There are many tasks for a development team to take on in the cyber security world, some are small and extremely complex while others are simpler but far larger in scope. One item in this later group is a process of what I like to call augmentation, or third party support, and it can be truly grueling in its own fashion. For us, augmentation is the need to support and provide checks and balances for other security measures by using our position as the access and admission control arbiters. Items that fall into this augmentation category are things like creating scans that make sure your endpoint system and security are fully up to date. While checking to make sure a piece of software or a operating system is up to date isn't a hard task to do manually on a single endpoint, the task quickly becomes daunting when you have hundreds or thousands of computers. With our scanning capabilities we can actually help mitigate this challenging issue for our customers IT group but this solution does provide our development team with a issue of its own. How do we keep up with it all across so many different customers and sites?
To put this issue into focus a bit more let's look at a few examples. One of the most concise examples is antivirus. Take a moment and think of how many different types of antivirus there are out there currently. Now think of how many different suite combinations there are for each one with items like: internet security, normal antivirus packages, premium package, standalone scanners, etc. Now think of how many updates each one of those gets throughout a given year. It starts to become clear just how much creep this task has associated with it. Another type of augmentation to consider comes in the form of security and system updates for operating systems. Many people know of Microsoft's Patch Tuesday but to put it in a quick synopsis it is the second Tuesday of every month that Microsoft releases its latest updates. This means that we must have scans ready to go for all levels of the Microsoft operating system that have been updated or modified. Then there are also the different versions of things like Office or the .NET framework and the task just keeps getting bigger and bigger and that's just one type of operating system. While these scans mostly boil down to fairly straight forward development for each it again is the issue of scale that really provides the challenge instead of the individual difficulty of the task.
So how do we keep ahead of the waves and waves of work that we face? Organization, prioritization, and of course hard work. Organization isn't terribly difficult in this case but is quintessential and for us it comes in the form of our testing lab. We have organized every version of our currently support OS's and software to make sure we are keeping up with our customers’ needs. This organization flows seamlessly into prioritization as we will always keep our customers’ software at the top of our augmentation lists while software that we are currently not directly supporting gets love after. This prioritization does help us keep our active scans modern with a very high amount of reliability but it doesn't mean that we can ignore the other software. Once we finish those live scans we move on to all the other software on the list as we never know when one of those will be a live scan, either by a customer replacing their software or with a new customer joining the Milton family. That last bit is where the hard work and dedication of the development team and QA team come in the strongest.
Lastly there is the team itself that holds all of this together. Most of the time we are trying to help each other by making sure we have a rotation going with who is doing the more tedium tasks and who is doing the interesting tasks. While not exactly technical it is vitally important to keep the entire development and QA focused and engaged. Sometimes the focus demands flexibility whether it is forced on the team due to illness or due to simple wear and tear of the members or team as a whole. No matter what puts the demand on any team in this situation it is important to be able to react outside the set guidelines to make sure the product is delivered on time and fully functional without breaking down the people working on it.
While this task isn't as glamorous as trying to lock down a new attack vector, analyzing the latest bad traffic, or building the newest deep packet inspection filter it is a crucial spoke on the wheel to limiting cyber risk. Even the task of keeping everything well oiled and running isn't glorified but to me has always been a very curious and unique part of the challenge. So we and other teams like us will keep working hard each and every day to try and bring down data breaches and attacks across the world and hopefully make everyone that much more secure. Even if there is no hall of fame for us to strive for.