Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Application Security

5/16/2019
01:49 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

xMatters open-sources its Chaos Engineering tool

Cthulhu automates cross-platform failure testing to help developers put better software into production and minimize downtime costs

SAN RAMON, CA -- May 14, 2019 -- xMatters (www.xmatters.com), a digital service availability platform that prevents IT issues from becoming business problems, today announced it has open-sourced Cthulhu, a chaos engineering tool that allows DevOps teams to design resilient, self-healing services across hybrid and multi-cloud infrastructures.

As more and more organizations move to a distributed systems model, chaos testing has become a leading-edge methodology for enhancing reliability. A major challenge, however, lies in executing these tests comprehensively across complex IT environments. Cthulhu enables automated cross-platform failure orchestration, using a data-driven approach to simulate complex disaster scenarios. This allows organizations to design more robust systems that better anticipate failure and -- more importantly -- improve self-healing mechanisms to accelerate automatic recovery.

"Microservice architecture can provide many benefits in scalability and functional encapsulation, but can also generate complex failure scenarios due to service dependencies. Chaos engineering can help expose these issues before they manifest themselves in production,” said Tobias Dunn-Krahn, CTO of xMatters. “Cthulhu exposes critical gaps in the self-healing ability of systems so that engineering teams can continuously re-fortify their applications against failures and keep the business running smoothly."

The development of Cthulhu has been spearheaded by xMatters developer Gabrielle Gasse, who first identified an internal need to efficiently orchestrate failure experiments across xMatters’ varied infrastructure, which uses a mix of both virtual machines and Kubernetes deployments.

“No such tool existed that would allow us to comprehensively test failures across the multiple components of our environment, so we decided to build it ourselves -- and then share it with the world,” said Gasse. “We’re excited to introduce Cthulhu to the developer community, and hope to engage and collaborate directly with those who will actually use and benefit from it.”

Cthulhu is designed to be extensible and easy to add to any platform. Startups can benefit from building better foundations from the get-go, while enterprises and established companies can rapidly identify critical areas for improvement and prioritize product roadmaps.

Core features of Cthulhu include:

  • Cross-platform failure orchestration to automatically run random failure scenarios in any environment and on a schedule.

  • Version-controllable scenarios so that once a vulnerability is identified, engineers can easily reproduce it in different environments.

  • Automated communications to allow select team members to monitor the evolution of failure experiments and insights gained through targeted notifications.

Cthulhu is the second no-cost tool offered by xMatters. Last year, the company also released xMatters Free to allow smaller teams of up to 15 users to benefit from select collaboration features with no expiration date.

Cthulhu is available now in xMatters’ GitHub: https://github.com/xmatters/cthulhu-chaos-testing

 

About xMatters

xMatters is a digital service availability platform that helps enterprises prevent, manage, and resolve IT incidents. From the Global 2000 to small workgroups and innovative DevOps teams, organizations around the world rely on xMatters to maintain operational visibility and control in highly complex IT environments. By providing toolchain integrations with hundreds of IT management, security, and DevOps applications, xMatters allows organizations to automate key processes and streamline workflows. xMatters is trusted by leading global companies including BMC Software, Credit Suisse, Danske Bank, DXC technology, Experian, NVIDIA, ViaSat, and Vodafone. xMatters is headquartered in San Ramon, California and has offices worldwide. For more information, please visit www.xMatters.com.

 

Press Contact

Vanessa Koo

PulpPR for xMatters

[email protected]

Comment  | 
Print  | 
More Insights
Comments
Threaded  |  Newest First  |  Oldest First
US Turning Up the Heat on North Korea's Cyber Threat Operations
Jai Vijayan, Contributing Writer,  9/16/2019
Preventing PTSD and Burnout for Cybersecurity Professionals
Craig Hinkley, CEO, WhiteHat Security,  9/16/2019
NetCAT Vulnerability Is Out of the Bag
Dark Reading Staff 9/12/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
7 Threats & Disruptive Forces Changing the Face of Cybersecurity
This Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-13552
PUBLISHED: 2019-09-18
In WebAccess versions 8.4.1 and prior, multiple command injection vulnerabilities are caused by a lack of proper validation of user-supplied data and may allow arbitrary file deletion and remote code execution.
CVE-2019-15301
PUBLISHED: 2019-09-18
A SQL injection vulnerability in the method Terrasoft.Core.DB.Column.Const() in Terrasoft Bpm'online CRM-System SDK 7.13 allows attackers to execute arbitrary SQL commands via the value parameter.
CVE-2019-5042
PUBLISHED: 2019-09-18
An exploitable Use-After-Free vulnerability exists in the way FunctionType 0 PDF elements are processed in Aspose.PDF 19.2 for C++. A specially crafted PDF can cause a dangling heap pointer, resulting in a use-after-free. An attacker can send a malicious PDF to trigger this vulnerability.
CVE-2019-5066
PUBLISHED: 2019-09-18
An exploitable use-after-free vulnerability exists in the way LZW-compressed streams are processed in Aspose.PDF 19.2 for C++. A specially crafted PDF can cause a dangling heap pointer, resulting in a use-after-free condition. To trigger this vulnerability, a specifically crafted PDF document needs ...
CVE-2019-5067
PUBLISHED: 2019-09-18
An uninitialized memory access vulnerability exists in the way Aspose.PDF 19.2 for C++ handles invalid parent object pointers. A specially crafted PDF can cause a read and write from uninitialized memory, resulting in memory corruption and possibly arbitrary code execution. To trigger this vulnerabi...