Equifax Data Breach Analysis: Container Security Implications

September 25, 2017

The Equifax data breach is one of the largest and costliest customer data leaks in history. Let’s take a closer look at the vulnerabilities and exploits reportedly used. Could the use of containers have helped protect Equifax? We’ll examine how proper security in a container based infrastructure helps to make application security more effective.

The Apache Struts Exploit

Apache Struts is a widely used framework for creating web applications in Java. It was initially believed that the newly-published Struts vulnerability, CVE-2017-9805, was responsible for the Equifax data breach. However, the latest announcement from Equifax indicates that it was vulnerability CVE-2017-5638, which was discovered in March, that allowed the Equifax data breach. Before talking about what security strategies can prevent this type of incident, it’s useful to understand the nature of both vulnerabilities.

The vulnerable code of CVE-2017-9805 resides in the REST plugin of the Struts framework. The plugin fails to validate and deserialize safely the user uploaded data in the HTTP request. This allows attackers to write arbitrary binary code to the web server and execute it remotely.

Read the entire article here, Equifax Data Breach Analysis: Container Security Implications

Via the fine folks at NeuVectdor.

NeuVector NeuVector was founded by security and enterprise software veterans with the vision of simple, scalable security for container based applications. The team has over 20 years of security, virtualization, and enterprise software experience from companies such as VMWare, Fortinet, Cisco, and Trend Micro.

| LATEST FEATURED RESOURCES

White Papers

Application Lifecycle Management with Stratusphere UX – White Paper

Enterprises today are faced with many challenges, and among those at the top of the list is the struggle surrounding the design, deployment, management and operations that support desktop applications. The demand for applications is increasing at an exponential rate, and organizations are being forced to consider platforms beyond physical, virtual and cloud-based environments. Users […]

2018 Will Be The Year of Citrix Migration! eG Innovations and DABCC Survey Reveals Industry Trends for XenApp and XenDesktop 7.x Migration

IGEL Community Releases Free “How-To Install and Configure the IGEL Software Platform” Made Easy Book

IGELl’s Security Enhancements for Thin Clients – White Paper

White Paper: IT Performance Monitoring Tools – Reading Between the Lines

Does Deploying Citrix in the Cloud Make Performance Monitoring Easier? – White Paper

View All White Papers >>

Downloads

Download Commvault VM Backup and Recovery: end-to-end VM backup, recovery and cloud management

Commvault’s ability to provide end-to-end VM backup, recovery and cloud management creates a significantly better way to build, protect and optimize VMs throughout their lifecycle. Our best-in-class software for VM backup, recovery and cloud management delivers a number of significant benefits, including: VM recovery with live recovery options; backup to and in the cloud; custom-fit […]

Download Commvault Data Platform: enterprise-wide data protection and management

Download ‘NAKIVO Backup & Replication for VMware, Hyper-V, and AWS EC2’ Full-Featured Free Trial

Download deviceTRUST Dynamic context awareness for Citrix

Download NAKIVO Free VM Backup and Replication for VMware & Hyper-V

FREE eG Enterprise Logon Simulator for Citrix XenApp and XenDesktop

View All Downloads >>

On-Demand Webinars

What’s Going on in EUC Printing – A Technical Deep Dive!

The IGEL Community and ThinPrint invite you to watch the following technical deep dive webinar. The agenda is to technically bring you up to speed on what’s going on in the EUC Printing space today along with a deep dive into new methods, technologies, printing scenarios and a discussion on why printing still matters. You […]