Mitigate Baron SameEdit (CVE-2021-3156) vulnerability

Polyverse and Arganteal: Security for DevOps Teams

By Shaina Raskin

From a security perspective, Polyverse’s ability to polymorph a Linux operating system and make it nearly immune from known and undisclosed memory-based attacks that make up 70% of successful attacks is compelling.  It goes a long way to protecting and attack proofing a large array of servers, VMs and containers in the cloud, or on legacy or end-of-life operating systems.  If you can make your Linux infrastructure immune to zero-day threats, you have greatly improved your external attack profile and mitigated security risk.

Polymorphing a small group of several servers is easy.  You can either polymorph an existing server or configure a new polymorphed server by simply executing a simple one-line command.

However, if you are an Operations or DevOps group trying to juggle all the other security tools and updates you are responsible for, the polymorphing process is another task that your team needs to accommodate.  While you can easily polymorph one server in about 15 minutes, if you need to do a 1000, that is 250 hours of an operator’s time.  On top of that your security team might ask you to re-polymorph the original set of servers periodically.  Maybe that is monthly or possibly weekly or daily for critical groups.  If so, the 250 hours is only a starting point and the recurring burden on the DevOps team becomes significant.

If you are considering Polymorphing a large group of severs repetitively for increased security, Polyverse’s partner, Arganteal can help you automate the polymorphing process and allow you to re-polymorph as often as required while avoiding the recurring manpower drain on your DevOps team.

Arganteal has the capability to further automate your existing DevOps automation so that a large group of servers can be polymorphed with one, Arganteal compiled, Execution Script.  This compilation will include all the credential issues and the variations required for each kind of target server.  The resulting Execution Script can be archived or recompiled whenever required. All the target specific values can be reused or updated each time an Execution Script is required.  With this patented capability, you simply start the Execution Script and come back a few hours later to catalog the results.  Because all the synchronous and asynchronous command steps are automated and orchestrated by the Execution Script, the per server polymorphing time will likely be cut in half, but whatever the time it takes, a senior tech is no longer logging it by hand.

If security is of utmost concern, Arganteal’s automation can polymorph each system with its own unique polymorphic binary thereby exponentially decreasing your infrastructure’s attack surface as each system is fundamentally a different and distinct install of Linux. Not only does automating this process eliminate human error while starting a group update execution rather than manually polymorphing each server, but it also saves time and money.

Protecting your systems from zero-day threats with Polymorphing mitigates your security risk. When coupled with Arganteal automation, you can keep your infrastructure polymorphed without having to manually manage your instances saving you time and money while giving you peace of mind and reducing your security risk.  Give us a call or send us an email today to learn more about this revolutionary approach to securing your Linux based environment.

Interested in learning more?

Be the first to hear about the latest product releases and cybersecurity news.

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.