BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Virtual Insecurity, and Ways to Combat It

Posted May 8, 2013    Mike Puterbaugh

Stating the obvious, our customers continue to make investments in virtualization. To support them, BeyondTrust has always been on the leading edge of providing tools and solutions in that regard. Whether it for managing privileges on virtual hosts, or scanning private cloud assets for flaws, BeyondTrust has always been at the forefront of security and compliance technology, helping our customers confidently deploy their virtualization investments. Given the rapid rate of technology evolution in the virtualization arena, we thought it’d be a good idea to survey our community to see what else we could provide them by way of helping them secure their virtual environments.

Earlier this year, we designed a survey that set out to find out what technologies our customers relied upon for their virtual deployments, as well as how they managed, secured and reported on those assets.  A quick infographic on the survey results appears below this blog post.

What Did We Learn?
For one thing, we learned that virtualization admins aren’t totally outside of the security lifecycle, in fact, many of them participate willingly:

  • 58% said they use security tools regularly (but most of that is antivirus!)
  • 49% say they patch regularly
  • 30% says they scan assets weekly, at least

This told us there is an interest, if not willingness, to participate in reducing the risk of the overall organization.  The fact that well over half of respondents said “yes, we use security tools regularly” is very encouraging, but…the most often security technology cited was antivirus.  Clearly, antivirus as a security technology is not going away any time soon, but in light of the recent successful, high profile attacks, it’s been proven over and over again that AV is no longer a match for the sophisticated methods of attack being employed today.  More encouraging is the almost 50% of combined responses that indicate security scanning and configuration management is in use. The full survey is available for download here.

Retina Plug-in for VMware vCenter
The early returns from this survey served to validate our thinking when it came to our newest release, which we announced today – the Retina Plug-in for VMware vCenter.  With this new capability driven by the proven Retina Network Security Scanner, we’ve made it incredibly simple for VMware admins to help their organizations reduce the security risks that might be associated with their virtual environments.

By adding a security plug-in directly into the vCenter management interface, VMware admins don’t have to leave their current workflow and processes to quickly determine the security posture of their virtual images they’re managing. This was a big value-add noted by the early beta-testers of the tool. This newest release adds to our long list of specific capabilities, which include online and offline scanning of virtual guests, as well as the industry’s only solution for scanning virtualized applications delivered via VMware’s ThinApp technology.

One of our goals at BeyondTrust is to always ensure we’re developing highly useful security and compliance solutions, those that are easy to deploy and use on a daily basis. We’re confident this newest release fits that bill.

If you’d like to try the Retina Plug-in for VMware vCenter for yourself, you can get your license here.

Virtual Insecurity Infographic FINAL

Tags:
, , ,

Leave a Reply

5 Responses to “Virtual Insecurity, and Ways to Combat It”

  1. Mark

    Create secure VM builds via vulnerability and configuration scans. Harden the VM host to prevent the host from being compromised to hack the VMs on the host.

    May 15, 2013 1:32:00, Reply
  2. Brent

    Retina Plug-in for VMware vCenter sounds great. Previously we added virtual switches, virtual firewalls, and HBSS software.

    May 15, 2013 2:01:33, Reply
  3. Taylor

    VMware products use a default username of root for administrator authentication. A good practice is when you set the root password to make it very long and complex. Then lock the password away in storage and never use it again. You would then create a new user with root privileges and use that user for your maintenance access. Also, you never want to delete the root user account.

    May 15, 2013 2:35:15, Reply
  4. Greg

    - Getting better vm density (ROI) using a vm host-based security client that does endpoint security for all the vm guests.
    – Getting better visibility into intra-VM communication with network vm gateway devices.
    – Requiring two factor auth for vm admins.
    – Logging the vm management layer to detect suspicious behavior.
    – Getting a handle on vulnerabilities across the vm environment with the Retina plug in or Nexpose’s vm integration.

    But probably the most important thing is learning about the vm environment and then maintaining close connections with the infrastructure teams.

    May 15, 2013 4:33:47, Reply
  5. Ruggero Cozzi

    It is possible to get more information about the Retina plug-in system, and other of your products, in spanish?

    May 31, 2013 11:13:22, Reply

Additional articles

ovum-research

New Analyst SWOT Assessment Identifies Key Strengths of PowerBroker

Posted November 24, 2014    Scott Lang

Following on the heels of the Gartner PAM market guide and Frost & Sullivan review of Password Safe comes a new analyst review of our BeyondInsight and PowerBroker platforms, a SWOT assessment of BeyondTrust written by Ovum. Ovum’s honest and thorough review of BeyondTrust indicates that we are delivering, “…an integrated, one-stop approach to PAM….

Tags:
, , ,

Patented Windows privilege management brings you unmatched benefits

Posted November 24, 2014    Scott Lang

We are pleased to announce that BeyondTrust has been granted a new U.S. Patent (No. 8,850,549) for privilege management, validating our approach to helping our customers achieve least privilege in Windows environments. The methods and systems that we employ for controlling access to resources and privileges per process are unique to BeyondTrust PowerBroker for Windows….

Tags:
6

A Quick Look at MS14-068

Posted November 20, 2014    BeyondTrust Research Team

Microsoft recently released an out of band patch for Kerberos.  Taking a look at the Microsoft security bulletin, it seems like there is some kind of issue with Kerberos signatures related to tickets. Further information is available in the Microsoft SRD Blogpost So it looks like there is an issue with PAC signatures.  But what…

Tags:
, , , ,