Welcome Risky Biz listeners! Sign up for Cmd Free here!
Tips, tutorials, and best practices for protecting Linux clouds and data centers.
Jake has fronted this edition of the show with an exclusive offer to Risky Business listeners, which is free use of their software. Obviously you won’t get access to absolutely all its features, but certainly enough of them to be very, very useful. They’re getting to the point where they can do this – throw out most of the functionality and just sell the icing on the cake to companies who want it.
This week’s sponsor interview with Jake King of CMD Security. The topic is applying the MITRE ATT&CK framework and can be heard starting at minute 42 of the podcast episode
This is the story of NotPetya. Which seems to be the first time we’ve seen what a cyber war looks like. In the summer of 2017 Ukraine suffered a serious and catastrophic cyber attack on their whole country. Hear how it went down, what got hit, and who was responsible.
Credit card skimming is growing in popularity. Gas pumps all over are seeing skimmers attached to them. It’s growing in popularity because it’s really effective. Hackers have noticed how effective it is and have began skimming credit cards from websites.
There are many reasons for Linux Admins and DevOps to escalate privileges in Linux. Whether for updating configuration files, deploying updates, or addressing a real-time security threat—sudo is just a fact of Linux life. Unfortunately, root access has always been a security hole you can drive a truck through, as Linux provides no way to restrict what a root user or superuser can do for the purpose of enforcing security policy.
Legacy solutions for auditing activity and enforcing compliance on Linux are not suitable for modern cloud platforms. Cloud operators are forced to use a hodge-podge of home-built scripts and outdated utilities that fail to meet the security and flexibility needs demanded by fast-paced, high-scale cloud environments.
The volume and sophistication of attacks on Linux servers continues to rise as more and more critical information is stored in cloud applications running on Linux. Attackers quickly gain shell access, use native Linux tools to conduct reconnaissance, and move laterally from machine to machine. Most security solutions fail to provide visibility and detection for these Linux-specific techniques. Security teams need detailed Linux telemetry to investigate and neutralize these threats effectively.
Cmd provides Linux security solutions for public and private cloud platforms and data centers. Cmd’s products help businesses simplify and accelerate the process of gathering data for their SOC 2 audit, with information that’s both higher quality and more meaningful. This document details how Cmd’s core features map to the latest specific SOC 2 Trust Services Criteria (2017 TSC).
In an ideal world, DevOps and security work hand-in-hand to deliver secure code quickly. This would make sense right? Well unfortunately, we all know that reality can be different. Too often, security slows down DevOps and interrupts how developers carry out their day-to-day work. Fortunately there are ways to keep DevOps running smoothy with meaningful security controls in place.
Have you noticed that “single-track defense” method of protecting your environments is beginning to be much too simple? So have many other organizations around the globe. They are starting to implement Linux-based platforms to their networks due to their ease of use on-premises and in the cloud.
Without appropriate security controls, privileged accounts can accidentally delete whole directories, export PII and sensitive data against compliance, or make changes that bring entire production stacks down. However, security policies can have a debilitating impact on DevOps in Linux cloud environments. When deployment or operational issues happen, DevOps needs to address them quickly — but they can’t if root access is limited or developers are forbidden from production.
Typical auditd solution can be complicated with limited capabilities. With Cmd, all user activity is stored in our intuitive, searchable engine that lets you view individual sessions like you are looking over the user’s shoulder, complete with full system context with each command. With easy to read output – find what you’re looking for fast and capture everything you need right out of the box.
Privileged Access Management (PAM) is a core capability in any mission-critical environment. Without it, anyone with a password can get free rein across your servers, leading to downtime, operational issues, and breaches. Legacy PAM solutions are becoming less effective and DevOps can’t be slowed down by these out-of-date legacy PAM systems.
Although Linux has historically been less prone to attacks, increased enterprise use on-premises and in the cloud means it has become as common a target as Windows environments. This whitepaper looks at the deficiencies of Linux from a security perspective and how to lock Linux down more effectively.
Does it feel like security news feeds are talking about Linux attacks a lot more lately? The fact is, Linux is quickly becoming a more attractive target for attackers. There were quite a few notable Linux attacks in 2019 – and they seem to be increasing in frequency, sophistication and severity.
CEO of Cmd, Jake King, as he discusses 7 DevOps-friendly techniques that will help you seamlessly incorporate security so you can ramp quickly and still deliver code on time.
Linux historically has been less prone to attacks, its increased use on-premises and in the cloud means it has become as common a target as Windows environments. In this webinar featuring SANS analyst, Matt Bromiley, we will discuss deficiencies of Linux from a security perspective and how to lock it down more effectively.
Managing privileged access inside cloud environments is completely different from the corporate environment. We love Linux because it’s so fast to build and deploy web apps, but the minute you want to put any kind of centralized security or control over that environment, you risk running DevOps into the ground.
The fact is, DevOps needs elevated access like root and sudo to deploy code and fix issues as quickly as possible. However, we also need a centralized way to manage that access so security policies are enforced on sprawling cloud hosts/containers.
Managing identities and access inside cloud environments is completely different from the corporate environment. We love Linux because it’s so fast to build and deploy web apps, but the minute you want to put any kind of centralized security or control over that environment, you risk running DevOps into the ground.
The fact is, we need DevOps to run fast and lean, but we also need a centralized way to manage access, secure cloud-based systems, and enforce security policies on cloud hosts, virtualized servers, and containers. In this session we’ll talk about moving from heavy-handed access control to lightweight, agile access guardrails that are built specifically for DevOps.