Let’s start right out with our fourth CIS Critical Security Control definition. Due to the wording, it takes a moment for it to sink in.
CIS Control #4: Continuous Vulnerability Assessment and Remediation
Continuously acquire, assess, and take action on new information in order to identify vulnerabilities, remediate, and minimize the window of opportunity for attackers.
That’s a mouthful. But an important mouthful. Put another way, we must always be on guard to lessen the likelihood of an attack. You have to strengthen what’s weak and see to it that your enemy has little to no chance to enter your system. To do this, you need a constant flow of new, up-to-date security information specifically addressing your system’s access and endpoints. You must shrink your vulnerabilities, making the target smaller.
Shrink the Attack Surface™
We use Digital Defense’s Frontline to decrease your attack surface. Frontline is a vulnerability management solution with supplementary services that scan, analyze, and score the potential attack vectors on your network.
It’s not enough, however, to simply scan and spew mountains of unintelligible systems data in the form of tabular reports. The analysis and scoring must produce intelligent reporting that can be both acted upon and briefed to executives. The process itself needs to be automate-able. You must be able to test your defenses. You must also maintain your standards of compliance. These are not options, they are crucial must-haves.
Powered by DDI NIRV™, Frontline uses the industry’s best scanning engine. What is different with Frontline is the accuracy — the point-in-time accuracy — that Frontline software delivers. Cutting through the network noise, Frontline finds the new attack techniques, critical flaws, and zero-day vulnerabilities that other engines miss.
What you require from Frontline’s analysis is actionable intelligence. And that is what you get. With other programs, it is not only possible but quite common to generate mountains of vulnerability assessment data, only to be lost in the weeds and not know what to do with the almost incomprehensible and often misleading results. With Frontline you always get the answer to the question: Which assets are at risk, and what should I do about their vulnerabilities?
The entire scanning and analysis process boils down to this question: What is my organizations’ security posture? Frontline’s risk scoring gives you that answer clearly. You get a dynamically updated Host Security Scorecard which visually provides the information you want in a direct and easy-to-understand manner. You can brief executives with this informative display. And you can act on real-time information as it changes. You are in control.
A seamless workflow, from identification to remediation, is the goal of effective vulnerability management. Frontline integrates into SIEMs such as IBM QRadar, ZenDesk and ServiceNow, as well as other security workflow management platforms. This process is not a mere matter of passive data uploads. Features include:
- Per vulnerability remediation solution/recommendations with associated CVE and vendor patch links
- Seamless management of host and vulnerability findings
- Comprehensive description and solutions for vulnerability remediation
- Industry standard REST API with JSON output
- Filterable export from Frontline VM based on criteria
- Scheduled data push/pull to destination platform(s)
Network Vulnerability Testing
The two primary business attack vectors — from an attacker’s point of view — are the network attack surface and the personnel attack surface. Frontline has these covered.
Pen Testing is performed remotely by certified and trained security analysts. The procedure is transparent to your business operations, using industry-proven penetration testing methods, always under industry best practices. The results are correlated with your scanned and analyzed reports, so there is no confusion as to next steps.
Social Testing attempts to lure personnel into engagements that could compromise security, as though by an attacker. Such tricks include phishing calls and targeted emails. Employees are notified of findings to educate them about avoidance and other security measures. The goal is for them to learn to avoid trickery and keep the network safe.
Digital Defense Slams the Window Closed
Digital Defense’s Frontline is a leader in vulnerability assessment management and is a vital part of NCSi’s long-term strategy for system integrity and endpoint management. NCSi’s engineers are acknowledged experts in this area and keep you informed of the advances in assessment technology and anti-attack methodologies that are being developed continuously.
Working together with DDI, we close the 4th CIS Control window on an attacker’s opportunity to invade your network.
For more info: