RedSeal Response to Log4j Vulnerability

Dear Customer,

The purpose of this message is to outline the steps you can take using your RedSeal system to:

  1. Get the list of hosts and devices that have the Log4j vulnerability
    • This list can be exported into a ticketing system or provided as a spreadsheet to your mitigation teams
  2. Gain visibility into the access from and to Untrusted Sources to the vulnerable hosts and devices
  3. Use the actionable insights to put in place compensating controls to mitigate the risk

RedSeal is aware of the recent vulnerabilities related to Log4j, and RedSeal Classic software is not vulnerable. Please contact our RedSeal support at support@redseal.net if you have more questions.

This note applies to customers using RedSeal and importing vulnerability data into RedSeal from scanners and the customer.

Prerequisites:

  1. Updated the scan vendor’s product so that the Scan Library includes the Log4j Vulnerabilities CVE-2021-44228, CVE-2021-45046, and CVE-2021-4104
  2. Completed either a partial scan, or ideally a “Full Scan” of the network
  3. Downloaded the latest RedSeal TRL that includes the above-mentioned vulnerabilities
    • This was published on the RedSeal Support site on 12-17-2021 at 2pm Pacific Standard Time
  4. Perform a Data Collection task on your Scanner
  5. Run RedSeal analysis

These Steps show the processes to identify vulnerable hosts and devices, and then show Untrusted Source access to hosts and devices, and also the access from the hosts and devices to an untrusted destination. This is important in being able to prioritize your mitigation efforts.

The Methodology is called Discover Investigate and Act. In the case of Log4j: Discover infected devices and host, Investigate access paths to and from untrusted areas, and then provide data to immediately Act upon.

 

Update from December 15, 2021:

This note is the second update related to the Log4j vulnerability and impact on the RedSeal Classic product.

RedSeal is aware of the two additional vulnerabilities (CVE-2021-45046 and CVE-2021-4104) impacting the Apache Log4j utility reported on December 14, 2021. We have analyzed both disclosures, but neither changes the conclusions as per our message on December 13, 2021. All versions of RedSeal Classic are not vulnerable to the three reported CVEs.

As a proactive measure, RedSeal will be upgrading the Log4j beginning RedSeal 9.5.3 and forward and send additional communication via email and post updates on the RedSeal support portal.

If you have further questions, please contact RedSeal support at support@redseal.net.

 

Original Message December 13, 2021:

RedSeal is aware of the recent vulnerability (CVE-2021-44228) impacting the Apache Log4j2 utility reported on December 10, 2021. Log4j2 is a popular open-source, Java-based logging framework commonly incorporated into Apache web servers and many other java applications.

In all versions of RedSeal, the JDK environment ships with a default setting that prevents exploitation of the above-reported vulnerability. External research by CrowdStrike and others indicate that certain JDK’s include a setting that prevents exploitation, and RedSeal Classic is built on one of the improved JDK versions.

RedSeal engineering is continuing further testing and evaluation and will be communicating if there are any further steps customers should take on RedSeal support portal.

If you have further questions, please contact RedSeal support at support@redseal.net.

RedSeal Opens Stratus Early Adopter Program to Security Teams Struggling with Cloud Security

Stratus — a SaaS-based Cloud Security Posture Management (CSPM) solution — addresses dangers of exposure and unintended access issues; Free webinar and demo on December 8

SAN JOSE, Calif., Dec. 01, 2021 (GLOBE NEWSWIRE) — RedSeal today introduced its Stratus Early Adopter Program, which provides select customers and prospects the opportunity to evaluate the company’s new SaaS-based Cloud Security Posture Management (CSPM) solution. The new Stratus SaaS offering is focused on providing visibility to cloud and Kubernetes inventory and determining exposed resources in cloud and hybrid cloud environments.

Implementing security controls for cloud environments now extends beyond the responsibility of traditional network security teams, and today includes application developers and DevOps teams. These controls must also consider workload containerization such as Kubernetes, and native offerings from Cloud Security Providers such as Amazon Web Services. As a result, there is exponential growth and pervasiveness of misconfigurations, which put high value resources at risk of unintended exposure to the Internet.

Current members of the Stratus Early Adopter Program represent enterprises ranging from banking and financial services firms, to federal government agencies and high-tech companies. These users have reported benefiting from Stratus’ ability to easily see both exposure and conductivity in and across all accounts in a single view.

Security challenges in the cloud have become so prevalent that Gartner has defined CSPM as a new category of security products designed to identify misconfiguration issues and risks in the cloud. As a CSPM, RedSeal Stratus helps security teams better manage this increased risk by:

  • Immediately identifying which resources are unintentionally exposed to the Internet due to misconfigurations
  • Visualizing their complete AWS cloud architecture to truly understand connectivity between and within cloud resources
  • Understanding their Amazon Elastic Kubernetes Service (EKS) inventory and identifying overly permissive user and service accounts

“Everyone knows that visibility is critical for CSPM to meet its full potential, but very few vendors are delivering on this promise,” said Bryan Barney, RedSeal CEO. “What makes visibility so powerful is the true calculation of access and exposure, and not simply the reliance on CSP settings. With RedSeal Stratus, we are now providing the most accurate, reliable and actionable approach to calculating access and exposure in the cloud.”

RedSeal Stratus is currently focused on AWS cloud environments. Recognizing the demand for better security posture management across Microsoft Azure and Kubernetes environments, Stratus will evolve to support these platforms early next year, making Stratus a complete, robust CSPM solution. Participants of the Stratus Early Adopter Program are eligible for a free 6-month subscription to RedSeal Stratus, with up to 3,000 EC2 instances.

Stratus Webinar and Demonstration

RedSeal will be hosting a free webinar for customers and prospects interested in joining the Stratus Early Adopter Program. The online event will take place on Tuesday, December 8th at 11:00am PST and will provide an exclusive overview of RedSeal’s new SaaS-based CSPM solution. The webinar will cover how RedSeal Stratus can help security teams better manage increased cloud security risks with:

  • Complete and up-to-date visualization of cloud infrastructure
  • Detailed knowledge of Amazon EKS accounts and policies
  • Out-of-the-box dashboard that identifies resources that exposed to the Internet

Click here to register for the free event.

About RedSeal

RedSeal — a security solutions and professional services company — helps government agencies and Global 2000 companies see and secure their on-premise networks and cloud environments. RedSeal Stratus, the company’s SaaS CSPM solution, gives an integrated view of cloud security posture through visualization of cloud-native and Kubernetes controls, and shows which resources are unintentionally exposed to the Internet. RedSeal’s Classic product brings in all network environments — public and private clouds as well as on-premises. This award-winning security solution verifies that networks align with security best practices, validates network segmentation policies, and continuously monitors compliance with policies and regulations. It also prioritizes mitigation based on each vulnerability’s associated risk. The company is based in San Jose, Calif. Follow RedSeal on Twitter and LinkedIn.

RedSeal Announces Distribution Agreement with TD SYNNEX, providing RedSeal to Resellers in North America

RedSeal Inc., the award-winning cyber terrain analytics platform announces a strategic agreement with TD SYNNEX

The joint alliance offers MSSPs and security resellers a new and innovative way to identify and address cyber threats while combating the latest and most prevalent security business challenges. 

RedSeal’s platform shows organizations what is on their networks, how everything is connected, and the associated risk across physical—and cloud-based network environments. RedSeal verifies that network devices are securely configured, validates network segmentation policies, and continuously monitors compliance with policies and regulations. It also prioritizes mitigation based on each vulnerability’s associated risk.

The agreement marks the continued expansion of the TD SYNNEX security portfolio, which addresses the rapidly evolving threat landscape with leading solutions and the support of veteran network engineers available to consult on every point of the sales cycle.

“We here at RedSeal are extremely excited about working with TD SYNNEX moving forward. They will be a true force multiplier as we expand our portfolio and will allow us to reach additional markets. The potential here is significant, and we appreciate the opportunity to expand our reach together,” said Jay Miller, Vice President Worldwide Sales, RedSeal.

“We are pleased to work with RedSeal to bring a new, cloud-based security solution to our partners,” said Reyna Thompson, Senior Vice President, North America Advanced Solutions Security and Networking, TD SYNNEX. “RedSeal delivers an all-encompassing solution that we are confident will provide value for many of our reseller partners.”

For more information on RedSeal through TD SYNNEX, contact redseal@synnex.com.

About RedSeal

We boldly deliver on our promise to help organizations master cybersecurity fundamentals in a world of rapidly escalating cyber complexity and threats. We do this by providing a cloud security solution by which every global organization can be confident that it understands what’s on the network, how it’s connected and the associated risks. Founded in 2004, RedSeal is headquartered in San Jose, California.

About TD SYNNEX 

TD SYNNEX (NYSE: SNX) is a leading global distributor and solutions aggregator for the IT ecosystem. We’re an innovative partner helping more than 150,000 customers in 100+ countries to maximize the value of technology investments, demonstrate business outcomes and unlock growth opportunities. Headquartered in Clearwater, Florida, and Fremont, California, TD SYNNEX’ 22,000 co-workers are dedicated to uniting compelling IT products, services and solutions from 1,500+ best-in-class technology vendors. Our edge-to-cloud portfolio is anchored in some of the highest-growth technology segments including cloud, cybersecurity, big data/analytics, IoT, mobility and everything as a service. TD SYNNEX is committed to serving customers and communities, and we believe we can have a positive impact on our people and our planet, intentionally acting as a respected corporate citizen. We aspire to be a diverse and inclusive employer of choice for talent across the IT ecosystem. For more information, visit www.TDSYNNEX.com

© 2021 SYNNEX Corporation. TD SYNNEX, the TD SYNNEX Logo, and all other TD SYNNEX company, product and services names and slogans are trademarks of SYNNEX Corporation. Other names and trademarks are the property of their respective owners.

RedSeal Launches New Cloud Security Posture Management Solution to Empower Security Teams

RedSeal Stratus identifies unintended exposure to the Internet, creates a connectivity visualization of your cloud architecture, and helps you understand your Kubernetes Inventory

Building on more than a decade of award-winning cybersecurity analytics we are excited to launch RedSeal Stratus, our new Cloud Security Posture Management (CSPM) solution that stops unintended exposure of cloud resources to the Internet.

Cloud misconfigurations, which can leave resources unintentionally exposed to untrusted networks, are the major source of data breaches. To help security teams better manage the increased risk associated with increasing cloud complexity, RedSeal Stratus provides security teams with an out-of-the-box overview of Internet-exposed resources by tags, connectivity visualization between and within their Amazon Web Service (AWS) cloud resources, and inventory of AWS Elastic Kubernetes Service (EKS) resources.

While native Cloud Security Provider tools provide basic capabilities that may be sufficient for smaller cloud-first organizations, larger organizations who are probably hybrid, multi-cloud, and need advanced features should choose a third-party CSPM solution.

Current CSPM solutions simply call CSP APIs to determine if subnets are Internet-facing. For more accurate results, RedSeal Stratus identifies resources exposed to the Internet by calculating access through security control points from end-to-end.

Only RedSeal Stratus can calculate how an instance gets to the Internet, what security points it goes through, and through which ports and protocols. Other security products may show connectivity where there is traffic, using an agent-based approach, but only RedSeal Stratus can show you all connectivity possible including that without traffic–and without an agent. As a result, RedSeal Stratus is unique among native CSP and CSPM offerings by:

  • Immediately identifying exposure to the Internet, with an out-of-the-box dashboard of all resources exposed to the Internet, pre-calculated and grouped by tags
  • Providing complete and up-to-date visualization of your AWS infrastructure, including all accounts, VPCs, gateways and instances
  • Showing details of your Amazon Kubernetes (EKS) inventory to quickly identify services exposed outside your clusters, and to discover overly permissive user and service accounts

RedSeal Stratus is a cloud security solution for the modern day that provides security teams with a unified, interactive view of their AWS environments, including Kubernetes (EKS) inventory, and exposed resources that can lead to costly data breaches.

To learn more, visit www.redseal.net/stratus or Request A Demo.

RedSeal Delivers the Most Comprehensive Cloud Security Solution to Reduce Cyber Risk by Identifying Network Resources Exposed to the Internet

Integration with Oracle Cloud Infrastructure expands visibility to include majority of public and private clouds and on-premises network environments

SAN JOSE, Calif. — Today RedSeal, announced its integration with Oracle Cloud Infrastructure, cementing its position as the most comprehensive solution for measurably reducing cyber risk across cloud and hybrid cloud environments. Now, RedSeal can consolidate network data from four of the five most prevalent cloud infrastructures – Amazon Web Services, Microsoft Azure, Google Cloud Platform and Oracle Cloud Infrastructure– as well as VMware NSX and Cisco ACI, and physical networks, to provide the most holistic network security awareness.

To accurately identify and locate assets unintentionally exposed to the internet, RedSeal brings data from network environments into one comprehensive, dynamic visualization. With 93% of enterprises having a multi-cloud strategy and 87% having a hybrid cloud strategy, the demand for unified, holistic insight is unprecedented. (The 2020 Cloud Computing Trends report).

“Across enterprises, security teams, CISOs and CIOs are struggling to secure the large and quickly growing cache of enterprise assets moving to various cloud environments,” said Chris Steffen, research director for information security at EMA. “RedSeal can play an important role in helping these teams and individuals understand their complex network environments, while delivering confidence that there is no unintended exposure in their network.”

Distinguishing itself from other cloud security products, RedSeal provides cyber teams with mission-critical insights, including:

  • Understanding exactly what resources exist and where they are, across all public, private cloud and on-premises environments
  • If any of those resources are unintentionally exposed to the internet
  • What access is possible within and between cloud and on-premises environments
  • Confirmation of the riskiest vulnerabilities in the cloud, so they can be remediated first

In addition, RedSeal automates essential processes, such as:

  • Verifying that network devices and cloud environments meet security best practices
  • Validating cloud network segmentation policies
  • Continuously monitoring compliance with internal policies and external regulations

“Organizations are using a combination of cloud native and third-party security controls from multiple vendors,” said Kurt Van Etten, chief product officer at RedSeal. “Only RedSeal can accurately evaluate all these controls in one place.”

Fully Managed Services Formally Available

To help inundated security teams reduce security risk and ensure their network is configured the way they intended, RedSeal is formally offering additional value via three levels of subscription-based, professional services. All three tiers include a RedSeal security engineer who will work collaboratively with cybersecurity teams on an ongoing basis to deliver various assessments and make prioritized recommendations to mitigate risks. For subscribers, RedSeal will optimize, upgrade and maintain the RedSeal solution, along with their security engineer’s assessments and recommendations. The three levels are:

  • Cyber Visibility — includes assessments of both the network and endpoint inventory, as well as their secure configurations
  • Cyber Compliance — adds network segmentation and compliance monitoring as well as security change reviews, in addition to the Cyber Visibility offerings. As a result, staff can be confident that they are continuously monitoring compliance with policies and regulations like PCI DSS and NERC-CIP, and validating segmentation policies
  • Cyber Risk Management adds incident investigation, security posture monitoring, vulnerability risk prioritization and cyber risk assessment, in addition to the offerings from the other two tiers

In 2020, RedSeal won Cloud Computing Magazine’s Security Excellence Award and Security Today’s New Product of the Year for its cloud security solutions and services.

CyberKnight Signed as RedSeal Distributor to Bolster Cybersecurity Posture of Middle East Customers

Dubai, UAE — According to Gartner’s Top 10 IT Security Projects for 2021, CARTA – Continuous Adaptive Risk and Trust Assessment – risk-based vulnerability management shall be a key priority for CIOs and CISOs.

To address challenges related to resilience management and to accelerate incident response at enterprise and government entities in the region, CyberKnight has partnered with a leading provider in the space, RedSeal. The RedSeal platform gives security and management teams the most holistic understanding of their organization’s cyber risks – across physical, cloud and virtual networks – including remote endpoints. RedSeal verifies that network devices are securely configured, validates network segmentation policies, and continuously monitors compliance with policies and regulations. It also prioritizes mitigation based on each vulnerability’s associated risk.

“We are thrilled about this strategic RedSeal partnership to support customers with constant improvement to their security posture, understand new cyber risks and ensure business continuity, all while lowering operational costs and simplifying complexities of their security systems. RedSeal’s platform brings unique capabilities to show organizations what is on their networks, how everything is connected, and the associated risks – across physical and cloud-based network environments.”, commented Wael Jaber, VP Technology & Services at CyberKnight.

“Regional organizations can face an overwhelming number of security vulnerabilities to remediate. RedSeal helps them focus on those that represent the most risk in each network.

With CyberKnight’s strong presence in the region, as well as, deep-rooted end-user and channel partner relationships, we aim to help regional organizations measurably reduce their cyber risk over increasingly dynamic attack surfaces while offering our award-winning cyber terrain analytics platform.”, said Richard Adams, Head of EMEA at RedSeal.

– ENDS –

 

About CyberKnight:

CyberKnight Technologies is a cybersecurity focused value-added-distributor (VAD) covering the Middle East with on-the-ground presence in all key regional markets. Our ZTX (Zero Trust Security) methodology, based on the Forrester framework, incorporates emerging and market-leading cybersecurity solutions that protect the entire attack surface, by leveraging AI, threat intelligence and collective defense. CyberKnight helps security and risk teams at enterprise and government customers simplify breach detection, prevention and incident response, while addressing regulatory compliance. CyberKnight’s Art of Cybersecurity Distribution methodology enables strategic partners to achieve greater market penetration, return-on-investment and time-to-value.