Flash forward to Jan. 1, 2021, when Adobe Flash will officially mark its end-of-life (EOL), heralding the end of an era. This means that any new CVEs found in Flash will not be patched, rendering many functionalities and applications unusable. And Flash will quickly become even more of an attack surface for malicious actors than it already is.
However, the end of Flash doesn’t guarantee that people will stop using it. For example, there are some legacy assets, like training materially, that you need to upgrade before saying goodbye to Flash.
The lack of uniformity in Flash obsolescence leaves the door open for potential attack vectors in devices, networks, and organizations. To be sure your network has airtight security measures, it’s imperative that you have visibility into who and what are still using Flash.
Thankfully, Vectra can help you transition your network off of Flash.
Shining a light on Flash
Cognito Recall from Vectra has a Flash end-of-life dashboard to make it easy for organizations to track Flash use on their networks. Through AI-derived machine learning, Vectra performs in-depth network analysis to expose instances of Flash use. Network metadata is an excellent tool in your arsenal to lock down Flash. It lets you identify Flash usage on your system – even in places, you were sure it was uninstalled.
Your first line of defense in removing Flash will be your endpoint detection agent, but it’s always possible users may reinstall it and you won’t have an agent on every system on your network.
The next line of defense is network detection and response (NDR), which analyzes network metadata and provides in-depth defense. The Cognito NDR platform from Vectra pinpoint systems that host Flash content and network clients that are running Flash. The Cognito Recall dashboard automatically shows clients that are using Flash to eliminate the time-consuming process of manually locating them.
For example, one Vectra customer with Cognito Recall launched a project to decommission Flash. To their surprise, the dashboard revealed that their video conferencing and collaboration platform was using Flash and alerted the provider. Although most users won’t notice when Flash disappears (as long as they’re using a modern up-to-date browser), it’s still in an organization’s best interest to cut off Flash usage wherever possible to reduce the risk of breaches.
For a more in-depth demonstration of our Flash dashboard, join the Vectra community and watch a demo video on how to set up and navigate the dashboard. To learn more about Vectra products, explore Cognito Recall, the Cognito NDR platform, or schedule a demo.
Gearoid is a Product Manager at Vectra AI driving metadata improvements for Vectra through Recall & Stream. He has 5 years’ experience managing products in Security, Mobility as a Service, and Big Data, and has worked in DevOps & Performance engineering before that. He has expertise in SaaS products, networking and in getting value out of structured data.