Chuck Leaver – Who Is Watching The Watchers In Your Organization?

Written By Charles Leaver CEO Ziften



High level cyber attacks underline how a lack of auditing on existing compliance products can make the worst type of headlines.

In the previous Java attacks into Facebook, Microsoft and Apple along with other giants of the market, didn’t need to dig too much into their playbooks to find a technique to attack. As a matter of fact they used one of, if not the oldest axiom in the book – they utilized a remote vulnerability in massively distributed software and exploited it to install remote access to software application ability. And in this case on an application that (A) wasn’t the latest version and (B) probably didn’t need to be running.

While the hacks themselves have actually been headline news, the methods companies can utilize to prevent or curtail them is quite boring stuff. All of us hear “keep boxes current with patch management software applications” and “ensure harmony with compliance tools”. That is industry standard and old news. However to posture a question: who is “watching the watchers”? Which in this case the watchers being compliance, patch and systems management technologies. I think Facebook and Apple discovered that just because a management system tells you that a software application current doesn’t suggest you must believe it! Here at Ziften our results in the field state as much where we regularly uncover dozens of variations of the SAME significant application running at Fortune 1000 websites – which by the way all are utilizing compliance and systems management products.

When it comes to the exploited Java plug-in, this was a SIGNIFICANT application with large circulation. This is the kind of software that gets tracked by systems management, compliance and patch products. The lesson from this could not be clearer – having some type of check against these products is necessary (just ask any of the organizations that were hacked…). But this only constitutes a part of the issue – this is a major (debatably important) application we are speaking about here. If companies struggle to get their arms around maintaining updates on recognized licensed applications being utilized, then exactly what about all the unknown and unneeded running applications and plug-ins and their vulnerabilities? Simply speaking – if you cannot even understand what you are supposed to know then how on Earth can you understand (and in this case secure) about the important things you do not know or are concerned about?



No Responses Yet to “Chuck Leaver – Who Is Watching The Watchers In Your Organization?”

Leave a Reply