Ziften today announced support for continuous, passive unmanaged asset discovery — helping enterprise, government, and managed security service provider (MSSP) customers reduce attack surfaces, address compliance issues, and improve operational efficiencies. “Security starts with knowing what physical and virtual devices are connected to the corporate network,” said Mike Hamilton, SVP of Product, Ziften. “But, BYOD, shadow IT, IoT, and virtualization are making that more challenging. Ziften’s client to cloud visibility and security solution enables customers to discover and fingerprint all assets on day one, with no additional network or processing overhead, and no disruptive network activities that set off security tool bells and whistles [alerts].”
Developing an inventory of authorized and unauthorized devices is number one on the SANS Critical Security Controls for effective cyber defense. With Ziften, organizations can quickly discover every connected device: laptops, desktops, workstations, BYOD, mobile devices, data center and cloud virtual machines (VM), orphaned VM’s, networking, WiFi access points, printers, Internet of things (IoT), and rogue devices. Eliminating these unmanaged assets from the network — which are far more likely to be “patient zero” — or bringing them up to corporate security standards greatly reduces an organization’s attack surface and overall risk.
Ziften finds that as many as 30 percent of all connected devices can be unmanaged or unknown in today’s enterprise networks, exposing organizations to dramatically increased risks. Ziften’s discovery of these unmanaged assets helps organizations maintain regulatory compliance. Compliance mandates require more than simple one-time asset discovery efforts. Because the visibility solution is completely silent and does not rely on active pings, scan sweeps, or Network Mapper (NMAP) scans, Ziften provides continuous views of all connected devices, not just point-in-time checks. This capability prevents missing rogue devices that may only connect to the network intermittently, and greatly increases the ability of security operations teams to ensure unmanaged connected devices are either removed from the network or brought into compliance with internal or external security requirements.
For enterprises, Ziften’s asset discovery improves security team efficiency. With detailed intelligence on each connected device including the manufacturer, hostname, and the device type, operations teams can quickly clean up their environments eliminating rogue and unmanaged devices — even VM proliferation. The removal of these at-risk devices reduces security alerts, reduces alert fatigue, and increases time operations teams spend on productive endeavors.
“Ziften’s unmanaged asset discovery is fantastic for internal security endeavors,” said Logan Gilbert, Vice President of Sales Engineering, Ziften. “And we’re also seeing customers use it externally as a starting point in evaluating risks associated with merger and acquisition (M&A) target companies. This is possible because Ziften’s visibility and security solution provides the only non-disruptive, silent asset discovery capability.”