Resources_

Tips, tutorials, and best practices for protecting Linux clouds and data centers.

Podcasts_

Risky Biz Soap Box: Cmd’s Jake King talks Linux security

Jake has fronted this edition of the show with an exclusive offer to Risky Business listeners, which is free use of their software. Obviously you won’t get access to absolutely all its features, but certainly enough of them to be very, very useful. They’re getting to the point where they can do this – throw out most of the functionality and just sell the icing on the cake to companies who want it.

Jake King discusses MITRE ATT&CK on Risky Biz #560

This week’s sponsor interview with Jake King of CMD Security. The topic is applying the MITRE ATT&CK framework and can be heard starting at minute 42 of the podcast episode

Cmd Sponsors Darknet Diaries 54: NotPetya

This is the story of NotPetya. Which seems to be the first time we’ve seen what a cyber war looks like. In the summer of 2017 Ukraine suffered a serious and catastrophic cyber attack on their whole country. Hear how it went down, what got hit, and who was responsible.

Cmd Sponsors Darknet Diaries 52: Magecart

Credit card skimming is growing in popularity. Gas pumps all over are seeing skimmers attached to them. It’s growing in popularity because it’s really effective. Hackers have noticed how effective it is and have began skimming credit cards from websites.

Videos_

Solution sheets_

Cmd for Securing Root Users & Privileged Accounts

There are many reasons for Linux Admins and DevOps to escalate privileges in Linux. Whether for updating configuration files, deploying updates, or addressing a real-time security threat—sudo is just a fact of Linux life. Unfortunately, root access has always been a security hole you can drive a truck through, as Linux provides no way to restrict what a root user or superuser can do for the purpose of enforcing security policy.

Cmd for Cloud Compliance & Auditing

Legacy solutions for auditing activity and enforcing compliance on Linux are not suitable for modern cloud platforms. Cloud operators are forced to use a hodge-podge of home-built scripts and outdated utilities that fail to meet the security and flexibility needs demanded by fast-paced, high-scale cloud environments.

Cmd for High-Fidelity Threat Detection & Incident Response on Linux

The volume and sophistication of attacks on Linux servers continues to rise as more and more critical information is stored in cloud applications running on Linux. Attackers quickly gain shell access, use native Linux tools to conduct reconnaissance, and move laterally from machine to machine. Most security solutions fail to provide visibility and detection for these Linux-specific techniques. Security teams need detailed Linux telemetry to investigate and neutralize these threats effectively.

Addressing SOC2 Compliance with Cmd

Cmd provides Linux security solutions for public and private cloud platforms and data centers. Cmd’s products help businesses simplify and accelerate the process of gathering data for their SOC 2 audit, with information that’s both higher quality and more meaningful. This document details how Cmd’s core features map to the latest specific SOC 2 Trust Services Criteria (2017 TSC).

Build security that works for DevOps, not against

In an ideal world, DevOps and security work hand-in-hand to deliver secure code quickly. This would make sense right? Well unfortunately, we all know that reality can be different. Too often, security slows down DevOps and interrupts how developers carry out their day-to-day work. Fortunately there are ways to keep DevOps running smoothy with meaningful security controls in place.

Cmd for Securing High-Velocity DevOps on Linux Clouds

Without appropriate security controls, privileged accounts can accidentally delete whole directories, export PII and sensitive data against compliance, or make changes that bring entire production stacks down. However, security policies can have a debilitating impact on DevOps in Linux cloud environments. When deployment or operational issues happen, DevOps needs to address them quickly — but they can’t if root access is limited or developers are forbidden from production.

Cmd vs. Auditd

Typical auditd solution can be complicated with limited capabilities. With Cmd, all user activity is stored in our intuitive, searchable engine that lets you view individual sessions like you are looking over the user’s shoulder, complete with full system context with each command. With easy to read output – find what you’re looking for fast and capture everything you need right out of the box.

Cmd for Production Linux vs. Legacy PAM

Privileged Access Management (PAM) is a core capability in any mission-critical environment. Without it, anyone with a password can get free rein across your servers, leading to downtime, operational issues, and breaches. Legacy PAM solutions are becoming less effective and DevOps can’t be slowed down by these out-of-date legacy PAM systems.

Whitepapers_

A SANS Whitepaper – Taming the Wild West: Finding Security on Linux

Although Linux has historically been less prone to attacks, increased enterprise use on-premises and in the cloud means it has become as common a target as Windows environments. This whitepaper looks at the deficiencies of Linux from a security perspective and how to lock Linux down more effectively.

Four Reasons Why Linux Attacks Will Grow in 2020

Does it feel like security news feeds are talking about Linux attacks a lot more lately? The fact is, Linux is quickly becoming a more attractive target for attackers. There were quite a few notable Linux attacks in 2019 – and they seem to be increasing in frequency, sophistication and severity.

Recorded webinars_

7 Techniques for Ramping Your DevSecOps Program Quickly

CEO of Cmd, Jake King, as he discusses 7 DevOps-friendly techniques that will help you seamlessly incorporate security so you can ramp quickly and still deliver code on time.

SANS Institute: Taming Linux for Enterprise Security

Linux historically has been less prone to attacks, its increased use on-premises and in the cloud means it has become as common a target as Windows environments. In this webinar featuring SANS analyst, Matt Bromiley, we will discuss deficiencies of Linux from a security perspective and how to lock it down more effectively.

Redefining Privileged Access Management for Agile Cloud Environments

Managing privileged access inside cloud environments is completely different from the corporate environment. We love Linux because it’s so fast to build and deploy web apps, but the minute you want to put any kind of centralized security or control over that environment, you risk running DevOps into the ground.

The fact is, DevOps needs elevated access like root and sudo to deploy code and fix issues as quickly as possible. However, we also need a centralized way to manage that access so security policies are enforced on sprawling cloud hosts/containers.

How to Use Access Guardrails to Protect Your Cloud & Empower DevOps