Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Benchmarks as a Point of Reference

Posted November 3, 2010    Morey Haber

I have been reading Stephen Hawking’s new book, “The Grand Design” and am completely stunned by the analogies he uses to simplify perception, measurements, and even quantum physics. This book is not light reading and has had me looking up terms using old college textbooks and Google multiple times. The one thing that fascinates me about all of the concepts he presents is perception. We use perception every day for driving our cars to work, cooking dinner, and even comprehending the computer systems in our environment. As we comprehend how network traffic flows, we always need a frame of reference for measuring speed, quantity of data, and desired results. The analogy Dr. Hawking uses in his book relies on the concept of living in a fish bowl and looking out at the universe. From inside the fishbowl, straight lines would be curved and the shortest distance between any two points is not a straight line, but rather a curve as well. The perception then leads to measurements and ultimately theories and standards. When a set of observations and comparisons leads to standards, laws, and theories we form baselines and benchmarks to guide us through the process and have a frame of reference.

Simply, benchmarks are a set of standards that you can reference observations from and determine deviations. Benchmarks allow us to say that something deviates by some order of units. In the case of computer security, benchmarks allow us to judge how secure a system is based on best practice theory for preventing unwanted threats from compromising a host. They outline all the proper settings and run time parameters for securing a host, provide guidance on how to implement them, and finally a vehicle for testing hosts against these parameters (OVAL). IT Security benchmarks are available from a wide variety of sources such as CIS, NIST, Microsoft, and DISA. All of these can be implemented by SCAP compliant scanning solutions to benchmark how well the IT infrastructure is secured within your organization. This provides a straight line form of reference for gauging how secure you are from the latest security threats using tools created by the most brilliant minds in the industry.

IT Security benchmarks have been around for a long time. Only recently however, have the processes for implementing them and measuring them matured using automated scanning techniques in an open and standardized (non-proprietary) format. Retina CS 2.0 contains a new module called Configuration Compliance Module that allows users to load their own SCAP benchmarks for measuring the security standards within their environment. Benchmarks provide a uniform method for reporting and measuring that is well understood and uniform across businesses. It removes any assumptions or bias based on interpretation or testing criteria. The scan engine and benchmark complier are integrated into the complete multi-tier Retina management solution for a seamless perception for all the assets on the network.

Determining the state of security threats and even understanding the universe requires both standards and benchmarks. Dr. Hawking’s book simplifies this for readers. eEye has simplified both IT Security and benchmarks so that everyone can benefit from IT Security lessons learned and best practices.

, , , , , , , ,

Leave a Reply

Additional articles


Adobe Patches Zero-Day Flaw Being Exploited in the Wild

Posted January 22, 2015    BeyondTrust Research Team

Earlier this week, French malware researcher Kafeine reported on a new Adobe Flash zero-day vulnerability that was being exploited in the wild using the latest versions of the Angler Exploit Toolkit. “Any version of Internet Explorer or Firefox with any version of Windows will get owned if Flash up to (included) is installed and enabled”…

, , , , ,

Your Data Security Strategy Starts with Deploying a Least Privilege Model (part 2 of 2)

Posted January 22, 2015    Scott Lang

In last week’s blog, we talked about how controls and accountability must be put into place so that only the right folks can access data and the systems on which that data resides, and that employing a least privilege model helps to achieve that and more. We’re using conclusions and data from a recent report…

, , , ,

Basic Blocking and Tackling for Defending Against Advanced Targeted Attacks

Posted January 22, 2015    Larry Brock

With football season at its pinnacle at both the college and professional levels, the best teams continually focus on the fundamentals that make them successful. In security, we need to do the same.  It is okay for us to have a few key plays, especially in certain industries where we have to focus on unique…

, , , , ,