Vectra hardening (appliances)

Hardening

Vectra utilizes Canonical Ubuntu 20.04 LTS as a base OS image for the Detect products, which Vectra has purchased Extended Patch Support through 2030.

Vectra follows best security practices and various hardening guidelines for Linux operating systems. Specifically:

• NIST Special Publication 800-123: Guide to General Server Security;

• CIS Ubuntu Linux 20.04 LTS Benchmark;

• DISA Ubuntu 20.04 LTS Security Technical Implementation Guide (STIG).

Integrity Checking

Critical files and applications go through an integrity hash check to ensure that they are the authorized file installed by Vectra engineering, or the integrity checking system will take enforcement actions.

Disk Encryption

TPM is used to store disk encryption keys on legacy hardware. SEDs are used in all new X-Series hardware. Virtual headend appliances use software encrypted filesystems.

Security Validation

Vectra relies on a number of tools for supply chain risk and vulnerability management.

Tenable Security Center is a comprehensive vulnerability management platform we use for continuous scanning of various flavors of the DfN products; it combines unauthenticated and authenticated scans of the base OS and is integrated with our security defect and bug tracking systems.

Vectra uses additional open source tools to bridge the gap in areas where Tenable falls short (such as container images and 3rd party language packages).

We score and triage security findings based on our internal threat model and plan fixes according to our SLAs. The security updates are rolled out with the new releases of Vectra software, as well as in updated versions of the AWS AMIs.