Home > Sustaining Digital Resilience With Secure by Design

Sustaining Digital Resilience With Secure by Design

In today’s complex digital landscape, incorporating security from the ground up is not merely a best practice—it is essential. The recent Azure and CrowdStrike outage underscores the importance of integrating robust security practices into our software development and operational processes. At SolarWinds, we are committed to the principles of Secure by Design, making security fundamental to every phase of our product lifecycle.

Essential Practices for Maintaining Digital Resilience

Defense-in-Depth: A Defense-in-Depth strategy involves implementing multiple layers of security controls throughout an IT system. If one layer fails, others are still in place to protect critical assets. The layers typically include physical security, network security, endpoint security, application security, and data security.

Hardened operating system kernels: Recent advances in hardening operating system kernels for both Windows and Linux have significantly improved their security and stability. In Windows, Hypervisor-Protected Code Integrity (HVCI) ensures kernel-mode code pages are only executable if signed and verified, preventing unauthorized modifications. On the Linux side, the Kernel Self-Protection Project (KSPP) has introduced features like stack canaries, hardened user copy functions, and stricter bounds checking to eliminate entire classes of vulnerabilities.

Automated static analysis and rigorous code reviews: This process uses automated tools to analyze the source code or compiled versions for potential security vulnerabilities. Static analysis can detect issues such as memory leaks and dead code, along with security vulnerabilities like buffer overflows and race conditions. By integrating static analysis into the early stages of development, potential vulnerabilities can be identified and remediated long before the code is released.

Gaining Real-Time Insight into System States

Advanced observability tools: Observability solutions help organizations gain real-time visibility into their systems' health and performance, helping ensure that any anomalies are quickly detected and addressed.

Automated alerts: These can notify security teams of suspicious activities or configuration changes, allowing for prompt investigation. When an alert is triggered, predefined response protocols are executed, enabling the security team to quickly contain and mitigate the threat. This approach significantly reduces the time to detect (TTD) and time to respond (TTR), minimizing the potential security impact of system degradation.

Detailed logging: Detailed logs provide a wealth of information that can be crucial in understanding the root cause of a security incident so that future occurrences can be prevented. By integrating comprehensive logging and analysis tools, organizations can reconstruct events leading up to an incident. From there, they can take corrective action and enhance their overall security posture.

Code-level observability: Insights into code execution, log errors, exceptions, and stack traces help developers identify and resolve bugs more efficiently. Machine learning can detect code-level anomalies and unusual patterns in application behavior. Integration in CI/CD pipelines provides immediate feedback on code changes, helping ensure that potential issues are detected early in the development cycle.

A Powerful Reminder

The Azure and CrowdStrike outage serves as a powerful reminder of the need for continuous attention to digital resilience. By embracing defensive software practices and enhancing configuration observability, we can construct resilient systems capable of withstanding such incidents. Placing Secure by Design principles at the forefront of our endeavors helps ensure that we remain responsible contributors to the vibrant software ecosystem.

For a more detailed discussion of our Secure by Design approach and the lessons learned from recent cyber incidents, please refer to our Secure by Design Resource Center and Orange Matter™, the SolarWinds blog.

Image of blog author Krishna Sai
Krishna Sai
Krishna Sai is the SVP of Technology & Engineering at SolarWinds. He has over two decades of experience in scaling & leading global teams, innovating…
Read more