[Labrador Labs “ServerCare” Service Screen]
Labrador Labs (Co-CEOs Jinseok Kim and Heejo Lee) announced on the 1st that it has released an upgraded version of its “Labrador ServerCare” solution, which manages security vulnerabilities in operating servers in real time.
Following massive personal data breaches at SK Telecom and Lotte Card that stemmed from insufficient server security management, strengthening vulnerability management has become a top priority. SK Telecom leaked personal information from 23,244,649 users, while Lotte Card exposed data from 2.97 million people. Lotte Card’s breach occurred because it failed to apply a security patch addressing the Oracle WebLogic Server’s remote code execution vulnerability (CVE-2017-10271), disclosed in 2017. Similarly, SK Telecom left the Linux kernel “DirtyCow” vulnerability, first reported in 2016, unpatched for over eight and a half years, resulting in the leakage of large volumes of personal data and USIM authentication keys. Both incidents occurred because known vulnerabilities were left unpatched.
Companies generally take security seriously during software development, build, and deployment stages. However, once software is installed and running on servers, vulnerability management often lapses. While vulnerabilities might be checked during initial installation, tracking and maintenance afterward prove difficult.
Labrador ServerCare addresses this gap by detecting open-source vulnerabilities on active servers and suggesting countermeasures. It analyzes which open-source components each software library depends on and connects to global vulnerability databases to alert administrators whenever a new CVE emerges that affects their operating server environments.
In the latest update, Labrador Labs upgraded four key features, including:-
▶The development of an in-house protocol
▶Expanded server scheduling options
▶Enhanced agent log review
▶Batch report download functionality
With these enhancements, companies can now instantly identify which servers are impacted by newly disclosed vulnerabilities and take prioritized action accordingly.
Currently, there are approximately 295,000 known CVEs, and about 40,000 new vulnerabilities are being reported each year.
Labrador ServerCare detects only those vulnerabilities relevant to operational servers and helps businesses address the most critical issues first. By developing its own communication protocol, Labrador Labs can add new features and support new types without altering the core system structure, allowing faster and more flexible responses to enterprise needs.
The solution also minimizes third-party library dependencies to enhance overall security. Automated scheduling reduces management overhead, while the batch report feature enables seamless compliance and audit reporting. In addition, the enhanced agent logs allow for rapid diagnosis and recovery from system failures.
Looking ahead, Labrador Labs plans to advance its binary and container image analysis capabilities to fully support cloud and containerized environments. Co-CEO Jinseok Kim remarked, “As seen from recent incidents in the financial and telecommunications sectors, promptly managing known vulnerabilities is the most basic yet decisive security practice. The ServerCare update eliminates blind spots in operating environment vulnerability management and provides customers with a practical, immediately deployable solution.”
[Translation from original article (Korean)]
https://www.newsworks.co.kr/news/articleView.html?idxno=813526