Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Application Security

5/16/2019
01:49 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

xMatters open-sources its Chaos Engineering tool

Cthulhu automates cross-platform failure testing to help developers put better software into production and minimize downtime costs

SAN RAMON, CA -- May 14, 2019 -- xMatters (www.xmatters.com), a digital service availability platform that prevents IT issues from becoming business problems, today announced it has open-sourced Cthulhu, a chaos engineering tool that allows DevOps teams to design resilient, self-healing services across hybrid and multi-cloud infrastructures.

As more and more organizations move to a distributed systems model, chaos testing has become a leading-edge methodology for enhancing reliability. A major challenge, however, lies in executing these tests comprehensively across complex IT environments. Cthulhu enables automated cross-platform failure orchestration, using a data-driven approach to simulate complex disaster scenarios. This allows organizations to design more robust systems that better anticipate failure and -- more importantly -- improve self-healing mechanisms to accelerate automatic recovery.

"Microservice architecture can provide many benefits in scalability and functional encapsulation, but can also generate complex failure scenarios due to service dependencies. Chaos engineering can help expose these issues before they manifest themselves in production,” said Tobias Dunn-Krahn, CTO of xMatters. “Cthulhu exposes critical gaps in the self-healing ability of systems so that engineering teams can continuously re-fortify their applications against failures and keep the business running smoothly."

The development of Cthulhu has been spearheaded by xMatters developer Gabrielle Gasse, who first identified an internal need to efficiently orchestrate failure experiments across xMatters’ varied infrastructure, which uses a mix of both virtual machines and Kubernetes deployments.

“No such tool existed that would allow us to comprehensively test failures across the multiple components of our environment, so we decided to build it ourselves -- and then share it with the world,” said Gasse. “We’re excited to introduce Cthulhu to the developer community, and hope to engage and collaborate directly with those who will actually use and benefit from it.”

Cthulhu is designed to be extensible and easy to add to any platform. Startups can benefit from building better foundations from the get-go, while enterprises and established companies can rapidly identify critical areas for improvement and prioritize product roadmaps.

Core features of Cthulhu include:

  • Cross-platform failure orchestration to automatically run random failure scenarios in any environment and on a schedule.

  • Version-controllable scenarios so that once a vulnerability is identified, engineers can easily reproduce it in different environments.

  • Automated communications to allow select team members to monitor the evolution of failure experiments and insights gained through targeted notifications.

Cthulhu is the second no-cost tool offered by xMatters. Last year, the company also released xMatters Free to allow smaller teams of up to 15 users to benefit from select collaboration features with no expiration date.

Cthulhu is available now in xMatters’ GitHub: https://github.com/xmatters/cthulhu-chaos-testing

 

About xMatters

xMatters is a digital service availability platform that helps enterprises prevent, manage, and resolve IT incidents. From the Global 2000 to small workgroups and innovative DevOps teams, organizations around the world rely on xMatters to maintain operational visibility and control in highly complex IT environments. By providing toolchain integrations with hundreds of IT management, security, and DevOps applications, xMatters allows organizations to automate key processes and streamline workflows. xMatters is trusted by leading global companies including BMC Software, Credit Suisse, Danske Bank, DXC technology, Experian, NVIDIA, ViaSat, and Vodafone. xMatters is headquartered in San Ramon, California and has offices worldwide. For more information, please visit www.xMatters.com.

 

Press Contact

Vanessa Koo

PulpPR for xMatters

[email protected]

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
US Mayors Commit to Just Saying No to Ransomware
Robert Lemos, Contributing Writer,  7/16/2019
How Attackers Infiltrate the Supply Chain & What to Do About It
Shay Nahari, Head of Red-Team Services at CyberArk,  7/16/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Building and Managing an IT Security Operations Program
As cyber threats grow, many organizations are building security operations centers (SOCs) to improve their defenses. In this Tech Digest you will learn tips on how to get the most out of a SOC in your organization - and what to do if you can't afford to build one.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-13575
PUBLISHED: 2019-07-18
A SQL injection vulnerability exists in WPEverest Everest Forms plugin for WordPress through 1.4.9. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system via includes/evf-entry-functions.php
CVE-2019-13607
PUBLISHED: 2019-07-18
The Opera Mini application through 16.0.14 for iOS has a UXSS vulnerability that can be triggered by performing navigation to a javascript: URL.
CVE-2019-13915
PUBLISHED: 2019-07-18
b3log Wide before 1.6.0 allows three types of attacks to access arbitrary files. First, the attacker can write code in the editor, and compile and run it approximately three times to read an arbitrary file. Second, the attacker can create a symlink, and then place the symlink into a ZIP archive. An ...
CVE-2019-9230
PUBLISHED: 2019-07-18
An issue was discovered on AudioCodes Mediant 500L-MSBR, 500-MBSR, M800B-MSBR and 800C-MSBR devices with firmware versions F7.20A to F7.20A.253. A cross-site scripting (XSS) vulnerability in the search function of the management web interface allows remote attackers to inject arbitrary web script or...
CVE-2019-10100
PUBLISHED: 2019-07-18
Lawrence Livermore National Laboratory msr-safe v1.1.0 is affected by: Incorrect Access Control. The impact is: An attacker could modify model specific registers. The component is: ioctl handling. The attack vector is: An attacker could exploit a bug in ioctl interface whitelist checking, in order t...