09:50 AM
Dark Reading
Dark Reading
Products and Releases

Ziften Improves Visibility, Control of Cloud Deployments on VMs Running Linux OS

AUSTIN, TEXAS – September 7, 2017— A majority of IT and security professionals identify security as the #1 barrier to moving more applications to the cloud, according to the “2017 Cloud Adoption Survey” by Evolve IP. Many companies today do not trust cloud hosting as they have difficulty maintaining the same level of visibility and security that they have in their physical data centers due to a lack of the proper tools. Data breaches, permanent data loss, compromised credentials, and Denial of Service (DoS) attacks are some of the top security concerns.

To address this challenge, Ziften, the leading provider of all-the-time visibility and control for client devices, servers, and cloud VMs, today announced new developments on its Zenith platform that strengthen vulnerability assessment, threat detection, and incident response in cloud VMs running Linux operating systems. Ziften Zenith is designed to address visibility and security shortcomings for enterprise cloud deployments regardless of the CSP or operating system.

Vulnerability and Risk Management in the Cloud

Ziften today announced paramount enhancements to its Zenith continuous vulnerability assessment and compliance capabilities for Linux operating systems such as Ubuntu, Debian, Redhat, and others. With Ziften Zenith, customers routinely reduce the number of non-compliant assets by as much as 80 percent or more. Security starts with proper vulnerability and risk management. Unpatched vulnerabilities have been the failure point in too many massive breaches over the last several years.

“Vulnerability and risk management of virtual systems running in the cloud is a critical component of effective systems and security operations programs,” said Mario Vuksan, Chief Executive Officer and Founder of ReversingLabs. “And due to the widespread use of Linux OS’s, systems management and security operations tools must support a wide range of capabilities for Linux based VMs including conducting detailed Linux vulnerability assessments.” On Amazon AWS alone, according to EC2 Statistics, Linux operating systems account for more than 90 percent of all platform deployments.

Threat Detection and Incident Response in the Cloud

Ziften bolsters its threat detection and indicators of compromise (IOC) libraries for Linux operating system environments, and automations for threat response on Linux based systems. “Threat detection and automated response in cloud environments is extremely important due to the critical nature of the data involved,” said Mike Hamilton, Chief Product Officer of Ziften. “Most cloud deployments by their very nature are exposed to the outside world and host or transact critical customer data making them a huge target. But many of the threat detection and response techniques being developed in the industry today are primarily focused on traditional Windows endpoints like laptops and desktops only.”

Additionally, Ziften uniquely enables long-term lookback forensics for threat investigations, even in the most dynamic cloud environments. Threat response requires historical forensic data to quickly scope, quarantine, and resolve the immediate threat; and to identify and resolve the root cause to prevent it from happening again. Unfortunately, forensic evidence in the cloud is quickly lost as virtual machines spin up and are routinely decommissioned. Ziften’s unique ability to save cloud visibility data for 12 or more months allows for thorough forensic investigations, and complete lifecycle remediation of underlying issues.

Visibility and Control Over Multi-Cloud Strategies

Ziften Zenith overcomes cloud monitoring and security shortcomings by providing networking, IT, and security staff visibility and control of all virtual operating systems deployed across any cloud service provider whether it is Amazon AWS, Microsoft Azure, Google Cloud, IBM Bluemix, Rackspace or others. Most companies today cannot maintain the same level of visibility in the cloud that they have in their physical data centers because of lack of the proper tools. Exacerbating the issue is that 85 percent of enterprises have a multi-cloud strategy, up from 82 percent in 2016, according to a January 2017 RightScale “State of the Cloud Survey”.

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
'Hidden Tunnels' Help Hackers Launch Financial Services Attacks
Kelly Sheridan, Staff Editor, Dark Reading,  6/20/2018
Inside a SamSam Ransomware Attack
Ajit Sancheti, CEO and Co-Founder, Preempt,  6/20/2018
Tesla Employee Steals, Sabotages Company Data
Jai Vijayan, Freelance writer,  6/19/2018
Register for Dark Reading Newsletters
White Papers
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2018-06-25
The API service on Google Home and Chromecast devices before mid-July 2018 does not prevent DNS rebinding attacks from reading the scan_results JSON data, which allows remote attackers to determine the physical location of most web browsers by leveraging the presence of one of these devices on its l...
PUBLISHED: 2018-06-24
DIGISOL DG-BR4000NG devices have XSS via the SSID (it is validated only on the client side).
PUBLISHED: 2018-06-24
DIGISOL DG-BR4000NG devices have a Buffer Overflow via a long Authorization HTTP header.
PUBLISHED: 2018-06-24
An issue was discovered in the Linux kernel through 4.17.2. The filter parsing in kernel/trace/trace_events_filter.c could be called with no filter, which is an N=0 case when it expected at least one line to have been read, thus making the N-1 index invalid. This allows attackers to cause a denial o...
PUBLISHED: 2018-06-24
GIMP through 2.10.2 makes g_get_tmp_dir calls to establish temporary filenames, which may result in a filename that already exists, as demonstrated by the gimp_write_and_read_file function in app/tests/test-xcf.c. This might be leveraged by attackers to overwrite files or read file content that was ...