The idea of a configuration management database (CMDB) is that it should be able to tell you all the interesting attributes of your environment. It’s not hard to imagine that just the right CMDB could be a great help in securing your systems and improving your security posture. In this article we’ll look in more detail at what a Security-Oriented CMDB (SOCMDB) should look like – and why you should care.
In a couple of earlier blog posts, I wrote an article about what characteristics would make a CMDB suitable for a “modern” DevOps-like environment. The first article talked about what characteristics one would like in such a CMDB. The second article evaluated the Assimilation Suite in terms of those characteristics. This article discusses how a CMDB can improve your security posture.
In today’s blog post, I’d like to do something similar – but looking at a CMDB from a security perspective. That is, this blog post is the first part of a discussion of what a security-oriented CMDB ought to look like and how it can improve your security posture.
In June, I’ll be giving a talk at SLC DevOpsDays 2016 (Salt Lake City) – about the intersection of DevOps and security. This is a challenging space, since security has trouble keeping up with “normal” IT, and one of the common goals of DevOps is greater velocity – more changes faster. At SLC DevOpsDays 2016, I’ll be giving practical how-to talk, where you can learn how to begin securing your systems in 15 minutes, andwill cover two new features I’ve never demonstrated or talked about before – detailed Docker discovery, and subgraph queries. Although I have a blog post on Docker discovery, I haven’t talked about our new canned subgraph queries. They help you understand and visualize how all your servers and networks are related to each other.
Securing your systems is a daunting task – it feels like eating an elephant. When compared to hardening guidelines like the DISA/NIST STIGs, a single out-of-the-box system can have a hundred or more issues. When you multiply that by a large number of systems, despair and paralysis can easily set in. This article (fifteen minutes to better security) is first in a series which outline a process for efficiently measuring, triaging, and managing your journey towards a better security posture for your servers.
No matter your threat model, you need to understand what you have (“know yourself”). We help you begin this journey with activities which will teach you a surprising amount about your current status and the work ahead of you in 15 minutes. This article is not designed to teach you about security – I assume you know why you want to secure your servers, and have general background on system hardening.
One of the coolest things about the Assimilation System Management Suite is that it can discover nearly anything – and it’s easy to write your own Assimilation discovery agent and discover something new. Now, you can finally know it all! In this blog post, I’ll explain how to write a discovery agent, and how to fully integrate it into the suite.
If you manage, secure, or plan for IT environments or DevOps, we’d love for you to take our System Management survey. Right now, we’re busy planning on how to make the Assimilation Suite better in 2016. Your responses will be a huge help in giving us a sharp focus on how best to improve IT management for you and others in the IT community. If you can help us out, we’ll send you a small token of our appreciation
On January 2nd we put out version 1.1.2 of the Assimilation System Management Suite – the Happy 2016 release. This release adds enhancements related to best practice analyses and adds support for openSUSE, Scientific, and ScientificFermi Linux – along with a few bug fixes. We also have some surveys that we’d love for people to take – to help direct us in our future work.
As we have in the past, we offer supported free trials of the Linux version of our system management suite – just follow the download link and the instructions you’ll find there.
The Assimilation System Management Suite monitors servers and services automatically – which is way cool! This article explains how to create Assimilation monitoring rules which teach the Assimilation software when and how to use monitoring agents. These rules are the keys to fully automated monitoring. When your monitoring is fully automated, complexity goes down, and availability goes up.