BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Virtual Insecurity, and Ways to Combat It

Posted May 8, 2013    Mike Puterbaugh

Stating the obvious, our customers continue to make investments in virtualization. To support them, BeyondTrust has always been on the leading edge of providing tools and solutions in that regard. Whether it for managing privileges on virtual hosts, or scanning private cloud assets for flaws, BeyondTrust has always been at the forefront of security and compliance technology, helping our customers confidently deploy their virtualization investments. Given the rapid rate of technology evolution in the virtualization arena, we thought it’d be a good idea to survey our community to see what else we could provide them by way of helping them secure their virtual environments.

Earlier this year, we designed a survey that set out to find out what technologies our customers relied upon for their virtual deployments, as well as how they managed, secured and reported on those assets.  A quick infographic on the survey results appears below this blog post.

What Did We Learn?
For one thing, we learned that virtualization admins aren’t totally outside of the security lifecycle, in fact, many of them participate willingly:

  • 58% said they use security tools regularly (but most of that is antivirus!)
  • 49% say they patch regularly
  • 30% says they scan assets weekly, at least

This told us there is an interest, if not willingness, to participate in reducing the risk of the overall organization.  The fact that well over half of respondents said “yes, we use security tools regularly” is very encouraging, but…the most often security technology cited was antivirus.  Clearly, antivirus as a security technology is not going away any time soon, but in light of the recent successful, high profile attacks, it’s been proven over and over again that AV is no longer a match for the sophisticated methods of attack being employed today.  More encouraging is the almost 50% of combined responses that indicate security scanning and configuration management is in use. The full survey is available for download here.

Retina Plug-in for VMware vCenter
The early returns from this survey served to validate our thinking when it came to our newest release, which we announced today – the Retina Plug-in for VMware vCenter.  With this new capability driven by the proven Retina Network Security Scanner, we’ve made it incredibly simple for VMware admins to help their organizations reduce the security risks that might be associated with their virtual environments.

By adding a security plug-in directly into the vCenter management interface, VMware admins don’t have to leave their current workflow and processes to quickly determine the security posture of their virtual images they’re managing. This was a big value-add noted by the early beta-testers of the tool. This newest release adds to our long list of specific capabilities, which include online and offline scanning of virtual guests, as well as the industry’s only solution for scanning virtualized applications delivered via VMware’s ThinApp technology.

One of our goals at BeyondTrust is to always ensure we’re developing highly useful security and compliance solutions, those that are easy to deploy and use on a daily basis. We’re confident this newest release fits that bill.

If you’d like to try the Retina Plug-in for VMware vCenter for yourself, you can get your license here.

Virtual Insecurity Infographic FINAL

Tags:
, , ,

Leave a Reply

5 Responses to “Virtual Insecurity, and Ways to Combat It”

  1. Mark

    Create secure VM builds via vulnerability and configuration scans. Harden the VM host to prevent the host from being compromised to hack the VMs on the host.

    May 15, 2013 1:32:00, Reply
  2. Brent

    Retina Plug-in for VMware vCenter sounds great. Previously we added virtual switches, virtual firewalls, and HBSS software.

    May 15, 2013 2:01:33, Reply
  3. Taylor

    VMware products use a default username of root for administrator authentication. A good practice is when you set the root password to make it very long and complex. Then lock the password away in storage and never use it again. You would then create a new user with root privileges and use that user for your maintenance access. Also, you never want to delete the root user account.

    May 15, 2013 2:35:15, Reply
  4. Greg

    - Getting better vm density (ROI) using a vm host-based security client that does endpoint security for all the vm guests.
    – Getting better visibility into intra-VM communication with network vm gateway devices.
    – Requiring two factor auth for vm admins.
    – Logging the vm management layer to detect suspicious behavior.
    – Getting a handle on vulnerabilities across the vm environment with the Retina plug in or Nexpose’s vm integration.

    But probably the most important thing is learning about the vm environment and then maintaining close connections with the infrastructure teams.

    May 15, 2013 4:33:47, Reply
  5. Ruggero Cozzi

    It is possible to get more information about the Retina plug-in system, and other of your products, in spanish?

    May 31, 2013 11:13:22, Reply

Additional articles

webinar_chalk

Webinar March 4th: Recreating the Carbanak Breach & Techniques for Mitigating Similar Attacks

Posted March 3, 2015    Lindsay Marsh

Join BeyondTrust Research and Development team for an in-depth live webinar that will explore the attack vectors used in the Carbanak Bank Breach and share successful mitigation techniques needed to prevent this type of attack.

Tags:
, ,
VMware Hardening Guidelines-img3

How to Audit VMware ESX and ESXi Servers Against the VMware Hardening Guidelines with Retina CS

Posted February 27, 2015    BeyondTrust Research Team

Retina CS Enterprise Vulnerability Management has included advanced VMware auditing capabilities for some time, including virtual machine discovery and scanning through a cloud connection, plus the ability to scan ESX and ESXi hosts using SSH. However, in response to recent security concerns associated with SSH, VMware has disabled SSH by default in its more recent…

Tags:
, , , ,
dave-shackleford-headshot

Privileged Passwords: The Bane of Security Professionals Everywhere

Posted February 19, 2015    Dave Shackleford

Passwords have been with us since ancient times. Known as “watchwords”, ancient Roman military guards would pass a wooden tablet with a daily secret word engraved from one shift to the next, with each guard position marking the tablet to indicate it had been received. The military has been using passwords, counter-passwords, and even sound…

Tags:
, , ,