The United States Pentagon has recently announced plans to encourage approved hackers to help identify flaws in the Department of Defense (DoD) websites. Taking a cue from large scale companies like Facebook and Google, the “Hack the Pentagon” competition shows the Pentagon moving toward a more proactive network security approach. While it may seem counterintuitive to invite hackers to your site, offering incentive for programmers to identify loopholes—which can then be remedied before any permanent damage is done—is actually a smart approach to staying ahead of security breaches.
The competition is the first big initiative of the Defense Digital Service (DDS), a government department created last year to bring tech experts and greater network security awareness into the military. While details of the Hack the Pentagon competition are still under wraps, there may be a cash incentive for identifying site weaknesses, similar to the scaled bug bounty competitions that Facebook has hosted, to the tune of $4 million payouts.
It’s encouraging to see the government embracing a proactive approach to network security and ushering in the first ever government sponsored hacking competition. Of course competitors will go through a full background check and vetting process first—this is the government we’re talking about.
“I am always challenging our people to think outside the five-sided box that is the Pentagon,” said Secretary of Defense Ash Carter. “Inviting responsible hackers to test our cybersecurity certainly meets that test. I am confident this innovative initiative will strengthen our digital defenses and ultimately enhance our national security.”
Even if you’re not hosting your own bug bounty competition, embracing a multi-layered security approach is mission critical. Here are three ways you can boost your network security to safeguard against security breaches—all while keeping performance standards fast, secure and reliable.
1. Protect Your Perimeter
The network server is the number one target of cyber attacks, because this piece of hardware is where crucial client and institutional data is stored. Defense in depth begins at the perimeter level, much like a moat surrounding a castle from possible intruders.
The core of Solarflare’s DDoS server attack mitigation is SolarSecure– a high performance packet filter engine that enables “bad” traffic to be detected very early in the network stack, so DDoS attacks can be absorbed without the degradation of “good” traffic. The filtering engine allows for individual packets to be inspected, limited or blocked based on their contents.
In the face of DDoS attacks, servers enabled with the SolarSecure were found to be 3 to 4 times more effective at packet filtering than iptables. This is a great way to identify and slow down potential threats before they escalate to a level where real damage is done.
2. Layer Your Defenses
The second phase of protection involves internal network segmentation. Multitenant cloud environments help defend against the spread of threats across the entire network. Partitioning off infected areas, new policies, filters and access control lists can be implemented to protect critical data from unauthenticated users.
Capture SolarSystem enables packet capture deployment on the top of every server rack in the data center, providing enhanced “DVR-like” real time lossless data recording. CSS mitigates cybersecurity risk by providing greater visibility into enterprise network, enabling prevention of hostile intrusion and data theft.
3. Close the Gap
Once a company can identify where its vulnerabilities lie, it can proactively mitigate risks to the perimeter and inner layers. Machine learning and optimizing data management and analytics allows companies to build the capability to analyze all data on their networks. Having this detailed trail of information will be more important than ever before in the age of breaches.
SolarFlare’s recent partnerships allows for customized solutions that bridge the gap between detecting breaches, preventing breaches, and ensuring that there is no exfiltration of sensitive assets from servers.
Companies can use these strategies and Solarflare’s security tools to help mitigate the cost of prevention and reduce the time of detection, creating a cost-effective security strategy. As large enterprises continue to be targeted by evolving hacking methods, a multilayered defense plan at the server level is essential.