09:50 AM
Dark Reading
Dark Reading
Products and Releases

Ziften Improves Visibility, Control of Cloud Deployments on VMs Running Linux OS

AUSTIN, TEXAS – September 7, 2017— A majority of IT and security professionals identify security as the #1 barrier to moving more applications to the cloud, according to the “2017 Cloud Adoption Survey” by Evolve IP. Many companies today do not trust cloud hosting as they have difficulty maintaining the same level of visibility and security that they have in their physical data centers due to a lack of the proper tools. Data breaches, permanent data loss, compromised credentials, and Denial of Service (DoS) attacks are some of the top security concerns.

To address this challenge, Ziften, the leading provider of all-the-time visibility and control for client devices, servers, and cloud VMs, today announced new developments on its Zenith platform that strengthen vulnerability assessment, threat detection, and incident response in cloud VMs running Linux operating systems. Ziften Zenith is designed to address visibility and security shortcomings for enterprise cloud deployments regardless of the CSP or operating system.

Vulnerability and Risk Management in the Cloud

Ziften today announced paramount enhancements to its Zenith continuous vulnerability assessment and compliance capabilities for Linux operating systems such as Ubuntu, Debian, Redhat, and others. With Ziften Zenith, customers routinely reduce the number of non-compliant assets by as much as 80 percent or more. Security starts with proper vulnerability and risk management. Unpatched vulnerabilities have been the failure point in too many massive breaches over the last several years.

“Vulnerability and risk management of virtual systems running in the cloud is a critical component of effective systems and security operations programs,” said Mario Vuksan, Chief Executive Officer and Founder of ReversingLabs. “And due to the widespread use of Linux OS’s, systems management and security operations tools must support a wide range of capabilities for Linux based VMs including conducting detailed Linux vulnerability assessments.” On Amazon AWS alone, according to EC2 Statistics, Linux operating systems account for more than 90 percent of all platform deployments.

Threat Detection and Incident Response in the Cloud

Ziften bolsters its threat detection and indicators of compromise (IOC) libraries for Linux operating system environments, and automations for threat response on Linux based systems. “Threat detection and automated response in cloud environments is extremely important due to the critical nature of the data involved,” said Mike Hamilton, Chief Product Officer of Ziften. “Most cloud deployments by their very nature are exposed to the outside world and host or transact critical customer data making them a huge target. But many of the threat detection and response techniques being developed in the industry today are primarily focused on traditional Windows endpoints like laptops and desktops only.”

Additionally, Ziften uniquely enables long-term lookback forensics for threat investigations, even in the most dynamic cloud environments. Threat response requires historical forensic data to quickly scope, quarantine, and resolve the immediate threat; and to identify and resolve the root cause to prevent it from happening again. Unfortunately, forensic evidence in the cloud is quickly lost as virtual machines spin up and are routinely decommissioned. Ziften’s unique ability to save cloud visibility data for 12 or more months allows for thorough forensic investigations, and complete lifecycle remediation of underlying issues.

Visibility and Control Over Multi-Cloud Strategies

Ziften Zenith overcomes cloud monitoring and security shortcomings by providing networking, IT, and security staff visibility and control of all virtual operating systems deployed across any cloud service provider whether it is Amazon AWS, Microsoft Azure, Google Cloud, IBM Bluemix, Rackspace or others. Most companies today cannot maintain the same level of visibility in the cloud that they have in their physical data centers because of lack of the proper tools. Exacerbating the issue is that 85 percent of enterprises have a multi-cloud strategy, up from 82 percent in 2016, according to a January 2017 RightScale “State of the Cloud Survey”.

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
SEC: Companies Must Disclose More Info on Cybersecurity Attacks & Risks
Kelly Jackson Higgins, Executive Editor at Dark Reading,  2/22/2018
Facebook Aims to Make Security More Social
Kelly Sheridan, Associate Editor, Dark Reading,  2/20/2018
Register for Dark Reading Newsletters
White Papers
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
How to Cope with the IT Security Skills Shortage
Most enterprises don't have all the in-house skills they need to meet the rising threat from online attackers. Here are some tips on ways to beat the shortage.
Flash Poll
[Strategic Security Report] Navigating the Threat Intelligence Maze
[Strategic Security Report] Navigating the Threat Intelligence Maze
Most enterprises are using threat intel services, but many are still figuring out how to use the data they're collecting. In this Dark Reading survey we give you a look at what they're doing today - and where they hope to go.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.