Virtual Event: Threat Detection and Incident Response Summit - Watch Sessions
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Audits

HyTrust Models New Feature After Nuclear Weapon Launch Controls

HyTrust 3.0 Integrates ‘Secondary Approval’ Feature To Safeguard Against Operational Downtime and Internal Security Breaches.

At the RSA Europe Conference in London this week, HyTrust, a provider of policy management and access control solutions for virtual environments, released version 3.0 of its HyTrust Appliance.

HyTrust 3.0 Integrates ‘Secondary Approval’ Feature To Safeguard Against Operational Downtime and Internal Security Breaches.

At the RSA Europe Conference in London this week, HyTrust, a provider of policy management and access control solutions for virtual environments, released version 3.0 of its HyTrust Appliance.

The latest version, which despite its name is not a physical piece of hardware, but rather a virtual appliance, includes several improvements, but the most notable is a new “secondary approval” feature that enforces the two-person rule, made famous by the US Air Force’s general rule focusing on nuclear missile launches.

Nuclear Launch Controls“According to US Air Force Instruction (AFI) 91-104, the two-person rule was designed to prevent the accidental or malicious launch of nuclear weapons by a single individual,” explained Eric Chiu, founder and president of HyTrust in a statement.

“Similarly, HyTrust’s new Secondary Approval feature mandates designated approvers authorize high-impact operations prior to users with administration privileges being able to execute actions that can impact the business or even bring down the entire data center,” he added.

So-called “privileged users” of an organization’s virtualization platform typically have much greater administrative power than counterparts who manage physical data center infrastructure. They can copy, power off or delete a business-critical VM with a few clicks from any location in the world, or any device.

VMware and other virtualization platforms do not provide adequate control, the company says, including viable methods of requiring additional checks for actions that can result in negative consequences. Thus, secondary approval is designed to prevent malicious actions or unintended ones to virtual machines (VMs), critical applications and data, from causing damage to business operations.

“Both organizations that have implemented virtualization extensively across their infrastructure and those embarking on an initial virtualization project face the critical problem of ensuring that administrators and other privileged users with access to the hypervisor are appropriately constrained and monitored on an ongoing basis,” noted Steve Coplan, Senior Analyst  at 451 Research. “Equally, however, these constraints should not stand in the way of operational efficiency and should be enforced in conjunction with a set of best practices for the configuration and management of virtualized environments.”

Advertisement. Scroll to continue reading.

HyTrust Appliance 3.0 is generally available now. 

HyTrust Appliance Enterprise Edition is licensed at $750 per CPU for each ESX or EXSi host. It’s also offered as a free, full-featured community version. 

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.

Register

Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.

Register

Expert Insights

Related Content

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Audits

Out of the 335 public recommendations on a comprehensive cybersecurity strategy made since 2010, 190 were not implemented by federal agencies as of December...

Application Security

Microsoft on Tuesday pushed a major Windows update to address a security feature bypass already exploited in global ransomware attacks.The operating system update, released...

Application Security

Electric car maker Tesla is using the annual Pwn2Own hacker contest to incentivize security researchers to showcase complex exploit chains that can lead to...

Application Security

Microsoft’s security patching machine hummed into overdrive Tuesday with the release of fixes for at least 97 documented software vulnerabilities, including a zero-day that’s...

Application Security

Vulnerability researchers at Google Project Zero are calling attention to the ongoing “patch-gap” problem in the Android ecosystem, warning that downstream vendors continue to...

Application Security

Malware hunters at Microsoft are calling attention to a nasty macOS malware family that has evolved quickly from a basic information-gathering trojan to a...

Application Security

Cybersecurity powerhouse Palo Alto Networks on Thursday announced plans to spend $195 million in cash to acquire Israeli startup Cider Security, a deal that...