Any historical account of 2020 is bound to wildly understate its absolute lunacy. Let’s just say it isn't the best.
But, as we round the corner to 2021, there’s one thing that IT and security teams can accomplish right now to put them in a better position for the year ahead: understanding what devices, cloud instances, and users they have, and whether everyone and everything is adhering to security controls.
We’ve heard it said multiple ways, but just this week a CISO told us:
"If I asked 10 people for the number of assets we have,
I'd get 14 answers."
One of our favorite tweets is:
CISO: How many windows hosts do we have?
— Jim Schwar (@jimiDFIR) February 8, 2018
AV Guy: 7864
Desktop Management: 6321
EDR Team: 6722
CMDB Team: 4848
SIEM Team: 9342
Getting an asset inventory isn’t easy because all the data around devices, cloud instances, and users live in disparate silos, and the data sources don’t talk to each other. What’s needed is an aggregator that can pull in the asset information, correlate it, and show exactly what's in the environment including:
Every day, we talk to customers who are trying to:
The good news? All the information needed to meet these frameworks is already in the tools that IT and security teams are using, and Axonius customers are able to quickly get an asset inventory.
Getting an asset inventory is the most basic – and fundamental – part of any cybersecurity program. The next step is understanding whether all of those assets adhere to or deviate from the overall security policy and security controls.
A few examples we see every day include:
These are just some of the basics. But the idea is to understand any time an asset shows up in the environment that doesn’t adhere to the expectations set by policy, and any time a state change means that a security control isn’t being met.
By connecting to the different sources of asset data with Axonius, customers are able to use queries to find any asset that doesn't fit their expectations. The value in continuous controls monitoring is in the “continuous” part: simply running point-in-time audits doesn’t match the speed of change.
One of the new categories we’ve heard a lot about is cloud security posture management.
Since more workloads are moving to the public cloud, security teams need a tool (or tools) to constantly monitor configuration details within their cloud environments. This helps ensure that what shouldn’t be public isn’t, and that other configuration options aren’t leaving cloud instances unnecessarily exposed to risk.
One good example mentioned above is the CIS Foundations Benchmarks for AWS and Microsoft Azure. The CIS Foundations Benchmarks include scored rules for public cloud environments, showing instances and accounts that deviate from security and configuration best practices.
When you’re able to understand what assets are in your environment and which devices, cloud instances, and users adhere to or deviate from your security policies and controls, you’re able to pinpoint issues to be addressed.
(That’s another way to say you’ve created more work for your team.)
Sure, it’s valuable to identify things that need fixing. But being able to automate action is a lot better.
When Axonius customers get an asset inventory and understand how each device, cloud instance, and user deviates from their security policies, they can move on to creating automated enforcement sets to decide what should happen whenever a condition is met.
Here are the actions in the Axonius Security Policy Enforcement Center:
These are:
With enforcement sets, Axonius customers can define a trigger and create whatever actions make sense for their environment and processes. From simple alerts to full automation, they can decide the level of automation that makes sense.
Sure, it’s easy to say that all of this can be accomplished before the end of 2020 to get the basics covered for 2021. Anyone can make that claim. Here’s how we can prove it to you.
First, here’s a short video that shows how Axonius gives customers a comprehensive asset inventory, uncovers security gaps, and automatically validates and enforces policies. In just about four minutes you get a full overview of the platform.
But vendors can pick and choose what to show in their videos, and with a little movie magic, you can make anything look easy.
We often hear security and IT professionals say they're skeptical Axonius can work in their environment. Whether yours is a highly segmented, geographically dispersed, cloud-heavy, or massive environment, we’re always happy to show how Axonius works with some of the largest and most sophisticated organizations on the planet.
Request a demo here, and we’ll set up a call to show the platform and answer any of your questions.
Want to try Axonius on your own first? We have a free, 30-day cloud-based trial open to organizations in North America.
Request your free trial here and try Axonius in your own environment.
2020 is a beast, but you can get one easy cybersecurity win before 2021 with Axonius.
41 Madison Avenue, 37th Floor
New York, NY 10010