TRUEFORT SOLUTION
CIS benchmarking for Workload Hardening
Most security teams are burdened with open-source tools or periodic vulnerability scans to implement and maintain best practices for system hardening. TrueFort‘s adaptive trust profiling enables security teams to shift to continuously validated configuration against CIS Benchmark standards, so risks don’t creep back into the environment.
CIS Benchmarking is foundational for workload hardening but more difficult in hybrid environments
- Drift from initial configurations – server workload configurations are often confirmed at creation and change without notice.
- Periodic risk introduction – system vulnerabilities and misconfigurations frequently introduce new risks and vulnerabilities over time.
- Unknown risk posture – Effective risk management requires constant visibility into vulnerable software, infrastructure, and abnormal behavior.
- Unable to prove compliance – Audits require immediate evidence and planning around security gaps based on policy, state, and behavior.
A continuous verification of system state must span old and new
Compliance and Industry Mandates
Applications, systems, and infrastructure continuously monitored and managed for user-defined policies and industry mandates (CIS, NIST, PCI, NYDFS, etc.)
Automated Proactive Tuning
Continually analyzing systems, automatically assessing the risk posture, notifying teams of any changes as they occur
Continuous Verification
Extensive native rule packs and policies enable security teams to verify an application’s hardening status is maintained and brought back into compliance if it deviates
Assure Conformance Against Evolving Threats
Continuously safeguards operating systems, applications, and workloads against the latest threats to meet compliance and reduce attack surface
FAQ
Microsegmentation is a security approach which helps administrators implement the principle of least privilege and Zero Trust for individual workloads. Instead of applying one policy to an entire network or data center, microsegmentation allows security to manage traffic between workloads or applications within a network. Security policies deny user requests by default unless they present the right credentials for the specific data they’re trying to access.
Microsegmentation may be used to isolate workloads in development, testing, and production, manage connections to specific applications, limit application visibility by user, user group, or tier, and apply fine-grained controls to specific software services and processes.
Microsegmentation plays an important role in reducing an organization’s attack surface because it gives security teams control over what lateral movement to permit in any environment. With this control, experts can monitor lateral movement against predefined security policies or against a model of expected application behavior, which improves the speed of detection, response, and remediation.
Microsegmentation makes it possible to implement granular control of network communications, credential usage, and approved behavior to help organizations minimize the impact of a cyber security incident, and solutions with automated application discovery will simplify security management even as networks grow increasingly complex.
Microsegmentation doesn’t require a new architecture for implementation. Security teams can deploy an agent-based solution which leverages software existing agents on the workload to isolate individual hosts and containers. Solutions can apply security policies based on physical and virtual devices, including load-balancers, switches, or software-defined networks. Some cloud service providers also offer microsegmentation capabilities.
Organizations will typically deploy both agent-based and network device models to handle all environments, including public or private cloud and on-premises networks. Solutions will use the visibility microsegmentation provides and data analytics to develop a model of normal network behavior against which anomalous events stand out for fast detection and response.
