What’s new at CIQ?
We’re a team of scientists, Linux geeks, technologists, pilots, designers and more with a mission to make infrastructure something you never have to think about.
What trading infrastructure teams actually need from Enterprise Linux
Four requirements consistently appear in trading infrastructure OS standards, written independently by firms that have never compared notes: a validated kernel that holds under custom engineering, a…
Why OS hardening is no longer enough: the case for infrastructure-level supply chain security
The attack surface your auditors ask about is not the one attackers use. Enterprise Linux security has matured significantly. Organizations run hardened operating systems, enforce FIPS 140-3 validated…
Behavioral drift: The risk your eval stack won't catch
Series: 10 reasons to own your AI infrastructure, Post 1 Here is a failure mode worth knowing before it finds you. Your model provider pushes an update. Your capability evals pass. The output…
Why RLC+?
The next step on your Enterprise Linux journey When considering the process of designing and creating infrastructure, Rocky Linux is where the journey often begins. A free, stable, community-governed…
CIQ at RMACC 2026
What Jonathon Anderson presented at the 2026 RMACC HPC Symposium: Version 3 brought Slurm integration and multi-cloud to production. Version 4 closes storage gaps for on-premises HPC teams. The CIQ…
Monthly newsletter
No spam. Just the latest releases and tips, interesting articles, and exclusive interviews in your inbox every month.
Read about our privacy policy.
We predicted the next wave. Five days later, we found it ourselves.
Here we go again. Five days is how long it took between me writing in our last blog post that we predicted that vulnerabilities would come in waves and realizing that this wave isn't done yet. I'd…
What does sovereign AI really mean?
Series: 10 reasons to own your AI infrastructure, Post 0 "Sovereign AI" now covers everything from "your data isn't used to train our model" to "you have the weights, the runtime, the audit trail, and…
Another local privilege escalation exploit. And, here's what CIQ did... again.
As the Head of Linux Engineering, yesterday was tough. My organization had done an amazing job resolving Copy Fail and pushing fixes out for all our kernel variants. I was catching up on Slack and saw…
Run Fuzzball HPC workflows natively on Oracle Cloud
Fuzzball now deploys natively on Oracle Cloud Infrastructure (OCI), joining AWS, GCP, and on-prem bare metal as a first-class deployment target. A computational chemist can move a GROMACS simulation…
Copy Fail is a local privilege escalation exploit. Here is what CIQ did about it.
CVE-2026-31431 affects kernels built since 2017 and has a working public exploit in circulation. Patched kernels are available now for every CIQ-supported Rocky Linux variant. The vulnerability: CVE…
From default to defended. Taking command of your Linux security stack.
Your cloud provider's OS responsibility ends at image delivery. Everything above that belongs to your team. Server hacking (direct server compromise incidents) accounted for 45% to 56% of all reported…