This gives enterprises, government agencies and managed security service providers (MSSPs) visibility to understand the scope of business vulnerability and prioritize the proactive defense of assets, while maintaining a confidence that their security infrastructure is free of human error or incompatibilities between policies and protection.
A surge in conversation and excitement around next-generation firewalls (NGFWs) and security infrastructures has overshadowed a lack of visibility into how change – from software patches to access changes to new system deployments – has a domino effect that can open up silent vulnerabilities across a network.
Security operations personnel are challenged to understand the interdependencies in a morass of legacy and new devices, and software, and the implications and potential for error they represent. A recent example of this occurred last month, when Medicaid and social security information of 780,000 citizens in Utah were exposed due to misconfiguration and ineffective access control.
Even for those companies that have implemented some level of policy/configuration management, the data deluge and ability to trace the paths and assets that are at risk remain a challenge for many. The solution lies in the ability to identify, assess and remediate the impact of change or misconfiguration on security policy and controls in real-time, and combine that with mechanisms that integrate comprehensive risk analysis to provide quantifiable and actionable intelligence to focus efforts on the most critical issues.
With the addition of a new patented risk analysis engine, Security Manager can now analyze the accessibility of any vulnerabilities from threat sources, measuring the impact, depth and risk of a potential attack. The integration allows Security Manager to evaluate, visualize and simulate attack paths throughout the network to assist security teams to quantify risk and prioritize remediation.
In addition to traditional vulnerabilities detected by popular vulnerability assessment (VA) scanners, Security Manager can also incorporate penetration test results with Metasploit and factor proven exploits into its risk scoring.
“The growing complexity of networks and the increasing sophistication of adversaries have driven imperatives for better intelligence and focus in network security management,” said Jody Brazil, President and CTO of FireMon. “Any network change – from M&A integration to user, application or access changes to software updates – can cause issues from system failure to exposure of critical assets.
FireMon’s hallmark has been its ability to understand and manage the implications of change in large organizations. Now, with the ability to rapidly analyze and map specific risk scenarios, we can enable security teams to better plan for change, and more effectively prioritize proactive efforts to defend their information assets.