‘Labrador Server Care’, detecting vulnerabilities in operating server
Linking new CVE information — analysis response to open source dependencies
Labrador Labs (CEO Jinseok Kim, Heejo Lee) has announced a new release of Labrador Server Care, a server open source vulnerability management solution.
The service finds open source vulnerabilities in operating servers and suggests patch information, analyzing open source software dependencies installed on the server. It connects to a global database of open source vulnerabilities and alerts you whenever a new CVE is released.
IT administrators knew about the dangers of the Log4j vulnerability in 2022, but were unable to identify which servers the library was running on.
The U.S. Cyber Safety Review Board (CSRB) estimated that it would take 10 years to remove Log4j from operating server software. Even though the vulnerability has been publicized and exploited, there are still many servers that have not been patched. With Labrador Server Care, organizations can easily analyze and respond to the latest open source vulnerabilities as they are discovered, including Log4j.
Organizations care about security during the software development, build, and deployment phases. However, vulnerability management is also importand when the software is installed and running on the server. Vulnerabilities are checked when the software is once installed on the server, but it is not easy to track and manage once it is operating.
Nowadays, 80% of software is composed of open source. According to the CVE database, the number of vulnerabilities increased from 18,375 in 2020 to 25,059 in 2022, and has surpassed 29,000 in 2024. This is why open source software vulnerabilities need to be consistantly managed.
Labrador Server Care periodically checks and analyzes the list of software installed on various servers such as Linux, Unix, and Windows. It analyzes security vulnerabilities and license issues of OS packages and libraries, and suggests management measures such as vulnerability action plans. Labrador Labs provides in-depth vulnerability detection by analyzing open source dependencies on installed software.
“Starting with the recent introduction of Server Care in the financial sector, we will expand to prepare for open source threats in all industries, including medical, automotive, gaming, and public,” said Jinseok Kim, CEO of Labrador Labs. ‘Vulnerabilities are continuously discovered in operating software that has been once verified. By taking care of the security of software in operation, we can respond to cyber attacks through the supply chain,’ he said.
Labrador Labs’ Server Care solution follows the launch of Labrador SCM in August, completing its software supply chain security platform. Labrador Labs’ solution lineup includes Labrador SCA (Software Composition Analysis), an open source vulnerability and license compliance risk elimination tool; Labrador SCM, an automated software supply chain management platform; and Labrador Server Care, which finds and responds to open source vulnerabilities hidden in running servers.
Translation from original article (Korean) :
https://www.datanet.co.kr/news/articleView.html?idxno=198612