Zero days and attack surface
Dear Security Folks:
Is the best way to protect against street violence having ambulances ready to pick up the victims?
Some “security experts” apparently think so.
Two recent articles from VentureBeat made us think of next steps for our collaboration with you.
First, this March 31 article says Gartner concurs Kontain that attack surface is a 2022 priority. Second, this article from May 1 agrees that attack surface is a huge problem, as Log4Shell, et. al., have demonstrated all too well.
Shockingly, these articles give NO constructive advice about how to deal with the attack surface problem. Worse, the 2nd article gives what I’d call irresponsible advice:
The priority of security teams should not be to detect zero-days. Instead, the priority of a security team should be to set up the tools and governance needed to quickly understand their exposure to a new threat and organize a response.
Really? You agree with Gartner and Kontain that the problem is zero-day attack surface, yet you say security teams shouldn’t do anything about it except inventory software assets so you might hope to close the barn door more expeditiously AFTER the next zero-day? [new paragraph] Wouldn’t better advice be to reduce your software’s attack surface as a means to avoiding the next zero-day BEFORE it happens?
The elephant in the room is the attack surface. As long as we ignore it, the zero-days will keep coming fast and hard. No amount of remediation preparation can be a solution.
Let’s address the attack surface head-on. Kontain’s breakthrough architecture makes it easy for you to reduce the attack surface and the blast radius of your containerized applications.
When is our next conversation?
You can view the Kontain project on GitHub here.