Integrating Asset Management into your SOC with Open XDR can be a force multiplier for your business

As an MSSP, being proactive in your approach to cybersecurity is a best practice. Ensuring that your customers are doing their part to update and patch their systems is critical. If you can integrate your asset management with your SOC/XDR platform there are huge gains to be realized.

Scanning all your customer environments is the first step. This can be done with many different vendors, but one that our partners like to leverage is CYRISMA. Partners primarily scan for compliance requirements, but it should be done regularly for all clients. Once that information is collected there are several key steps to take:

  1. Review the scan to ensure all relevant assets have been included — this is a key step if customers forget to let you know when they add additional systems.
  2. Review the posture of the systems for devices that require updates.
  3. Develop a list of required updates and set a timeline.
  4. Build a closed loop process to ensure the assets are maintained — notify administrators and users and audit regularly to make sure any needed steps are taken.
  5. If protected data is detected, add data classification tags by asset.

Most partners scan monthly, and some partners scan daily for continuous compliance. The approach will vary based on the maturity of your customers. The goal is to get your customers to the desired risk posture.

Once this is achieved, it is time to ingest this information into your SOC/XDR platform. Armed with this critical information, the XDR platform will be able to increase or decrease the severity of an alert automatically. If the asset is vulnerable to the threat, the XDR platform should increase the risk score based on this knowledge. If it is not vulnerable, it should decrease it.

With this integration, CYRISMA brings a rich suite of asset management capabilities to the Stellar Cyber Open XDR platform. It:

  1. Integrates vulnerability management
  2. Incorporates data classification tags by asset
  3. Enables asset secure configurations
  4. Adds additional risk data points through CYRISMA’s grading system.

Stellar Cyber has several enriched ML-based detections that dynamically leverage the asset information from CYRISMA. Our partners report a significant reduction in false positives for properly patched systems. They also have the information they need to act quickly when an unpatched asset is under attack.

If you would like to learn more, please reach out to me — brian@stellarcyber.ai

--

--

--

Stellar Cyber’s Open XDR platform delivers Everything Detection and Response by unifying all currently disjointed security tools and data sources.

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Buckle Up, Defense Contractors: Tighter Cybersecurity Standards Are Coming

Tachyon Protocol Weekly Report #95

The only guide you need for crypto mining on Ubuntu 2022

How To Use The 1:1 Conversion of bSRK & SRK on BSC to SRKb

What is the dark web? How to access it and what you’ll find

Azure AD Password spray; from attack to detection (and prevention).

{UPDATE} Medio juego en Ajedrez II Hack Free Resources Generator

{UPDATE} Real Apple Sniper Shooting 3D Hack Free Resources Generator

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Stellar Cyber

Stellar Cyber

Stellar Cyber’s Open XDR platform delivers Everything Detection and Response by unifying all currently disjointed security tools and data sources.

More from Medium

What will Metaverse bring us?

Announcement on the recruitment of FlyingFish whitelist guild

ERC 4626 :- A Major Update

What Is Solarpunk?