save
Share and earn Cybytes
Facebook Twitter Google+ LinkedIn Email

Carbon Black recently published a report on the challenges of securing Linux-based operating systems and how Carbon Black is redesigning the approach. For more information about how the Cb Predictive Security Cloud, Carbon Black’s consolidated endpoint security platform, helps enterprises cut costs and realize significant business benefits, check out our webinar The Business Benefits and Cost Savings of Switching to the CB Predictive Security Cloud.

Until now, there hasn’t been a security tool that sufficiently answers the list of questions we assembled. In fact, there hasn’t even been a security vendor that asks these questions. Despite basic flaws in reasoning, the approach of solving for Windows and porting to Linux has been presented by vendors across the security space as a reasonable strategy.

We believe it is time, as vendors, security professionals, and security-conscious organizations, to collectively take a step back and rethink the status quo. To start that conversation, we’ve uncovered some assumptions about the existing approach and identified how they are flawed. We’ve also examined the context around Linux security challenges in order to construct a sample set of questions that can be used to more effectively evaluate security offerings. Based on our list of questions, we derived four key design principles that must be present in an effective Linux security offering, namely:

  • DO NO HARM

  • SPEED UP DELIVERY CADENCE

  • VALUE BREADTH OF COVERAGE OVER DEPTH OF FUNCTIONALITY WITHIN A SPECIFIC DISTRIBUTION

  • GIVE CUSTOMERS OWNERSHIP OF THE RISK/REWARD DIAL

Our time of accepting fundamentally flawed security tools needs to come to an end. We believe the only way to move forward is to take a careful, inquisitive approach. Starting from the ground up, we must first examine the context around what we wish to secure. Within that context, we need to identify driving questions and design principles that fulfill those questions.

Lastly, we need to build and adopt modern security tools that adhere to these design principles. Only then can we enable organizations to effectively secure their ever-growing landscape of Linux machines.

 

The goals of this whitepaper are to bring light to the flaws with porting Windows security approaches to Linux, identify unique challenges with securing Linux infrastructure, introduce a list of questions one can use to better evaluate a Linux security offering, and propose a core set of design principles on which strong Linux security offerings can be built.

Read Now

Thanks for joining us as we explored “Re-designing Linux Security: Do No Harm” our report on the challenges of securing Linux-based operating systems in the modern era.

The post A Way Forward appeared first on Carbon Black.

Share this post and earn Cybytes
Facebook Twitter Google+ LinkedIn Email
Follow
137 Followers
About Carbon Black, Inc.
Carbon Black is the leading provider of next-generation endpoint security. Carbon Black’s Next-Generation Antivirus (NGAV) solution, Cb Defense, leverages breakthrough prevention technology, “Streaming Prevention,” to instantly see and stop cyberattacks before they execute. Cb Defense uniquely combines breakthrough prevention with market-leading detection and response into a single, lightweight agent delivered through the cloud. With more than 7 million endpoints under management, Carbon Black has more than 2,500 customers, including 30 of the Fortune 100. These customers use Carbon Black to replace legacy antivirus, lock down critical systems, hunt threats, and protect their endpoints from the most advanced cyberattacks, including non-malware attacks.
Promoted Content
15-Day Free Trial of NGAV + EDR in the Cloud
Compare Cb Defense to your current solution using real world scenarios, and see how operations transform across your security and IT teams. After you’ve finished the trial, you’ll have everything you need to build a business case and make the switch.
View
269
September 28, 2017 – Morning Cyber Coffee Headlines – “Hugh Hefner” Edition
Good morning! Sit with Carbon Black this morning over a cup of coffee (or tea) and browse a few industry headlines to get the day started. We’ve got just enough information below to get you through that first cup…enjoy! September 28, 2017 – Headlines Twitter, With Accounts Linked to Russia, to Face Congress Over Role in Election – NYTim
Save
Share
Facebook
Twitter
LinkedIn
Email
Like
9/28/2017
21
TAU Threat Intelligence Notification: LamePyre (OSX)
Summary  MalwareBytes researcher Adam Thomas recently discovered a malicious MacOS application masquerading as the chat app Discord that they have named “LamePyre.”  Although it is made to look like a typical application installer, it does not attempt to appear legitimate by running a decoy installer program. When executed, an Automator script is l
Save
Share
Facebook
Twitter
LinkedIn
Email
Like
1/11/2019

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play
 

Support Cybrary

Donate Here to Get This Month's Donor Badge

 
Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel