open
  1 (866) 866-2320 Resources Events Blog

How Inventory Configuration Analytics Stopped a Security Breach

Blog

How Inventory Configuration Analytics Stopped a Security Breach

About

This content is brought to you by Evolven. Evolven Change Analytics is a unique AIOps solution that tracks and analyzes all actual changes carried out in the enterprise cloud environment. Evolven helps leading enterprises cut the number of incidents, slash troubleshoot time, and eliminate unauthorized changes. Learn more

A financial institution recently deployed Evolven’s new Inventory Analytics feature.

Within minutes, they discovered:

  1. An old version of software known to have major security vulnerabilities still existed in their environment…but they swore all systems had been updated.
  2. There was a new product installed on a select set of Linux servers that is a known potential security breach. That service could allow a hacker to gain access!

How did Evolven’s Inventory Analytics save this financial institution from two major issues that could have led to substantial security risks and even loss in revenue?

IT Teams Struggle to Obtain Up-to-Date Detailed Configuration

For years, IT Teams have struggled to answer seemingly simple questions like...

“How many hosts are currently running WebSphere Application Server?”

“Which instances and images in our environment use JVM older than 1.8 update 261?”

“What types of AWS EC2 instances do we currently have active?”

With millions of configurations continually changing across the enterprise cloud, finding the answers to simple questions like these is harder than it seems.

How can you know exactly what assets are out in your end to end environments, and how they are specifically configured?

Finding the answers often requires reports from IT asset management or CMDB teams, writing their own scripts to collect the requested information, or logging into every single host individually to check required configurations.

All of these options take a lot of time and effort while introducing new operational and security risks.

Until now...

Fast, Easy Access to Your Entire Granular Configuration

Evolven is the only technology out there collecting the most extensive and granular configuration details across an enterprises’ end-to-end environment.

With a new feature, Inventory Analytics, Evolven utilizes this data to help IT teams increase productivity and reduce the risk of security, compliance, and performance issues.

Evolven’s Inventory Analytics automatically collects the most granular configuration and inventory of environment components from the application level down to the infrastructure, from on-premise data centers to the public cloud.

Then, with a powerful query engine, users can:

  1. Search through the inventory configuration for specific items and elements matching anything from simple string-based patterns to multiple dependent complex conditions.
  2. Automatically benchmark granular configuration parameters across hosts, sub-environments, and multiple environments.
  3. Define flexible configuration policies that will continuously validate collected configurations, highlighting any elements that do not match the policies.

With Evolven’s Inventory Analytics, a question like “which instances and images in our environment use JVM older than 1.8 update 261?” can be answered in seconds by a simple UI-based query that even a non-technical person can define.

How Evolven’s Inventory Analytics Prevented a Security Breach

In the instance above, after deploying Evolven’s new Inventory Analytics module, the financial institution conducted an advanced search for the deployed Websphere instances along with detailed CPU data.

During this search, they first discovered a specific software version still existed in their environment that had major security vulnerabilities - revealing all systems had not been updated as they had thought.

By running the search, they were able to download a list of the affected servers and create an emergency change request to update them.

Next, they found an installed product on a select set of Linux servers that is a known potential security breach.

They were not aware that the product was installed before using Evolven.

Again, they were able to create an emergency change request to remove this potential security issue.

At this point, the company created a new policy to alert a SecOps team on any newly installed products. This would allow them to review all authorized and unauthorized changes moving forward on any installed products and services.

Last, this data allowed procurement to assess the currently committed spend against actually deployed licenses, discovering that the estimated deployed license cost was 60% over the actual.

By having the ability to search on multiple aspects of configuration data, this company was able to reduce its annual spend significantly.

image

Evolven is continuously pushing the boundaries of what we can do with our patented AI-powered Change Analytics technology.

Enterprises today have millions of continually changing configurations, and Evolven wants to help IT teams manage each configuration accurately and effectively.

Evolven is excited to present this newest feature providing a better way to control inventory configurations. This way will significantly reduce security, operational, and performance risks and increase productivity for IT teams.

To learn more, set up a time to see Evolven in action here.

About the Author
Nicole Prybula

Field Marketing Manager