Axonius is constantly working with our users and advisors, looking for ways to expand our cybersecurity asset management platform. The long-term vision is to best equip our customers to manage and reduce their cyber asset attack surface.
Our goals with our latest product release — version 4.7 — include:
- Reduce the manual effort it takes for companies to understand the assets in their attack surface
- Increase the accuracy and actionability of asset data so customers can easily manage assets and related vulnerabilities
- Improve time to detection and time to remediation efforts via automated policy and control enforcement actions
Today, Axonius is excited to announce the general availability of the following enhancements to our cybersecurity asset management platform. The items, below, are only a snapshot of the work we’ve been doing over the last several months.
Vulnerability management enhancements
Vulnerability management is a never-ending challenge. In our previous product rollout, Axonius addressed some basic features to allow customers greater insight to vulnerabilities impacting their assets.
In product release 4.7, we’ve now enhanced vulnerability management capabilities to provide more granularity of vulnerability data, and make that data more actionable for customers that want to reduce cyber risk.
Axonius, in this latest release, added data ingestion from the National Vulnerability Database (NVD) to help our customers more quickly and easily identify known vulnerabilities, their exploitability, and impact scores. Data ingestion from the NVD is automatic, and customers don’t need to turn on any special features or configure new data feeds. This automatic data inclusion allows our customers to better understand known vulnerabilities that could be affecting their organizations and to prioritize remediation.
In addition, the Cybersecurity and Infrastructure Agency (CISA) Known Exploitation Vulnerabilities (KEV) list is now directly integrated within the existing Vulnerability Management Module. As with the NVD data feed, CISA KEV data is automatically imported to our customers’ Axonius environment. The integration allows federal agencies to ensure that they can identify and remediate vulnerabilities according to federal directives. It also gives non-agency organizations guidance on leading practices for prioritizing known vulnerabilities.
NVD and CISA KEV data enrichment allows Axonius users to:
- More quickly and accurately identify known vulnerabilities in their attack surface
- Better prioritize vulnerability remediation
- Map vulnerability management processes to binding directives and industry best practice recommendations
Data management and access controls
Getting to the right data is a key requirement for asset management and (more broadly) cyber risk management. In the past, it was difficult for Axonius platform users to see all data scopes without a considerable amount of manual configuration.
With our latest release, we’ve made it easier for authorized users to view various data scopes and to be automatically enrolled in those data scopes. Using role-based access control (RBAC), Axonius customers now have a simpler way to see and interact with the data that is relevant to them.
Users can also now dynamically create and assign role-based access permissions based on SAML attributes. Dynamic data scope creation reduces the manual effort of assigning authorized users to data scopes, which is especially helpful in large, distributed organizations. This gives users easier access to the right data, right away
RBAC and data access enhancements allow our customers to:
- Reduce the manual effort and time it takes to grant access to authorized users
- Improve the security of access controls
- Increase usability for authorized users by automatically giving them the data they need to manage assets
Axonius has simplified reports management by giving customers greater customization in how they name and download reports. This makes it easier for Axonius users to share asset information with colleagues, executives, and other stakeholders, and makes the presentation of the data clearer. Customers can now choose to download a local copy of the CSV file without having to enable email notifications first, which saves time and effort. What’s more, they can also elect to attach the downloaded file to reports emails, making it simpler to share reports directly with colleagues.
Improved manageability for reporting allows Axonius customers to:
- Customize reports according to needs, workflows, and other personal preferences
- Shared reports more easily
- Be more detailed when using reporting features
Cloud Asset Compliance updates
We’ve updated our Cloud Asset Compliance (CAC) center to include the latest guidance from Microsoft. The Center for Internet Security (CIS) Microsoft Azure Foundations Benchmark v1.4.0 has been added to the CAC, making it easier for our customers to manage their Azure environment with recommended cybersecurity practice information, and to comply with industry regulations.
The CIS is continuously updating its benchmarks to help companies address new and evolving security concerns and misconfiguration complexities. The Azure Foundations Benchmark was released by CIS at the end of May 2021. Axonius has incorporated this guidance into our latest product release to facilitate security and compliance.
Cloud asset compliance allows Axonius customers to:
- Increase visibility into the cloud environment
- Follow leading industry practice recommendations for Azure security
- Build a roadmap for Azure security
The Axonius Query Wizard is one of the features that our customers like best about our cybersecurity asset management. It gives them the ability to conduct myriad targeted queries using pre-built recommendations, and dive deep into assets and their associated security state to surface vulnerabilities, security gaps, and policy violations.
So, in the vein of continuous improvement, the latest Axonius release provides better solution management and ease of use. We’ve added the ability to:
- Filter on saved queries based on where, when, or if they’re in use
- Find queries based on the adapter in use
Customers will also now spend less time managing queries because we’ve added the ability to:
- Drill into adapter connection labels and update (if needed)
- Tag metadata to details, such as when a tag was updated, when a device was marked with a “non-compliant” tag, and more
- Add multi-select options to queries, which makes managing large lists easier
In all, we’ve added a slew of new features to our cybersecurity asset management platform. Here are a few more:
- Enhanced asset investigations capabilities
- New adapter fetch history filters
- New adapters (including the new Axonius Network Discovery tool)