BeyondTrust

Security In Context

Bringing you news and commentary on solutions and strategies for protecting your critical IT infrastructure.

Virtual Insecurity, and Ways to Combat It

Post by Mike Puterbaugh May 8, 2013

Stating the obvious, our customers continue to make investments in virtualization. To support them, BeyondTrust has always been on the leading edge of providing tools and solutions in that regard. Whether it for managing privileges on virtual hosts, or scanning private cloud assets for flaws, BeyondTrust has always been at the forefront of security and compliance technology, helping our customers confidently deploy their virtualization investments. Given the rapid rate of technology evolution in the virtualization arena, we thought it’d be a good idea to survey our community to see what else we could provide them by way of helping them secure their virtual environments.

Earlier this year, we designed a survey that set out to find out what technologies our customers relied upon for their virtual deployments, as well as how they managed, secured and reported on those assets.  A quick infographic on the survey results appears below this blog post.

What Did We Learn?
For one thing, we learned that virtualization admins aren’t totally outside of the security lifecycle, in fact, many of them participate willingly:

  • 58% said they use security tools regularly (but most of that is antivirus!)
  • 49% say they patch regularly
  • 30% says they scan assets weekly, at least

This told us there is an interest, if not willingness, to participate in reducing the risk of the overall organization.  The fact that well over half of respondents said “yes, we use security tools regularly” is very encouraging, but…the most often security technology cited was antivirus.  Clearly, antivirus as a security technology is not going away any time soon, but in light of the recent successful, high profile attacks, it’s been proven over and over again that AV is no longer a match for the sophisticated methods of attack being employed today.  More encouraging is the almost 50% of combined responses that indicate security scanning and configuration management is in use. The full survey is available for download here.

Retina Plug-in for VMware vCenter
The early returns from this survey served to validate our thinking when it came to our newest release, which we announced today – the Retina Plug-in for VMware vCenter.  With this new capability driven by the proven Retina Network Security Scanner, we’ve made it incredibly simple for VMware admins to help their organizations reduce the security risks that might be associated with their virtual environments.

By adding a security plug-in directly into the vCenter management interface, VMware admins don’t have to leave their current workflow and processes to quickly determine the security posture of their virtual images they’re managing. This was a big value-add noted by the early beta-testers of the tool. This newest release adds to our long list of specific capabilities, which include online and offline scanning of virtual guests, as well as the industry’s only solution for scanning virtualized applications delivered via VMware’s ThinApp technology.

One of our goals at BeyondTrust is to always ensure we’re developing highly useful security and compliance solutions, those that are easy to deploy and use on a daily basis. We’re confident this newest release fits that bill.

If you’d like to try the Retina Plug-in for VMware vCenter for yourself, you can get your license here.

Virtual Insecurity Infographic FINAL

Tags:
, , ,

Leave a Reply

5 Responses to “Virtual Insecurity, and Ways to Combat It”

  1. Mark

    Create secure VM builds via vulnerability and configuration scans. Harden the VM host to prevent the host from being compromised to hack the VMs on the host.

    May 15, 2013 1:32:00, Reply
  2. Brent

    Retina Plug-in for VMware vCenter sounds great. Previously we added virtual switches, virtual firewalls, and HBSS software.

    May 15, 2013 2:01:33, Reply
  3. Taylor

    VMware products use a default username of root for administrator authentication. A good practice is when you set the root password to make it very long and complex. Then lock the password away in storage and never use it again. You would then create a new user with root privileges and use that user for your maintenance access. Also, you never want to delete the root user account.

    May 15, 2013 2:35:15, Reply
  4. Greg

    - Getting better vm density (ROI) using a vm host-based security client that does endpoint security for all the vm guests.
    - Getting better visibility into intra-VM communication with network vm gateway devices.
    - Requiring two factor auth for vm admins.
    - Logging the vm management layer to detect suspicious behavior.
    - Getting a handle on vulnerabilities across the vm environment with the Retina plug in or Nexpose’s vm integration.

    But probably the most important thing is learning about the vm environment and then maintaining close connections with the infrastructure teams.

    May 15, 2013 4:33:47, Reply
  5. Ruggero Cozzi

    It is possible to get more information about the Retina plug-in system, and other of your products, in spanish?

    May 31, 2013 11:13:22, Reply

Additional articles

BI-Qualys-Connector-IMG1

Getting More Value from QualysGuard Vulnerability Data with BeyondInsight v5.1

If your vulnerability assessment scans can’t produce meaningful and actionable reports, performing a scan does no good for anyone. If you’ve read my other blog posts, you know I have no qualms about stating that BeyondTrust provides the best vulnerability reporting in the industry. Ask your favorite analyst and they’ll tend to agree. Of course,…

Post by Morey Haber April 18, 2014
Tags:
, , , , , , , ,
insider-threat-fed

Mitigating Inside Threats to U.S. Federal IT Environments

Recent high-profile cases have increased the perceived risks that go along with disclosure and usage of confidential information. One of the most difficult security threats to mitigate is an attack from the inside. When an over-privileged user, such as an unhappy current or former employee, contractor, or consultant, begins navigating your network, how will you…

Post by BeyondTrust Software April 17, 2014
Tags:
, , , , ,

Are you a Target? Investigating Security Breaches with Kevin Johnson

Last week, over 1,000 IT security professionals watched as Kevin Johnson, CEO of Secure Ideas, presented his expert opinion on lessons learned from recent, high-profile retail breaches. Here’s a summary of key takeaways from the webcast plus an on-demand recording of the full, 60-minute presentation. Understanding the “why” behind attacks According to Kevin, the primary…

Post by Chris Burd April 17, 2014
Tags:
, , , , ,