In a recent podcast interview with Hillarie McClure, Multimedia Director of Cybercrime Magazine, Robert E. Johnson III, Cimcor CEO/President, discusses the overall value that implementing system hardening paired with a configuration management tool could have on your overall security posture. The podcast can be listened to in its entirety below.
Welcome to The Data Security Podcast sponsored by Cimcor. Cimcor develops innovative, next-generation file integrity monitoring software. The CimTrak Integrity Suite monitors and protects a wide range of physical, network, cloud, and virtual IT assets in real-time while providing detailed forensic information about all changes. Securing your infrastructure with CimTrak helps you get compliant and stay that way. You can find out more about Cimcor and CimTrak on the web at cimcor.com/cimtrak.
Q: Hey, Robert. Great, to be speaking with you.
A: Hillarie, it's an honor to be back in your show. Thanks for inviting me.
Q: Robert, for today, you know I've been hearing a lot of people using configuration management when hardening their systems, and we've been talking about system hardening for a little bit here. So I guess, as far as using configuration management, can you tell us a little bit about that, and how it can help to harden systems?
A: Sure. Well, it's a great trend. A growing number of people are using configuration management or declarative tools for configuring their systems. Many of these tools are absolutely amazing and they are tremendous time-savers. Examples include Chef or Terraform, Puppet, Ansible, and CloudFormation, and there are certainly others out there. These are great ways to configure and deploy systems that are standardized, repeatable, and it makes it much easier to ensure that systems are initially configured correctly, for whatever the business application may be.
Now, when you use a tool like this, it actually becomes the perfect opportunity to just take a step back and securely configure those systems according to best practices, such as defined by CIS Benchmarks or DISA STIGs. Now, are folks actually doing this? Unfortunately, not as often as they should. But this is something, Hillarie, that we really need to find a way to hardwire into our industry, not just as a best practice, but I would say, as a required practice.
Q: Why is system hardening so important? Just to remind folks, or as well as perhaps add anything new that you may have to share in addition to that, you know, why do people need to put forth the effort to maintain that system hardening?
A: System hardening is important because it reduces the overall attack surface of your systems. And it is a great way to leverage the collective knowledge of all of the security professionals around the world that are participated in the process of figuring out what are the best and optimal settings. So it ensures that you're configuring your system in the most secure manner possible based on those consensus-based guidelines. The Center for Internet Security or many folks call them CIS. They do an absolutely amazing job of marshaling and guiding this collaborative process that creates these security best practices that we all love and call the CIS Benchmarks.
Now, integrating these security best practices into systems deployed by those configuration management tools, can actually dramatically improve the security posture of the entire organization, or the system that you've deployed into the cloud, or your on-prem deployment based on those configuration management tools. Of course, even using these amazing configuration management tools, once systems are in production and running, over time, they will naturally drift away from the secure configuration. This type of entropy is inherent to all systems, and it's just very difficult to avoid. As a result, it's important to somehow monitor those systems while they're running, while they're actually running in production to identify when they gradually drift away from this ideal secure configuration.
Q: Now that we know how important that is, Robert, what are the steps that we need to take to ensure our systems remain in that hardened state, and to continue maintaining beyond?
A: I believe that the best way to ensure that those systems remain in a hardened state is to pair your favorite configuration management tool with a configuration monitoring tool. This class of configuration monitoring tools falls into the category of system integrity assurance. At Cimcor, we've been focused on developing and researching ways to efficiently identify whenever these systems drift away from that secure configuration.
In addition, Cimcor has developed and has actually patented a way to detect when systems are changed in any unexpected manner and actually do it in real-time. Perhaps it was just an error by an engineer and it can detect that, but also it could be a zero-day attack. Either way, our product, CimTrak, can detect those types of changes in real-time. We've made this process really easy and it's truly the perfect complementary tool to Terraform, Ansible, Chef, and the others.
Your listeners are welcome to try it for themselves. They simply need to visit our website at www.cimcor.com. That's C as in cat, I, M, C, O, R.com and they can learn how to identify any time their systems drift away from a secure configuration or from an expected state.
Q: Well, Robert, as always, thank you so much for taking the time to join me on Data Security and as always, I'm looking forward to next time.
A: I look forward to the next time as well, and I'm sure you'll have some more great topics that you would like to discuss. I look forward to it.
Q: Yes. absolutely thank you so much, Robert.
A: Thank you.
March 7, 2023