partners documentation Watch Axonius+
Platform
Platform
By Category
Adapters
I Want To...

Gartner Hype Cycle: CAASM

CAASM is on the rise, says Gartner — but what exactly does this mean? Read the report to find out.

Get the Report
Solutions
Solutions
By Role
By Industry
I Want to...

Start Free Trial

Test drive Axonius for yourself. Sign up for a free, 30-day trial — no strings attached.

Get Started
Use Cases
Use Cases
Cybersecurity
IT and Infrastructure
I Want to....

Start Free Trial

Test drive Axonius for yourself. Sign up for a free, 30-day trial — no strings attached.

Get Started
Resources
Resources
Resources
Blog
I Want to....
Watch Now

Introducing: Axonius+

We wanted to try something new when it comes to our video content. The result? Axonius+. Check it out today.

Watch Now
About
About
About Axonius
Become an Axonian
Partners

Book Your Demo

See Axonius in action and learn what you can accomplish with a comprehensive understanding of all assets.

Sign Up Now
Book a Demo Get Free Trial
    Get Free Trial
    Book a Demo
      Back to Blog August 28, 2020

      1 Easy Cybersecurity Win Before 2021

      By: Nathan Burke

      Any historical account of 2020 is bound to wildly understate its absolute lunacy. Let’s just say it isn't the best.

      But, as we round the corner to 2021, there’s one thing that IT and security teams can accomplish right now to put them in a better position for the year ahead: understanding what devices, cloud instances, and users they have, and whether everyone and everything is adhering to security controls.

      Getting an Asset Inventory

      We’ve heard it said multiple ways, but just this week a CISO told us:

      "If I asked 10 people for the number of assets we have,
      I'd get 14 answers."

      One of our favorite tweets is:

      Getting an asset inventory isn’t easy because all the data around devices, cloud instances, and users live in disparate silos, and the data sources don’t talk to each other. What’s needed is an aggregator that can pull in the asset information, correlate it, and show exactly what's in the environment including:

      Every day, we talk to customers who are trying to:

      The good news? All the information needed to meet these frameworks is already in the tools that IT and security teams are using, and Axonius customers are able to quickly get an asset inventory.

      Continuous Controls Monitoring

      Getting an asset inventory is the most basic – and fundamental – part of any cybersecurity program. The next step is understanding whether all of those assets adhere to or deviate from the overall security policy and security controls.

      A few examples we see every day include:

      • All Windows devices need to be in Active Directory and have an EPP agent installed
      • All Macs need JAMF
      • Every device needs to be enrolled in a device management platform
      • All devices (except cloud instances) need to be in our CMDB
      • Every asset (cloud and on-prem) needs to be scanned by our VA scanner
      • Only Linux devices should be on a particular segmented network

      These are just some of the basics. But the idea is to understand any time an asset shows up in the environment that doesn’t adhere to the expectations set by policy, and any time a state change means that a security control isn’t being met. 

      By connecting to the different sources of asset data with Axonius, customers are able to use queries to find any asset that doesn't fit their expectations. The value in continuous controls monitoring is in the “continuous” part: simply running point-in-time audits doesn’t match the speed of change. 

      Cloud Security Posture Management

      One of the new categories we’ve heard a lot about is cloud security posture management.

      Since more workloads are moving to the public cloud, security teams need a tool (or tools) to constantly monitor configuration details within their cloud environments. This helps ensure that what shouldn’t be public isn’t, and that other configuration options aren’t leaving cloud instances unnecessarily exposed to risk. 

      One good example mentioned above is the CIS Foundations Benchmarks for AWS and Microsoft Azure. The CIS Foundations Benchmarks include scored rules for public cloud environments, showing instances and accounts that deviate from security and configuration best practices. 

      Cloud Asset Compliance

      Security Policy Enforcement

      When you’re able to understand what assets are in your environment and which devices, cloud instances, and users adhere to or deviate from your security policies and controls, you’re able to pinpoint issues to be addressed. 

      (That’s another way to say you’ve created more work for your team.)

      visibility without action=work

      Sure, it’s valuable to identify things that need fixing. But being able to automate action is a lot better.

      When Axonius customers get an asset inventory and understand how each device, cloud instance, and user deviates from their security policies, they can move on to creating automated enforcement sets to decide what should happen whenever a condition is met.

      Here are the actions in the Axonius Security Policy Enforcement Center:

      Axonius Enforcement Center

      These are:

      • Notify - Send an email, syslog, webhook, Slack message, and more
      • Create Incident - Create an incident in a ticketing system like ServiceNow, Jira, Zendesk, or others
      • Axonius Utilities - Tag a device or user in Axonius or add custom data
      • Enrich Device or User Data - Enrich device or user data from third parties like Shodan, Censys, HaveIBeenPwned, and more
      • Manage CMDB Entries - Create or update a computer in ServiceNow, Cherwell, or Jira
      • Update VA Scanner Coverage - Add IPs to scanners like Qualys and Tenable
      • Deploy Files and Run Commands - Deploy files and run Windows or Linux Shell commands, and run WMI or SSH scans
      • Execute Endpoint Security Agent Actions - Use endpoint agents like Carbon Black, Cybereason, and others to isolate, unisolate, or run a scan 
      • Manage AD Services - Enable, Disable, or Update users and devices
      • Manage AWS Services - Start, stop, or tag AWS services
      • Manage Microsoft Azure Services - Add tags to Azure instances

      With enforcement sets, Axonius customers can define a trigger and create whatever actions make sense for their environment and processes. From simple alerts to full automation, they can decide the level of automation that makes sense.

      Let Me See

      Sure, it’s easy to say that all of this can be accomplished before the end of 2020 to get the basics covered for 2021. Anyone can make that claim. Here’s how we can prove it to you. 

      First, here’s a short video that shows how Axonius gives customers a comprehensive asset inventory, uncovers security gaps, and automatically validates and enforces policies. In just about four minutes you get a full overview of the platform.

      But vendors can pick and choose what to show in their videos, and with a little movie magic, you can make anything look easy.

      Show Me

      We often hear security and IT professionals say they're skeptical Axonius can work in their environment. Whether yours is a highly segmented, geographically dispersed, cloud-heavy, or massive environment, we’re always happy to show how Axonius works with some of the largest and most sophisticated organizations on the planet.

      Request a demo here, and we’ll set up a call to show the platform and answer any of your questions. 

      Let Me Try It

      Want to try Axonius on your own first? We have a free, 30-day cloud-based trial open to organizations in North America.

      Request your free trial here and try Axonius in your own environment. 

      2020 is a beast, but you can get one easy cybersecurity win before 2021 with Axonius.

      Tag(s): Cybersecurity , Cybersecurity Asset Management , Cloud Asset Compliance , Cloud Security

      Sign up to get first access to our latest resources