As hybrid data, infrastructure, and application environments continue to grow, keeping track of security updates and patches for all these assets can be a challenge—even for the most mature organizations. Coupled with the increasing magnitude and frequency of attacks, organizations need to continuously monitor their environments, to find exposures that will not only make them more vulnerable to an attack, but might also reduce the probability of a successful recovery.
With cyber resilience as the driving principle, organizations need to manage vulnerabilities in both prevention and recovery. NIST defines a vulnerability as, “Weakness in an information system, system security procedures, internal controls, or implementation that could be exploited or triggered by a threat source.” Vulnerabilities can lead to data breaches, fraud, intellectual property theft, and other malicious activities.
Cyber resilience depends on not only preventing incidents with traditional cybersecurity but on effective recovery that enables organizations to confidently recover their applications and data in hours vs days. Confident and reliable recovery needs recovery data that does not reintroduce vulnerabilities and exposures into the production environment.
Typically, vulnerability management is focused on production environments. But organizations need to understand what vulnerabilities may have been saved to their backup data. Understanding the vulnerabilities in the backup data allows response teams to correct these problems in a clean room environment before the data is used to restore applications and processes in the case of a destructive cyber incident.
Vulnerability scanning of backup data can also be a proactive best practice. When an incident occurs, they will know that the backup snapshot has been checked for vulnerabilities. Likewise, organizations can scan their snapshots reactively. If an incident occurs, the snapshots can be scanned prior to restoration. In either case, the practice helps prevent vulnerabilities and exposures from being restored which could allow threat actors to exploit again when data and applications are recovered.
Speed is key to enabling both a confident and rapid recovery. The updated Tenable and Cohesity integration provides improved scalability to meet the demands of growing workloads so that snapshots can be scanned rapidly and support demanding SLA and RTO requirements. The improved scalability also improves vulnerability scanning used proactively, as part of cyber resilience best practices.
Cohesity and Tenable help organizations recover with confidence by identifying thousands of known vulnerabilities that could allow threat actors to relaunch attacks when organizations leverage backup data to recover from a cyber incident, such as a ransomware attack. With Cohesity CyberScan powered by Tenable, you can reduce risk with a detailed dashboard that gives a global view of all cyber exposures within your recovery data.
By understanding blind spots in the infrastructure, organizations can address critical cyber vulnerabilities before they are exploited when recovery data is used.
With the Cohesity CyberScan vulnerability solution, Cohesity helps organizations identify, investigate, and prioritize vulnerabilities for remediation.
The new Cohesity and Tenable vulnerability solution provides immediate benefits, including:
Cohesity will be presenting and exhibiting at RSA Conference 2023. You can see the Cohesity-Tenable integration demo at the Cohesity booth and hear about us at the Tenable booth. Here are the details:
This blog is part of our “Road to Catalyst” series. Check back every week for new data security and AI content, and register today to join us at Cohesity Catalyst, our data security and management virtual summit.
- By Robert Shields
- By Robert Shields