Discovering Design Principles

Share and earn Cybytes
Facebook Twitter LinkedIn Email

Carbon Black recently published a report on the challenges of securing Linux-based operating systems and how Carbon Black is redesigning the approach. For more information about how the Cb Predictive Security Cloud, Carbon Black’s consolidated endpoint security platform, helps enterprises cut costs and realize significant business benefits, check out our webinar The Business Benefits and Cost Savings of Switching to the CB Predictive Security Cloud.

Through the process of examining the context around Linux security, we have assembled the following list of questions to help evaluate Linux security offerings:

  • Can the tool help detect software installed with known vulnerabilities and exploits?
  • Does this tool allow for operational visibility in order to identify and investigate unexpected behavior?
  • Does the tool update frequently enough that it can cover new vulnerabilities and exploits soon after being made public?
  • What is the impact of the tool being out of date?
  • Can the tool perform well across a fleet of machines with diverse configurations?
  • Can the tool clearly report findings from scans across a fleet of machines with diverse configurations?
  • Does this tool significantly impact the ability for my instances to serve traffic?
  • Does the tool give me the opportunity to tune it for the security scenarios I care about?


This should not be considered a comprehensive list of questions for evaluating Linux security tools, but it is a good starting point to help make smarter decisions around the security and performance of your Linux machines. As we reflect on appropriate answers to these questions, we believe that there are four key design principles that all vendors must take into account when building solutions for highly performant systems.


    First and foremost, solutions must be optimized for performance and stability. As vendors, we need to recognize that security tools that negatively impact a business’s ability to make money are at fundamental odds with the reality of doing business.


    Today companies are forced to choose between upgrading their operating systems or waiting for their security tools to support the latest OS version. As vendors, we need to remove this decision all together and drive to 0-day support.


    Increasingly we are seeing multiple Linux distributions supported within a single environment. As vendors, we need to ensure that our solutions are able to provide comparable value across a wide variety of distributions. It is not acceptable to focus on a single distribution and not cover our customer’s entire footprint.


    Security needs to work in service of the business, not in spite of it. Security practitioners need to be in tune with their business context so that they can appropriately manage their security solutions while avoiding disruptions to the business. As vendors, we need to build solutions that enable tuning and management of security solutions based on business needs. In order to do this successfully, solutions need to be implemented thoughtfully from the ground up, starting with the architecture.


The goals of this whitepaper are to bring light to the flaws with porting Windows security approaches to Linux, identify unique challenges with securing Linux infrastructure, introduce a list of questions one can use to better evaluate a Linux security offering, and propose a core set of design principles on which strong Linux security offerings can be built.

Read Now

Thanks for joining us as we explore “Re-designing Linux Security: Do No Harm” our report on the challenges of securing Linux-based operating systems in the modern era. Join us next week as we continue to profile this report.

The post Discovering Design Principles appeared first on Carbon Black.

Share this post and earn Cybytes
Facebook Twitter LinkedIn Email
About Carbon Black, Inc.
Carbon Black is the leading provider of next-generation endpoint security. Carbon Black’s Next-Generation Antivirus (NGAV) solution, Cb Defense, leverages breakthrough prevention technology, “Streaming Prevention,” to instantly see and stop cyberattacks before they execute. Cb Defense uniquely combines breakthrough prevention with market-leading detection and response into a single, lightweight agent delivered through the cloud. With more than 7 million endpoints under management, Carbon Black has more than 2,500 customers, including 30 of the Fortune 100. These customers use Carbon Black to replace legacy antivirus, lock down critical systems, hunt threats, and protect their endpoints from the most advanced cyberattacks, including non-malware attacks.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play

Support Cybrary

Donate Here to Get This Month's Donor Badge

Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?