BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Benchmarks as a Point of Reference

Posted November 3, 2010    Morey Haber

I have been reading Stephen Hawking’s new book, “The Grand Design” and am completely stunned by the analogies he uses to simplify perception, measurements, and even quantum physics. This book is not light reading and has had me looking up terms using old college textbooks and Google multiple times. The one thing that fascinates me about all of the concepts he presents is perception. We use perception every day for driving our cars to work, cooking dinner, and even comprehending the computer systems in our environment. As we comprehend how network traffic flows, we always need a frame of reference for measuring speed, quantity of data, and desired results. The analogy Dr. Hawking uses in his book relies on the concept of living in a fish bowl and looking out at the universe. From inside the fishbowl, straight lines would be curved and the shortest distance between any two points is not a straight line, but rather a curve as well. The perception then leads to measurements and ultimately theories and standards. When a set of observations and comparisons leads to standards, laws, and theories we form baselines and benchmarks to guide us through the process and have a frame of reference.

Simply, benchmarks are a set of standards that you can reference observations from and determine deviations. Benchmarks allow us to say that something deviates by some order of units. In the case of computer security, benchmarks allow us to judge how secure a system is based on best practice theory for preventing unwanted threats from compromising a host. They outline all the proper settings and run time parameters for securing a host, provide guidance on how to implement them, and finally a vehicle for testing hosts against these parameters (OVAL). IT Security benchmarks are available from a wide variety of sources such as CIS, NIST, Microsoft, and DISA. All of these can be implemented by SCAP compliant scanning solutions to benchmark how well the IT infrastructure is secured within your organization. This provides a straight line form of reference for gauging how secure you are from the latest security threats using tools created by the most brilliant minds in the industry.

IT Security benchmarks have been around for a long time. Only recently however, have the processes for implementing them and measuring them matured using automated scanning techniques in an open and standardized (non-proprietary) format. Retina CS 2.0 contains a new module called Configuration Compliance Module that allows users to load their own SCAP benchmarks for measuring the security standards within their environment. Benchmarks provide a uniform method for reporting and measuring that is well understood and uniform across businesses. It removes any assumptions or bias based on interpretation or testing criteria. The scan engine and benchmark complier are integrated into the complete multi-tier Retina management solution for a seamless perception for all the assets on the network.

Determining the state of security threats and even understanding the universe requires both standards and benchmarks. Dr. Hawking’s book simplifies this for readers. eEye has simplified both IT Security and benchmarks so that everyone can benefit from IT Security lessons learned and best practices.

Tags:
, , , , , , , ,

Leave a Reply

Additional articles

asp-mvc

Exploiting MS14-059 because sometimes XSS is fun, sometimes…

Posted October 17, 2014    BeyondTrust Research Team

This October, Microsoft has provided a security update for System.Web.Mvc.dll which addresses a ‘Security Feature Bypass’. The vulnerability itself is in ASP.NET MVC technology and given its wide adoption we thought we would take a closer look. Referring to the bulletin we can glean a few useful pieces of information: “A cross-site scripting (XSS) vulnerability exists…

Tags:
4bestpracticesaudits-blog

Four Best Practices for Passing Privileged Account Audits

Posted October 16, 2014    Chris Burd

Like most IT organizations, your team may periodically face the “dreaded” task of being audited. Your process for delegating privileged access to desktops, servers, and infrastructure devices is a massive target for the auditor’s microscope. An audit’s findings can have significant implications on technology and business strategy, so it’s critical to make sure you’re prepared…

Tags:
, , , ,

Bad POODLE, Don’t Bite!

Posted October 16, 2014    BeyondTrust Research Team

Researchers at Google (Bodo Moller, Thai Duong, and Krzysztof Kotowicz) have discovered that the encryption schemes used by SSL 3.0 are exploitable (CVE-2014-3566). Although the majority of web servers implement Transport Layer Security (TLS), the majority of clients will downgrade to SSL 3.0 in an attempt to maintain interoperability between protocols. For example, when a…

Tags:
,