Cavirin Blog

The Equifax Breach and What We Can Learn

A lot has been written about the Equifax breach and the impact it has on Americans. But, perhaps there are few articles that focus on what we can do about keeping the systems patched (the actual cause of the breach was a missing patch). Here are three things that relate to the Equifax breach but precisely tell you things that you might want to consider for your systems to avoid becoming the next Equifax.

  1. Detect – The majority of hacks these days, as Gartner predicted, are not zero-day. They come from known vulnerabilities. So, it is important that you have a detection system in place which can continuously keep you alerted if there are any security misconfigurations or unpatched systems. The Cavirin platform provides a very strong detection mechanism which can detect not only security misconfigurations and missing patches on individual operating systems for both machines on-premise but also in the cloud.    
  1. Shift – Consider the shift to the cloud. In the cloud environment, it is not only comparatively easier to scale out your workloads but also to
  • keep the systems automatically patched
  • do forensics
  • provide quick isolation and
  • mitigate on-going attacks

Various cloud services such as AWS Patch Manager and Azure OMS provide advanced services that can automate your patching process. You can also define your Infrastructure as Code using Cloud Formation or ARM templates which can automatically rotate and baseline your infrastructure periodically.

  1. Adopt – Consider adopting containers and DevOps. Container Images and DevOps processes by the virtue of their definition are frequently updated. The application images are not only updated with developer code but also each time you build a container image you can force to have the updated base image always patched. So, your application and base image are two separate ‘things’ and you can ensure that your base images are kept up-to-date. Additionally, you can also have a detection mechanism which can identify missing patches or security configuration in the base images. The Cavirin platform also covers this space.

So, above are 3 things that you might want to consider in your next breach planning meeting. Breach planning and preparedness go a long way to help you avoid having a bad day!

0
0
0
s2sdefault

Cavirin provides security management across physical, public, and hybrid clouds, supporting AWS, Microsoft Azure, Google Cloud Platform, VMware, KVM, and Docker.