November 22, 2022
Issue prevention is the practice of predicting the future. People have told you that this is difficult or maybe even impossible, but in the realm of computing it’s not. Predicting the future seems impossible as it is full of so many unknowns, but issue prevention is not dealing with unknowns. Issue prevention is about anticipating potential issues and removing them completely. While running IBM’s VMware Center of Excellence our co-founders experienced that 90% of all VMware problems are caused by known issues and risky configurations that could have been prevented. So how can we prevent them?
Vendors and manufacturers release updates, patches and hotfixes, all documented in their Knowledge Bases. There are vendor neutral best practices, security guidelines, community forums, a thousand and one sources of information. The chances are that someone you know has encountered an issue and searched for it online. They may even have found the answer they were looking for, and thought to themselves, “if only I had known earlier.”
Issue prevention, then, is gathering all the answers from these sources and applying them to each of your technologies and cyber security risk points individually.
Of course it’s humanly impossible to keep up with all of these sources. Even the most diligent and dedicated have a finite amount of time to read and implement the latest information across their entire tech stack and all of their environments. Beyond keeping up with each trusted source, there’s the inability to know whether the fix you’re applying to solve problem B will affect the fix that has already been applied for problem A.
This is why there’s a more common approach: I’ll learn how to fix that when it’s broken and for everything else, I’ll leave well alone. But we all know that this is not good enough.
Issue prevention is the proactive alternative to break/fix. Instead of leaving well alone and hoping that things go well, Issue Prevention identifies potential future pain points and remediates them. It’s combining all the available knowledge from trusted sources to assess your IT infrastructure and systems, and spot where potential problems lie. But didn’t we just say that it’s impossible to keep up with all these sources of information? It is for humans, but that’s where the power of automation comes in.
The Runecast platform, with its Runecast AI Knowledge Automation (RAIKA), brings all of these sources together and shows you the applicable and actionable items. Along with other tools in the platform, such as Hardware Compatibility List (HCL) scanning, Runecast is able to automate your issue prevention for AWS, Azure, GCP, Kubernetes, VMware, Windows and Linux.
In the screenshot below the Google Cloud Platform environment is being assessed against the Center for Information Security (CIS) benchmark (also known as CIS CSC), with findings shown in the columns. Everywhere the environment has an issue is highlighted in red, with the remediation steps shown as soon as the user clicks on an issue.
These insights enable IT Operations teams to identify future issues and take action against them. These can be issues like a known exploited vulnerability in your system – as detailed in the Cybersecurity & Infrastructure Security Agency (CISA) Known Exploited Vulnerability (KEVs) catalog – or out of date firmware, or even an incomplete or unconfigured setting which would fail an audit (like CIS Benchmarks). The KEVs catalog is a great resource, which was recently added to Runecast. It shows every vulnerability that CISA has found ‘in the wild’, and highlights it within the Runecast platform, meaning that your team can prioritise the most important gaps in their defence first.
Another of the tools at your disposal within the Runecast appliance is the automated HCL comparison tool. Using this you are able to scan your VMware hardware and proactively detect risks which lead to the Purple Screen of Death. The HCL scanning allows admins to prevent outage risks caused by driver or firmware incompatibility and highlight changes that may need to be made to keep hardware running at the latest version.
These practices can be extended to Kubernetes as well, using the shift left approach to remove vulnerabilities from your container images.
For more detail on how to use Runecast as part of your CI/CD pipeline, read this post.
Switching from a reactive break/fix approach to a proactive issue prevention approach can sound exhausting. But Runecast makes it simple. You won’t have to find and read thousands of trusted sources for industry best practices and compliance benchmarks, you won’t have to apply that knowledge and learning to each of your environments, because Runecast does it for you.
Runecast provides you with tailored and trusted insights that enable you to proactively prevent issues from developing in your systems.
This is why Runecast is trusted by teams across heavily regulated sectors such as defence, aerospace and finance, to find and prevent possible issues and keep them compliant and operating at the highest level. To read more about what Runecast can do to help an organisation like yours, read our case studies.