Security & Vulnerability enhancements in Runecast 6.2

Runecast is on a mission to become your favourite security and operations platform. Here on the Runecast blog we often talk about how security never sleeps. Security has evolved, from 24/7 foot patrols around vital buildings, to 24/7 scanning of vital infrastructure. The old ways of protecting things are no longer good enough, because the malicious forces keep finding new and dangerous attacks. This is why Runecast continues to evolve too: to stay one step ahead of those who would cause harm. 

Proactive Protection

Our latest release, Runecast 6.2, combines a number of recent updates into a glut of security standards to keep your teams ahead of the game. These include updates to existing security profiles, adding new standards and deeper scanning coverage in OS.

For a full overview visit Runecast Support Matrix.

‍

Operating System Security

It doesn’t matter how secure your infrastructure is, if the operating system running on top of it is a vulnerable mess. Things like Wannacry, the ransomware attack which damaged so many systems in 2017, didn’t exploit infrastructure level exploits, but a file sharing loophole in Windows. An exploit which would have been disabled on systems following many best practices recommended at the time.

Because of attacks and exploits like this Microsoft continues to release CVEs and new best practices are released by other trusted sources. In Runecast 6.2 the latest Microsoft CVEs and Linux vulnerabilities are combined with:

• CIS Benchmarks
• DISA STIG (updated for both Windows and Red Hat Linux Enterprise 8) 
• Vulnerability scanning and configuration analysis 
• BSI IT-Grundschutz for Windows (a brand new addition)

This extra BSI profile includes Windows Server OS, extending our proactive coverage and security audits. 

Infrastructure Security

Just because we have made improvements to the OS side does not mean we have forgotten about your infrastructure. We have new compliance and security standards for vSphere and for Azure, adding DISA STIG for vSphere 7 and new NIST profiles for Azure. This is particularly important for our US customers, who may be constrained to operate under DISA if they use the DoD’s network, or use NIST in other areas of government. 

DISA STIG compliance is mandatory for all companies who operate on the DoD network and the penalties for non-compliance can be very damaging. Runecast provides proactive security audits and easy to read and use data, helping you to prove the compliance of your systems. 

If you want to see how easy Runecast can make compliance and security, contact us for a demo now.