This article explains internal network tunneling, compares popular open‑source tools like frp, ngrok, and nps, and outlines essential security measures, risk‑control checklists, and compliance tips to help operations teams safely expose internal services without compromising security.
This article reviews JD Cloud’s bastion host solution presented at the 2020 Global New‑Generation Software Engineering Summit, detailing the security challenges of modern operations, compliance requirements, design principles, cloud‑native architecture, and real‑world deployments in enterprises and finance.
This article explains the concept of operations security, why it has become critical, enumerates common mis‑configurations and vulnerabilities such as open ports, weak permissions, insecure scripts and supply‑chain risks, and provides a comprehensive set of best‑practice guidelines and an enterprise‑level framework to build a resilient operations security posture.
Operations security, the intersection of IT operations and security, has become critical as high‑profile vulnerabilities like Struts2, OpenSSL Heartbleed, and massive DDoS attacks expose the costly ROI of ops‑related flaws; this article defines the field, explains its importance, lists common bad practices, typical vulnerabilities, and real‑world case studies.
This article reviews a decade of cloud security experience and outlines the key challenges of operations security in public cloud environments, offering concrete solutions such as VPC isolation, encrypted VPNs, RAM policies, Linux key‑based login, Windows RDP port changes, privileged‑account management, and ActionTrail auditing.
This article examines the most common operational security vulnerabilities—such as unpatched Struts, server‑status leaks, backup file exposure, SVN leaks, and weak default credentials—explains why they are critical, and offers practical recommendations for enterprises to improve their ops‑security posture.
This article introduces CrazyEye, an open‑source bastion host that centralizes permission and audit management for large server fleets, explains its key features such as fine‑grained access control, command logging, and batch operations, and provides setup screenshots and the Git repository link.
