizen Automator | December 2021
Tray Email
Hi Md,
The year-end edition of Citizen Automator includes in-depth guides on how to deliver customer integrations faster, analyst insights on automation, and new tools you can use right now to do more, faster. The Tray.io team wishes you a safe and restful holiday!
Guide: How to embed integrations in your productProduct and technical leaders: We just released the definitive guide to embedding integrations into your products to increase retention and CSAT, grow revenue, and get an edge on your competitors.
Your embedded integrations overview
What are embedded integrations? Why do product and technical leads need them? Learn how Eventbrite, HackerOne, and many others are accelerating their roadmaps with embedded integrations.
Build faster with automation templatesAccelerate your next automation project with recently released pre-built automation templates for a variety of use cases for email, chat, CSV, and a variety of SaaS tools. Get the details here.
Constellation Research on integrationsWhat exactly should you look for in an integration platform? Check out this on-demand webinar and learn from Constellation Research's principle analyst Doug Henschen and the business technology team at e-learning leader Udemy.
Segment talks future of workJoin Justin Tung of Segment and learn how the changing needs of IT and business technologists are reshaping the iPaaS market to favor nimble, low-code platforms.
by "The Tray.io Team" <team@tray.io> - 12:02 - 2 Dec 2021 -
Upwork Trades shared a folder with you in Canva
Upwork Trades shared a folder with you in Canva
Upwork Trades shared the folder "Meera's Gold Diamond" with you in CanvaYou received this email because Upwork Trades shared a folder with you. If this was sent to you by mistake, please contact support. 
Made for you with 
from Canva
Canva®, 110 Kippax St, NSW 2010, Australia
by "Canva" <no-reply@canva.com> - 10:21 - 30 Nov 2021 -
Upwork Trades shared the folder "Clarks" with you in Canva
Upwork Trades shared the folder "Clarks" with you in Canva
Upwork Trades shared the folder "Clarks" with you in CanvaYou received this email because Upwork Trades shared a folder with you. If this was sent to you by mistake, please contact support.
Made for you with
from Canva
Canva®, 110 Kippax St, NSW 2010, Australia
by "Canva" <no-reply@canva.com> - 10:21 - 30 Nov 2021 -
End your year equipped with insights
Show off your year Did you know...there’s a really easy way to end this year right.
From the lows and highs to all your KPIs, put your year in review with this checklist of top services to analyze your performance, build a powerful presentation, and start preparing your business internally and externally for next year.Ready to check off 2021? Review It Right 
Privacy Policy | Support | Invite a Friend | Get Inspired
This email was sent to you by Fiverr International Ltd.
You are receiving this email because you signed up for Fiverr.
If you wish to unsubscribe from all future emails, please click here
Fiverr International Ltd. | 38 Greene St. | New York, NY 10013, USA
by "Fiverr" <no-reply@fiverr.com> - 10:40 - 30 Nov 2021 -
Last Chance! SwaggerHub & The Singularity DevOps
Hi Abul,
This week, our SmartBear evangelists are hosting a fireside chat to discuss our first-ever partner spotlight with The Singularity DevOps. We hope you will join us as our SmartBears discuss SwaggerHub, best practices for API designs, and customer success stories!
Join our webinar on Thursday to hear how The Singularity DevOps supported one of the largest Australian government agencies in New South Wales:
- Reduce API development time by 40%
- Ensure 30% fewer API defects in production
- Improve developer collaboration and productivity
- Leverage OpenAPI specifications to automate DevOps pipeline
Register Now
Best,
Andrew Marotta
Senior Marketing Specialist
SwaggerHub Team
This email was sent to info@learn.odoo.com by SmartBear Software, 450 Artisan Way, Somerville, MA. 02145, 617.684.2600, www.smartbear.com. We hope you found this email of interest. However, we value your privacy. Please click here to Unsubscribe or manage mail preferences. Privacy Policy.
by "Andrew from SwaggerHub" <swaggerhub-team@smartbearmail.com> - 10:13 - 29 Nov 2021
