Cisco Adds Vulnerability ID to Tetration

Tuesday, March 6, 2018 @ 02:03 PM gHale

Identification of software vulnerabilities and exposures are now a part of the security capabilities of Cisco’s Tetration platform.

The platform can now also detect vulnerabilities associated with software installed on servers in addition to offering protection for multi-cloud data centers.

Cisco Clears Critical Faults
One Week Later, Cisco Reissues ASA Fix
Cisco Fixes Hole in Security Appliances
S4: Safety System Attack Details

With support for on-premises and public cloud workloads, Tetration can now help identify security incidents faster, as well as contain lateral movement, Cisco said.

It can also find high severity security events such as Spectre and Meltdown using behavior-based anomalies, Cisco officials said.

The platform maintains an inventory of the software packages installed on the server, along with information on version and publisher. Leveraging the Common Vulnerabilities and Exposure (CVE) database, Tetration can detect packages with known CVEs. 

The platform also offers a scorecard ranking the severity of specific vulnerabilities and reveals which servers might be affected, thus helping IT organizations proactively set up filters to find additional vulnerabilities. 

In addition, Tetration can collect and maintain information about running processes on each server, on a real-time basis, Cisco officials said.

That could help IT managers find servers on which specific processes are running or have run. The collected information includes ID, parameters, duration, hash (signature), and the user running the process.

Leave a Reply

You must be logged in to post a comment.