What’s new at CIQ?
We’re a team of scientists, Linux geeks, technologists, pilots, designers and more with a mission to make infrastructure something you never have to think about.

Azure Confidential Compute Recovery: Failed Volume Unlock or Secure Boot Violation
It’s happened to all of us at one point: while tweaking your system, you’ve accidentally installed a wrong kernel version, and now your system is failing to boot. This is usually a pretty quick fix…

Deploy fast or deploy secure, and how to do both
Enterprise security teams face an impossible choice: hold your infrastructure deployments until you can ensure they are secure, or maintain operational agility at the expense of security posture. The…

The Fuzzball Workflow Catalog
Off-the-shelf portability Inside CIQ we have a common lament: that in traditional HPC every system is “serial number 1.” The idea is that every HPC cluster is, to a certain extent, bespoke and unique…

Running Nextflow Pipelines on Fuzzball: First Release of the nf-fuzzball Plugin
Nextflow is a widely used workflow orchestration tool in bioinformatics. It enables users to build portable and reproducible workflows based on containers and a plugin interface that allows creation…

CIQ's Partnership with NVIDIA: Transforming Enterprise GPU Infrastructure
CIQ recently announced a partnership that transforms how the entire AI/ML/HPC industry can access and operationalize GPU acceleration: CIQ integrates the NVIDIA CUDA Toolkit within our commercial…
Weekly newsletter
No spam. Just the latest releases and tips, interesting articles, and exclusive interviews in your inbox every week.
Read about our privacy policy.

The real danger of systemd-coredump CVE-2025-4598
TL;DR: A critical vulnerability in systemd-coredump remains unfixed in Enterprise Linux 9, allowing attackers to steal password hashes and cryptographic keys within seconds - but Rocky Linux from CIQ…

Introducing Warewulf Pro
Since 2001, the open source Warewulf platform has been a reliable foundation for HPC (High Performance Computing) systems. Whether you’re deploying a small cluster for a single research team or a…

How the hardened_malloc library protects processes from security exploitation on Rocky Linux from CIQ - Hardened
Introduction Rocky Linux from CIQ - Hardened (RLC-H) is a hardened version of Rocky Linux that includes a security-focused general purpose memory allocator which implements secure heap allocation…

PEARC25 Wrap-Up: Community Connections and Warewulf's Growing Impact
CIQ was pleased to both contribute to and support the Practice and Experience in Advanced Research Computing (PEARC) conference this year at the Greater Columbus Convention Center in Columbus, Ohio…

A Deep Dive into Linux Kernel Runtime Guard (LKRG)
Security in Linux is typically centered around identifying and patching vulnerabilities, configuring firewalls, and managing user access. While these are crucial, there's another layer of defense that…

CentOS 7 Security: Why Extended Support Can't Wait
A Deep Dive into the Post-EOL Vulnerability Exposure: WHY NOW, HOW BIG, and WHY SHOULD I WORRY The Situation: Hundreds of Vulnerabilities and Growing The current state: After reaching End-of-Life (EOL…

CentOS: A Retrospective and Look Ahead
The story of CentOS is deeply intertwined with the evolution of enterprise Linux and the ethos of open-source communities. From its origins as a vital, free alternative to commercial distributions to…