NopSec.com uses cookies to make interactions with the Company’s Websites easy and meaningful. When you visit one of the Company’s Websites, NopSec.com’s servers send a cookie to your computer. Standing alone, cookies do not personally identify you; they merely recognize your Web browser. Unless you choose to identify yourself to NopSec.com, either by responding to a promotional offer, opening an account, or filling out a Web form (such as a “Contact Us” or a “Free Trial” Web form), you remain anonymous to the Company. Please go to our privacy statement for details.

Acknowledge

Feature Update: Reduce Asset Risk with Mitigating Controls

Reduce Asset Risk with Mitigating Controls

Overview

NopSec provides the most accurate risk-based vulnerability prioritization across an organization’s entire attack surface. One key element of this is contextualized risk prioritizations based on a client’s specific industry, network configuration, the compensating and mitigating controls they implement. 

Today, we are happy to announce our first Mitigating Control with Risk Reduction integration for clients with CrowdStrike’s Falcon Insight – Endpoint Detection and Response (EDR) product. We plan to continually add new product integrations to support our Mitigating Control Risk Reduction framework in the future such as Microsoft Defender.

Risk Reduction

Clients who are leveraging Falcon Insight EDR on assets will now be able to see a risk reduction on those assets and all vulnerability instances associated with that asset. This means organizations will see an improved overall risk score if they have this mitigating control in place across a large segment of their attack surface. This provides a more contextualized risk score for your specific network.

Clients will also be able to see the policies enabled on each asset. In the future, we plan on providing analytics and query filters. You’ll be able to query and find assets with specific filters enabled or disabled. Likewise, you’ll be able to quickly find the assets that may be misconfigured and have no policies enabled at all.

CrowdStrike Falcon Insight EDR

By integrating your Falcon Insight EDR instance with UVRM you will now be able to see each asset’s configuration settings within the Asset Details page in UVRM. You will also be presented with the risk reduction for the asset. 

Mitigating Controls Risk Reduction Report

Upcoming Features

Soon you will be able to see dashboard metrics tracking your mitigating controls across your attack surface describing your control coverage. You will be able to then determine how to best increase your coverage or implement compensating controls.

We will continually add new search capabilities to our reports so you can create custom reports based on items such as specific control policies or metadata reported by your EDR platform.

We aim to integrate with leading security products and tools used in networks as part of our client’s in-depth security practices. Other technologies to be included are leading EDR/XDR products, intrusion detection systems, firewalls, secure access service edge (SASE), and other products. This will ensure we are able to provide the most contextual based risk assessments for each client’s unique network.

Frequently Asked Questions

  • How do I integrate my Crowdstrike Falcon data?
    • Please follow the instructions on the Integrations page within your UVRM instance for Crowdstrike Falcon. You’ll need to provide us with your instance URL and credentials.
    • Feel free to contact your Customer Success representative with any questions.
  • Are other mitigating controls supported?
    • As of Aug. 18, UVRM only supports the integration of CrowdStrike’s Falcon Insight product as a mitigating control with risk reduction. We plan on supporting other leading Endpoint Detection and Response products such as Microsoft Defender, SentinelOne, and others in the coming months.
  • Will you support non-EDR products as Mitigating Controls?
    • Yes. We are looking at our existing clients’ practices and are determining the products and processes that are being implemented as mitigating controls. We plan to support these in the future. Our goals are to not focus solely on asset controls – but also take a holistic approach across your entire organization’s network and processes.
  • What is the difference between Compensating Controls and Mitigating Controls?
    • Compensating Controls: Controls that are put into place when specific requirements can’t be met with existing or new mitigating controls. This could be referenced as “alternative controls.”
    • Mitigating Controls: Mitigating controls are meant to reduce the chances of a threat happening. For example, the use of antivirus, firewalls, VPNs, and other modern security products or practices would qualify.
  • Will NopSec provide risk reduction for Compensating Controls?
    • Yes. NopSec UVRM currently provides risk reduction for assets that have been marked as Risk Accepted, a form of compensating control, however, we plan on providing finer grained controls which will enable more precise risk reductions based on the specific controls in place.

Summary

Contextualized risk is the only way to truly identify and prioritize the vulnerabilities with the greatest chance of weaponization. The inclusion of Falcon Insight data, as the first of many technologies, to modify your risk score based on the controls you’ve implemented will greatly improve the definition of risk in your unique environment. Do leave yourself exposed to potential attacks by relying solely on the broad-stroke scores scanners provide you.

If you’re new to NopSec and would like to learn more about the platform’s other capabilities, please do not hesitate to reach out if you have any questions. If you’d like to see this feature in action please schedule a demo with us today!

Schedule a Product Demo Today!

See how NopSec's security insights and cyber threat exposure management platform can organize your security chaos.