These last few weeks as you’ve seen, we’ve been releasing a series of videos from Chief Strategy Officer, Brian Contos, highlighting how Sevco’s 4D Asset Intelligence platform works, and how organizations can use it to better understand their IT environment. We call them Sevco Security Shorts.
Now, we’re posting this transcripts of this series for those that would prefer to read the content.
Hey everyone. Today we’re going to talk about visualization of security controls and IT management controls with Venn diagrams. Here I have a circle with 10,215 devices pulled via API from Microsoft Active Directory, and I want to see how many of these devices are actually running CrowdStrike.
So first I want to filter based on my OS platforms to things that CrowdStrike can actually run on. So I’ll add Linux, Windows Server and Windows. Now I’ve reduced this number to 9,525. Let’s add CrowdStrike to actually create a Venn diagram. And we see the commonality is 9,435 devices are in Microsoft Active Directory and the running CrowdStrike. However, we have 90 devices that are unique. They can run CrowdStrike based on their OS platform, but they’re not running CrowdStrike, and historically they’ve never had CrowdStrike installed.
Now your environment’s going to be way more complex than two sources. So I can add another layer to this like Automox, which is patch management. But these API connections will reach out to all your management solutions on-prem and in the cloud. In addition to layers of the Venn diagram, I can actually do more filters.
So for example, Windows Server 2008 R2, I’ve got 15 of these devices. They’re not running CrowdStrike and they’re not running Automox. Well maybe they’re running some other type of compensating control. Let’s try Illumio. Illumio is segmentation for Zero Trust.
Nope, nothing there.
How about Malwarebytes? Maybe that’s our secondary EDR.
No.
So we have 15 devices that aren’t running any kind of security control or IT management control. Also Windows Server 2008 R2, well that was end of life back in January of 2020, so it was end of life over three years ago. There’s no extended service contract for that. So there’s no patches and there’s no support coming.
Now, this is a near realtime representation of the entirety of your environment on-prem and in the cloud, and it’s telling you that you have 15 devices that are highly vulnerable. There’s no security controls or protection on them. If they were to be attacked, they’d probably be compromised. And then of course that could put the rest of your organization at risk.
Interested in seeing how Sevco can give you this kind of visibility in your own IT environment? Click here to schedule a personalized 1:1 demo with our team.