What’s new at CIQ?
We’re a team of scientists, Linux geeks, technologists, pilots, designers and more with a mission to make infrastructure something you never have to think about.
Fuzzball now provisions compute on CoreWeave
The next version of Fuzzball, v3.2.0, includes preview support for the AI-focused cloud computing platform CoreWeave, making CoreWeave the second cloud environment and first “neo-cloud” that can be…
The zero-day gap: why patching alone leaves Linux systems exposed
A new kernel CVE drops on Friday afternoon. Your security team flags it as critical. Exploit code is already circulating on GitHub. Your patch cycle is 30 days. What happens in that gap? For most…
Running Jupyter notebooks on HPC clusters without SSH tunneling
Every HPC center has the same support ticket: "How do I run Jupyter on the cluster?" The answer usually involves SSH tunneling, port forwarding, and a series of steps that look something like this…
Reactive vs. proactive security: why your Linux infrastructure needs both
The reactive security model Most enterprise security operates on a straightforward cycle: detect threats, respond to incidents, patch vulnerabilities, repeat. This model has served organizations well…
Why security automation belongs in your risk management strategy
Over 100 new CVEs are published daily. Attackers begin scanning for unpatched systems within hours of disclosure. Your quarterly patching cycle leaves you exposed to thousands of vulnerabilities…
Weekly newsletter
No spam. Just the latest releases and tips, interesting articles, and exclusive interviews in your inbox every week.
Read about our privacy policy.
CVE management: automate discovery to remediation
When your security team asks, "Are we vulnerable to CVE-2026-XXXX?" the answer needs to come in minutes, not hours. With over 100 new CVEs published daily—and some days exceeding 1,000—manual…
How to run interactive HPC workloads alongside batch jobs in a single workflow
Fuzzball Service Endpoints bring interactive computing to HPC workflow orchestration—run Jupyter notebooks, visualize simulations in real time, and coordinate services as part of your computational…
LKRG 1.0: Runtime defense for Linux kernel
LKRG is a kernel module that performs runtime integrity checking of the Linux kernel and detection of security vulnerability exploits against the kernel. For process credentials, LKRG attempts to…
AI workflow orchestration: why separate platforms fail
Why the gap between training and inference exists—and what unified workflows actually look like. Every deployment pipeline you've built to bridge training and inference is technical debt you didn't…
Linux kernel CVEs 2025: what security leaders need to know to prepare for 2026
The first 16 days of 2025 delivered 134 new Linux kernel CVEs (Common Vulnerabilities and Exposures—the standard system for tracking security flaws).1 By October, CISA had added seven kernel…
Congratulations to NVIDIA and SchedMD: A new chapter for Slurm and the HPC community
Yesterday's announcement that NVIDIA has acquired SchedMD marks a significant milestone for the HPC and AI communities. On behalf of everyone at CIQ, I want to extend our congratulations to both…
Fuzzball + Slurm/PBS: Container orchestration meets traditional HPC schedulers
At SC25 in St. Louis, I had the opportunity to showcase one of the most significant new additions to Fuzzball's capabilities: native integration with PBS Professional and Slurm workload managers. This…