Is it just me or is the announcement of a significant CVE becoming a holiday tradition? Discovered on December 9, 2021 by Minecraft players, the Apache Log4Shell vulnerability is a uniquely insidious because it infects servers which are traditionally well insulated from attacks and perceived as unreachable by an intruder and not at risk for CVEs. Log4Shell is an entirely different can of works that proves this assumption wrong.
Editor's Note: As leader of our customer success team, Yadhu works directly with our users and their leadership to solve real-world technology problems. This blog is the first of a new series featuring how our customers are using the Forward Enterprise platform to deliver business value. Enterprise IT teams around the world are frustratingly familiar with the process of vendor contract reconciliation, the annual process of ensuring that the support contracts for devices in the network are accurate.
There are almost 165,000 known CVEs (Common Vulnerabilities and Exposures) listed in the NIST Database. In October of 2020, the NSA published a list of the 25 CVEs most likely to be exploited by Nation-State attackers in China; Checkpoint software found over 3 million attempts to penetrate networks or steal files using these known vulnerabilities.
There’s a lot of upside to becoming an application-centric business. You can increase collaboration, work more effectively with your data, deliver an optimal customer experience, and much more. One major downside, though, is that your network and security operations teams are under intense pressure to provision new applications both quickly and securely.
The risk of config drift is ever present. And when you consider that modern enterprises have incredibly complex and ever-changing networks with thousands of devices, from routers to firewalls to switches, running billions of lines of config, it’s easy to understand why. Networks are constantly being changed by people - who though well intentioned - make mistakes. A configuration change that accomplishes the immediate goal may take the network out of compliance, but how would anyone know?
If you’re like most of the complex IT shops we talk with, you probably don’t even have a current security matrix to store anywhere – file cabinet or data folder. The connectivity matrix is essentially the company security posture, but almost no one has a comprehensive way to visualize and easily understand the connectivity status between the various configured security policies (zone-to-zone policies).
When your organization is inevitably hit by a cyberattack, you want your security operations engineers to move lightning fast to identify the scope, duration, and impact of the attack, contain the disruption and prevent any costly or lasting damage. To do that, they need access to actionable information about everything that’s in your network — where devices are located, how they interact, and all the relevant details about their configuration and state.
