BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

The Concept of Universal Integration

Posted August 16, 2010    Morey Haber

CNN recently reported that cell phones in Europe will soon benefit from a universal charger format. That means that regardless of the cell phone vendor you purchase, there will be one standard connector that will work for all of them. Unfortunately, here in the United States, we have no such regulations and the concept of universal connectors and communication eludes many common technologies.

Consider security technology. Integration between many vendors uses proprietary APIs, standard flat file formats from organizations like NIST, and other technologies borrowed from network management solutions such as SNMP and Syslog. There are very few, if any, real time integration protocols for security solutions that allow them to integrate and perform heterogeneous functions like network management solutions. Security solutions end up generating critical data and it is left to SIEM vendors to correlate the results. This is why third party integrations for security vendors create unique business opportunities before security information event managers even see the unprocessed results, and a strong technology integration partner program is imperative such that your security data in not an island and can be escalated to the appropriate departments.

Consider the concept of generic, universal integration. If a security solution can communicate with other tools using the most common formats like SNMP, Syslog, the Windows Event Log, and provide an open database schema, the concept of universal third-party integration is possible. Any other vendor able to accept these common formats can parse security data and provide additional correlation and business value. The larger question is how does this actually help my business. Consider the following integrations from eEye:

Big Fix – Provides vulnerability and configuration data from BigFix Agents and Retina scans in a single dashboard and reporting for all IP addressable devices

Agiliance – Provides complete GRC information for devices including Retina identified vulnerabilities and the ability to initiate patch management

RedSeal – Identification of security risks from discovered Retina vulnerabilities and native mapping technologies built into RedSeal in a single pane of glass view

ForeScout – Retina vulnerability results assist in critical NAC decisions for device access

Each of these solutions provide additional business value based on detailed integration and universal communication. Solutions with closed cloud architectures, or minimal export and API capabilities, provide only point solutions to a business’s vulnerability management needs. The concept of universal access and standards based communication is not new. Technology has adopted this concept down to cell phone chargers and verticals like network management and security benefit from their widespread adoption. The question really becomes: do your security solutions use these standards, are they certified on the most important ones, and do they ultimately partner with the leading vendors in the industry for technology integrations that can really impact your business and make you more secure? eEye does.

Leave a Reply

Additional articles

Patented Windows privilege management brings you unmatched benefits

Posted November 24, 2014    Scott Lang

We are pleased to announce that BeyondTrust has been granted a new U.S. Patent (No. 8,850,549) for privilege management, validating our approach to helping our customers achieve least privilege in Windows environments. The methods and systems that we employ for controlling access to resources and privileges per process are unique to BeyondTrust PowerBroker for Windows….

Tags:
6

A Quick Look at MS14-068

Posted November 20, 2014    BeyondTrust Research Team

Microsoft recently released an out of band patch for Kerberos.  Taking a look at the Microsoft security bulletin, it seems like there is some kind of issue with Kerberos signatures related to tickets. Further information is available in the Microsoft SRD Blogpost So it looks like there is an issue with PAC signatures.  But what…

Tags:
, , , ,
Password Game Show

Managing Shared Accounts for Privileged Users: 5 Best Practices for Achieving Control and Accountability

Posted November 20, 2014    Scott Lang

How do organizations ensure accountability of shared privileged accounts to meet compliance and security requirements without impacting administrator productivity? Consider these five best practices…

Tags:
, , , , , ,