From Visibility to Action.
Plugin Example: WannaCry
When WannaCry surfaced, it presented an immediate threat to any network running windows and using file sharing. It required immediate action from security teams in order to safeguard their organization. How would we answer the question “which of my devices are vulnerable to WannaCry?”:
- First, we would need a list of all machines running Windows within the organization.
- We would then need to understand if they are at the patch level that makes them specifically vulnerable to WannaCry.
- Since this would require being able to run a command on the devices, and different Windows instances are managed differently (for example some are only managed through SCCM, some have endpoint protection, and others can only be accessed using RDP creds), we would need to go through all these different silos and systems to get the answer.
Axonius plugins answer the question by pulling the relevant data on each device from the respective solution that manages it.