BackBox Blog
58 FOLLOWERS
BackBox is a market leader in network automation, security and management solutions. We help companies worldwide automate and streamline complex tasks, ensure network health and performance, achieve business continuity and do more with fewer resources.
BackBox Blog
2w ago
BackBox NVM helps manage the entire vulnerability lifecycle, with differentiated capabilities along the way. The purpose of this post is to highlight the lifecycle and BackBox unique differentiation.
It’s inspired by this image of how a CVE gets created:
There are three steps in the vulnerability lifecycle:
Assessment
Application
Action
Assessment
The two main questions to ask at this stage of the lifecycle are:
What is this new vulnerability?
How bad is it?
Many solutions will deliver the CVEs into the product. These CVEs come from the NIST database and are available to everyone. However ..read more
BackBox Blog
2w ago
Abstract: Network configuration management (NCM) is an important part of network device administration. Software updates, compliance, backups, integration with the rest of the Network Operations Center software stack… all are critical elements of a network configuration manager. However, legacy solutions are starting to limit NCM effectiveness due to a lack of automation. As such, industry experts such as Gartner are recommending that modern NCM solutions be built on automation.
Table of Contents
NCM built on automation
Network configuration management features
What should you look for in a n ..read more
BackBox Blog
2w ago
Abstract: Network vulnerability management is an important part of network upkeep. Tracking vulnerabilities, understanding their impact on the network, and remediating them helps protect the network from cyberattack. But it is often a time-consuming, labor-intensive process and, therefore, doesn’t get the attention required.
Table of Contents
A New Network Vulnerability Management Approach: Risk management vs threat exposure management
Two Recommendations to Set Your Network Vulnerability Management Program on the Right Course
What are network vulnerabilities?
Mitigation or remediation? What ..read more
BackBox Blog
3w ago
68% of organizations highlight improving CI/CD as a primary focus of their application modernization efforts. According to EMA, this is similarly reflected in what’s being seen with network engineering as well. In fact, Shamus @ EMA surveyed network teams to find that DevOps (NetDevOps) and CI/CD initiatives are the number three driver of network operations strategies behind only public cloud and SaaS adoption.
What is CI/CD?
It’s stands for continuous integration / continuous delivery and grossly means that teams can make many changes that are continuously integrated into the “build pipeline ..read more
BackBox Blog
1M ago
I was reading a research note by Gartner, ‘Maverick Research: Risk Management Produces Bad Cybersecurity’ ($), and it brought up some interesting observations about the usefulness of BackBox NVM when it comes to security best practices.
The thing that jumped out at me is the difference in language between Risk Management and Threat Exposure Management.
Gartner believes network teams should “abandon traditional risk management practices as part of cybersecurity management” and instead talk about threat exposure to guide security activities.
That’s music to my ears, because that’s exactly what ..read more
BackBox Blog
1M ago
If you thought BackBox reliable backups were good… we’re going to make them even better using Amazon S3 Glacier storage for immutable storage of your backups right from inside of BackBox.
About Amazon S3 Glacier
Amazon S3 Glacier is a low-cost, cloud-archive storage service that provides secure and durable storage for data archiving and online backup. Designed as a cloud-based alternative to on-premises magnetic tape backup drives, Amazon S3 Glacier offers the following benefits:
Lower cost. Glacier is designed as Amazon’s lowest-cost storage class.
Durability. Glacier is distributed across a ..read more
BackBox Blog
1M ago
A blog series that shines a spotlight on real-world moments where network engineers use BackBox security-centric automation to save their organizations from costly downtime and surprises.
Synopsis
All firewall vendors require that their customers keep their certificates up to date. It’s a mandatory but time-consuming and tedious administrative task that’s error-prone and usually happens at an inconvenient time, making it ideally suited to be solved with automation. Here, we use a recent real-world example with Palo Alto to demonstrate what can happen without the benefit of automation and the v ..read more
BackBox Blog
1M ago
Introduction: entry and propagation
Network teams and the devices they manage are not the usual audience for discussions about ransomware. Ransomware affects endpoints and is often the purview of IT administrators and security teams. However, there are things that network teams can do to help prevent ransomware from entering the enterprise, and should it enter, from propagating across the network.
Read a version of this post, written by our CTO Josh Stephens, on Network Computing.
Four areas to help networks keep organizations safe from ransomware
There are four areas where network teams can h ..read more
BackBox Blog
1M ago
Since February 12th, it appears that there is a significant drop in CVE enrichment data on the national vulnerability database (NVD). This is problematic because a lot of organizations that rely on CVEs to drive their network vulnerability management strategies are now making decisions with less information than they could depend on in the past.
National Vulnerability Database Enrichment
The primary role of the NVD is adding data to vulnerabilities, data such as severity levels (CVSS scoring) and CWEs. And, NVD is responsible for maintaining the CVEs as information changes. For example, when f ..read more
BackBox Blog
1M ago
In early March, Fortinet disclosed five new vulnerabilities. This sort of disclosure (from network companies in general) is not unusual. However, unusual or not, it presents a challenge to network administrators trying to keep their networks secure.
Here’s the fundamental challenge, from some BackBox sponsored research from last year:
92% say more network updates are needed than they can keep up with
Already overloaded, news of new vulnerabilities may not even break through the noise of a busy admin’s life, let alone be something they have time to address.
That’s the “why?” beyond BackBox Ne ..read more