In November 2021, the U.S. federal government published a Cybersecurity and Infrastructure Security Agency’s Binding Operational Directive. This Department of Homeland Security (DHS) directive mandates federal agencies within the U.S. act to protect themselves from “...increasingly sophisticated malicious cyber campaigns that threaten the public sector, private sector, and ultimately the American people’s security and privacy.”
The directive requires United States federal agencies to patch known, "publicly exploited'' vulnerabilities. The list of these vulnerabilities is cataloged and updated by the Cybersecurity & Infrastructure Security Agency (CISA) (on their website) periodically.
What is the reason for this new directive and process?
Several key factors have been considered in CISA’s decision. Critical criterion are highlighted below:
-
CISA has determined vulnerabilities with publicly known exploits “carry unacceptable risk to the federal enterprise” and as such this new directive is warranted to curb exposure. For most medium-sized organizations or larger, given the technology footprint they have, thousands of vulnerabilities must be analyzed and addressed. This directive helps agencies prioritize their effort on the most critical issues.
-
Today, Federal agencies are not required to patch all Common Vulnerabilities and Exposures (CVEs). However the new list of known exploited vulnerabilities must be addressed fully by federal agencies due to the active threat associated with each vulnerability, with due date dates for patching ranging from Nov 2021 to May 2022.
How does this apply to private enterprises?
While the directive doesn't directly impact private enterprises, many such organizations may benefit from following CISA's lead.
The steps taken by CISA with this directive are critical in reducing threats to any organization. These threats are not limited to the U.S. federal government. Many enterprises face the same challenges when it comes to vulnerability management and patching cycles as cited in the reasoning for this new directive.
At the top of this list of challenges is prioritization of the issues that need immediate attention for Federal Departments - while not covered by the mandate, these are critical challenges for the private sector as well. Not only are the number of threats increasing for many organizations but challenges are amplified by limited budgets.
Staffing constraints make it challenging to keep up with the increased risk from known exploitations. The bottom line is that all organizations should prioritize mitigation of vulnerabilities and take action to manage their risk exposures.
How can Red Hat Insights help?
Insights provides deep threat analysis of Red Hat Enterprise Linux (RHEL) systems with a simple user interface. Users can more easily triage and manage CVEs that pose a risk to RHEL hosts in their organization.
Earlier this year, Red Hat Insights announced a feature that gives users “Actionable threat intelligence for publicly known exploits for RHEL” for systems registered to Red Hat Insights. This feature was built to solve the same problems that are cited by CISA. Publicly known exploited vulnerabilities pose high risk and must be patched with the highest priority to protect the organization.
The actionable threat intelligence for publicly known exploits for RHEL feature makes it simple to identify Red Hat Enterprise Linux hosts that are vulnerable to publicly known exploited CVEs. Many hours are saved with Red Hat Ansible Automation to apply push-button remediation of vulnerabilities across the entire enterprise.
Figure 1. In Insights, vulnerabilities can easily be filtered for “Known exploit” status. The Insights Vulnerability service shows 4 CVEs with publicly known exploits in this view.
Want more information?
We held a Red Hat Insights webinar about managing security and compliance risk recently that included a short demonstration of the Vulnerability service as part of Red Hat Insights. You can watch its recording on-demand here.
Red Hat Insights is included as part of your RHEL subscription - find more information and get started today by visiting Red Hat Insights.
Sobre el autor
Mohit Goyal is a Senior Principal Product Manager for Red Hat Insights. Mohit brings a wealth of experience and skills in enterprise software having held roles as a software engineer, project manager, and as a product manager across software and travel industries. Goyal has a bachelor's degree in Computer Science from the Institute of Technology, University of Minnesota and a MBA from the Carlson School of Management, University of Minnesota. With his technical skills and business acumen, he helps build products to address problems faced by enterprises, with a focus on security, user experience, and cloud computing. When he's not writing user requirements, engaging with customers, or building product roadmaps, Mohit can be found running, cooking, or reading.
Navegar por canal
Automatización
Las últimas novedades en la automatización de la TI para los equipos, la tecnología y los entornos
Inteligencia artificial
Descubra las actualizaciones en las plataformas que permiten a los clientes ejecutar cargas de trabajo de inteligecia artificial en cualquier lugar
Nube híbrida abierta
Vea como construimos un futuro flexible con la nube híbrida
Seguridad
Vea las últimas novedades sobre cómo reducimos los riesgos en entornos y tecnologías
Edge computing
Conozca las actualizaciones en las plataformas que simplifican las operaciones en el edge
Infraestructura
Vea las últimas novedades sobre la plataforma Linux empresarial líder en el mundo
Aplicaciones
Conozca nuestras soluciones para abordar los desafíos más complejos de las aplicaciones
Programas originales
Vea historias divertidas de creadores y líderes en tecnología empresarial
Productos
- Red Hat Enterprise Linux
- Red Hat OpenShift
- Red Hat Ansible Automation Platform
- Servicios de nube
- Ver todos los productos
Herramientas
- Training y Certificación
- Mi cuenta
- Soporte al cliente
- Recursos para desarrolladores
- Busque un partner
- Red Hat Ecosystem Catalog
- Calculador de valor Red Hat
- Documentación
Realice pruebas, compras y ventas
Comunicarse
- Comuníquese con la oficina de ventas
- Comuníquese con el servicio al cliente
- Comuníquese con Red Hat Training
- Redes sociales
Acerca de Red Hat
Somos el proveedor líder a nivel mundial de soluciones empresariales de código abierto, incluyendo Linux, cloud, contenedores y Kubernetes. Ofrecemos soluciones reforzadas, las cuales permiten que las empresas trabajen en distintas plataformas y entornos con facilidad, desde el centro de datos principal hasta el extremo de la red.
Seleccionar idioma
Red Hat legal and privacy links
- Acerca de Red Hat
- Oportunidades de empleo
- Eventos
- Sedes
- Póngase en contacto con Red Hat
- Blog de Red Hat
- Diversidad, igualdad e inclusión
- Cool Stuff Store
- Red Hat Summit