In modern security programs the silos between offensive and defensive teams is no longer sustainable: attackers iterate faster, tooling evolves daily, and detection gaps are exploited in minutes, not months. In this environment purple teaming is not an optional maturity enhancement, but it becomes a foundational requirement for organizations that take risk management seriously. Purple…
Read MoreElastic Enterprise license renewal Previously, the Elastic Enterprise license was scheduled to expire on February 28, 2026.With this update, the Elastic Enterprise license has been renewed and will now expire on December 31, 2026. In the case the health-check light/01004_elastic_license_check.sh is preventing you from updating your NetEye Installation you can run the following command: neteye update –skip-tags check_health….
Read More
As 2025 comes to a close, we can make some observations regarding the evolution of the double-extortion ransomware attack landscape. The data shown is the result of the enrichment performed within SATAYO starting from the data made available by the Ransomfeed project. The URLs of the Data Leak Sites (DLS) of the various ransomware gangs…
Read MoreImportant: Elastic Stack security update Type/Severity NetEye Product Security has rated this update as having a High security impact. Topic An update for the elastic-stack packages (elasticsearch, kibana, filebeat, logstash and elastic-agent) is now available for NetEye 4. Security Fix for NetEye 4.45 CVEs The CVEs affect different components of the Elastic Stack, as outlined below. Packetbeat CVEs:…
Read MoreThe year has just come to an end, and after a long stretch of work I could really use some rest. But before closing everything out completely, there’s one last thing I wan to share, and it needs a bit of context about the project. We’re currently building a distributed application consisting of several components…
Read MoreTests are often treated as a safety net: something that catches bugs before they reach users. While that’s true, it’s only part of the story. A test suite is also a mirror. If you look closely, it tells you a lot about the structure, health, and long-term maintainability of your codebase. If you know how…
Read MoreThe current architecture and underlying technologies behind the Atlassian Rovo engine, in light of recent developments The last few months show the path forward If you’ve been following the evolution of AI in recent years, you know changes come fast and often, and even a single year can be much too long an interval to…
Read More
When setting up Jira Service Management (JSM), one of the most fundamental questions administrators face is, “Should we consolidate everything into one giant project, or split our teams into separate projects?”, this choice impacts agent productivity, reporting clarity, portal experience, permission management, SLA differentiation, and workflow control. There is no perfect universal configuration, the right…
Read MoreIntroduction For on-premise Elasticsearch installations, performing a rolling restart across a cluster can be a time-consuming task, especially when dealing with large clusters. Rolling restarts are typically required when changing node configurations or upgrading the cluster to a new version. Elastic provides an official procedure to ensure service continuity during this process. However, after analyzing…
Read MoreKubernetes Operators are one of those ideas that feel magical when they work: you declare an intent/goal in YAML, and software continuously makes the cluster match it – handling upgrades, failures, drift, and lifecycle cleanup: like a purpose-built SRE on autopilot. Although in theory it looks like sci-fi fiction, in practice Operators are just code…
Read MoreEvery IT department has it: the mythical stockroom with all those small parts, cables, plugs, adapters… and mice everywhere (each one with a long cable 😉). Once perfectly organized, it’s now the place where “things we might need someday” go to disappear – and no one remembers the rules for handing something out to the…
Read MoreToday we continue our journey into monitoring automation in NetEye. In my previous post we discussed the possibility of automating Business Processes. As you may remember, for those of us working on NetEye Cloud monitoring dozens of clients, it’s important to be able to standardize and automate the creation of BPs to have a consistent…
Read MoreHi! Today I’d like to discuss a bit a quite hot topic in this world newly full of LLMs, namely MCP Servers! We’ll first see what MCP is and why it was created, moving then to a short hands-on with NetEye and in particular, the Elastic Stack feature module. Wait, what? MCP? What are we…
Read MoreWhen performance degradation occurs within a complex system, understanding the root cause can be extremely challenging. If the issue happens sporadically, this difficulty increases even more. This is because modern systems involve numerous components that interact in complex ways. For example, if your application’s Web UI becomes slow, the underlying cause could be anywhere in…
Read MoreFix upgrade 4.45 migration error We solved an issue that affected the upgrade to NetEye 4.45. The issue occurred during the migration of the monitoring role permissions to Icinga DB, due to the order in which packages were updated. List of updated packages To solve the issues mentioned above, the following packages have been updated…
Read More