Before the Breach
A true risk assesment requires an understanding of how the network is configured, how traffic moves through it, and how accessible our vulnerable assets are. We learn about your network through passive network flows, active reconnaisance and by automatically collecting configuration information from your devices. We gather the details behind network interfaces, security rules and network address translation. This produces a visual representation of your entire network showing current exposure, the paths to vulnerable assets and available risk mitigation options. We also simulate planned changes, to model the impact and provide this insight to administrators or the change control review board. During an attack, the risk score is used in the prioritization of security incidents, so security teams are always focused on the most important incidents first.
A freshly disclosed vulnerability can move from an announcement to exploit to compromise within a few hours. To counter this, we need current vulnerability data on all of our assets and options to protect them. We learn about your vulnerabilities from passive network flows, active reconnaissance, vulnerability reports and by our own active scanning. Active scanning keeps vulnerability data current by automating scans as new assets are detected and scheduling regular update scans on all others. With this data, we manage and organize the top vulnerabilities in several ways, assign them for action and have all the research and remediation options available from within one operations console. During an attack, this current vulnerability data is used to prioritize security incidents by greatest risk of compromise.
Endpoint Management with Patching
With continuous monitoring of laptop, desktop, server and point-of-sale endpoints we can focus on prevention over repair and compliance over expense. With mobile workforces and distributed applications, we need a global reach to support device endpoints on the move or operating in fixed locations. From a multi-function agent that does not degrade the system it is designed to protect, we can check endpoints for vulnerabilities, software license utilization and configuration management to standards including CIS, STIG, PCI, DISA. We support direct integration into both vulnerability management and security analytics systems to help prioritize tasks for prevention as well as pick the right response to a security incident.