Case Study: Government Research Agency
After struggling with out-of-date software on multiple computers and realizing their existing platform could not effectively handle asset visibility, property management, incident response, configuration history, or regulatory compliance, the Government Research Agency turned to Axonius. Implementing the Axonius platform allowed the Agency to see all computers, users, and software versions on all machines within their network on- and off-premises.
~6,000 employees
- Asset visibility
- Property management
- Incident response
- Configuration history recording
- Regulatory compliance
- Increase security posture through better asset visibility
- Easily plan and roll out software updates
- Quarantine unused machines
- Increase speed and accuracy of responses to government mandates
Executing Complex Updates Across Thousands of Devices & Machines with Increased Asset Visibility
Before implementing the Axonius platform, the Agency was struggling with managing its asset visibility. They needed to update out-of-date and difficult-to-verify software on multiple machines, but their existing platform was ill-suited to help them find and process the outdated software. When necessary updates were delayed, they switched to Axonius.
After implementing Axonius, all the information the Agency needed was at their fingertips. IT teams can check where machines are, who logs in and when, and what versions of software each machine is running. Suddenly, security blind spots weren’t blind spots anymore, allowing them to make more informed decisions and execute updates easily.
Streamlining Property Management Across Departments
Before implementing Axonius, properly managing all machines within organization systems was a key concern for the Agency, extending even beyond the IT department.
After implementation, the Axonius platform integrated with the Agency’s property management system, allowing staff across the organization to see all their machines—without duplicate entries—in a single dashboard, increasing the speed and efficiency of property management while reducing simple manual workloads, including those that aren’t on-premises.
Facilitating Rapid Incident Response
Prior to Axonius, the Agency manually gathered asset information and organized incident responses as alerts came in. Their Network Specialist had to manually review these alerts and decide how to best respond based on the information on hand. Getting more context or detail for each incident and spotting patterns was difficult.
Implementing Axonius helped the Agency gather and organize all their asset information within the Axonius dashboard. This helped the Agency speed up incident response and processing times. Their Network Specialist used the information provided by Axonius to verify the details of alerts, pulling MAC addresses, IP addresses, and more to figure out what was connected where and determine the urgency of each issue. Using Axonius also allows them to pull software IDs from each machine. From there, the Network Specialist can get more information about each incident from the software itself. Axonius further provides a list of operating systems across all their machines, letting them detect vulnerabilities and set up a plan to get all their machines up to date.
"Suddenly, blind spots in their security weren’t blind spots anymore, allowing the Agency to make more informed decisions and execute updates easily.
Property management became much simpler, even in an Agency with more than 5,000 workers—25% of which are hybrid or remote. The Agency can always see who is using what, when it’s being used, and how up-to-date each machine is. "
Removing Obstacles By Recording Configuration History
Before Axonius, one of the biggest concerns for the Agency was ensuring all their machines had the latest version of the necessary software. Updates needed to be checked and performed manually, making the process time-consuming and error-prone. Any deleted hostnames, for example, were lost forever.
After implementing Axonius, the platform enabled them to see which machines had which version of software and whether that version was in compliance. They were also able to mark exceptions by noting whether specific machines in the system were designated for software that wasn’t available across the company. In addition, Axonius helps detect when a machine has had its hostname removed. Since Axonius records the machine’s history, it’s possible to go back and figure out when the hostname was deleted and what the name was before removal. This allows IT teams to find and fix the hostname on the machine itself.
Simplifying Regulatory Compliance
Before Axonius, any changes in regulatory compliance caused disruption at the Agency. New standards meant manually taking inventory of all machines, checking software, and other time-consuming work. Because of its time-consuming nature, the Agency’s identity and access management team only performed this process on a monthly basis.
After implementing Axonius, the Agency was fully prepared for the rollout of Binding Operational Directive 23-01. Armed with a collection of adapters and tools from Axonius, they felt fully prepared to check on and update their machines to keep up with new compliance standards across the board. The identity and access management team was able to go through this process daily with one script that lets them check which systems aren’t in compliance.
CVE-2024-3400: Active Exploitation of Critical Vulnerability in Palo Alto Networks PAN-OS Software
Stay up to date on the latest IT and cybersecurity trends, Axonius product updates, and tips and tricks.
Mastering Cybersecurity Measurement
View our latest research, customer stories, technical documents, and other useful links.
Now What? When Cybersecurity Disclosure Rules Widen the Gap Between Reputation and Risk
Learn proven strategies for improving your IT and security functions within your organization.