Daniel Jones
Product News
In this article:

It’s here. The latest evolution of the Runecast platform: OS level analysis for Windows and Linux. Your favourite features are here and now work for operating system (OS) security and analysis. At Runecast we’re very proud of our development team and the platform they have built, and now OS-level analysis has been added to make Runecast the most fully featured platform for IT Security and Operations teams.

Both Runecast and its detection capabilities for customer environments have been patched and continuously improved in each version since 6.0.1 to reflect new and updated log4j-related CVEs. You can further observe our Release Notes to see how we specifically addressed each of these.

How do we improve something that’s already awesome?

Runecast is moving closer to protecting you on every single one of your platforms. And Runecast isn’t just about giving you data, but the insight in how to use it. Runecast already protects throughout your cloud and on-premises infrastructure, and now with deeper analysis moving into the application layer.

Have you seen our Configuration Vault and Remediation for your VMware hosts? Now it works at the OS level too.

Even more security standards

And there’s more: in the new Runecast 6.0 release we have expanded our Azure compliance checks to include both BSI IT Grundschutz and GDPR. And our DISA STIG compliance extends now to VMware ESXi 6.7. Check out the Release Notes for a complete list of new features and enhancements in v6.0.

Because cloud security is a fast moving world, Runecast is a fast moving product. This means the Runecast platform already has checks for the log4j vulnerabilities that have just been discovered. Our OS scanning has detection for this and other brand new security vulnerabilities built in. As well as this, the latest VMSA, CVE-2021-44228, is covered and available in the latest version of Runecast. To read more about our coverage for these vulnerabilities, see Runecast responds to Apache Log4j Java vulnerability.

This is combined with a UI refresh, to make the features and critical findings clearer and easier to manage. This means fewer clicks to get to the meaningful analysis that you want.

New OS-level analysis

And what about proactive setup for your Operating Systems? Well, we’ve included CIS benchmark certification for Windows Server 2016 and Red Hat Linux 8. Over 350 rules preconfigured in the Runecast platform, ready to check your OS at the click of a button. 

Additionally, any Windows or Linux OS will benefit from our Configuration Drift Management and Vulnerability Assessment capabilities. And these features are for both bare-metal installs and virtual installations, not just one or the other. One more bonus, your Windows and Linux virtual machines can be on any hypervisor or cloud, on-prem or not. Runecast covers it.

Future-proof your IT operations and security

It’s time to do away with all the workarounds that are in your environment. All those little sticking plasters and bandages holding your operating systems together. It’s time to do things properly. 

Runecast is getting stronger. Our platform used to be just for the infrastructure side of things, like VMware hosts or Kubernetes containers, but with this latest release Runecast is going a step further. Now Runecast protects and monitors the operating systems running on those virtual platforms as well.

An automotive analogy for further clarification

If you think of your computing processes as a car (go with me for just one second here), then Runecast used to just cover the car. Wheels, tyres, engine, seats, that’s what Runecast looked at. But now, we’re interested in who and what you’re putting in the car too. Now we’re moving into the application layer.

Our Runecast platform is full of actionable intelligence and powerful insights that propel you forwards. Now we’re expanding the reach of the system. This is 360-degree visibility and security, to provide deeper visibility into your environment. Continuing the car analogy, now we can look inside and point out some more fundamental problems. Why have a 750-horsepower Ferrari and then only drive it in first gear? If you want to know you’re using your infrastructure to its fullest, you’re going to want to configure and optimize your workloads, i.e. what your infrastructure is powering. And that’s where Runecast comes in.

Adding Windows and Linux security to the existing Runecast patented algorithm means that you’re getting all the insights you’re used to for a wider spread of products.

TL;DR: New Runecast 6.0 coverage in a nutshell

Here are just some of the new features available to you in Runecast 6.0:

  • OS level vulnerabilities, which help avoid security exposures.
  • Automated benchmarks help achieve compliance and certification.
  • The Configuration Vault holds snapshots of your infrastructure, for a clear picture of where drift occurs.

Take a baseline of a known good configuration and compare your new configuration, so you can see what’s changing, i.e. the configuration drift. And then you can find the why, after which you can quickly move to everyone’s favourite step: making it right (AKA remediating). And with Runecast’s remediation feature you have over 270 scripts at your fingertips to proactively resolve issues.

Runecast is customisable, configurable and CIS certified. You are still in control of your environments, but with Runecast you can start to understand them. And with its new OS-level capabilities, there’s an even deeper layer of understanding.

If you’re tired of inconsistencies and the unexpected, then you’re ready for Runecast. To discuss your specific environment with us, contact us here.

Meet other Runecasters here:

Request free Log4Shell Assessment

Check your Windows and Linux for the critical vulnerability in the Apache Log4j Java library.

Request my free assessment