DEV Community: agileseo-israel

Open Source Security Risks to Know in 2019

agileseo-israel — Wed, 15 May 2019 18:57:15 +0000

It is widely agreed upon that information technology operations need to turn an even more watchful eye to open source in 2019. Thanks to the growing popularity of open-source platforms such as Kubernetes and Docker, more than 3.5 million applications have now been put into containers using Docker. According to Docker, 37 billion containerized applications have already been downloaded.

This goes to show that open source will move under a brighter spotlight. Not surprisingly, open source has not only held on to its spot as being the most popular operating system within Enterprise IT, but even more, growth has been predicted. According to Red Hat, Linux has managed to maintain more than 30% share when it comes to global server operating systems. This puts it just behind Microsoft's Windows Server in terms of adoption.

Additionally, Linux is the lone endpoint operating system that is growing across the globe. This was revealed as part of an IDC InfoBrief sponsored by IGEL in August 2018. According to an industry report, the popularity of IoT-based devices is predicted to expand the use of Linux as a large number of virtual appliances are based on Linux. One of the reasons quoted was that distribution endpoints for Linux-based devices could be modified to provide direct updates with patches undergoing endpoint developer testing for stability. This has boosted confidence in security and optimization in terms of performance.

Some Common Open Source Vulnerabilities of 2018

Glibc
February of 2018 saw the critical flaw in the GNU C library exposed. The powerlessness of open source security spread to all Linux-based servers as well as web structures such as Python, PHP, Rails and other API web administrations that make use of the GNU C library.

The flaw allowed programmers to access applications using a ‘man-in-the-center' assault. This increased the probability of hackers being able to take over a client's framework.

Quadrooter
Quadrooter was another open source weakness that turned Android-based phones vulnerable and allowed anyone to expose them to an application containing malware. The hacker was able to access the root of the device by misusing any of the vulnerabilities.

This put every framework substance and controls like mouthpiece, counting touchy information, GPS as well as framework changes vulnerable to assault.

Zero-Day Linux Kernel Vulnerability
The zero-day Linux Kernel vulnerability was another assault that impacted every Linux adaption that 3.8 or higher. It also influenced 66% of all Android-based devices. When the bug was abused, the hacker was able to access the root of the vulnerable user's OS.

Critical MySQL Database Vulnerability
The critical MySQL database vulnerability affected each version of Oracle's MySQL Database that was accessible. It was also able to clone PerconaDB as well as MariaDB.

This vulnerability assisted hackers to get unrestricted access to the server through malicious settings injected into MySQL setup documents.

Potential Risks in 2019

AI Powered Malware
Earlier, attackers kept up communications with vulnerable systems by way of ‘command-and-control' servers (C2). In the situation that malware can use AI to determine ways to mimic normal behavior, hackers would no longer have the use for C2. The malware could potentially also become more robust to detect.

Smart Phishing
Artificial Intelligence also has the potential to boost phishing attacks where an email or similar message from a seemingly legitimate source is used to entice the receiver to provide sensitive information. A survey conducted by CyberArk Globalfound that 56% of 1,300 information security related decision makers were of the view that targeted phishing attacks were the leading security threat faced by their organization.

Vulnerable Critical Systems
Critical national infrastructure contains systems whose operations are essential to a nation's security, the country's economy and the safety of its citizens. A fair amount of critical infrastructure is managed by automated industrial control systems. A good example would be in areas of manufacturing and energy.

According to Kaspersky Lab's State of Industrial Cybersecurity Study,
31% of individuals responsible for the management of these systems faced an information security related threat during the past year.

Tips on How to Secure Your Usage of Open Source

Develop & Implement Policies Around Open Source Usage
Some organizations woefully lack even the necessary documentation on open source strategies. Organizations need to have a single responsible person or body entrusted with the management of open source usage. Well documented policies will help developers in their duties when it comes to how best to make use of open source software.

Actively Monitor for Fresh Risks when Using Open Source Software
Given that there is an average of more than 3,500 vulnerabilities related to open source uncovered annually, the task of following each vulnerability is never-ending. It does not stop once the applications are out of the development stage. As long as the application is publicly available, organizations need to monitor it for new risks continually.

To make this happen, you can use the tools available for your repository. For instance, there are tools associated with NPM, Python Package Index, Ruby Gems etc. that help you find issues with your code and your dependencies. Furthermore, there are independent open-source packages like Dependency Check by OWASP, OSSIndex, Bundler-audit etc. that identifies vulnerabilities by checking your code against public and private vulnerability databases.

Additionally, given the increase in the number of security breaches, many organizations are considering security testing as a critical part of a system's development lifecycle.

Maintain an Exhaustive Inventory of Open Source Being Used
Organizations should make it mandatory to maintain an inventory of all open source components being used by various teams in the company. A robust open source inventory needs to incorporate –

Every open source component being used
The version of each element
The download areas for every relevant project
The person responsible for the specific project

Similarly, the inventory should also include all relevant conditions including the libraries that are being by the code and the potential libraries that the states are connected to.

Be Cognizant of Other Open Source Software Related Concerns
The failure to be aware of licenses associated with the usage of open source software can expose organizations to a considerable danger of dispute over intellectual property that might lead to costly financial ramifications.

Similarly, the use of low-quality or obsolete, outdated open source components can negatively impact the quality as well as the performance of the applications that use them.

Conclusion
The use of open source software within an organization is much more than just downloading and executing a free-to-use program from a website. Different security concerns beg consideration. These need to acknowledged and analyzed before an organization proceeds with adopting any open source software.

That said, open source should not be misunderstood as a boundary to security. Instead, when used wisely, it can further strengthen security by adding many individuals as part of a community that can help in uncovering bugs and other vulnerabilities.

Evaluating Cloud Backup Solutions by AWS vs. Azure vs. Google Cloud

agileseo-israel — Tue, 26 Mar 2019 03:51:07 +0000

Data loss is an ordeal that many businesses never recover from. In the digital age, all businesses should make the protection of their critical information and files a top priority. Increasingly, businesses are choosing to use the cloud for their disaster recovery.

In this article, we will explore the characteristics of cloud backup and compare the cloud backup solutions provided by AWS, Azure and Google Cloud.

What is Cloud Backup?
Cloud backup is a type of cloud storage where data is stored and then accessed from interconnected and distributed cloud-based systems. Businesses, organizations, and individuals can use cloud-based backup solutions to securely store their data on the internet, using a storage service provider.

The Importance of Cloud Backup in a Disaster
Disaster recovery in an ongoing problem for IT platforms. When a power failure takes place or a system crashes data loss may occur. System crashes and other issues caused by natural disasters, human mistakes or malicious activity can result in costly service disturbances.

Companies need to safeguard their data from loss, so they are protected if and when disaster strikes. Also, Cloud Service Providers (CSPs) need to keep their customer services active even if their data center is affected by a disaster.

Using a Cloud-based Backup Solution
Cloud-backup services, such as AWS backup, Azure backup, and Google Cloud backup, put the sensitive information of a user in an offsite repository that remains online and is accessible from anywhere. A cloud-based storage solution can be implemented to replace storing data locally on a hard drive or physical disk.

Cloud backup lets users access services remotely through a protected client login application. Users can backup files from their computer or data center onto the online storage server via an encrypted and protected connection.

Every business should also have a documented disaster recovery plan and should trial that plan at least twice a year.

3 factors to consider when moving to the cloud

Have backups on-site and off-site
Select a cloud with recovery options
Mirror sensitive data

AWS vs. Azure vs. Google Cloud: Storage, Integration, Security and Cloud Configuration

Storage
Azure calculates storage rates according to your storage requirements, your geographical location, how often you need to retrieve the stored data and the type of data redundancy you select.

Amazon S3 provides flexibility for scaling storage. With Amazon 3 users are charged for storage used, there are no termination costs or upfront fees. However, unlike Azure, Amazon S3 does not offer multi-regional storage. S3 does use a middle tier class between archival and standard storage.

Google Cloud provides a combination of the storage class options that Azure and Amazon S3 have. Google cloud tends to be more scalable than the other two. Google offers multi-regional and regional possibilities and a mid-range option.

Integration
Before the cloud, organization application integration was an intricate process that demanded time and resources. With Cloud based Single Sign On, RestAPI, and connectors, cloud integration has adopted a completely new model.

When considering cloud platforms, users should assess the functionalities and Application Programming Interface (API) offered by the cloud provider. The volume of APIs that AWS offers is considerable, but Azure offers multiple tools to help developers customize the integration points.

Security
Today, cloud security is paramount as many companies store sensitive data in the cloud. Most of the leading cloud providers address this issue in their own way. What is important is how organizations put these securities and data backup policies into practice and how they fit in with their organizational requirements.

Azure’s model, uses a tiered method. This approach makes sure that organizations can configure security policies for all parts of the Azure cloud stack. Amazon adopts a marginally different approach. Amazon VPC has built-in network firewalls and AWS has web application firewall capabilities. These capabilities make sure that organizations can easily configure private networks. Google cloud platforms provide users with security by making use of features like Security Key Enforcement Cloud Identity and Access Management (IAM) and Cloud Identity-Aware Proxy.

Cloud configuration
An organization can use the cloud to streamline its infrastructure management, saving time and money. Nearly all cloud providers like AWS, Azure, and Google Cloud, provide a solid infrastructure for cloud transactions and deployment, however, the way they deliver and deploy these services differs.

Users can configure accounts in motion with AWS. Comparatively, Azure uses large scale deployment of Microsoft Technology stack. Google lacks an edge in this area, because of its late entry and a relatively small presence in the business market. In relation to platform capabilities, Google Cloud lacks functionality, when compared to AWS, in areas such as email, workflow and notification services.

Pros and Cons of AWS, Microsoft Azure, and Google Cloud

AWS
Users can upscale the size of AWS with their service and configure it according to their needs. However, AWS tends to overlook the importance of hybrid clouds. AWS has shifted away from on-premises clouds, choosing to manage their cloud services within their data centers. This may limit the amount of control a user can have over their cloud storage environment.

Microsoft Azure

The connection between Azure and IT applications like Active Directory and Windows Servers has made Microsoft Azure a user-friendly option. Users who wish to store data from one of these programs may opt for Azure backup. However, if users want to use programs other than Active Directory or Windows Server then Azure may not be suitable.

Google Cloud

Features like the BigQuery analytics engine make this product appealing. Perhaps the top advantage of Google Cloud is its use of machine learning. Google Cloud has one of the largest resources of data: Google Chrome searches. This data will likely pave the way for services that will enhance the profile of Google Cloud.

Conclusion

A disaster can happen at any time, affecting the smooth running of your business and the delivery of your software application to your customers. Disasters include natural disaster, an outage in your network or a bug in your code. Whatever the cause, if your system is down your business can be stopped in its tracks, resulting in lost customers, time and revenue.

Having a disaster recovery plan in place is a basic requirement. Conventional disaster recovery methods are costly and time-consuming. However, with cloud computing, developing the required backup infrastructure to ensure a speedy and effective recovery is simple and economical.