BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

The Concept of Universal Integration

Posted August 16, 2010    Morey Haber

CNN recently reported that cell phones in Europe will soon benefit from a universal charger format. That means that regardless of the cell phone vendor you purchase, there will be one standard connector that will work for all of them. Unfortunately, here in the United States, we have no such regulations and the concept of universal connectors and communication eludes many common technologies.

Consider security technology. Integration between many vendors uses proprietary APIs, standard flat file formats from organizations like NIST, and other technologies borrowed from network management solutions such as SNMP and Syslog. There are very few, if any, real time integration protocols for security solutions that allow them to integrate and perform heterogeneous functions like network management solutions. Security solutions end up generating critical data and it is left to SIEM vendors to correlate the results. This is why third party integrations for security vendors create unique business opportunities before security information event managers even see the unprocessed results, and a strong technology integration partner program is imperative such that your security data in not an island and can be escalated to the appropriate departments.

Consider the concept of generic, universal integration. If a security solution can communicate with other tools using the most common formats like SNMP, Syslog, the Windows Event Log, and provide an open database schema, the concept of universal third-party integration is possible. Any other vendor able to accept these common formats can parse security data and provide additional correlation and business value. The larger question is how does this actually help my business. Consider the following integrations from eEye:

Big Fix – Provides vulnerability and configuration data from BigFix Agents and Retina scans in a single dashboard and reporting for all IP addressable devices

Agiliance – Provides complete GRC information for devices including Retina identified vulnerabilities and the ability to initiate patch management

RedSeal – Identification of security risks from discovered Retina vulnerabilities and native mapping technologies built into RedSeal in a single pane of glass view

ForeScout – Retina vulnerability results assist in critical NAC decisions for device access

Each of these solutions provide additional business value based on detailed integration and universal communication. Solutions with closed cloud architectures, or minimal export and API capabilities, provide only point solutions to a business’s vulnerability management needs. The concept of universal access and standards based communication is not new. Technology has adopted this concept down to cell phone chargers and verticals like network management and security benefit from their widespread adoption. The question really becomes: do your security solutions use these standards, are they certified on the most important ones, and do they ultimately partner with the leading vendors in the industry for technology integrations that can really impact your business and make you more secure? eEye does.

Leave a Reply

Additional articles

Dark Reading

2014: The Year of Privilege Vulnerabilities

Posted December 18, 2014    Chris Burd

Of the 30 critical-rated Microsoft Security Bulletins this year, 24 involved vulnerabilities where the age-old best practice of “least privilege” could limit the impact of malware and raise the bar of difficulty for attackers.

Tags:
, , , , ,
dave-shackleford-headshot

Looking back on information security in 2014

Posted December 16, 2014    Dave Shackleford

Dave Shackleford is a SANS Instructor and founder of Voodoo Security. Join Dave for a closer look at the year in security, and learn what you can do to prepare for 2015, with this upcoming webinar. 2014 has been one heck of an insane year for information security professionals. To start with, we’ve been forced…

Tags:
, ,
patch-tuesday

December 2014 Patch Tuesday

Posted December 9, 2014    BeyondTrust Research Team

This month marks the final Patch Tuesday of 2014. Most of what is being patched this month includes Internet Explorer, Exchange, Office, etc… and continues a trend of the greatest hits collection of commonly attacked Microsoft software. Probably the one thing that broke the mold this month is that for once there is not some…

Tags:
,