Rotate, Repave, and Repair

A quick summary of this thought provoking article “The Three Rs of Enterprise Security: Rotate, Repave, and Repair“, by @justinjsmith.

Advanced Persistent Threats (APT) typically require three things to work:

1) time,

2) leaked or misused credentials, and

3) misconfigured and/or unpatched software.

The 3 Rs can be followed to mitigate the risks:

• Rotate datacenter credentials every few minutes or hours.
• Repave every server and application in the datacenter every few hours from a known good state.
• Repair vulnerable operating systems and application stacks consistently within hours of patch availability.

So by regularly updating credentials, quickly updating and patching your software, and repaving your servers regularly, you are taking steps to make all these less likely.

Repaving servers typically means recreating your VMs from a known “good” image, as opposed to the much more common approach of applying incremental changes (meaning the “the slate almost never gets wiped clean”).

Your ability to do these things quickly greatly reduces your risk of being compromised. Go fast to stay safer . Speed reduces risk.

Tags: security