Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Application Security

5/16/2019
01:49 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

xMatters open-sources its Chaos Engineering tool

Cthulhu automates cross-platform failure testing to help developers put better software into production and minimize downtime costs

SAN RAMON, CA -- May 14, 2019 -- xMatters (www.xmatters.com), a digital service availability platform that prevents IT issues from becoming business problems, today announced it has open-sourced Cthulhu, a chaos engineering tool that allows DevOps teams to design resilient, self-healing services across hybrid and multi-cloud infrastructures.

As more and more organizations move to a distributed systems model, chaos testing has become a leading-edge methodology for enhancing reliability. A major challenge, however, lies in executing these tests comprehensively across complex IT environments. Cthulhu enables automated cross-platform failure orchestration, using a data-driven approach to simulate complex disaster scenarios. This allows organizations to design more robust systems that better anticipate failure and -- more importantly -- improve self-healing mechanisms to accelerate automatic recovery.

"Microservice architecture can provide many benefits in scalability and functional encapsulation, but can also generate complex failure scenarios due to service dependencies. Chaos engineering can help expose these issues before they manifest themselves in production,” said Tobias Dunn-Krahn, CTO of xMatters. “Cthulhu exposes critical gaps in the self-healing ability of systems so that engineering teams can continuously re-fortify their applications against failures and keep the business running smoothly."

The development of Cthulhu has been spearheaded by xMatters developer Gabrielle Gasse, who first identified an internal need to efficiently orchestrate failure experiments across xMatters’ varied infrastructure, which uses a mix of both virtual machines and Kubernetes deployments.

“No such tool existed that would allow us to comprehensively test failures across the multiple components of our environment, so we decided to build it ourselves -- and then share it with the world,” said Gasse. “We’re excited to introduce Cthulhu to the developer community, and hope to engage and collaborate directly with those who will actually use and benefit from it.”

Cthulhu is designed to be extensible and easy to add to any platform. Startups can benefit from building better foundations from the get-go, while enterprises and established companies can rapidly identify critical areas for improvement and prioritize product roadmaps.

Core features of Cthulhu include:

  • Cross-platform failure orchestration to automatically run random failure scenarios in any environment and on a schedule.

  • Version-controllable scenarios so that once a vulnerability is identified, engineers can easily reproduce it in different environments.

  • Automated communications to allow select team members to monitor the evolution of failure experiments and insights gained through targeted notifications.

Cthulhu is the second no-cost tool offered by xMatters. Last year, the company also released xMatters Free to allow smaller teams of up to 15 users to benefit from select collaboration features with no expiration date.

Cthulhu is available now in xMatters’ GitHub: https://github.com/xmatters/cthulhu-chaos-testing

 

About xMatters

xMatters is a digital service availability platform that helps enterprises prevent, manage, and resolve IT incidents. From the Global 2000 to small workgroups and innovative DevOps teams, organizations around the world rely on xMatters to maintain operational visibility and control in highly complex IT environments. By providing toolchain integrations with hundreds of IT management, security, and DevOps applications, xMatters allows organizations to automate key processes and streamline workflows. xMatters is trusted by leading global companies including BMC Software, Credit Suisse, Danske Bank, DXC technology, Experian, NVIDIA, ViaSat, and Vodafone. xMatters is headquartered in San Ramon, California and has offices worldwide. For more information, please visit www.xMatters.com.

 

Press Contact

Vanessa Koo

PulpPR for xMatters

[email protected]

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 7/6/2020
Russian Cyber Gang 'Cosmic Lynx' Focuses on Email Fraud
Kelly Sheridan, Staff Editor, Dark Reading,  7/7/2020
Why Cybersecurity's Silence Matters to Black Lives
Tiffany Ricks, CEO, HacWare,  7/8/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Special Report: Computing's New Normal, a Dark Reading Perspective
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
The Threat from the Internetand What Your Organization Can Do About It
The Threat from the Internetand What Your Organization Can Do About It
This report describes some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-5974
PUBLISHED: 2020-07-08
NVIDIA JetPack SDK, version 4.2 and 4.3, contains a vulnerability in its installation scripts in which permissions are incorrectly set on certain directories, which can lead to escalation of privileges.
CVE-2020-15072
PUBLISHED: 2020-07-08
An issue was discovered in phpList through 3.5.4. An error-based SQL Injection vulnerability exists via the Import Administrators section.
CVE-2020-15073
PUBLISHED: 2020-07-08
An issue was discovered in phpList through 3.5.4. An XSS vulnerability occurs within the Import Administrators section via upload of an edited text document. This also affects the Subscriber Lists section.
CVE-2020-2034
PUBLISHED: 2020-07-08
An OS Command Injection vulnerability in the PAN-OS GlobalProtect portal allows an unauthenticated network based attacker to execute arbitrary OS commands with root privileges. An attacker requires some knowledge of the firewall to exploit this issue. This issue can not be exploited if GlobalProtect...
CVE-2019-19415
PUBLISHED: 2020-07-08
The SIP module of some Huawei products have a denial of service (DoS) vulnerability. A remote attacker could exploit these three vulnerabilities by sending the specially crafted messages to the affected device. Due to the insufficient verification of the packets, successful exploit could allow the a...