EN 
Video Transcript
Firewall policies often allow risky access paths to vulnerable assets.
Traditional vulnerability scanners like Tenable or Rapid7 flag issues, but security teams lack context on how exposures are connected to network rules.
Without network and vulnerability correlation, risk remain hidden until exploited.
Risk Analyzer allows you to consistently manage that risk on your network and highlight known vulnerabilities that an adversary could exploit.
Let s begin with how we can connect to your vulnerability tool. We can pull directly from your vulnerability tool via API.
Or we can connect directly with a manual import.
Now that we have imported the vulnerability information into FireMon, you can see that on our Risk Analyzer overview, we can see assets with vulnerabilities, critical vulnerabilities, some of our riskiest assets, most common vulnerabilities that we are seeing, and also our riskiest rule sets.
If we go into a risky role, you can see that we have the rule configuration and also a rule risk score.
This score is calculated via the vulnerabilities on the assets that are traversing this rule.
If we scroll down just a little bit further, you can see that we have one user vulnerability that is exposed by this rule.
Once we click into this particular vulnerability, we will see the rule summary itself and the vulnerabilities tied to it.
If we hover over this vulnerability, you can see that we are allowing remote authenticated users to execute arbitrary OS commands by by leveraging console administration access.
This means that this particular vulnerability is exposed via HTTP or service port 80.
This particular rule that we are looking at here, you can see that it services allowing HTTP.
Now there are a couple ways to clean up this effort. The easiest would obviously be taking a look at the rule and seeing if we can make changes to the rule.
Now you’ll notice that this particular rule has a zero headcount and it also has not been used in over a year. So this is a perfect example of cleanup that should have been done that has left the network exposed not only from a rules perspective, but also the assets that sit within it.
Risk Analyzer doesn’t just show you vulnerabilities, it shows you how attackers can exploit them and how to stop them. Here is an example of an attack path with topology that we know about your environment and how these vulnerabilities can move laterally through your network.
We also identified patching efforts to help recommend which assets should be patched first.
Here, you can see a list of assets with the vulnerabilities that those assets have tied to them to help understand how the network and the vulnerabilities from those assets correlate together.
This prioritizes high impact fixes, shrinks attack surfaces, and provides measurable reduction in risk.
Risk Analyzer works even better combined with Policy Optimizer, to automatically find risky rules in correlation to the vulnerabilities to create audit tickets, when found an Policy Planner automatically remediates risk from these rules.