Without knowledge, action is useless, and knowledge without action is futile. — Abu Bakr
Cyber asset attack surface management, or CAASM for short, has become a top cybersecurity concern among enterprises. The reason: Organizations’ operating structures necessitate more devices, data, applications, access, and interconnectivity than ever before. The increase in the attack surface seems exponential — and unmanageable — when taking a myopic view. It is, therefore, important to take a step back, assess the entire situation, and determine a strategic and tactical course of action. That’s why CAASM was created as a category. It’s a lifecycle, or an orchestration engine, that drives risk-based decisions for the organization
CAASM is predicated on good data — data that reveals what’s happening, at all times, with all assets in use throughout the organization (including users). But visibility, or a basic asset inventory and associated operational data, does little to reduce the attack surface. It’s the action that takes all the data to the next level.
This is why we’re excited to announce the general availability of updates to the Axonius Enforcement Center in our cybersecurity asset management product.
Here is some of the new functionality you will see within the Axonius console:
Enforcement Actions: Axonius customers can now create complex query rules using conditional statements. Applying advanced enforcement action conditions allows customers to use data from the assets to inform actions. In other words, the new query functionality automates enforcement actions by digging deeper into the context of assets, asset configurations, and asset hygiene to uncover trends and issues. This context provides the knowledge that lets users take immediate action on vulnerable or risky assets.
The new advanced enforcement action conditions provide greater visibility and control over assets, especially those that require vulnerability management.
Enforcement actions help customers:
- Maintain IT hygiene — Continuously check assets against security policies and automate corrective action for devices, cloud assets, and users.
- Automate policy enforcement — Create configurable enforcement sets to automatically correct non-compliance, notify the proper people of identified threats, enrich data, and respond to, mitigate, or remediate issues.
- Reduce mean time to compliance — Automatically close security control gaps as they’re discovered.
Test Run: Customers can now test enforcement sets on a single asset prior to applying it to a fleet of assets. This capability allows users to verify the end-to-end outcome of an enforcement action before running the enforcement on all matching assets, therefore providing confidence in the enforcement action and its execution.
After the test run completes, users can clearly view the results of the enforcement action and make further enforcement decisions based on good data.
Folder Management: Within the Enforcement Center, customers now have the option of creating “Shared Enforcements”, customized enforcement actions that may be stored in folders so they may be organized and managed simply. This feature offers a cleaner, clearer way to manage enforcement sets, and gives the user greater control over their Axonius experience.
In addition, customers can now draft new enforcement sets and have them saved automatically to a draft section under “All Enforcements”. This feature allows customers to perfect the conditions of actions they want Axonius to enforce against certain queries before moving the enforcement to “active”. Draft (or unfinished) enforcements are automatically saved to a “Drafts” folder, making it easier for customers to revisit and refine at the appropriate time.
This feature saves time and effort and ensures that the user has only the most appropriate enforcement actions set as “active” in their Axonius platform.
The new Enforcement Center capabilities were designed to provide the best user experience and functionality for our customers. The goal is to give Axonius customers the best data upon which they can make the right asset-related and risk-based decisions for their cyber asset attack surface management. But beyond insights, Axonius customers want to take action to reduce their attack surface. With these Enforcement Center updates, we hope we are helping customers move closer to improved cybersecurity asset management.