Cavelo announced the release of digital asset discovery, tracking, data access, vulnerability and risk reporting enhancements to help businesses discover sensitive data, minimize data exposure and support attack surface management initiatives.
IT and security teams use a combination of processes and technologies to track digital assets (including hardware, software, cloud and sensitive data), and understand their business’s internal and external attack surface. However, legacy and disparate technologies can create data silos that limit visibility to the sensitive data a business has. Orphaned or unclassified data can result in regulatory non-compliance and cyber risks like data exfiltration and ransomware attacks.
“A growing reliance on connected and remote systems introduces a limitless attack surface,” said James Mignacca, CEO at Cavelo. “Many IT and security teams rely on traditional vulnerability assessments to mitigate risk. Those results capture a point in time that quickly expires and doesn’t give administrators an accurate picture of the business’s assets and sensitive data risk. Without real-time visibility to their growing inventory of digital assets and the sensitive data they contain, teams can’t confidently assess and address the organization’s overall attack surface.”
The Cavelo platform combines security best practices with automated solutions to provide IT and security professionals with richer threat intelligence that supports faster time to respond to threats, improved threat detection across the security tech stack and demonstrable processes required for regulatory audits.
The platform leverages API integrations and machine learning to continuously scan all connected sources including endpoints, cloud applications, cloud-hosted and on-premises servers and desktops to identify, classify and report on sensitive data.
Newly released exposure management features include:
- Attack surface management – providing data integrity and access controls as well as continuous data discovery and classification capabilities to manage vulnerabilities as they relate to sensitive data.
- Vulnerability management and mitigation – delivering accurate and thorough vulnerability reports using agent, network and external scanning. Agent-based scanning hosts install on agents (like laptops, desktops and servers), and network peripherals (like printers, switches and firewalls).
- Data access – supporting zero-trust best practices by providing an understanding of who has access to company data, via the platform’s policy engine.
- Risk benchmarking – ranking cyber risk and pinpointing potential breach costs in real-time, and over time.
- API service integrations – allowing data access and management across popular cloud services like Office365, Google Workspace, Salesforce and Dropbox.
“Traditional asset management and vulnerability detection methods aren’t equipped to handle modern IT and business infrastructure,” said Mignacca. “Managing and mitigating attack surface risk starts with data discovery. By consolidating core security capabilities and technology, cyber asset attack surface management offers a singular approach to data security that virtually eliminates the need for outdated point-in-time risk management activities.”