Welcome!

@DevOpsSummit Authors: Elizabeth White, Zakia Bouachraoui, Liz McMillan, Pat Romanski, Roger Strukhoff

Related Topics: @DevOpsSummit, Microsoft Cloud, Linux Containers, Open Source Cloud, Containers Expo Blog

@DevOpsSummit: Blog Feed Post

Using GuardRail to Validate Windows SChannel Update

We've seen a landslide of vulnerabilities announced in the last few months, fromShellShock to Poodle

Using GuardRail to Validate Windows SChannel Update

We've seen a landslide of vulnerabilities announced in the last few months, fromShellShock to Poodle, and it looks like that trend will only continue. The discovery of a critical vulnerability in Windows SChannel-and the even worse problems introduced with a hasty patch-has added a heap of unplanned work for Windows IT pros.

GuardRail provides a really easy way to validate that the update has been successfully applied and the registry keys deleted. In addition to giving you validation that patches have been applied now, our Schannel check can be run automatically to protect against regressions.

Using the SChannel Policy

First, register your free ScriptRock account and connect any nodes you want to protect.

Go to the "Policies" section and select "Public Policies." These are test suites we've created based on best practices that anyone can use to validate their configurations.

Click "Execute" and then select the node you want to run the policy against. If you have a lot (like I do) then the filter might come in handy.

The policy contains four checks: that the patch is installed and that the three registry keys have been deleted. After running the policy you'll get a report on which tests have passed.

You can click into any portion to learn more about what the test is checking, why it failed, and how to remediate.

Because the checks are assembled in natural language it's easy for you to understand what's going on without reading a bunch of documentation. It also makes it easier to hand these tests off to other administrators, or to clone and edit them for your particular needs. And if Microsoft changes their advisory notice you can easily modify your version of the policy to look for different keys or to succeed when those keys are found.

For more resources to keep your Windows environments safe, check out our IIS 8 Checklist to ensure that your IIS servers are CIS compliant.

Read the original blog entry...

More Stories By ScriptRock Blog

ScriptRock makes GuardRail, a DevOps-ready platform for configuration monitoring.

Realizing we were spending way too much time digging up, cataloguing, and tracking machine configurations, we began writing our own scripts and tools to handle what is normally an enormous chore. Then we took the concept a step further, giving it a beautiful interface and making it simple enough for our bosses to understand. We named it GuardRail after its function — to allow businesses to move fast and stay safe.

GuardRail scans and tracks much more than just servers in a datacenter. It works with network hardware, Cloud service providers, CloudFlare, Android devices, infrastructure, and more.

@DevOpsSummit Stories
The platform combines the strengths of Singtel's extensive, intelligent network capabilities with Microsoft's cloud expertise to create a unique solution that sets new standards for IoT applications," said Mr Diomedes Kastanis, Head of IoT at Singtel. "Our solution provides speed, transparency and flexibility, paving the way for a more pervasive use of IoT to accelerate enterprises' digitalisation efforts. AI-powered intelligent connectivity over Microsoft Azure will be the fastest connected path for IoT innovators to scale globally, and the smartest path to cross-device synergy in an instrumented, connected world.
There are many examples of disruption in consumer space – Uber disrupting the cab industry, Airbnb disrupting the hospitality industry and so on; but have you wondered who is disrupting support and operations? AISERA helps make businesses and customers successful by offering consumer-like user experience for support and operations. We have built the world’s first AI-driven IT / HR / Cloud / Customer Support and Operations solution.
ScaleMP is presenting at CloudEXPO 2019, held June 24-26 in Santa Clara, and we’d love to see you there. At the conference, we’ll demonstrate how ScaleMP is solving one of the most vexing challenges for cloud — memory cost and limit of scale — and how our innovative vSMP MemoryONE solution provides affordable larger server memory for the private and public cloud. Please visit us at Booth No. 519 to connect with our experts and learn more about vSMP MemoryONE and how it is already serving some of the world’s largest data centers. Click here to schedule a meeting with our experts and executives.
Codete accelerates their clients growth through technological expertise and experience. Codite team works with organizations to meet the challenges that digitalization presents. Their clients include digital start-ups as well as established enterprises in the IT industry. To stay competitive in a highly innovative IT industry, strong R&D departments and bold spin-off initiatives is a must. Codete Data Science and Software Architects teams help corporate clients to stay up to date with the modern business digitalization solutions. Achieve up to 50% early-stage technological process development cost cutdown with science and R&D-driven investment strategy with Codete's support.
As you know, enterprise IT conversation over the past year have often centered upon the open-source Kubernetes container orchestration system. In fact, Kubernetes has emerged as the key technology -- and even primary platform -- of cloud migrations for a wide variety of organizations. Kubernetes is critical to forward-looking enterprises that continue to push their IT infrastructures toward maximum functionality, scalability, and flexibility. As they do so, IT professionals are also embracing the reality of Serverless architectures, which are critical to developing and operating real-time applications and services. Serverless is particularly important as enterprises of all sizes develop and deploy Internet of Things (IoT) initiatives.