Tag Archives: discovery
How useful is the Assimilation CMDB for security?
SOCMDB – a Security-oriented CMDB – Why and How
The idea of a configuration management database (CMDB) is that it should be able to tell you all the interesting attributes of your environment. It’s not hard to imagine that just the right CMDB could be a great help in securing your systems and improving your security posture. In this article we’ll look in more detail at what a Security-Oriented CMDB (SOCMDB) should look like – and why you should care.
SLC DevOpsDays 2016 – Come Get Assimilated!
In June, I’ll be giving a talk at SLC DevOpsDays 2016 (Salt Lake City) – about the intersection of DevOps and security. This is a challenging space, since security has trouble keeping up with “normal” IT, and one of the common goals of DevOps is greater velocity – more changes faster. At SLC DevOpsDays 2016, I’ll be giving practical how-to talk, where you can learn how to begin securing your systems in 15 minutes, andwill cover two new features I’ve never demonstrated or talked about before – detailed Docker discovery, and subgraph queries. Although I have a blog post on Docker discovery, I haven’t talked about our new canned subgraph queries. They help you understand and visualize how all your servers and networks are related to each other.
Docker Support For The Assimilation Suite
Docker is one of the hottest up-and-coming IT trends around. Sometimes when you see a trend, it turns out to be more hype than reality. Since we use Docker in the Assimilation Suite for building and for testing, we’ve had a chance to examine Docker in some detail. Although there is plenty of hype around Docker, there is also a good bit of reality to the excitement around it as well. Since our current release provides minimal support for Docker containers, we’re excited to announce that our next release will fully support Docker. This article provides an overview of how we are adding full Docker support to the Assimilation Suite.
Assimilation Talk at the 2016 DevOps Rockies Conference
I just got back from the 2016 DevOpsDaysRox conference last week. I’d like to talk a little about my presentation on the Assimilation suite from the cybersecurity perspective, and how what I learned and heard at the conference will influence future Assimilation development – particularly regarding Docker. After the conference, Docker even entered my dreams, morphing into how best to support it in Assimilation. It was a bit surreal, but so was giving my talk – which I’ll explain a bit later in this article.
Last Thursday, I had the privilege of speaking at DevOpsDaysRox (Rockies) at the Fortrust data center in Denver. A bit weird speaking in undeveloped space in a data center, but somehow fitting for a DevOps conference. The talk was about 10 minutes worth of talk (slides on speakerdeck), and about 20 minutes worth of live demonstration. The live demonstration covered some of the same things that I’ve covered in our blog before.
Fifteen Minutes To Better Security
Securing your systems is a daunting task – it feels like eating an elephant. When compared to hardening guidelines like the DISA/NIST STIGs, a single out-of-the-box system can have a hundred or more issues. When you multiply that by a large number of systems, despair and paralysis can easily set in. This article (fifteen minutes to better security) is first in a series which outline a process for efficiently measuring, triaging, and managing your journey towards a better security posture for your servers.
No matter your threat model, you need to understand what you have (“know yourself”). We help you begin this journey with activities which will teach you a surprising amount about your current status and the work ahead of you in 15 minutes. This article is not designed to teach you about security – I assume you know why you want to secure your servers, and have general background on system hardening.
Visualizing Your Attack Surface
Although the phrase “a picture is worth a thousand words” is a bit trite – it’s true. With 70% of our sensory data coming from vision, and having brains that are good at visual pattern recognition, humans are better at processing visualizations than we are at poring over numerous different text data sources. In this blog post, we’ll explore an attack surface visualization we’ve put together to help you better understand and manage server security.
Writing an Assimilation Discovery Agent
One of the coolest things about the Assimilation System Management Suite is that it can discover nearly anything – and it’s easy to write your own Assimilation discovery agent and discover something new. Now, you can finally know it all! In this blog post, I’ll explain how to write a discovery agent, and how to fully integrate it into the suite.
Linux Magazin highlights “Innovative” Assimilation Suite
Back in November of last year, I presented at the Open Source Monitoring Conference (OSMC) – and the talk went really well. Just today I found out we’ve been featured in the German publication Linux Magazin – and they said some very nice things about us in their article about the OSMC. I wrote a bit […]