News

Illumio and Qualys Partner on ‘Vulnerability Maps’

There are many advantages of integrating cloud computing into your data center operations, which is why the various types of public and hybrid clouds have taken off lately. But there are also downsides, and one of the worst is increased vulnerability.

Consider, for example, the increased “East-West” traffic that the cloud brings with it. This is the traffic within your data center, i.e., server-to-server traffic. In this new era, data isn’t just confined to your perimeter anymore. The traffic has broken through those boundaries, and created new attack surfaces everywhere. It’s become a chore to even know where the vulnerabilities are, much less how to monitor and protect them.

Network security company Illumio, recognizing this problem, has today unveiled new global vulnerability mapping abilities for its Adaptive Security Platform. Combining vulnerability and threat data from the Qualys Cloud Platform and Illumio’s application dependency mapping feature yields a “vulnerability map,” showing connections to vulnerabilities between and within applications.

“Vulnerability management is an invaluable tool in every security team’s arsenal. With our Qualys Cloud Platform integration, organizations can see a map of how active, exposed vulnerabilities can potentially be exploited by a bad actor,” Andrew Rubin, CEO and co-founder of Illumio, said in a press release. “By adding vulnerability maps to our Adaptive Security Platform, security teams can see potential attack paths in real time and immediately implement micro-segmentation to prevent the spread of breaches.”

New capabilities of the Illumio Adaptive Security Platform include:

  • Vulnerability Maps: Enable application security teams, vulnerability management teams, and segmentation teams to understand the paths that bad actors can leverage within data center and cloud environments. Vulnerability maps:
    • Show in real time which applications are connecting into vulnerable ports.
    • Show the risk inherited by destination applications when the initiating connections are unpatched.
    • Eliminate unnecessary attack surface by showing vulnerabilities with no active or historic traffic.

One of the most interesting new features of the update is the “East-West Exposure Score,” which is a number that essentially tells you how vulnerable your east-west traffic is to exploitation. “The score is calculated based on how many workloads can potentially exploit the vulnerabilities on any given workload. The lower the score, the smaller the chance that a bad actor can exploit it. If patching is not available, the optimal way to reduce exposure is to use micro-segmentation to reduce the number of workloads that can connect to it,” Illumio says.

A simple number isn’t a solution, of course, but it is a great starting point for admins in their efforts to lock down their internal security holes. Start with the higher-number areas and work your way to the lower numbers, and you’re systematically protecting your data center in the proper way. If your move to the cloud is keeping you up at night, you should check out what Illumio and Qualys are doing.