Cmd.com will be migrated to Elastic.co shortly.
By: Jennifer Ellard
Centralizing security controls over decentralized Linux farms is not easy, especially when trying to still allow DevOps the freedom they need to troubleshoot, upgrade and maintain the environment without having to relearn any tools or processes. That is where Cmd can help — putting access guardrails on Linux that ensure control while leaving DevOps with the flexibility they need to do their jobs. And the good news is that recent improvements in Cmd have made Linux security even easier to uphold while simultaneously adding features for advanced security. Here’s what’s new!
The Cmd home page and alerts are where security administrators spend most of their time, so we set out to make important information more visible and actionable. Alerts are now more accessible and easier to discern with alert bars instead of numbers.
Alerts and notices can now also be grouped by IP, user, trigger, city, server or server group. Additionally, we’ve added more information to help you resolve alerts including session ID and made the total number of alerts from that session more prominent. All of this adds up to faster prioritization and cleaner alert management.
Another advancement in alerts is more information about users. Purple icons now represent users who have authenticated their identities with Cmd, allowing us to attribute those sessions to the appropriate users. Stars indicate users who executed a command as root when the alert fired. This additional information helps you to quickly assess user involvement in the issue.
We’ve also added a capability that lets you quickly dismiss related alerts in the same session, so you don’t have to click through and resolve each alert individually.
No one likes deciphering server names. That’s why we now support customizable, human-readable names for all your servers. You can assign your servers names that your team can understand without a reference sheet. And while server names are limited to 128 characters, you can go wild with a-z, A-Z, 0–9, spaces, underscores, colons, periods and dashes.
We’ve also improved the automation process for naming servers. Previously the server’s config file was only checked during installation and the name could not be changed unless in the Cmd interface. This unfortunately led to unnamed servers. Now, each time a server without a name connects to Cmd, we check its config file and set the server name accordingly.
We value data privacy, and we know that protecting your PII and customer data is a key concern. To make sure that sensitive information doesn’t leave your network, we redesigned our data scrubbers — little routines that identify and redact data deemed to be sensitive — to be more efficient, more flexible, simpler to test and manage.
Here’s what we did:
Security admins love control. So we’ve added two new features to increase control of installed software versions.
As more critical data is stored and accessed via your Linux environment, being able to monitor administrative root access activity has never been more important. We get it and we want to help Cmd users quickly respond. Whether it be a simple mistake or a true threat, you’ve got to react quickly. Luckily, these improvements will help you to be more efficient all while keeping your Linux systems secure.
Ramp up your Linux defense strategies
and see what you've been missing.