New Ziften Zenith developments improve vulnerability assessments, threat detection, and incident response in cloud VMs running Linux operating systems (OS).
A majority of IT and security professionals identify security as the #1 barrier to moving more applications to the cloud, according to the “2017 Cloud Adoption Survey” by Evolve IP. Many companies today do not trust cloud hosting as they have difficulty maintaining the same level of visibility and security that they have in their physical data centers due to a lack of the proper tools. Data breaches, permanent data loss, compromised credentials, and Denial of Service (DoS) attacks are some of the top security concerns.
To address this challenge, Ziften has announced new developments on its Zenith platform that strengthen vulnerability assessment, threat detection, and incident response in cloud VMs running Linux operating systems. Ziften Zenith is designed to address visibility and security shortcomings for enterprise cloud deployments regardless of the CSP or operating system.
Vulnerability and Risk Management in the Cloud
Ziften today announced paramount enhancements to its Zenith continuous vulnerability assessment and compliance capabilities for Linux operating systems such as Ubuntu, Debian, Redhat, and others. With Ziften Zenith, customers routinely reduce the number of non-compliant assets by as much as 80 percent or more. Security starts with proper vulnerability and risk management. Unpatched vulnerabilities have been the failure point in too many massive breaches over the last several years.
“Vulnerability and risk management of virtual systems running in the cloud is a critical component of effective systems and security operations programs,” said Mario Vuksan, Chief Executive Officer and Founder of ReversingLabs. “And due to the widespread use of Linux OS’s, systems management and security operations tools must support a wide range of capabilities for Linux based VMs including conducting detailed Linux vulnerability assessments.” On Amazon AWS alone, according to EC2 Statistics, Linux operating systems account for more than 90 percent of all platform deployments.
Threat Detection and Incident Response in the Cloud
Ziften bolsters its threat detection and indicators of compromise (IOC) libraries for Linux operating system environments, and automations for threat response on Linux based systems. “Threat detection and automated response in cloud environments is extremely important due to the critical nature of the data involved,” said Mike Hamilton, Chief Product Officer of Ziften. “Most cloud deployments by their very nature are exposed to the outside world and host or transact critical customer data making them a huge target. But many of the threat detection and response techniques being developed in the industry today are primarily focused on traditional Windows endpoints like laptops and desktops only.”
Additionally, Ziften uniquely enables long-term lookback forensics for threat investigations, even in the most dynamic cloud environments. Threat response requires historical forensic data to quickly scope, quarantine, and resolve the immediate threat; and to identify and resolve the root cause to prevent it from happening again. Unfortunately, forensic evidence in the cloud is quickly lost as virtual machines spin up and are routinely decommissioned. Ziften’s unique ability to save cloud visibility data for 12 or more months allows for thorough forensic investigations, and complete lifecycle remediation of underlying issues.
Visibility and Control Over Multi-Cloud Strategies
Ziften Zenith overcomes cloud monitoring and security shortcomings by providing networking, IT, and security staff visibility and control of all virtual operating systems deployed across any cloud service provider whether it is Amazon AWS, Microsoft Azure, Google Cloud, IBM Bluemix, Rackspace or others. Most companies today cannot maintain the same level of visibility in the cloud that they have in their physical data centers because of lack of the proper tools. Exacerbating the issue is that 85 percent of enterprises have a multi-cloud strategy, up from 82 percent in 2016, according to a January 2017 RightScale “State of the Cloud Survey”.
Ziften delivers all-the-time visibility and control for any asset, anywhere – client devices, servers, and cloud VMs – whether on-network or remote; connected or not. Our unified systems and security operations (SysSecOps) platform empowers IT and security operations teams to quickly repair user impacting endpoint issues, reduce their overall risk posture, speed security threat response, and increase operations productivity. Ziften’s secure architecture delivers continuous, streaming endpoint monitoring and historical data collection for large and mid-sized enterprises, governments, and managed security service providers (MSSP). And Ziften helps extend the value of incumbent tools, and fill the gaps between fragmented, siloed systems. https:/ziften.com