Security management through ServiceNow, Remedy, JIRA and more

Started by mishraviplav7877, Aug 15, 2022, 09:55 AM

Previous topic - Next topic

mishraviplav7877Topic starter

Four incorrect approaches to cloud security are commonly held among business owners and managers. The first is the belief that cloud services are inherently secure and do not require additional cybersecurity measures.

The second approach is that the responsibility for securing cloud services lies solely with the cloud provider, as they are paid for VPS services. The third opinion, shared by both information security specialists and businessmen, is that clouds are inherently dangerous. Lastly, some believe that standard antivirus programs provide adequate protection for cloud frameworks.

However, all these approaches are misguided and can lead to significant losses for businesses. For example, companies that do not use any defence for virtual machines or rely solely on standard antivirus programs spend nearly a million dollars per year on incident recovery. This does not take into account direct losses for restoration and replacement of equipment and software or indirect losses such as damage to the company's reputation and compensation payouts to affected clients.

The first approach, that clouds are inherently secure, is particularly dangerous as it underestimates the potential threat of malware and ransomware, which account for 27% of all cloud threats. Insecure interfaces and unauthorized access are also significant vulnerabilities, making up about 80% of all cloud threats. Hаckers find virtual infrastructure especially attractive as they can gain access to all virtual machines and data at once. Furthermore, malicious code can spread rapidly within a virtual framework, infecting tens of thousands of machines in minutes.

It is essential for businesses to adopt a comprehensive approach to cloud security, utilizing specialized security tools designed explicitly for virtual environments. This approach will help safeguard against potential losses and reputational damage caused by security breaches.

VMware developed an agentless defense solution, which is only available on its solutions. Two additional virtual machines are deployed on the physical server with virtual machines: the Protection Server (SVM) and the Network Protection Server (Network Attack Blocker, NAB). The SVM installs only the antivirus engine, while the NAB machine checks communications between the virtual machines and the ecosystem. The SVM checks all traffic coming to the physical server and constitutes a pool of verdicts, which is accessed by each SVM first, instead of scanning the entire system. This principle reduces resource costs and speeds up the ecosystem.

Kaspersky developed a light agent defense solution, which is not limited by VMware. An anti-virus engine is installed on the SVM, and a light agent is installed inside each WM. The agent monitors everything that happens inside the native WM based on the technology of self-learning networks. This technology remembers the correct sequence of applications and blocks it when the sequence of actions of the application inside the WM is wrong.

Businesses can integrate various tools to prevent or fix cloud security issues, such as change management platforms, security scanning tools, configuration management tools, and tools for secure notification management. For example, TrueSight Server Automation, IBM BigFix, and OpsGenie are some of the available tools.

To protect against exploits caused by vulnerabilities in software, developers should fix bugs in their product, and users should install timely service packs and patches. Automatic exploit defense is built into the Kaspersky Security for Virtualization Light Agent application described above.


Are you looking for 0.5 Mbps of free protection against dDos attacks? This will help safeguard your server from any level of attack, as the traffic will be capped at a predetermined speed.