Linux Security Needs

Linux has grown in popularity among engineers and developers due to its speed and flexibility. While the community that continues to develop Linux is what makes the system so unique and powerful, the open-source nature of Linux also presents several security challenges.

Linux contains over 20 million lines of code written by thousands of developers around the world, and the difficulty of maintaining quality control results in a high number of discovered vulnerabilities. In late 2017, 79 vulnerabilities were found in the platform’s kernel USB drivers alone. Unfortunately, efficient patch security options for Linux have not kept pace with the growth of Linux itself, leaving many companies at risk of attack.

Because Linux started with small market share, it was considered relatively secure due to the small number of attacks developed to exploit Linux vulnerabilities. Today, billions of servers, phones, and IT devices run on Linux, and we have seen a corresponding increase in exploits for known Linux vulnerabilities. In addition, Linux is not immune to vulnerabilities found on 3rd party applications such as web browsers. Even companies with only a few Linux instances must now apply the same security best practices to Linux as they do to Windows and Mac operating systems.

One of these best practices to improve your cyber hygiene and decrease your attack surface is to regularly apply OS patches to your Linux servers and devices as well as patching the 3rd party applications running on Linux. Hackers can gain access to Linux in a multitude of ways, from phishing attacks to worms and cross-site scripting. Patching is the most effective way of protect against these threats.

While patching has typically been considered a nuisance for any operating system, patching Linux, which has multiple distribution options with their own specifications, is even more burdensome. There are often several Linux distros present in a single network. And the speed at which new instances can be created by any developer means IT departments struggle to keep up with Linux patches.

Unfortunately, there has also been a lack of patching solutions built specifically for Linux. Legacy, on-premise patch management tools often ignore Linux servers and devices, or don’t work across all distros. Tools such as Chef and Puppet require complex scripting and fail to provide the necessary level of visibility. In order to effectively patch Linux, you need a solution that works across all major distros and provides full visibility into the number of Linux instances running in your infrastructure along with the current patch status of each endpoint.

Automox was built with the modern, mixed-OS environments in mind, and is one of the only patching solutions that provides a central tool for patching capable of handling Linux, Windows, Mac, and 3rd party software applications in one easy-to-use dashboard. Utilizing a lightweight cloud native agent, Automox can be installed on every endpoint in minutes, and immediately provides full infrastructure visibility. This allows IT departments to view all outstanding patches and quickly apply them. Once installed, Automox’s central policy engine gives you control over what patches are applied and when, so critical Linux patches, that won’t impact business operations can be applied immediately, while others can be managed with Automox as part of your patch testing workflow. Maintaining security for your Linux distros should be as easy as managing the rest of your infrastructure. We’ve made staying on top of Linux patches simple, fast, and effective.

About Automox

Facing growing threats and a rapidly expanding attack surface, understaffed and alert-fatigued organizations need more efficient ways to eliminate their exposure to vulnerabilities. Automox is a modern cyber hygiene platform that closes the aperture of attack by more than 80% with just half the effort of traditional solutions.

Cloud-native and globally available, Automox enforces OS & third-party patch management, security configurations, and custom scripting across Windows, Mac, and Linux from a single intuitive console. IT and SecOps can quickly gain control and share visibility of on-prem, remote and virtual endpoints without the need to deploy costly infrastructure.

Experience modern, cloud-native patch management today with a 15-day free trial of Automox and start recapturing more than half the time you're currently spending on managing your attack surface. Automox dramatically reduces corporate risk while raising operational efficiency to deliver best-in-class security outcomes, faster and with fewer resources.