Don’t Leave Your Network Assets Unprotected
Most IT networks are in a constant state of flux. With devices continually being connected or removed from the network, it’s easy to lose track and leave some assets unmonitored. This creates a serious exposure that attackers can exploit to gain access and conduct malicious activity. To meet this challenge, you need robust information security asset management and inventory tools that make it easy to keep track of all your devices being added or removed from your network.
Zartek Global USM™ delivers information security asset management and inventory capabilities that provide:
- Automatic Asset Discovery
- Host-based Software Inventory
- Asset Prioritization and Remediation
Automatic Asset Discovery
Before you can protect your assets, you first need to know what all your assets are and then be able to determine which systems are the most critical to your business. Not knowing or understanding your assets can create blind spots across your enterprise that malicious actors can exploit and subsequently remain hidden.
Zartek Global USM provides built-in information security asset discovery capabilities that begin to discover detailed security asset information to help you visualize your entire network from the moment it’s installed.
It does so using both active and passive network scanning techniques. Active Network Scanning probes machines connected to the network and identifies them based on the responses. Passive Network Monitoring monitors the network traffic, hosts and installed software to identify the protocols and ports used.
The combination of these two techniques allows you to build up an accurate inventory of all the information security assets connected to your network.
Host-based Software Inventory
For your critical systems, you need to know more than what’s happening at the network level. You need to take a deeper look into the host to build an accurate information security asset inventory of all software, processes and system files that reside on it.
Zartek Global USM includes the ability to scan for available ports that can provide a detailed and granular level of visibility into the available services on your critical assets.
It enumerates all ports listening on the machine – adding valuable context to your information security asset inventory and allowing you to quickly and easily spot where unwanted software or processes are running.
Asset Prioritization and Remediation
Not all information security assets are equal as some are more critical to the business than others based on the data, application or regulations that may apply.
When prioritizing remediation efforts, simply having an inventory of information security assets alone is not sufficient. You need to factor in which information security assets need to be prioritized.
The unified capabilities of Zartek Global USM work in concert
with Information Security Asset Management and Inventory capabilities to help prioritize remediation with multiple technologies such as Host and Network Intrusion Detection Systems (IDS), Vulnerability management and Security Information and Event Management (SIEM).
Zartek Global USM eliminates the ambiguity that can occur in managing your information security assets by analyzing and correlating security events and arranging them using the Kill Chain Taxonomy. This allows you to focus on the most pressing events on the most critical information security assets based on how they’re impacting your environment in five categories.
- System Compromise
- Exploitation & Installation
- Delivery & Attack
- Reconnaissance & Probing
- Environmental Awareness
At Zartek Global, we believe that security practitioners and IT professionals have enough to worry about, and more than enough work to do. The first thing to worry about is what’s connected to your network.
Within minutes of installing Zartek Global Unified Security Management™ (USM) you’ll be able to discover all of the IP-enabled devices on your network, what software is installed on them, how they’re configured, any potential vulnerabilities and active threats being executed against them.
You’ll be able to quickly answer questions such as:
- What devices are on my network?
- What are users doing?
- What vulnerabilities exist in my network?
- Are there known attackers trying to interact with my network?
- Are there active threats in my network?
Correlate Asset Info with Threat & Vulnerability Data
Know What’s On Your Network.
It’s a problem when you don’t know what’s on your network, or how your devices are configured. Wouldn’t you prefer certainty?
Automated asset discovery can start you on the path to certainty. Zartek Global USM™ combines two core discovery and inventory technologies to give you full visibility into the devices that show up on your network.
Passive Network Monitoring
highlights hosts on your network and their installed software packages. Information collected includes:
- IP and hardware MAC address pairings. This is used for inventory and to detect MAC spoofing
- IP header analysis to identify operating systems and running software packages
- TCP/IP traffic analysis for OS fingerprinting and basic network topography
Active Network Scanning
gently probes your network to coax responses from devices. These responses provide clues that help identify the device, the OS, running services, and the software installed on it. It can often identify the software vendor and version without having to send any credentials to the host.