Data Security Advisor by Continuity Software

This blog was posted by Yaniv Valik, VP product, Continuity Software, Inc., on June 9, 2020.

Data Security Advisor now enables automatic storage security risk remediation and change tracking

We announced the release of Data Security Advisor 2.0 (DSA). The new release includes new and significant capabilities for securing and hardening the enterprise storage environment.

This software update facilitates automatic remediation of storage security risks which minimizes the window of opportunity for attackers to compromise data systems and eliminates manual resolution labor. In addition, the new version provides continuous and detailed security configuration change tracking as well as enhanced compliance status reporting features.

Automated remediation of storage security risks
Enterprise organizations struggle to resolve the security misconfigurations detected by scanning and monitoring solutions in a timely fashion. DSA now facilitates automatic remediation for detected storage security misconfigurations, minimizing the exposure of storage systems to cyberattacks. Full remediation guidelines are provided for each detected misconfiguration. The structured remediation information can be viewed by end users and/or used by configuration management tools (such as Chef and Ansible) to create an automated remediation workflow.

Storage security change tracking
This update provides continuous and detailed security configuration change tracking, enabling users to review daily changes including unplanned changes and configuration drifts of security settings, access configuration, services, protocols, ports, audit and more. This capability is essential for keeping the storage environment secure, complementary to the built-in DSA risk detection.

Enhanced storage compliance reporting
DSA provides out-of-the-box reports outlining overall and per-device compliance with information security standards and internal baseline requirements, along with pass/fail status and reference to requirement id. This is available for pre-defined policies (NIST, CIS Control, PCI DSS, ISO 27040, Community-based and more) and custom policies.

These new capabilities join the strong foundation of scanning and detecting hundreds of security configuration best practices for storage arrays (SAN/NAS), storage networking, server-based storage, storage management, storage virtualization and data protection systems – based on vendor guidelines, information security standards, community-driven best practices and known vulnerabilities.

“Nowadays IT teams are managing from home storage systems retaining petabytes of critical data and billions of files. With the new version of DSA, our customers can automatically remediate storage security risks and ensure data is always secure at the core,” said Valik. “We continue to advance our products in order to assist enterprises to verify their storage environment is impenetrable and cyber-recoverable.”

About DSA – Security Posture and Vulnerability Management for Storage
It addresses the challenges of securing vulnerable storage systems in any type of IT environment. It automatically scans the configuration of enterprise storage systems and checks for security misconfigurations and vulnerabilities including violation of security best practices; organizational security baselines; ransomware protection guidelines; and, non-compliance with information security standards. DSA informs the relevant IT teams of violations and how to repair them in order to close the security gaps that put critical data systems at risk.

Read also:
Continuity Software: Data Security Advisor Solution, Uncovering Hidden Security Risks to Critical Storage Systems
Enabling enterprises to meet information security audit requirements and protect data assets
June 14, 2019 | Press Release