Augmenting Vulnerability Management for a Better Security Posture

Any organization that is even moderately mature in its security programs will have an overarching device discovery and vulnerability management program in place. While these programs are essential to protecting the modern enterprise environment, they do miss some crucial picture pieces.

The Good and the Bad with Vulnerability Management

To fully grasp the issues, first, let us take a quick look at why traditional vulnerability management tools are essential and what they are particularly good at.
Vulnerability management / assessment tools, such as Nessus, Qualys, or Rapid7, are designed to scan and identify devices on networks and subnets that users direct them toward. The scans that most traditional scanning tools accomplish are done at regular intervals.

However, the time between scans varies significantly between organizations, and their specific risk profile has a lot to do with the frequency of scans. In addition to this, traditional vulnerability scanners are very good at finding expected devices, like servers, laptops, and virtual machines. However, they begin to run into problems when they need to test non-traditional devices like IoT and OT. For reference, in the first six months of 2021 there were 1.51 billion breaches of IoT and related devices.

Most large-scale vulnerability scanning software works by sending noisy test packets toward any device discovered to see if it may be vulnerable to any known issues in its database. Unfortunately, when these scanners find a connected device and begin throwing packets at it, they are more likely to crash the machine than identify any details about it.

How IoTSecure Can Supplement Your Vulnerability Management

At IoTSecure, we set out to fix the gap that traditional vulnerability management scanners leave in the security posture of modern organizations. IoTSecure is designed not to replace or circumvent the VA program you have in place but to supplement it with a program capable of identifying and scanning these often vulnerable connected devices and reporting those findings to any source you would like. For example, the details found by the IoT-mini can be viewed directly on the CloudPortal® dashboard. Or, the information can be piped, via an API, to virtually any SEIM or other VA tools used in your organization.

IoTSecure is designed to supplement, not replace or circumvent, traditional vulnerability management scanners by closing these gaps on unmanaged and IoT devices. IoTSecure solutions are:

1. Agentless, but accurate
2. Safe and non-intrusive – No crashing or interfere with even sensitive and resource-constrained IoT devices. So you know longer have to worry about crashing devices and you can now start vulnerability testing devices that your previously had to  exclude from intrusive traditional scanning.
3. Real-time – Profile and vulnerability test devices as they connect to the network in real-time. No more time gaps of untested devices being on the network until the next scheduled scan.
4. More detailed than vulnerability scanners – Identifies devices in detail by type and model and it tracks where devices are in real-time. You always know exactly what the device is for better remediation prioritization and you always know where the device is.

Best of all, it takes only about 5 minutes to test devices on your network with the IoT-mini. 
It’s free to try on a network segment and only $100 to cover your entire enterprise for the 1st year.
The details found by the IoT-mini can be viewed directly on the CloudPortal® dashboard. Or, the information can be piped, via an API, to virtually any SEIM or other VA tools used in your organization.