IBM's cloud native-application protection platform (CNAP) solution, Security and Compliance Center Workload Protection, is now supporting Vulnerability and Posture Management for Windows Server.
IBM Cloud Security and Compliance Center Workload Protection customers can now integrate their Windows machines into their Posture workflow, enhancing their security posture management. This integration allows for the validation of the operating system configuration of Windows machines against established posture policies, such as the CIS Windows benchmarks. By doing so, organizations can ensure that their Windows systems adhere to industry-recognized security standards and best practices.
Furthermore, the inclusion of Windows machines into the Inventory provides a comprehensive overview of an organization's entire hybrid cloud infrastructure, including both Windows and non-Windows assets. This unified view enables security teams to effectively monitor and manage the security posture of their entire environment from a single platform.
Security and Compliance Center Workload Protection now provides vulnerability analysis for Windows machines. This capability allows customers to generate a list of vulnerabilities, categorized by severity, and access available remediation options to address these issues.
Install Windows Host Shield
Security and Compliance Workload Protection can download the Windows Host Shield in their Windows machines from this link. For Windows machines running in the IBM private network, they can use this link instead.
Prerequisites
To install the Windows Agent, the following requirements need to be met:
- Windows Server 2019 and above.
- Visual C++ 2015-2022 Redistributable package. It can be downloaded from the official Microsoft link.
- ACCESS_KEY: The Agent access key.
- COLLECTOR: IBM SCC WP endpoint. Set it accordingly, endpoints for each IBM Cloud region are available on this list.
- Administrator permissions on the Windows host to perform the setup.
Installation
Once you download the installer, you can run it like this:
msiexec /i sysdig-host-shield.msi REGION=<region> ACCESS_KEY=<AGENT_ACCESS_KEY> VM_FEATURE_ENABLED=True POSTURE_FEATURE_ENABLED=True ACCEPT_TERMS_CONDITIONS=True /qn
You can also use the graphical installer.
Windows is now fully supported in Security and Compliance Center Workload Protection
With full Posture and Vulnerability Management support for Windows, Security and Compliance Center Workload Protection now offers consistent security for your entire hybrid cloud environment, adding to the existing Thread Detection support for Windows. Users can ensure their Windows workloads meet security standards and proactively address vulnerabilities through streamlined installation and integrated workflows.
In conclusion, the Security and Compliance Center Workload Protection (SCC WP) agent support for virtual machines including Windows hosts is a strong security platform for hybrid cloud infrastructures. With centralized and full support of Windows Server now, you could leverage SCC WP in place or in addition to your current EDR solution.
Get Started and Learn more
Get started with Security and Compliance Center Workload Protection:
- Navigate to the IBM Cloud Catalog.
- Select the Security and Compliance Center Workload Protection tile.
- Create an instance and connect your IBM Cloud to automatically get the results for recommended IBM policies.
- Install an agent virtual machines including for Windows hosts to leverage full CNAPP support.
Here are other interesting content you might find useful to get started: