Teledyne FLIR ELB team uses CoGuard to manage configurations as part of their continuous improvement and development process. 

“The support we have been receiving from the CoGuard team has been instrumental for us to fix issues and maintain an overall stability of the system. We were able to do more with the resources available to us.” Alan Willemsen, Team Lead, ELB, Teledyne-FLIR

Electronic Log Book (ELB) is used by military and first responders to gain real time situational awareness through multiple information channels and perform post-mission analysis. It is a complex system with many features that span from video-live-streaming and live telemetry processing all the way to log analysis, maintenance and equipment status tracking. The ELB system is composed of a variety of systems and applications, each powered by a number of microservices. To manage and monitor all of the appearing configurations is difficult, and this complexity poses unique challenges to assess the security posture.

Alan Willemsen, team lead for ELB, describes the complexity of configurations as the footprint of applications adopted by the development team have grown.

“We are asked regularly about our security posture. While we tracked the ELB development well, kept architecture documents up to date and ensured that our SBOM was being accurate and complete, there was the concern about misconfiguration. Not all team members of ours can be expected to be experts in every technology that we use.”

Software configurations can grow as development teams embrace new solutions. The ELB development team recognized the growing volume of configuration files across all of the technologies in their stack. The requirement to work on-premise and in the cloud with a varied set of technologies presented a challenge when selecting a configuration scanning tool. Willemsen describes the challenges experienced by the ELB team:

All the moving pieces at all layers have probably thousands of different configurations, and we were either just using the default configurations or altered them in order to get a certain functionality. Some were even altered for performance improvements. Until we discovered CoGuard, there was no tool that we found that could handle a fraction of the the sheer breadth of technology that we are working with, and gave us the needed insight into best practices and security benchmarks for each tool, as well as how they were interacting with each other. In some cases, the recursive check has uncovered configurations not yet tracked properly in our versioning system.”

CoGuard integrates into the existing continuous development and improvement process used by the ELB. CoGuard was easily integrated into the CI/CD pipeline and generated information and fixes to improve the security and performance of the system. Willemsen’s comment on that:

“Within a short period of time, the first reports came in and gave our team the necessary information to assess and fix items. The inclusion into our CI/CD pipeline has been simple (the change to our Jenkins-File was about 5 lines).

Furthermore, some customers wish to install ELB on their own premises due to their own security policies. This causes us to change configurations and even entire architecture pieces (e.g. the cloud native services of AWS needed to be translated into custom containers that are production ready). CoGuard’s rich support of such custom containers and breadth of software helped us to develop these containers in a fast way while ensuring that security and best practices were honored.”

CoGuard continues to work with teams like ELB as part of their continuous improvement and development practice and participates in the Teledyne-FLIR mission “To save lives and livelihoods”. 

‍

ABOUT COGUARD

CoGuard is a technology company that was founded with a key realization: despite the abundance of cybersecurity products and significant investments in the field, regular breaches still occur due to simple misconfigurations. Recognizing this flaw in the process and the inadequate consideration of every layer of configurations, CoGuard set out to create a product to fix this shortcoming. They specialize in performing comprehensive checks on IT infrastructure, meticulously detecting misconfigurations across all layers. With an extensive engine and the ability to support a wide variety of infrastructure combinations, CoGuard ensures that no stone is left unturned in the pursuit of robust cybersecurity. By addressing these often-overlooked vulnerabilities, CoGuard is at the forefront of enhancing security practices and protecting organizations from potential threats.

RESOURCES

www.coguard.io

https://github.com/coguardio/coguard-cli

‍