Cavirin Blog

From minimal use just a few short years ago, containers, and most notably Docker, has gained nearly 30% penetration. This container penetration is primary with DevOps; but it crosses production environments and all sizes of environments. Unfortunately, with early adoption there was less of a focus on security. This has been rectified over the past year or so, with security solutions for images, containers, and orchestration now available. However, any container security solution must be agile enough to echo the speed at which containers are created and destroyed if the chance of a breach is to be minimized. Legacy scanning architectures won’t suffice. 

The Center for Internet Security (CIS) Kubernetes Security Benchmark 1.8

The CIS Benchmark for Kubernetes 1.8 release continues to bring security enhancements to the core orchestration platform. The CIS Kubernetes community has been busy working on refreshing the benchmark to align with the new released features and narrow the gap between the announcement of the GA version of the product and the benchmark release. Download your copy of the benchmark from the CIS website today (NOTE:  Actual benchmark title aligned to the new release is ‘CIS Kubernetes Benchmark v1.2.0).

This version of the benchmark has undergone significant changes. The most awaited and subtle change is that the entire benchmark is re-factored to consider kubeadm based deployments. Kubeadm is increasingly becoming the developer’s choice of deployment rather than individual installation of various Kubernetes components. This standardization also helps any other deployment mechanisms to map and adopt the procedures easily.

A lot has been written about the Equifax breach and the impact it has on Americans. But, perhaps there are few articles that focus on what we can do about keeping the systems patched (the actual cause of the breach was a missing patch). Here are three things that relate to the Equifax breach but precisely tell you things that you might want to consider for your systems to avoid becoming the next Equifax.

  1. Detect – The majority of hacks these days, as Gartner predicted, are not zero-day. They come from known vulnerabilities. So, it is important that you have a detection system in place which can continuously keep you alerted if there are any security misconfigurations or unpatched systems. The Cavirin platform provides a very strong detection mechanism which can detect not only security misconfigurations and missing patches on individual operating systems for both machines on-premise but also in the cloud.    

cloud computing and hipaa compliance

As we get ready to head east next week to Boston and the HIMMS Cybersecurity Forum, download our new infographic covering the less than excellent state of HIPAA in America.   From multiple analysts and interviews, the key takeaway is that the healthcare rates a ‘C’ in security.   The industry must improve today’s state of affairs where the sector has had more incidents of breaches than any other sector critical to the economy, the personal health data (ePHI) of almost half of US residents have been compromised, and the resulting non-covered impact to these victims is $30B or more.  Looking back, the implementation of electronic health records was to help streamline care, but in fact interconnectivity and poor practices have helped the hackers are well.   The theft of ePHI also opens the door to persistent identity theft, since a social security number can’t be replaced as easy as a credit card.  On a larger scale, the total cost of a breach isn’t limited to the impact on the patient alone.  Once revealed, the organization is subject to fines, increased oversight, and damage to its brand.

CIS Google Android Benchmark

Cavirin is excited to announce the availability of CIS Android 8.0 Security Benchmark! Download your copy from CIS Website today.

Android 8.0 (a.k.a. Android Oreo) was released on eclipse day last week by Google. It brings several enhancements to improve user experience and bolster platform security.

Some of the changes that affected the security benchmark were:

  • Redesigned Settings Menu – This required us to update the audit and remediation steps for all the 39 recommendations in the benchmark. The settings area and various menus have been reorganized to make things as simple and straightforward as possible.
  • Instant apps - Instant apps allow you to use apps without installing them on your device. On clicking app links, the browser downloads and run app modules as desired by the user. The new recommendation – “1.28 Ensure 'Instant apps' is set to Disabled” reads that “Having exposure to an app like this is dangerous since any malicious link could then potentially trick the user and then browser could download the app code and run on your device without requiring installation. Also, this feature defies enterprise security that relies on blacklisting or whitelisting apps based on installation. Hence, it is recommended to turn off instant apps.” 

Control Your Container

Cavirin is pleased to announce the inclusion of the latest framework from NIST – the Framework for Improving Critical Infrastructure Cybersecurity, Version 1.1 draft. The latest revision is a major update to the original 2014 document, and includes a common security vocabulary to help with cyber supply chain management.  For example, a small business selecting a cloud service provider or a federal agency contracting with a system integrator.

The overall framework is divided into five Framework Core Functions:

  • Identify (ID) - Develop the organizational understanding to manage cybersecurity risk to systems, assets, data, and capabilities.
  • Protect (PR) -  Develop and implement the appropriate safeguards to ensure delivery of critical infrastructure services.
  • Detect (DE) -   Develop and implement the appropriate activities to identify the occurrence of a cybersecurity event.
  • Respond (RS) - Develop and implement the appropriate activities to take action regarding a detected cybersecurity event.
  • Recover (RC) - Develop and implement the appropriate activities to maintain plans for resilience and to restore any capabilities or services that were impaired due to a cybersecurity event.

Cybersecurity Framework

Cavirin provides security management across physical, public, and hybrid clouds, supporting AWS, Microsoft Azure, Google Cloud Platform, VMware, KVM, and Docker.

 

Address

5201 Great America Pkwy Suite 419  Santa Clara, CA 95054

- 1-408-200-3544

  sales@cavirin.com

  press@cavirin.com

  info@cavirin.com

Cavirin US Location