Thomas Martin
November 14, 2019
Forty-eight percent of companies have had a security breach in the past 2 years, and 57% of the victims were breached due to unpatched security issues. This is according to a recent “State of Vulnerabilities” study from the Ponemon Institute and ServiceNow. It clearly shows that cyberattacks, their severity, and the speed in which the attacks happen, continue to increase causing more companies to be unable to keep up with the threat.
Traditional methods of creating virtual compute images and installing the required packages is labor intensive. Even if done via scripting they are prone to human error, hard to maintain, and slower to launch based on the sequence when packages are installed.
Because of manual efforts, more time is spent navigating the processes and coordinating between teams, than actually responding to vulnerabilities. As a result, patching is delayed an average of 12 days. What we see in practice is that resources created this way become long running workloads, susceptible to configuration drift, and vulnerabilities tied to “unpatched” packages that have known security issues. Unfortunately 73% of organizations have no common view of applications, the related assets, and the potential vulnerabilities.
Most organizations start attacking this issue using infrastructure-as-code pipelines to automate the build creation of virtual machines, and the study reflects the improvement showing that 80% of organizations using automation respond to vulnerabilities in a shorter time. While automation improves consistency, and speed, it doesn’t address both the visibility (where are the vulnerabilities) and prioritization (which is the most important to address) challenges that still plaque most organizations.
Using a base, or golden, image strategy that is managed by a central team ensures that the starting point is secure. But having visibility to what packages have been added by the application teams, and vendor software is essential. Bytes Bakery® provides all the benefits of deploying via a console or API through your CI/CD pipeline, but adds the visibility to vulnerabilities hidden within your organization’s base images, where those base images are deployed within your cloud providers, and the automation to remediate at scale.
About Bytes Bakery®
Bytes Bakery automates the creation of base “Golden Images”, providing visualization and management of package vulnerabilities across your cloud resources.
Recipe based, images are simple to create and launch. You are insured to get the latest versioned packages with each deployment, and a full verified inventory of the packages deployed across your cloud environments. This enables focused efforts on redeploying patched packages in a timely manner, greatly reducing the probability of a security breach.
Using Golden Images, you can rest assured that your cloud compute resources are secure, and that application workloads run reliably.