Mirantis acquires amazee.io, the only ZeroOps Application Delivery Hub.   Read Blog Post  |  View Press Release  |  Visit amazee.io

Stay Informed with the Mirantis Product Security Incident Response Team (PSIRT)

Eric Gregory - December 23, 2021
image

The Log4Shell critical vulnerability is only the most recent reminder that enterprise security is a matter of continuous vigilance and information-sharing. Security requires transparency and rapid response — and that’s the role of the Mirantis Product Security Incident Response Team.

What is a PSIRT?

A Product Security Incident Response Team (PSIRT) is a part of an organization dedicated to identifying, evaluating, and mitigating risks that may arise from security vulnerabilities within the organization’s offerings. Additionally, a PSIRT facilitates communication about these vulnerabilities.

The Mirantis PSIRT is comprised of product team representatives who work to achieve a set of core responsibilities:

  • Establishing processes to assess and remediate vulnerabilities, as well as advise on mitigation strategies
  • Acting as the centralized, standardized hub for data collection and response coordination on security vulnerabilities
  • Collaborating across the organization to assist in remediation plans and communication

How vulnerabilities are identified, assessed, and mitigated

The PSIRT may identify vulnerabilities through a variety of means, including automated scanning and tracking of software dependencies and regular penetration tests conducted both internally and by third parties.

When a vulnerability is identified, it goes through a process of assessment and triage. During the triage stage, vulnerabilities’ severity is scored using the Common Vulnerability Scoring System (CVSS), and this guides the PSIRT’s targeted response times.

“Critical” vulnerabilities call for rapid response — though Mirantis products were mostly unaffected by Log4Shell, Mirantis Secure Registry was updated the same weekend the vulnerability was first identified, in order to help customers mitigate the issue by scanning for affected components.

In order to address vulnerabilities, the PSIRT works with development teams to find the most appropriate mitigation for the issue at hand. These mitigations might take the form of code modifications, usage or deployment advisories, workarounds, or other solutions. At this stage, the PSIRT also begins a search for possible vulnerabilities that may be similar to the one in question. For example, if a problem is the result of a particular software component (as was the case with Log4Shell), might other components introduce vulnerabilities with a similar pattern? If new issues are identified during this discovery stage, they go through the same assessment and mitigation process.

Hardening security through communication

With many entities involved in the creation and support of enterprise software — from open source project teams to software and infrastructure vendors to in-house teams — open channels of communication are essential.

The Mirantis PSIRT publishes security vulnerabilities through security bulletins, software release notes, and a GitHub repository that you can follow for notifications. For developers, security teams, or others wishing to stay informed about incident response at Mirantis, we encourage you to follow the PSIRT GitHub repo so you can stay on top of security news and advisories on Mirantis products. By working together with speed and transparency, enterprises can harden their deployments even in an ever-evolving security environment.

Read the Mirantis PSIRT update on Log4Shell (CVE-2021-44228).