Ziften announced new developments on its Zenith platform that strengthen vulnerability assessment, threat detection, and incident response in cloud VMs running Linux operating systems. Ziften Zenith is designed to address visibility and security shortcomings for enterprise cloud deployments regardless of the CSP or operating system.
Vulnerability and Risk Management in the Cloud
Ziften today announced paramount enhancements to its Zenith continuous vulnerability assessment and compliance capabilities for Linux operating systems such as Ubuntu, Debian, Redhat, and others. With Ziften Zenith, customers routinely reduce the number of non-compliant assets by as much as 80 percent or more. Security starts with proper vulnerability and risk management. Unpatched vulnerabilities have been the failure point in too many massive breaches over the last several years.
“Vulnerability and risk management of virtual systems running in the cloud is a critical component of effective systems and security operations programs,” said Mario Vuksan, Chief Executive Officer and Founder of ReversingLabs. “And due to the widespread use of Linux OS’s, systems management and security operations tools must support a wide range of capabilities for Linux based VMs including conducting detailed Linux vulnerability assessments.” On Amazon AWS alone, according to EC2 Statistics, Linux operating systems account for more than 90 percent of all platform deployments.
Threat Detection and Incident Response in the Cloud
Ziften bolsters its threat detection and indicators of compromise (IOC) libraries for Linux operating system environments, and automation for threat response on Linux based systems. “Threat detection and automated response in cloud environments is extremely important due to the critical nature of the data involved,” said Mike Hamilton, Chief Product Officer of Ziften. “Most cloud deployments by their very nature are exposed to the outside world and host or transact critical customer data making them a huge target. But many of the threat detection and response techniques being developed in the industry today are primarily focused on traditional Windows endpoints like laptops and desktops only.”
Additionally, Ziften uniquely enables long-term lookback forensics for threat investigations, even in the most dynamic cloud environments. Threat response requires historical forensic data to quickly scope, quarantine, and resolve the immediate threat; and to identify and resolve the root cause to prevent it from happening again. Unfortunately, forensic evidence in the cloud is quickly lost as virtual machines spin up and are routinely decommissioned. Ziften’s unique ability to save cloud visibility data for 12 or more months allows for thorough forensic investigations, and complete lifecycle remediation of underlying issues.
Visibility and Control Over Multi-Cloud Strategies
Ziften Zenith overcomes cloud monitoring and security shortcomings by providing networking, IT, and security staff visibility and control of all virtual operating systems deployed across any cloud service provider whether it is Amazon AWS, Microsoft Azure, Google Cloud, IBM Bluemix, Rackspace or others. Most companies today cannot maintain the same level of visibility in the cloud that they have in their physical data centers because of lack of the proper tools. Exacerbating the issue is that 85 percent of enterprises have a multi-cloud strategy, up from 82 percent in 2016, according to a January 2017 RightScale “State of the Cloud Survey”.