AI, cyber terrain analytics improve hybrid multicloud security

VenturebBeat | May 21, 2021

Typical hybrid cloud IT integration strategies have fundamental design flaws that CIOs and CISOs need to address if they’re going to avert another attack on the scale of SolarWinds.

…any network mapping platform needs to excel at visualization and provide insightful analysis at a graphical level to identify potential security anomalies and actual breach activity. Useful in understanding this is the following example of how RedSeal’s cyber risk modeling software for hybrid cloud environments works.

RedSeal Named Cloud Security Market Leader at 2021 Global Infosec Awards

Cyber Defense Magazine | May 19, 2021

Cyber Defense Magazine (CDM), the industry’s leading electronic information security magazine, has named RedSeal as the winner in the Cloud Security Market Leader at their Infosec Awards for 2021.

The publication made their selections from over 3,200 companies who create and offer the most respected InfoSec products and services.

11 Tech Experts Share Smart Steps For Protecting Your Personal Information Online

Forbes | May 18, 2021

10. Be especially careful with your money accounts.

Take extra trouble over your money accounts. Treat them as different from all your others. Don’t reuse passwords for financial accounts—ever. Ask anyone who has your money about “two-factor authentication,” and if they don’t offer it, move your account. If possible, push for two-factor that doesn’t depend on text messages (SMS)—it’s too easy to hack. – Mike Lloyd, RedSeal CTO

Cloud Security Posture Management and RedSeal

Pilots know that to fly safely means keeping track of the weather. They track storm fronts because that is where the turbulence is. Pilots lose their wings if they fly blindly into the air.

Gaps in your security posture are where the cyber storm fronts are. The cyber storm is both on-prem and in the cloud. To do your job correctly, you need to get an accurate forecast today of the cyber weather.

The rush to move assets into the cloud has created all sorts of new stormy weather to contend with.

Pilots and Weather

A nationally recognized financial institution, a large well-resourced company, did not check the security gaps and was caught off guard when Paige Thompson, former AWS software engineer, exploited a misconfigured web application firewall to access one of their servers. That server contained 140,000 Social Security numbers, 1 million Canadian Social Insurance numbers, 80,000 bank account numbers, and an undisclosed number of customers’ personal information. Thompson then attempted to share access to the information with others online, per CNN.

Had the organization’s cyber team acted like safety-conscious pilots and checked the weather first, they would have noticed the misconfigurations before someone on the outside did.

So, what is the cyber equivalent of checking the weather?

Cloud Security Posture Management

Cloud security posture management (CSPM) automates the identification and remediation of risks across cloud infrastructures, including Infrastructure as a Service (IaaS), Software as a Service (SaaS) and Platform as a Service (PaaS).

Without CSPM, developers can create any number of instances in the cloud, and deploy them, with little oversight.

According to Threatpost, the team at Imperva created an internal compute instance that was misconfigured and publicly accessible. Worse, it had an AWS API key that enabled attackers to access a database snapshot and exfiltrate customer information.

It was reported that security researchers found MongoDB database, run by a vendor, that was left unprotected on a cloud server and contained 2.8 million CenturyLink data records belonging to several hundred thousand of the tech company’s customers.

Why? Most companies have a lack of central control and value speed over security.

If large companies like these are messing up the necessary security configurations in their cloud services, then medium and small sized firms are unquestionably doing the same thing, given their lack of resources.

How is the RedSeal Approach to CSPM Different?

The thing is, most enterprise networks are hybrid, spanning both public and private cloud environments along with physical network infrastructure. While you may have security tools for each environment, you probably cannot see how your whole network is woven together.

RedSeal’s cloud security solution is the only product that brings complex hybrid multi-cloud networks into one unified model. You’ll be able to understand all your network environments in one dynamic visualization, where your high-value assets are, and all the ways they are vulnerable to attack.

RedSeal shows you all possible network access — across, within and between public cloud, private cloud and physical network environments — whether the access is intended or not.

RedSeal allows SMBs to compete and defend themselves and overcome their lack of experience. The responsibility for security is different on different platforms, and smaller companies automatically assume that it has been taken care of, when it’s not. Moreover, different providers use different terminology for the same services.

You are only milliseconds away from the bad guy.

Pilots are grounded when they fly willy-nilly into a dangerous storm, if they are lucky enough to still be alive. Gaps in your security posture are the cyber storms you have to contend with and plan for. These storms are both on-prem and in the cloud. Today’s accurate forecast of the cyber weather comes from RedSeal.

Happy flying!

For more information, visit our page Understand Your Hybrid Multi-Cloud Network.

RedSeal Receives 2021 MedTech Breakthrough Award for “Best Overall Healthcare Cybersecurity Solution”

MedTech Breakthrough Awards | May 6, 2021

RedSeal has named been the winner of the 2021 MedTech Breakthrough Award for “Best Overall Healthcare Cybersecurity Solution.” The awards celebrate the world’s most outstanding digital health and medical technology products, services and companies around the world. This year’s award winners were selected from more than 3,850 nominations from across the globe.

After pipeline attack, former DHS cyber leader says ‘stop with the half measures’; security pros urge action in infrastructure bill

Inside Cybersecurity | May 11, 2021

“The President’s new infrastructure plan must incorporate cybersecurity or the new ports, electrical grids and rail systems it proposes will become a bonanza for hackers looking to exploit supply chains along with critical infrastructure,” said Wayne Lloyd, CTO of Federal at RedSeal.

“We live in a digitized world, and the facilities that would be constructed will add to the complexity of the critical infrastructure networks and further expose unintended access points,” Lloyd said. “These networks are increasingly exceeding the ability of humans to fully account for, making it essential that the White House secures the infrastructure by mandating compliance with existing NIST frameworks for the IT & OT systems and funding for technologies that can help automate and monitor the state of compliance for things such as network segmentation, or we’re going to experience another breach on the scale of SolarWinds.”

Why don’t we live in walled cities anymore?

IT Pro Portal | April 27, 2021

Let’s analyze security and defense over the ages through a Covid lens.

From ancient Jericho through to medieval Constantinople, people built walls around cities as a main method of defense for around 10,000 years.  But we don’t live in walled cities any more – why not?  That’s a really big change, and it deserves an explanation.

Our companies aren’t walled cities, but they certainly had a strong tradition of being centralized and walled off.  A year ago, we suddenly found that we couldn’t do that any longer. I’ve spoken to many managers who were frankly surprised at how well it has worked to abruptly change the paradigm, and let people work out in the community, away from the supervisor’s beady eye, and outside the protective walls of the building or the network.

RedSeal Named Govies Winner for Network Security in 2021

Security Today | April 19, 2021

RedSeal has been named a Platinum winner of Security Today’s Govies Government Security Award in the “Network Security” category. Security Today magazine is the only integrated product and technology magazine reaching the entire security market and the awards honor outstanding government security products in a variety of categories.

What You Need to Know About CMMC Certification

MSSP Alert | April 15, 2021

As the Cybersecurity Maturity Model Certification (CMMC) nears full implementation, affected organizations are scurrying to ensure they’ll pass the certification process.

The goal is simple: organizations must meet minimum cybersecurity standards, and in doing so, they do their part to improve national security. The stakes are extraordinarily high for the estimated 300,000 defense industrial base (DIB) organizations which will soon need to be certified to one of the five CMMC levels to be eligible to be awarded a federal contract. Simply stated: no certification, no contract. From the perspective of the U.S. Government and the Department of Defense, the stakes have always been high since the DIB plays such a critical role in the defense of our nation. The only way to ensure the protection of our data and the integrity of the supply chain is to hold industry to a higher standard.

Old Fortinet Flaws are being used to breach federal and commercial networks


RedSeal Cyber Threat Series
            

The Federal Bureau of investigation (FBI) and Cybersecurity and Infrastructure Security Agency (CISA) have released a joint advisory warning that 3 Fortinet CVEs (CVE 2018-13379, CVE-2020-12812, and CVE-2019-5591) are being leveraged to gain a foothold in government agency and commercial networks to be exploited in the future. The FBI and CISA observed attackers scanning for ports 4443, 8443, and 10443.

Enterprises should immediately patch their FortiOS software and follow the recommended configuration guidance.

RedSeal customers should:

  1. Run a custom best practice check to receive a list of vulnerable devices
  2. Create and run daily reports until all affected systems are patched.

For additional details, contact your RedSeal sales representatives or email info@redseal.net

References:

https://www.ic3.gov/Media/News/2021/210402.pdf

https://www.fortiguard.com/psirt/FG-IR-19-283

https://www.fortiguard.com/psirt/FG-IR-18-384

https://www.fortiguard.com/psirt/FG-IR-19-037

https://kb.fortinet.com/kb/documentLink.do?externalID=FD49410