In our previous piece 10 Essential Steps for Configuring a New Server we walked through some of the best practices to follow when setting up a new Linux server. But how can you tell if your server is setup correctly? More importantly, how can you ensure those initial configurations don’t drift over time? With UpGuard, you can do both at any scale, so we’ve created a policy within our cyber resilience platform to match our 10 essential steps as an example of how we can help organizations control their IT environments.
15 second visibility versus three decades of infosec experience, which will ultimately prevail? Tanium claims it can provide security teams with visibility and control over every endpoint in 15 seconds or less, regardless of network size; Intel Security is of course the venerable McAfee, rebranded/repositioned after being acquired by its current namesake in 2011. Find out how these two compare when it comes to protecting today's enterprises against cyber threats.
Linux admins have relied on the command line to manage their systems since the beginning. While not as immediately intuitive as a GUI, command line interfaces (CLIs) open up the real power of computing with a slew of versatile commands that can be chained together for nearly any purpose. GUIs, on the other hand, are limited to the nearly always reduced functionality developers built into the buttons and screens. This model makes sense, since only some people will need the “advanced” capabilities of the command line, while others perform only a few tasks over and over with a minimum of knowledge about the software. Regular command line users develop a sense of how to best use the commands over time, but with this UpGuard primer, even dabblers can take advantage of some quick tricks using these five basic Linux commands.
Effective cybersecurity these days is a complex and multifaceted affair involving a myriad of approaches: intrusion detection/prevention, vulnerability detection, malware mitigation, security configuration management (SCM), security information and event management (SIEM), patch management, file integrity monitoring (FIM), and more. For most organizations, however, the shortest path of least resistance means deploying a consolidated platform combining a multitude of these approaches. Tenable SecurityCenter Continuous View (CV) and Symantec Endpoint Protection are two such offerings.
Cyber security compliance standards exist to protect devices, data and people connected to the internet from the myriad threats facing them every day. For example, regulations like the North American Electric Reliability Corporation’s (NERC) Critical Infrastructure Protection (CIP) standards ensure businesses operating in the power industry follow certain guidelines with regard to cybersecurity in order to keep the service they provide reliable. Typically, devices that fall within the scope of these regulations include computers, network devices, and other network-connected devices, such as industry-specific tools, card scanners, etc. But what happens when everything is connected to the network?
Continuous monitoring is critical for ensuring that IT assets and controls meet business requirements and expectations—constantly assessing and validating them for quality, integrity, and security. This involves not only identifying infrastructure bugs and issues, but also issues with applications and their components. Deteriorating software performance and downtime can be just as devastating to the business as a data breach or security compromise, and is quite often a red flag for cyber attacks in progress. Two leading solutions, Datadog and SignalFx, can help you spot and decipher the smoke signals before your business goes up in flames.
When it comes to compliance, passing audits means providing adequate documentation that you've taken the necessary steps to secure your environment. Sometimes creating this documentation can be just as difficult as enacting the security measures themselves, so software solutions exist that are supposed to streamline the compliance documentation process and make it easy for both companies and auditors to determine compliance. Tripwire offers a compliance solution with their suite of products, while Industrial Defender, now owned by defense contractor Lockheed Martin, offers their Automated Systems Manager (ASM) product.
Despite espousing a common, layered approach to security these days, most enterprise security suites have taken markedly divergent paths to essentially arrive at the same location. For example, some solutions started out as intrusion detection and protection systems (IDPS) and gradually added on vulnerability detection and security information and event management (SIEM). Others began as penetration testing (pentesting) tools—or have built their offerings around pen testing—and similarly expanded their solutions to include other security mechanisms like endpoint protection and anomaly detection. Core Security and Rapid7 are two such enterprise security suites; let's see how they stack up in this comparison.
Most of us take SaaS availability and uptime for granted: we assume that our favorite cloud-based tools will always be available when we need them. For cloud service providers, however, meeting these expectations is a magnanimous effort, usually involving elaborate CI/CD toolchains and sophisticated frameworks for failover and continuity. Application performance monitoring (APM) solutions form part of these frameworks—in this comparison, we'll take a look at two such popular offerings, AppDynamics and Dynatrace.
Continuous security and vulnerability detection—both Tenable and Qualys have built industry-leading suites around these two cybersecurity disciplines. The latter in particular serves as a focal point for both vendors, with Tenable SecurityCenter and Qualys Enterprise going head-to-head for the top slot in the vulnerability management category. Let's see how the two stack up in this comparison.