Skip to main content
Category

Uncategorized

syxsense - patch management, cybersecurity, mobile device management, security scanning, remediation

3 Challenges to Overcoming Zero Trust Adoption

By Blog, Cybersecurity, News, Press Release, Uncategorized, Zero Trust

By Ashley Leonard, Syxsense CEO and Founder

Zero trust adoption has taken center stage in recent years because it can help better secure remote workers and hybrid cloud environments and protect against ransomware threats. But as organizations continue to press forward with digital transformation and look to protect stakeholders from rising cyberattacks, not all are reaping the benefits of a fully implemented zero trust strategy. In fact, a recent survey revealed that more than one-third of organizations are not pursuing zero trust strategies, and of those that are, more than half are still in preliminary exploratory stages of adoption.

But according to Gartner, cybersecurity spending on things like zero trust will double by 2026 to $267.3 billion. Why the disconnect? According to EMA research, 41% lack the budget and funding, 32% lack the technical capabilities, 29% have no clear direction on how to begin, and 24% are concerned that it could negatively impact business operations. It’s clear that organizations need more support to overcome the struggles associated with zero trust adoption. To better understand this, let’s look at three prominent challenges organizations are facing today and how they can best overcome them to accelerate – and feel more comfortable with – their zero trust journey.

Challenge #1 – Poor Visibility Across Environments

To understand the requirements that make sense for a zero trust framework, full visibility across the environment is crucial. That means being able to see all devices, data stores, and users. This also includes an assessment of where technical capabilities are lacking. Zero trust is not just another tool for IT managers. It’s a completely different method of understanding device and network access.

To support a zero trust project, organization’s need to first understand where their limitations lie (for example, do they know which databases have high-value data, or “crown jewels”), how existing tools and infrastructure have been implemented (such as who can access critical data or high-value assets, like servers), and have a documented process in place for managing the existing tools and infrastructure. Unfortunately, asset discovery can be challenging for many organizations, which is one reason zero trust projects can appear so daunting. It’s like moving into a new house where none of the boxes are labeled. Identifying the difference between kitchen or laundry supplies is required before you can really get organized.

Challenge #2 – Zero Trust is Complex

Zero trust can be hard to implement. Consider it a mesh solution – where the point is to create a reality where users and devices gain access to information through an authentication ‘conversation’ rather than just punching in their credentials. All sorts of data points are collected and collated to build the proof of authenticity required for access to be granted. Most zero trust frameworks, for that reason, are a combination of multiple solutions brought together under a unifying toolset.

Creating the logic needed to bring each tool together in concert can be complex. For example, part of your zero trust attestation process might be to validate that a device doesn’t have any active anti-virus alerts. That is one data point to manage. You might also need to validate that the device’s connection is coming from a whitelisted geography. On top of that, you might also want to validate that the device’s patch compliance is current. Maintaining a unified zero trust solution for parsing this data can be very helpful, but it requires you to mesh multiple disparate solutions together under the roof of a single solution.

Challenge #3 – Zero Trust is Resource-Intensive

Buying a suite of zero trust solution can be resource-intensive for many organizations. Why? Because it’s often a mandate above and beyond the foundational IT and cybersecurity stack (on top of the normal day-to-day). Today, many companies are rolling out zero trust solutions. Some of them are built to be incorporated into a larger zero trust ecosystem, while others are intended to become self-sufficient ecosystems.

Depending on the scope of the advertised functionality, zero trust can either demand extensive resources or require a reasonable amount of investment. But if the initial investment is reasonable, systems administrators can anticipate doing more work throughout their adoption journey. Alternately, full suite zero trust products tend to pull a lot of resources upfront and provide a much lower burden of effort on security and operations teams to implement functionality.

Zero trust adoption continues to be a complex and challenging initiative for many organizations, especially those using legacy systems. But vendors and the larger security community are getting better at delivering new solutions, approaches, and educational information that can help streamline the process (and better show the value). The first step is for organizations to understand the complexity of a zero trust project, gain full visibility into their security environment, and commit the necessary resources and expertise to implement it (or explore it) successfully. To reach its full potential, IT and security teams will need to make the fundamental shift from a perimeter-based security approach to granular and continuous authentication processes. That’s zero trust.

##

ABOUT THE AUTHOR

syxsense - patch management, cybersecurity, mobile device management, security scanning, remediation

Ashley Leonard is the president and CEO of Syxsense-a global leader in Unified Security and Endpoint Management (USEM). Ashley is a technology entrepreneur with over 25 years of experience in enterprise software, sales, marketing, and operations, providing critical leadership during the high-growth stages of well-known technology organizations. 

Ashley manages U.S., European, and Australian operations in his current role, defines corporate strategies, oversees sales and marketing, and guides product development. Ashley has worked tirelessly to build a robust, innovation-driven culture within the Syxsense team while delivering returns to investors. 

Ashley has founded several successful technology companies, including NetworkD Inc., with operations in 7 countries. NetworkD made several strategic international acquisitions and then completed a successful exit to Sparxent in 2008. In 2012 he founded Verismic Software and launched Syxsense in 2019.

Ashley serves on several boards and acts as a mentor to up-and-coming technology CEOs through his membership in the Young Presidents Organizations (YPO). He served as Orange County chair for two years. Ashley also served as Area Chair for YPO Pacific Region and was host city partnership chair for the 2020 YPO Global EDGE conference in San Diego, CA, welcoming over 3,000 of the world’s top CEOs. 

Ashley was a finalist for Ernst & Young’s “Entrepreneur of The Year” and AeA’s “Outstanding Private Company CEO” Award and won the AGC Innovation CEO Award. 

Published Thursday, March 30, 2023 7:34 AM by David Marshall

Filed under: 

January 3rd Party Round Up Webinar

By Uncategorized

In this video, we have our industry expert, Jon Cassel here to give us an inside look at the newest third-party patch releases. And with that, Jon Cassel. Syxsense is the leading provider of innovative, intuitive technology that sees all and knows everything about every endpoint, in every location, everywhere inside and outside the network, as well as in the cloud. It combines the power of artificial intelligence with industry expertise to manage and secure endpoints by stopping threats before they occur and neutralizing threats when they happen. The Syxsense Endpoint Security Cloud always-on technology performs in real-time so businesses can operate free of disruption from security breaches that cripple productivity and expose them to financial risk and reputational harm.

||

Linux Vulnerabilities of the Week: January 29, 2021

By Uncategorized

Linux Vulnerabilities of the Week: January 29, 2021

Are you caught up on January's Linux vulnerabilities? See this week's top issues and keep your IT environment protected.

1. Samba update for Amzn1 (Amazon AWS), Red Hat Enterprise 6, 7, 8 & Red Hat Storage 3

Vendor Severity: Critical
CVSS Score: 10

A flaw was found in the Microsoft Windows Netlogon Remote Protocol (MS-NRPC), where it reuses a known, static, zero-value initialization vector (IV) in AES-CFB8 mode. This flaw allows an unauthenticated attacker to impersonate a domain-joined computer, including a domain controller, and possibly obtain domain administrator privileges.

CVE Reference(s): CVE-2020-14318, CVE-2020-14323, CVE-2020-1472

2. Libxslt update for Amzn1 (Amazon AWS)

Vendor Severity: Medium
CVSS Score:
9.8

libxslt through 1.1.33 allows bypass of a protection mechanism because callers of xsltCheckRead and xsltCheckWrite permit access even upon receiving a -1 error code. xsltCheckRead can return -1 for a crafted URL that is not actually invalid and is subsequently loaded. (CVE-2019-11068).

In xsltCopyText in transform.c in libxslt 1.1.33, a pointer variable isn’t reset under certain circumstances. If the relevant memory area happened to be freed and reused in a certain way, a bounds check could fail and memory outside a buffer could be written to, or uninitialized data could be disclosed. (CVE-2019-18197).

CVE Reference(s): CVE-2019-11068, CVE-2019-18197

ceph-ansible: insecure ownership on /etc/ceph/iscsi-gateway.conf configuration file (CVE-2020-25677).

CVE Reference(s): CVE-2020-25660, CVE-2020-25677, CVE-2020-27781.

3. Slurm security update for Suse Enterprise 15 SP1

Vendor Severity: Moderate
CVSS Score:
9.8

Slurm before 19.05.8 and 20.x before 20.02.6 exposes Sensitive Information to an Unauthorized Actor because xauth for X11 magic cookies is affected by a race condition in a read operation on the /proc filesystem.

CVE Reference(s): CVE-2020-27745, CVE-2020-27746

4. Kernel security update for Oracle Linux 6 & 7

Vendor Severity: Important
CVSS Score: 8.8

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-9009 advisory.

CVE Reference(s):  CVE-2020-27673, CVE-2020-29568, CVE-2020-29569, CVE-2020-28374

5. Red Hat Ceph Storage 4.2 Security and Bug Fix update for Red Hat Enterprise 7

Vendor Severity: Critical
CVSS Score:
10

ceph: User credentials can be manipulated and stolen by Native CephFS consumers of OpenStack Manila (CVE-2020-27781).

ceph: CEPHX_V2 replay attack protection lost (CVE-2020-25660).

ceph-ansible: insecure ownership on /etc/ceph/iscsi-gateway.conf configuration file (CVE-2020-25677).

CVE Reference(s): CVE-2020-25660, CVE-2020-25677, CVE-2020-27781.

Try Linux Patching with Syxsense

Syxsense makes endpoint management and security easy. Automatically deploy OS and third-party patches as well as Windows 10 Feature Updates for Microsoft, Mac, and Linux devices.

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo

Still Relying on WSUS? Here’s Why You Can’t

By Uncategorized

Still Relying on WSUS? Here’s Why You Can’t

In one of the worst patch rollouts in Windows history, Microsoft's surprise zero-day patch for IE was released, but not released, then pushed sporadically, but only in preview, and never explained.

Microsoft’s Patch Disaster

Last week, Microsoft ordered users to immediately download an “emergency” out-of-band security patch meant to close up a security flaw in some versions of Internet Explorer that can be exploited by hackers.

Specifically, the IE zero-day vulnerability (CVE-2019-1367) is a remote code execution flaw that could easily enable an attacker to remotely run malicious code on an affected device and take it over. This vulnerability is so serious that Homeland Security also issued an advisory telling users to download the patch immediately.

But not so fast.

ComputerWorld’s Woody Leonhard reports that, “in what may be the worst rollout in modern Windows patching history, Microsoft rolled all over itself in its handling of IE security hole CVE-2019-1367.” You can read about the full timeline here, but this is what Leonhard concluded:

“September’s surprise zero-day patch for Internet Explorer hole CVE-2019-1367—released, but not released, then pushed sporadically, but only in preview, and never explained.”

In other words, the patch for this serious vulnerability wasn’t available through Windows Update or the Update Server; it was only available as a manual download from the Catalog.

Nevertheless, all Windows users are strongly advised to patch as soon as possible. And remember, if your organization is relying on WSUS to deploy patches, you are still at risk for CVE-2019-1367.

Syxsense can scan all your machines, deploy the patch, and report back the all clear. We take patching seriously, and you can start a trial of our Syxsense here.

Start a Free Trial

Try Syxsense today and start patching your IT environment with a powerful and easy-to-use IT management toolset.

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo

Network Map: Visualize Your IT Security

By Patch Management, Uncategorized

View Any IT Issue at a Glance

Syxsense’s Network Map puts the answer to the IT’s burning questions in a single screen. Can I see every device connected to my network, and how vulnerable to attack are these devices?
Through color coding, critically vulnerable devices alert you to weak links in your security infrastructure.

With a click of a mouse, start a task to immediately patch “Red” devices. Mouse over any device to see exact numbers of how many critical, high, medium or low vulnerabilities you have. Double click to view inventory, a timeline of any changes on the device, and patching history.

By setting up a regular maintenance window, your devices will be fully patched, and a glance at this global network map confirms your compliance. It gives auditors, executives, IT directors and most importantly, you, peace of mind that hackers, phishing, or ransomware cannot exploit your business.

Why choose Syxsense?
1. Detection: With Realtime security information, Syxsense displays the current state of your devices and software. This is a reflection of right now; not minutes or hours ago.
2. Roll Back Patches: Not only can you deploy updates with a strategic method, but the Patch Manager can also uninstall updates. The task can be configured to remove a specific update, or group of updates, from all devices or just a selection of them.

3. Task Status and Reporting: Along with that Realtime data display comes accurate task status information. You can follow along as the task runs and analyze which devices succeeded or failed to implement the update. From there, our reporting section organizes vital information into easy to understand reports. These are perfect for emailing out to prove needed work has been completed effectively.

The Power of Realtime Security

Syxsense Realtime Security manages devices inside and outside your network, roaming laptops, Servers, Desktops, and IoT devices. With Realtime Security we’ve added both this network map and the ability to see and kill virulent malignant processes acting on your network.

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo

Eliminate the Stress of Application Packaging

By Patch Management, Uncategorized, Video

Get Started with Application Packaging

Experience the benefits of a team that has worked on thousands of projects with similar applications, processes and challenges. We guarantee conflict-free packages from a service team built on exceptional quality.

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo

Rare Red Hat Critical Update

By News, Uncategorized

Linux Patches Security Concerns with Firefox

Almost at urban legend status, Red Hat rarely rates updates as critical. Well, it’s not myth now, as an update is available for Red Hat Enterprise Linux 6 and 7. With a CVSS score of 8.8, we are recommending this update be actioned quickly.
An important fact to note, after installing the update, Firefox must be restarted for the changes to take effect.
This update upgrades Firefox to version 60.5.0 ESR.

Security Fixes:
• Mozilla: Use-after-free parsing HTML5 stream (CVE-2018-18500)
• Mozilla: Memory safety bugs fixed in Firefox 65 and Firefox ESR 60.5 (CVE-2018-18501)
• Mozilla: Privilege escalation through IPC channel messages (CVE-2018-18505)

Is your patching strategy ready?

Having a strategic patch roll-out implemented is key to secure software updating. However, your plan and patching software must be flexible enough to deal with a rogue critical update. Will you be ready to jump into action when an emergency security update is released?

With Syxsense, you have the stability of a strategic roll-out, but also the capabilities of a response team. This solution can patch devices with Windows, Mac, or Linux operating systems. Our content library has a wide range of major software vendors.
Learn more about securing your devices in Syxsense Realtime Security.

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo

Patch Now: Chrome and Firefox Vulnerable

By News, Patch Management, Uncategorized

Update Your Browsers

New releases for Chrome and Firefox address security concerns.
Two of the most widely used internet browsers, Chrome and Firefox, have released updates for 65 security flaws.
Of these security patches, 4 have a ‘critical’ severity rating and 19 are rated as ‘high’. Chrome 72 will also warn users when they visit a spoofed URL.
These updates are available for both browsers on Linux, Mac, and Windows.

What’s the simplest way to update my browsers?
Keeping internet browsers across your company up to date can be surprisingly easy, with the right solution. Syxsense provides detection and remediation of critical updates.

With a comprehensive patch scan, you’ll see all the devices that require updates. If you are wondering about the status of a specific software, run a targeted scan seeking a specific software. Both are easily set up and can be repeated regularly with our maintenance windows.

From there, it’s simple to set up a task that targets every device that need updates.It’s time to switch to an IT management solution that can deploy any security updates required.
Get started with Syxsense’s patching capabilities and experience all the intuitive features.

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo

Top 10 Most Out-of-Date Programs

By News, Uncategorized

Millions of PCs Are Running Outdated Versions of Popular Software

55% of all programs worldwide are out-of-date
It is 2019, and millions of computers still either have at least one outdated application installed or run outdated operating systems, making themselves vulnerable to online threats and known security vulnerabilities/exploits.
Many outdated applications, including frameworks and tools, contain vulnerabilities and for security reasons should be updated immediately.

For example, in May 2018 7-ZIP fixed an issue in the RAR extraction logic that could allow a DoS attack or execute harmful code embedded in RAR files.
Another popular example is Java: Versions 6, 7 and 8 are still widely installed and no longer up-to-date. Even users who are on the latest Java version 10 release should check for updates regularly to avoid any security issues.
One of the most out-of-date applications is the VLC Media Player. This is likely due to older versions of the software not notifying the users about updates. Skype closely follows, as most users are still on the older version, Skype 7 Classic. Microsoft has not enforced the update to the new Skype 8, but has been gathering user feedback and encouraging users to upgrade.

Most Out-of-Date Programs

1. Adobe Shockwave
2. VLC Media Player
3. Skype
4. Java Runtime Environment 6-8
5. 7-Zip Filemanager
6. Foxit Reader
7. Adobe Air
8. InfranView
9. Mozilla Firefox
10. DivX Plus Web Player

11. WinZip
12. iTunes
13. Nitro PDF Professional 9
14. GOM Media Player
15. WinRAR Archiver
16.Skype 8
17. Java Runtime Environment 10
18. Nitro PDF Professional 10
19. Mozilla Thunderbird
20. Mozilla HP Photo Creations

Use Syxsense to detect and then remediate updates. While you could run a comprehensive scan of all devices on a network, you can also run a targeted scan seeking a specific software. Easily see which devices are running which version of an application that might be at risk. From there, it’s simple to set up a task that targets every device that need the update.

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo

January Third-Party Security Updates

By News, Patch Management, Uncategorized

Latest Third-Party Updates

This month there are several notable updates with CVSS ratings. Apple has released critical fixes for two of their OS platforms. Adobe and Foxit both have patches with high ratings. Prioritize these updates when securing your environment.

Still using WSUS?

If so, how are you deploying third-party security updates?
It’s time to switch to an IT management solution that can deploy any security updates required. Don’t rely on an incomplete tool that can only deploy windows updates. Syxsense can deploy a wide-range of updates, including Windows, Mac, and Linux software.

Third-Party Updates

Vendor Category Patch Version and Release Notes: CVSS Score and Rating
Adobe Multi-purpose software Flash Player, ActiveX, and AIR: v32.0.0.114Acrobat and Reader DC: v19.010.20069 N/A7.8 and High
Apple Operating Systems macOS: v10.14.3macOS High Sierra: v10.13.6

iTunes: v12.9.3.3

9 and Critical9 and Critical

N/A

Don Ho Text and Source Code Editor Notepad: v7.6.3 N/A
Evernote Organization App Evernote: v6.17.6.8292 N/A
FileZilla FTP application FileZilla: v3.40.0 N/A
Foxit Corporation PDF software FoxitReader: v9.4.0 6.3 and High
Google Browser Google Earth Pro: v7.3.2.5495 N/A
KeePass Open-source password manager KeePass: v2.41 N/A
Mozilla Browser and Email Application Firefox: v64.0.2 N/A
Opera Web Browser Opera: v58.0.3135.47 N/A
Oracle Computer Programing Language Java: v8u202 N/A
Peter Pawlowski Audio Player Foobar2000: v1.4.2 N/A
RealVNC Remote Access Software RealVNC Viewer: v6.19.1 N/A
WinSCP Web Client WinSCP: v5.13.7 N/A
Wireshark Open-source packet analyzer Wireshark: v2.6.6 N/A
Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo