Posts Tagged ‘Risk Automation’

Defense has always been fundamental. Defense is now sexy? A lot of discussion around defense and network security has been bubbling up since this years Black Hat Conference in Las Vegas featured a dedicated Defense track for the first time. SC Magazine noted the focus on Defense at the conference, and Rick Holland also covered the increased focus on defense in his blog about his observations from Black Hat. While showcasing new attack methodologies or highlighting newly discovered vulnerabilities always gets more press, it is refreshing to see defense beginning to get more focus.

Much of the discussion around defense has been about changing the way we have traditionally done defense in the network security world. A lot of focus has been placed on the fact that the technology we have deployed over the years has created “walls” obstructing our view. Defense should focus on the information or capabilities we already have in place, be it the information in logs from routers, switches or firewalls, or rigorous patch or vulnerability management. Parsing through all of this information or even prioritizing vulnerabilities for medium, enterprise or MSP organizations is a daunting task though. Holland point out in his blog that “the reality is that enterprise wide patch and configuration management are very challenging for companies”. Considering the fact that many of these organizations that do leverage vulnerability management systems sometimes get results telling them they have over 10,000+ vulnerabilities that need to be addressed, it is easy to see how the full breadth of protection is not always deployed.

A more intelligent approach to defense is needed. An approach that takes the vulnerabilities within your network, matches them against the network topology and the mitigating security controls that are in place, and highlights exactly what assets are truly at risk within the full context of the network. An approach that prioritizes the remediation actions that you need to take, and enables you to see the effect of those actions on the overall risk posture of the network. An approach that updates the risk map in real-time as changes occur to the configuration of the network devices and network security controls deployed within your network. A defense approach that is realized in FireMon Security Manager 6.0, the industry’s first Security Posture Management Solution. We invite you to try this new intelligent defense here.

As those of you who have followed this blog over the past couple of months know, we have been slowly revealing bits and pieces about our new Risk Analyzer product here at Firemon. Over the next week and  in the coming months, you will see and hear a huge push around Risk from all areas of Firemon. The official release of Risk Analyzer is imminent, as our CEO noted in his twitter feed this morning. We have also highlighted our partnership with Juniper Networks around Risk Analyzer and JunOS Space. You can get even more insight into what we are doing together on Juniper’s YouTube channel.

Why are we suddenly so focused on Risk, and why is it something you should care about? At the end of the day, all of the security controls organizations have put in place, the firewalls, IDS/IPS’s, proxys, ACL’s, desktop firewalls, etc., are there to help reduce and eliminate the risk to your IT infrastructure. Risk is what we are trying to control and limit. However, as we have previously highlighted, analyzing risk in today’s networks is a huge challenge. We tend to rely on a single tool to determine risk, and in the complex network environments we live in today, these tools can present 1000′s of items that an organization needs to address. Attempting to manually review that list and prioritize the remediation results in organizations spending to little or too much time attempting to reduce their risk. Furthermore,  those tools lack the full contextual awareness of your entire network topology and how data flows through the environment, which is a real key to accurately identifying the areas of your infrastructure that are most at risk.

Risk Analyzer provides that full context of network topology awareness that is so critical to accurate risk analysis. It automatically shows you what actions to take to reduce the greatest amount of risk with the least amount of effort, ensuring your valuable resources are spending the exact amount of time needed to effectively reduce risk to your infrastructure. It’s patented analysis engine that has been proven for the past 4 years in the largest DOD and Intelligence networks produces results in seconds as opposed to hours or even days that other solutions require.  It graphically shows you where you are at risk from any part of your infrastructure. Risk Analyzer will help you automate the reduction of risk to your IT infrastructure.

This is why we are excited about Risk Analyzer and so focused on Risk. Risk, after all, is the key.