What’s new at CIQ?
We’re a team of scientists, Linux geeks, technologists, pilots, designers and more with a mission to make infrastructure something you never have to think about.
Preparing your infrastructure for post-quantum cryptography
Your security team is asking about post-quantum cryptography (PQC). Your auditors are asking about PQC. Your customers are asking about PQC. And when you go looking for FIPS-validated post-quantum…
Rocky Linux from CIQ bootable container images now available
Rocky Linux from CIQ (RLC) now ships as bootable container images, letting organizations deploy and manage their Linux infrastructure using the same container workflows they use for applications…
Fuzzball adds preview support for CoreWeave provisioning
The next version of Fuzzball includes preview support for the AI-focused cloud computing platform CoreWeave, making CoreWeave the second cloud environment and first “neo-cloud” that can be natively…
The zero-day gap: why patching alone leaves Linux systems exposed
A new kernel CVE drops on Friday afternoon. Your security team flags it as critical. Exploit code is already circulating on GitHub. Your patch cycle is 30 days. What happens in that gap? For most…
Running Jupyter notebooks on HPC clusters without SSH tunneling
Every HPC center has the same support ticket: "How do I run Jupyter on the cluster?" The answer usually involves SSH tunneling, port forwarding, and a series of steps that look something like this…
Weekly newsletter
No spam. Just the latest releases and tips, interesting articles, and exclusive interviews in your inbox every week.
Read about our privacy policy.
Reactive vs. proactive security: why your Linux infrastructure needs both
The reactive security model Most enterprise security operates on a straightforward cycle: detect threats, respond to incidents, patch vulnerabilities, repeat. This model has served organizations well…
CVE management: automate discovery to remediation
When your security team asks, "Are we vulnerable to CVE-2026-XXXX?" the answer needs to come in minutes, not hours. With over 100 new CVEs published daily—and some days exceeding 1,000—manual…
Why security automation belongs in your risk management strategy
Over 100 new CVEs are published daily. Attackers begin scanning for unpatched systems within hours of disclosure. Your quarterly patching cycle leaves you exposed to thousands of vulnerabilities…
How to run interactive HPC workloads alongside batch jobs in a single workflow
Fuzzball Service Endpoints bring interactive computing to HPC workflow orchestration—run Jupyter notebooks, visualize simulations in real time, and coordinate services as part of your computational…
LKRG 1.0: Runtime defense for Linux kernel
LKRG is a kernel module that performs runtime integrity checking of the Linux kernel and detection of security vulnerability exploits against the kernel. For process credentials, LKRG attempts to…
AI workflow orchestration: why separate platforms fail
Why the gap between training and inference exists—and what unified workflows actually look like. Every deployment pipeline you've built to bridge training and inference is technical debt you didn't…
Linux kernel CVEs 2025: what security leaders need to know to prepare for 2026
The first 16 days of 2025 delivered 134 new Linux kernel CVEs (Common Vulnerabilities and Exposures—the standard system for tracking security flaws).1 By October, CISA had added seven kernel…