Get My Score

Blog

The need to have strong security practices in place to protect sensitive government data from outside threats has never been greater.  By December 31, 2017, the Department of Defense will require NIST SP 800-171 compliance for all its contracts that handle controlled unclassified information (CUI) outside of government agencies. 

According to the U.S. Nation Archives and Record Administration “CUI is information that requires safeguarding or dissemination controls pursuant to and consistent with applicable law, regulations, and government-wide policies but is not classified under Executive Order 13526 or the Atomic Energy Act, as amended”.  In other words, it’s unclassified sensitive information that the US federal government believes should be protected to assure minimal risk of cyberattacks on America.  This includes citizen’s financial, legal, higher education, immigration, tax and healthcare records plus organizations patent, proprietary business, and SAFETY Act Information.   You can find the complete list of categories and sub-categories (with descriptions) on the National Archives Web site.  

0
0
0
s2sdefault

There is a great deal of interest in the NIST CSF and how to apply it within an organization.  Cavirin recently hosted a webinar detailing the rationale behind the framework, the suggested implementation process, and most importantly, the actual mapping to specific policies and controls.  Here, we detail this third point.

The CSF outlines five major functions – Identify, Protect, Detect, Respond, and Recover.  Using Identify as an example, the workflow is as follows:

So, mapping of the CSF to an organization’s environment is first accomplished by selecting the proper reference and control, and then selecting the Target of Evaluation, aka the operating system to which the control applies.  In the example above, ‘Ensuring separate partition exists for /tmp’ is one of literally dozens of controls that apply to RHEL7 and within ID-RA-1.  The audit and remediation for this is detailed within the CIS Red Hat Enterprise Linux 7 Benchmark, and specifically section 1.1.2.

We detail how this workflow matches the Cavirin Platform implementation, in our new infographic, as well as in a whitepaper available via NIST.   Visit https://www.cavirin.com/solutions/nist-support.html to learn more!     

 

0
0
0
s2sdefault

Cavirin provides vulnerability assessments for your operating systems (in the cloud, on-premise or hybrid) as well as Docker Images. This article shares vulnerability trending insights we have seen when working on vulnerability analysis project and training our risk reporting algorithms. 

Cavirin platform uses a synchronized feed from the NIST National Vulnerability Database. This feed directly provides the Common Vulnerabilities and Exposures (CVEs) severity and base score that is used in its risk scoring algorithm to project the risk posture from unpatched vulnerabilities

0
0
0
s2sdefault

From minimal use just a few short years ago, containers, and most notably Docker, has gained nearly 30% penetration. This container penetration is primary with DevOps; but it crosses production environments and all sizes of environments. Unfortunately, with early adoption there was less of a focus on security. This has been rectified over the past year or so, with security solutions for images, containers, and orchestration now available. However, any container security solution must be agile enough to echo the speed at which containers are created and destroyed if the chance of a breach is to be minimized. Legacy scanning architectures won’t suffice. 

0
0
0
s2sdefault
The Center for Internet Security (CIS) Kubernetes Security Benchmark 1.8

The CIS Benchmark for Kubernetes 1.8 release continues to bring security enhancements to the core orchestration platform. The CIS Kubernetes community has been busy working on refreshing the benchmark to align with the new released features and narrow the gap between the announcement of the GA version of the product and the benchmark release. Download your copy of the benchmark from the CIS website today (NOTE:  Actual benchmark title aligned to the new release is ‘CIS Kubernetes Benchmark v1.2.0).

This version of the benchmark has undergone significant changes. The most awaited and subtle change is that the entire benchmark is re-factored to consider kubeadm based deployments. Kubeadm is increasingly becoming the developer’s choice of deployment rather than individual installation of various Kubernetes components. This standardization also helps any other deployment mechanisms to map and adopt the procedures easily.

0
0
0
s2sdefault

A lot has been written about the Equifax breach and the impact it has on Americans. But, perhaps there are few articles that focus on what we can do about keeping the systems patched (the actual cause of the breach was a missing patch). Here are three things that relate to the Equifax breach but precisely tell you things that you might want to consider for your systems to avoid becoming the next Equifax.

  1. Detect – The majority of hacks these days, as Gartner predicted, are not zero-day. They come from known vulnerabilities. So, it is important that you have a detection system in place which can continuously keep you alerted if there are any security misconfigurations or unpatched systems. The Cavirin platform provides a very strong detection mechanism which can detect not only security misconfigurations and missing patches on individual operating systems for both machines on-premise but also in the cloud.    

    0
    0
    0
    s2sdefault

© 2018 Cavirin Systems, Inc. All rights reserved.