In today’s heightened cyber threat landscape, the traditional data center security model of perimeter controls and detection-based models does not prevent sophisticated attacks on virtualized IT infrastructure or the OT firmware and software that supports it. That’s because threat prevention technologies are often focused on detecting an initial compromise rather than stopping an attack. They are also heavily reliant on resource-intensive monitoring, which does little to truly reduce risk.
This paper introduces a new approach to traditional data center cybersecurity, known as cyberhardening, which shrinks attack surfaces and denies malware the uniformity to propagate. By hardening software binaries, data center security teams can eliminate an entire class of cyberattacks.
After reading this paper, those responsible for the integrity, confidentiality and availability of data centers will be well-informed about cyberhardening and how the technique provides greater protection than perimeter controls and detection-based models.