Zero-day (0day) vulnerabilities are one of the most serious cyber security threats confronting enterprises today.
As we all know, 0days are types of vulnerabilities that are unknown to the vendor. If hackers and cybercriminals discover a zero-day vulnerability, they may exploit the security hole in what are known as zero-day attacks via the use of malware, spyware, or other techniques.
“Sandworm” is a good example of this. In October, Russian hackers exploited the CVE-2014-4114 vulnerability in all supported versions of Microsoft Windows to attack NATO, the Ukrainian government and a number of other governmental targets using PowerPoint files as an attack vector. The campaign lasted at least one year in duration, but the vulnerability’s exploitability dated back to at least 2008.
Preventing a zero-day attack like Sandworm is difficult because those vulnerabilities are by definition unknown to software vendors and the security community. As a result, companies require tools that will protect them against both known and unknown vulnerabilities.
That is where Secure Configuration Management (SCM) comes in. SCM helps companies to ensure that endpoints are configured securely and made compliant with industry best standards. Among other things, it helps protect companies against zero-day vulnerabilities by providing real-time threat detection, risk-based file integrity monitoring and automation for rapid response.
To illustrate the utility of SCM, check out the video below that tells the story of how one of Tripwire’s customers used SCM to quickly respond to a zero-day vulnerability:
Clearly, the benefits of Secure Configuration Management are many. SCM sends alerts to customers in near real time about changes made to corporate files and servers. This helps companies detect known and unknown vulnerabilities, as well as patch their systems before attackers have time to exploit any security holes—all without ever taking down their servers.
Zero day vulnerabilities are a constant threat, so companies need constant protection. With Secure Configuration Management, enterprises are able to stay on top of new vulnerabilities and detect system anomalies before they are ever exploited.
For more information about Tripwire’s SCM products, click here.
The Executive’s Guide to the Top 20 Critical Security Controls Tripwire has compiled an e-book, titled The Executive’s Guide to the Top 20 Critical Security Controls: Key Takeaways and Improvement Opportunities, which is available for download [registration form required].