Uptycs Blog

Welcome! The Uptycs blog is for security professionals and osquery enthusiasts interested in exploring new ideas in cloud security. We hope you’ll enjoy our blog enough to subscribe and share.

Seshu Pasam

Seshu Pasam

Chief Architect - Uptycs Platform/Enterprise Architect - EBSCO Consulting Software Engineer - Onshape DMTS - Verizon/CloudSwitch Principal Software Engineer - RSA

How to use Uptycs’ audit and detection features during BootHole remediation

How to use Uptycs’ audit and detection features during BootHole remediation

SecOps and IT administrators have seen plenty of information regarding the GRUB2 BootHole vulnerability. In addition to BootHole, several low to moderate vulnerabilities were also discovered and fixed. While a key recommendation for mitigation is to install OS updates and patches, vendor patches should be carefully tested and incrementally applied to vulnerable assets. Updating the Secure Boot Forbidden Signature Database (dbx) has caused issues in the past. Initial GRUB2 patches from Red Hat caused boot issues for some RHEL and CentOS machines.