Forescout unveiled Risk and Exposure Management, its cloud-native product designed to collate all data sources associated with an enterprise’s connected assets and calculate a unique multifactor risk score for each asset, offering a more intuitive and quantitative approach to risk prioritization.
Enterprises’ attack surfaces are expanding daily given the technology and business dynamics at play. Security teams realize that existing approaches to cyber asset management can’t effectively scale to meet the diversity of asset types or track configuration and risk posture changes for their assets, making it exceedingly more difficult to conduct expeditiously any incident analysis.
The new Risk and Exposure Management solution addresses this challenge by tracking the changes to posture on a unique status-over-time view for every individual asset and enables security teams to act on intuitive cyber risk intelligence, through security workflow automation driven by the Forescout Platform.
According to Forrester, CISOs are readily seeking new approaches to attack surface management that not only better support their teams, but also prove to their boards how they’re reducing risk exposure based on the effectiveness of their security investments. The analyst firm also found that “Among security decision-makers, 73% report that their firm is adopting attack surface management; a further 15% plan to implement it in the next 12 months.”
“Enterprises require a simplified way to maintain both real-time and persistent asset intelligence for every asset – managed or unmanaged, physical or virtual, including OT/ICS, IoT devices and specialty subsets such as medical devices,” said Barry Mainz, Forescout CEO. “We’ve invested heavily in the Forescout Platform, and the enhancements we are making with the availability of Forescout Risk and Exposure Management provide that intelligence to help security teams effectively prove a reduction in risk posture of their enterprises’ evolving attack surfaces.”
The use cases and benefits of Forescout Risk and Exposure Management are:
- Cybersecurity asset management: Discover and classify every device across any environment (90 days retention) to help IT security teams leverage asset context and status trends to streamline their operations.
- Persistent asset risk intelligence: Gain situational awareness of cybersecurity risk posture based on exposure from vulnerabilities and misconfiguration with a unique multifactor risk score.
- Accelerated incident response: Leverage historical asset context to aid analysts’ proactive investigation of risks and reactive response to incidents and events to help minimize the blast radius and reduce mean-time-to-resolution (MTTR).
- Enhanced IoT security: Leverage high-fidelity IoT classification through non-disruptive, passive discovery techniques for deployment flexibility, with real-time identification of xIoT vulnerabilities to help security teams understand the attack surface and prioritize response actions.
- Enhanced medical device security: Clear and concise risk assessment of each connected medical device based on known exposures, attack potential and operational criticality, with insights into FDA class and recall status, to help ensure security without impacting patient care.
In leveraging this product’s capabilities, enterprises can feasibly obtain comprehensive asset intelligence and build a solid foundation for cyber asset attack surface management.