Skip to content
    Search
    Request A Free Trial

    Any historical account of 2020 is bound to wildly understate its absolute lunacy. Let’s just say it isn't the best.

    But, as we round the corner to 2021, there’s one thing that IT and security teams can accomplish right now to put them in a better position for the year ahead: understanding what devices, cloud instances, and users they have, and whether everyone and everything is adhering to security controls.

    Getting an Asset Inventory

    We’ve heard it said multiple ways, but just this week a CISO told us:

    "If I asked 10 people for the number of assets we have,
    I'd get 14 answers."

    One of our favorite tweets is:

    Getting an asset inventory isn’t easy because all the data around devices, cloud instances, and users live in disparate silos, and the data sources don’t talk to each other. What’s needed is an aggregator that can pull in the asset information, correlate it, and show exactly what's in the environment including:

    Every day, we talk to customers who are trying to:

    The good news? All the information needed to meet these frameworks is already in the tools that IT and security teams are using, and Axonius customers are able to quickly get an asset inventory.

    Continuous Controls Monitoring

    Getting an asset inventory is the most basic – and fundamental – part of any cybersecurity program. The next step is understanding whether all of those assets adhere to or deviate from the overall security policy and security controls.

    A few examples we see every day include:

    • All Windows devices need to be in Active Directory and have an EPP agent installed
    • All Macs need JAMF
    • Every device needs to be enrolled in a device management platform
    • All devices (except cloud instances) need to be in our CMDB
    • Every asset (cloud and on-prem) needs to be scanned by our VA scanner
    • Only Linux devices should be on a particular segmented network

    These are just some of the basics. But the idea is to understand any time an asset shows up in the environment that doesn’t adhere to the expectations set by policy, and any time a state change means that a security control isn’t being met. 

    By connecting to the different sources of asset data with Axonius, customers are able to use queries to find any asset that doesn't fit their expectations. The value in continuous controls monitoring is in the “continuous” part: simply running point-in-time audits doesn’t match the speed of change. 

    Cloud Security Posture Management

    One of the new categories we’ve heard a lot about is cloud security posture management.

    Since more workloads are moving to the public cloud, security teams need a tool (or tools) to constantly monitor configuration details within their cloud environments. This helps ensure that what shouldn’t be public isn’t, and that other configuration options aren’t leaving cloud instances unnecessarily exposed to risk. 

    One good example mentioned above is the CIS Foundations Benchmarks for AWS and Microsoft Azure. The CIS Foundations Benchmarks include scored rules for public cloud environments, showing instances and accounts that deviate from security and configuration best practices. 

    Cloud Asset Compliance

    Security Policy Enforcement

    When you’re able to understand what assets are in your environment and which devices, cloud instances, and users adhere to or deviate from your security policies and controls, you’re able to pinpoint issues to be addressed. 

    (That’s another way to say you’ve created more work for your team.)

    visibility without action=work

    Sure, it’s valuable to identify things that need fixing. But being able to automate action is a lot better.

    When Axonius customers get an asset inventory and understand how each device, cloud instance, and user deviates from their security policies, they can move on to creating automated enforcement sets to decide what should happen whenever a condition is met.

    Here are the actions in the Axonius Security Policy Enforcement Center:

    Axonius Enforcement Center

    These are:

    • Notify - Send an email, syslog, webhook, Slack message, and more
    • Create Incident - Create an incident in a ticketing system like ServiceNow, Jira, Zendesk, or others
    • Axonius Utilities - Tag a device or user in Axonius or add custom data
    • Enrich Device or User Data - Enrich device or user data from third parties like Shodan, Censys, HaveIBeenPwned, and more
    • Manage CMDB Entries - Create or update a computer in ServiceNow, Cherwell, or Jira
    • Update VA Scanner Coverage - Add IPs to scanners like Qualys and Tenable
    • Deploy Files and Run Commands - Deploy files and run Windows or Linux Shell commands, and run WMI or SSH scans
    • Execute Endpoint Security Agent Actions - Use endpoint agents like Carbon Black, Cybereason, and others to isolate, unisolate, or run a scan 
    • Manage AD Services - Enable, Disable, or Update users and devices
    • Manage AWS Services - Start, stop, or tag AWS services
    • Manage Microsoft Azure Services - Add tags to Azure instances

    With enforcement sets, Axonius customers can define a trigger and create whatever actions make sense for their environment and processes. From simple alerts to full automation, they can decide the level of automation that makes sense.

    Let Me See

    Sure, it’s easy to say that all of this can be accomplished before the end of 2020 to get the basics covered for 2021. Anyone can make that claim. Here’s how we can prove it to you. 

    First, here’s a short video that shows how Axonius gives customers a comprehensive asset inventory, uncovers security gaps, and automatically validates and enforces policies. In just about four minutes you get a full overview of the platform.

    But vendors can pick and choose what to show in their videos, and with a little movie magic, you can make anything look easy.

    Show Me

    We often hear security and IT professionals say they're skeptical Axonius can work in their environment. Whether yours is a highly segmented, geographically dispersed, cloud-heavy, or massive environment, we’re always happy to show how Axonius works with some of the largest and most sophisticated organizations on the planet.

    Request a demo here, and we’ll set up a call to show the platform and answer any of your questions. 

    Let Me Try It

    Want to try Axonius on your own first? We have a free, 30-day cloud-based trial open to organizations in North America.

    Request your free trial here and try Axonius in your own environment. 

    2020 is a beast, but you can get one easy cybersecurity win before 2021 with Axonius.

    Sign up to get first access to our latest resources

    Recent Posts

    View All Posts →
    Cybersecurity Asset Management

    Cybersecurity Burnout and the Rising Importance of Cyberpsychology

    Over the last few years, dialogue about burnout in cybersecurity has increased – and for good...

    Incident Response

    How to Optimize Your Tools, Processes, and People to Recover from an Incident Quickly

    At the beginning of this year, we predicted optimization would be a top priority for IT and...

    Federal

    Improving Asset Visibility On Federal Networks

    The below originally appeared on the FedScoop. This video panel discussion was produced by Scoop...

    SaaS Security Posture Management (SSPM)

    New Research: How Organizations Are Navigating IT and Security Resource Paradoxes

    A year ago, predictions for a tumultuous cybersecurity landscape were rampant. Companies across the...