Feature Update: Reduce Asset Risk with Mitigating Controls
- Nov 29, 2022
- Michelangelo Sidagni
NopSec provides the most accurate risk-based vulnerability prioritization across an organization’s entire attack surface. One key element of this is contextualized risk prioritizations based on a client’s specific industry, network configuration, the compensating and mitigating controls they implement.
Today, we are happy to announce our first Mitigating Control with Risk Reduction integration for clients with CrowdStrike’s Falcon Insight – Endpoint Detection and Response (EDR) product. We plan to continually add new product integrations to support our Mitigating Control Risk Reduction framework in the future such as Microsoft Defender.
Clients who are leveraging Falcon Insight EDR on assets will now be able to see a risk reduction on those assets and all vulnerability instances associated with that asset. This means organizations will see an improved overall risk score if they have this mitigating control in place across a large segment of their attack surface. This provides a more contextualized risk score for your specific network.
Clients will also be able to see the policies enabled on each asset. In the future, we plan on providing analytics and query filters. You’ll be able to query and find assets with specific filters enabled or disabled. Likewise, you’ll be able to quickly find the assets that may be misconfigured and have no policies enabled at all.
By integrating your Falcon Insight EDR instance with UVRM you will now be able to see each asset’s configuration settings within the Asset Details page in UVRM. You will also be presented with the risk reduction for the asset.
Soon you will be able to see dashboard metrics tracking your mitigating controls across your attack surface describing your control coverage. You will be able to then determine how to best increase your coverage or implement compensating controls.
We will continually add new search capabilities to our reports so you can create custom reports based on items such as specific control policies or metadata reported by your EDR platform.
We aim to integrate with leading security products and tools used in networks as part of our client’s in-depth security practices. Other technologies to be included are leading EDR/XDR products, intrusion detection systems, firewalls, secure access service edge (SASE), and other products. This will ensure we are able to provide the most contextual based risk assessments for each client’s unique network.
Contextualized risk is the only way to truly identify and prioritize the vulnerabilities with the greatest chance of weaponization. The inclusion of Falcon Insight data, as the first of many technologies, to modify your risk score based on the controls you’ve implemented will greatly improve the definition of risk in your unique environment. Do leave yourself exposed to potential attacks by relying solely on the broad-stroke scores scanners provide you.
If you’re new to NopSec and would like to learn more about the platform’s other capabilities, please do not hesitate to reach out if you have any questions. If you’d like to see this feature in action please schedule a demo with us today!