Happy International Girls in ICT Day 2023! OpenNMS celebrates the importance of girls, women, and non-binary folk in Information and Communications Technology (ICT). Last year, people on our team shared stories about the importance of access and safety in ICT. This year's theme is "Digital Skills for Life." Looking around [...]
Network segmentation is the process of dividing a network into smaller, more manageable pieces (segments) to improve its security posture. Network segmentation creates secure zones (subnetworks or subnets) within your larger network to help mitigate the impact of a security breach. By breaking the network into smaller pieces, you limit [...]
In the wake of the CircleCI breach, we have been reviewing policies and updating keys and tokens used in our automation for anything that could potentially be affected. While we have no evidence of any of specific credentials being leaked, we've needed to document procedures for rotating keys anyway, so [...]
Monitoring processes that don't provide network services is a default use case in network monitoring. Because they aren't providing network services, black box testing won't work- you need an agent on your system providing an inside view of your operating system. The Net-SNMP agent is easy to install and configure [...]
October’s Cybersecurity Awareness Month seems like a great time to discuss the improvements we are making at The OpenNMS Group to improve our security practices. For almost 20 years, OpenNMS staff developers and the open source contributor community have partnered to create robust and secure network monitoring platforms available in [...]
Hacktoberfest is an annual, month-long celebration of open source software driven by Digital Ocean. During this event everyone can support open source by contributing changes, and earn some limited-edition swag. We would like to invite you to participate and contribute to the OpenNMS project. There are many ways to contribute: [...]
The security team at The OpenNMS Group has partnered with MITRE to become a Common Vulnerability and Exposures (CVE) Numbering Authority (CNA). Through the CVE program, MITRE ensures that application vulnerabilities are uniquely identified and accurately reported. As a numbering authority, The OpenNMS Group security team will assign numbers to [...]
We invited OpenNMS employees to share their own experiences in ICT as women, non-binary, those identifying as female, or allies. Read their stories. International Girls in ICT Day celebrates the importance of girls and women in the information and communications technology (ICT) sector. Since 2001, the International Telecommunication Union [...]
Spring Core Remote Code Execution Vulnerability (SpringShell) CVE-2022-22965 A serious remote code execution (RCE) vulnerability exists in some versions of the Spring Framework, which is used by OpenNMS Meridian and Horizon. OpenNMS Meridian and Horizon are not known to be vulnerable because the published exploit for this RCE requires: [...]
Updates The log4j.formatMsgNoLookups work-around is no longer recommended. We are evaluating CVE-2021-45105 and at this time do not believe our products are affected. December 14, 2021: Horizon 26.1.2 and earlier versions. December 16, 2021: CVE-2021-45046. December 20, 2021: CVE-2021-45105. Note: Major text changes appear in red Background Serious remote code [...]
3000 RDU Center Dr, Suite 200
Morrisville, NC 27560
Phone: +1 919-533-0160
Email: [email protected]
© Copyright 2023 The OpenNMS Group, Inc.
