CIO Bulletin

Leveraging Customers a Comprehensive and Always Up-To-Date Asset Inventory Platform: Axonius

In the world of cybersecurity, you can’t secure something if you don’t know it exists. That’s why cybersecurity asset management is a critical component to the foundation of cybersecurity operations across businesses of all types. By allowing your security team to maintain a real-time directory of IT assets—as well as the associated security risks—cybersecurity asset management is one of the building blocks of a proactive, end-to-end, security strategy. Cybersecurity asset management empowers your security team, as well as the overall business, with the visibility it needs to build a comprehensive security strategy that mitigates threats quickly and proactively.

Axonius is the cybersecurity asset management platform that gives organizations a comprehensive asset inventory, uncovers security solution coverage gaps, and automatically validates and enforces security policies. By seamlessly integrating with over 300 security and management solutions, Axonius is deployed in minutes, improving cyber hygiene immediately. Covering millions of devices at customers like the New York Times, Schneider Electric, Landmark Health, AppsFlyer, and many more, Axonius was named the Most Innovative Startup of 2019 at the prestigious RSAC Innovation Sandbox and was named to the CNBC Upstart 100 list and Forbes 20 Rising Stars.

Next-Generation Asset Management Solutions Offered

Real-Time Asset Management: Over the last few years, the adoption of smart devices and cloud computing has spiked for energy companies. At the same time, a lot of energy and resource infrastructure still runs on old legacy systems. The balance of old and new means that methods to discover and manage assets aren’t uniform. This makes identifying all devices, understanding everything on a device, and applying missing security controls challenging for security and risk teams. The NERC Standard CIP-002 R3 requires that responsible entities develop a list of Critical Cyber Assets (like control systems, data acquisition systems, networking equipment, and hardware platforms running virtual machines) essential to the operation of the Bulk Electric System. Axonius helps energy and resource companies adhere to NERC requirements and drastically reduce the time needed to satisfy audits.

Cybersecurity Asset Management: While financial institutions (FIs) usually have many security solutions in place that know about assets, those solutions are often siloed. Without a centralized view, FIs often spend more resources tracking down assets to satisfy regulatory audits than they do implementing security controls and processes to strengthen security posture. The number of devices and cloud services used in modern financial institutions has soared in recent years. Compiling and maintaining regular asset inventories in accordance with SEC, FDIC, FFIEC, NCUA or other regulatory guidance has become more difficult. Manual asset management activities often come at the expense of other security and risk management activities. Axonius powers credit unions, banks, and fintech companies to gain a comprehensive, always-up-to-date asset inventory that drastically reduces the time needed to satisfy audits.

HIPAA Compliance: Asset management is critical for healthcare organizations to demonstrate compliance to the HIPAA Security Rule. Healthcare organizations must have reliable, up-to-date asset inventories so they can understand where ePHI is stored, maintained, received, or transmitted. But historically, security and IT teams haven’t been able to rely on their asset inventories because they’re often outdated and don’t have detailed device information. Axonius helps healthcare providers identify unmanaged devices, apply missing security controls, and track associated users with devices by providing healthcare providers with agentless asset discovery. Axonius enabled Landmark Health to increase their security posture while eliminating manual, time-consuming audits. Landmark automated their policy validation, ensuring each device meets compliance requirements.

Cloud Asset Compliance: With misconfigurations, overly permissive access rights, and publicly available data, many organizations are challenged to secure all of their cloud instances. Axonius Cloud Asset Compliance simply connects to the cloud platforms you’re using to map the state of your cloud instances against industry standards and benchmark. Axonius Cloud Asset Compliance for Microsoft Azure aggregates and correlates data from your Azure environments to show how each instance adheres to and deviates from benchmarks such as the CIS Microsoft Azure Foundations Benchmark v1.1.0. It’s Cloud Asset Compliance for Google Cloud Platform (GCP) aggregates and correlates data from your GCP environments to show how each instance adheres to and deviates from benchmarks, such as the CIS Google Cloud Platform Foundation Benchmark version 1.1.0. Axonius automatically collects and aggregates information from your Google Cloud Platform and maps the data against the CIS Google Cloud Platform Foundations Benchmark.

Cyber Asset Attack Surface Management (CAASM): Cyber Asset Attack Surface Management (CAASM) tools use API integrations to connect with existing data sources to automatically validate security controls and remediate issues. By aggregating, normalizing, and deduplicating data from IT and security solutions, Axonius customers get full visibility into their external and internal attack surface to improve security control coverage and trigger custom, automated response actions. Axonius customers get a comprehensive, always up-to-date inventory of all assets using data from hundreds of data sources already in use. No agents to install, no scanning, no sniffing traffic. CAASM solutions allow organizations to see all assets regardless of where they reside. This is done by using API integrations with existing tools, enabling query capabilities to examine asset data, and offering capabilities to remediate issues. These solutions aim to solve the asset visibility challenge. With a consolidated view of all assets, CAASM allows IT and security teams to gain confidence into what assets they have in order to secure them.

The Visionary Leader Upfront

Dean Sysman is the Co-Founder and Chief Executive Officer of Axonius. He is a world-renowned expert in cybersecurity who was honored with a place on the Forbes 30 Under 30 Israel 2017 list. Before founding Axonius, Dean co-founded Cymmetria, A YC-backed cyber deception company with Fortune 500 customers. He has spoken at major conferences including Blackhat, Defcon, CCC, and more. He is an alumnus of an elite unit in the Israeli Intelligence Corps, where he served for five years as a team leader and officer. During his service, Dean received commendations and awards for his service. Dean is a graduate of the special "Etgar" program, where he earned his BSc in computer science at the age of 19. In 2005, he was part of the gold medal team in the international Robotic Olympics in South Korea.