Configuration Vulnerability Management Spacebit X- Config ÉÑÞÑ¡¿Ñ

2024

Ability to use FQDNs

Spacebit has released an updated version of the X-Config software configuration vulnerability management system. Searching for network resources and validation tasks has become much faster and more convenient, resource property filtering has been optimized, and reports have been uploaded to CSV. The company announced this on July 3, 2024.

The updated version of X-Config provides information security specialists with even more convenient functionality for monitoring system and application software settings in an IT infrastructure of any scale. Thus, the system has significantly expanded the criteria for filtering the properties of resources for creating dynamic groups, which are automatically filled based on the collected information about the served hosts, and the elements in them are checked against configured profiles based on secure configuration standards (SBS). Ready-made SBKs for different types of software, created on the basis of regulatory requirements, best international practices and vendor recommendations, are included in the product. The list of supported X-Config software is constantly expanding, while at the request of the customer, the developer can provide the ability to control specific software (including unique or self-written systems).

As an alternative to IP-addresses identifications , full domain addresses (FQDNs) can now be used for network resources. This will allow you to more accurately define a specific host in an infrastructure using dynamic IP addresses, as well as support Kerberos authentication when performing resource checks.

In addition to the existing mechanism for importing resources from CSV files, which allows you to add resources to entire lists, X-Config now implements the export of prioritized reports with the results of checking in CSV format both manually from the system interface and automatically, i.e. after each task, the report can be sent to the selected network folder.

The load on the infrastructure and the loading time of the list of available resources were optimized by gradually filling the list as the page was scrolled, so that the user can access the desired resource much faster without waiting for the full list to load. The search for the necessary task for checking from a large list has also become more efficient and more convenient due to the appeared possibility of deleting unused tasks, as well as the results of the check. Thus, you can clear the list of created, but not relevant tasks for assessing the state of configurations and leave only frequently used ones.

The list of software that controls X-Config has been replenished with more than thirty systems. In the near future, the developer plans to provide control over the configurations of network devices, primarily Cisco and Juniper.

Compatibility with Atlant OS

Spacebit has confirmed the compatibility of the X-Config IT product with the Russian Atlant operating system manufactured by Applite Group of Companies. Spacebit announced this on April 2, 2024.

In collaboration with Applite, Spacebit developed a secure configuration standard for the Atlant operating system. The standard has passed a full test cycle that confirmed the correctness of product collaboration, and is available to users of the X-Config software configuration control system as part of the basic version.

The joint use of the X-Config product and the Atlant operating system will help Russian companies not only solve the problems of import substitution and technological independence, but also significantly increase the level of practical information security.

We continue to expand cooperation with Russian software manufacturers to confirm compatibility with our products. The partnership with Apple was an important step in this direction. Thanks to the support of the Atlant operating system in X-Config, we can offer the business a comprehensive solution for ensuring information security based on domestic solutions, - commented Valery Ledovskoy, X- Config company Spacebit Product Development Manager.

As of April 2024, there is a high demand for IT solutions for the security and protection of system and user data. In order to ensure the required level of security in working with the user's environment, we are constantly expanding the composition of the domestic software compatible with Atlant OS to implement such protection. The set of solutions formed with colleagues from Spacebit will enable companies to quickly receive information about effective settings of the software environment and strengthen the protection of their IT infrastructure when implementing such recommendations, said Artem Stytsenko, Director of Strategic Development of Applite Group of Companies.

Enhanced authentication capabilities

Spacebit has updated the X-Config software configuration vulnerability management system. In this version, the possibilities for authentication in serviced resources have expanded and the convenience of working with reports has increased. Spacebit announced this on February 27, 2024.

Significant changes have affected the implementation of authentication in the resources controlled by X-Config. You can now access protected resources based on Linux without using a password using an SSH key. As part of projects to implement the system, depending on the customer's needs, other authentication methods are supported, which will be available out of the box in future releases.

Multiple authentication is implemented to access application software settings. In the X-Config interface, when configuring the properties of a connection to served resources, various types of bindings ON (to, to, etc.) are now available, operating system databases which made it more convenient to organize checks of application software that requires its own authentication, other than authentication on the platform. The vendor plans to expand this functionality. In particular, the validation of a group of entities of the same type located on the same resource, for example, several instances of databases, will be optimized. data

Analysis of reports on identified vulnerabilities in this version of X-Config has become more accessible and more convenient for information security specialists. Uploading reports in Microsoft Word format is now carried out not into a single file, but into an archive that contains general validation statistics and individual files with detailed reports for each scanned resource. In the future, users will have access to new types of reporting, for example, on the delta of changes between reports, and they can be uploaded in CSV format. For greater information and clarity, it is planned to develop a dashboard with the ability to retrospectively analyze statistics.

Spacebit is actively working to automate additional elements of the software configuration security control process. At the inventory stage of the IT infrastructure, X-Config began to automatically determine the type of resource being served (Windows/Linux), which significantly reduces the number of manual actions of responsible information security specialists. In the next step, the developer plans to automate the application of secure settings, as well as add a number of filters to form dynamic resource groups.

Security monitoring of Angie PRO configurations

Spacebit has added the Angie PRO web server to the list of software, the security of the settings of which is provided by X-Config. Spacebit announced this on February 8, 2024. Read more here.

2023

Ready for Astra X-Config Certification

and "Astra Group" Russian developer INFORMATION SECURITY-products Spacebit On December 22, 2023, the company announced the certification vulnerabilities of the X-Config software configuration management system as part of the Ready for Astra technology partnership program. The certificate issued by the vendor confirms that the health tests of the joint solution were successful, all its functionality is available to users, and X-Config is able to operate in a protected software environment. Astra Linux Special Edition

The multi-platform X-Config system was created taking into account the world practices of safe configuration and current requirements of the FSTEC of Russia and other regulators. The use of X-Config allows you to build a continuous process of managing system and application software configurations and reduce the risks associated with their incorrect configuration.

The product is aimed at owners of large-scale information systems, optimized for use in extensive infrastructures, and, like Astra, Linux is compatible with the base in demand on the market DBMS. PostgreSQL The use of X-Config in conjunction with Astra Linux Special Edition will allow Russian organizations not only to reduce dependence on foreign technologies, but also to significantly increase the level. information security

"During the period of strengthening information security requirements, we are pleased that we were able to provide the market with a comprehensive X-Config solution with Astra Linux, which combines advanced technologies, meets high standards of data protection and meets the strict security requirements of customers and regulators for software used in key infrastructures of the country," said Dmitry Tarakanov, Director of the Department for the Development of Technological Cooperation "Astra Group."

"Thanks to the productive interaction of the two vendor commands, it was possible to confirm the correct operation of X-Config with the Astra Linux operating system as soon as possible, both at the level of X-Config running this OS and at the level of support in the form of a safe configuration standard. We plan to expand cooperation with Astra Group and support other products of the manufacturer at X-Config, "said Valery Ledovskoy, X-Config Product Development Manager at Spacebit.

Support up to 10,000 resources per installation

Spacebit released an updated release of the X-Config software configuration vulnerability management system on November 2, 2023. The product can now serve up to 10 thousand resources of the organization within one installation and supports Russian operational systems RED OS and Astra Linux.

X-Config allows you to build an effective security management process for system and application software configurations: create internal policies, check the IT infrastructure according to the selected schedule, prioritize inconsistencies by severity, monitor the actual closure of identified vulnerabilities and generate reports in various views. The system monitors the compliance of the entire IT infrastructure with mandatory regulatory requirements, as well as the best generally recognized practices for safe configuration.

The updated version of X-Config is optimized for use in large, extensive infrastructures. Now, within one installation, the product supports up to 10 thousand resources, and within one security check of software configurations - up to 2 thousand resources. At the same time, it is possible to increase these indicators.

The system provides management of a network of collectors designed to collect information current configurations from serviced resources. The added functionality allows you to group collectors to work on a specific subnet or on multiple subnets, and the collector hierarchy and their current status are displayed in the X-Config web console. Secure routing data between served resources and collectors eliminates the transmission of critical software configuration information between subnets.

In this version of X-Config, a mechanism for importing resources from CSV files has appeared, allowing you to add resources to entire lists. Now it is possible to upload resource data from another infrastructure system and load this list into the X-Config managed resource registry.

The concluded technological cooperation with manufacturers of Russian certified operating systems made it possible to implement the compatibility of X-Config with RED OS and Astra Linux. X-Config components can now run on these operating systems, and the solution itself is configured to support standards for safe configuration of software products. The developer plans to significantly expand the list of supported Russian software.

Red OS Compatibility

RED SOFT and Spacebit have confirmed the compatibility of the Russian operating system RED OS and the solution for managing vulnerabilities in X-Config configurations. Red Soft announced this on August 8, 2023.

The X-Config system allows you to automate the processes of managing resource configuration vulnerabilities, ensure their compliance with Russian and international standards and reduce information security risks associated with unsafe software configuration.

Spacebit developers and information security auditors have created a standard for safe configuration of X-Config for the Russian operating system of the Linux family for servers and workstations RED OS. The testing confirmed the correct maintenance of RED OS-controlled stations in the X-Config system and the availability of full product functionality. According to the test results, the parties signed a two-sided certificate of compatibility. The technology partnership will help users of both products implement processes related to the import independence of infrastructure software and information security systems in their IT infrastructures.

Many Russian companies and state organizations have already switched to domestic certified operating systems and in the long term this trend will continue. RED OS is one of the most popular Russian operating system among customers, so we implemented its support in X-Config in priority mode. Cooperation with RED SOFTWARE helps us to respond to the most pressing requests of the information protection market, "said Hiyas Aydemirov, Executive Director of Spacebit.

We are developing the RED OS ecosystem based on the needs of the market. As of August 2023, the demand for information security solutions is large. The X-Config system in the RED OS environment will allow the client not only to reduce the risks associated with configuring the software, but to do this in accordance with the requirements of the law, using domestic independent products, "added Rustam Rustamov, Deputy General Director of RED SOFT.