We have probably 10, 15, 20 different asset management tools. What I’m looking for from the security perspective is that master inventory, the inventory of inventories, the king of the inventories. So we have Active Directory, we have EDR tools, we have all sorts of security tools that have inventories. What I need is to take those inventories and put them into one master inventory. The traditional model in the past has been the CMDB, but experience with CMDB has not gone well over the years, and it really doesn’t do what you want it to do in terms of security tool inventory. What I’m looking for with Sevco is the one button, you’re missing agents on the following systems.

The inventory of tools is the result of having a bunch of integrations of all of your security tools. So for us, it’s the critical security tools today that we’re integrating into Sevco, and that includes our vulnerability scanner, our endpoint detection and response, our forensics tool, our AV. In addition, we have our vulnerability management tool going in there today as well. Those have inventories, but what we want to be able to do is combine all of those inventories into a single tool that gets us more of the push button reporting that we spend an awful lot of time today doing manual through spreadsheets, pivot tables. We have what we call here hell week, where we spend a week working on all of these manual inventories to come up with a list of tools, solutions, and endpoints that are missing pieces. For us, that’s what we’re looking for out of Sevco.

The initial implementation of Sevco is performed by the cybersecurity operations team. What we’ll find eventually is that it’ll turn into an IT operations tool. We do have a CMDB in place. It is not completely implemented, and not available to everybody to use. What we’re looking for out of the end point here is that the operations team in IT will more than likely be a consumer of our product because it will be, at least for the security tools, the statement of record, the system of record, that we’ll use for managing our inventory.

Well, one of the first use cases that we have, besides the maturity of managing your inventory and all the CIS controls and FFIEC, CAT, cybersecurity assessment tool, and the CRI profile, inventory is one of those key controls that you have to demonstrate that you’re managing. After you get past that first maturity control, the second thing for us is that we have quarterly controls that validate that we have agents on all our systems. And we spend a lot of time manually working with spreadsheets to do pivot tables amongst multiple spreadsheets to identify missing security tools on assets. What Sevco will be able to do is basically take all of that inventory and do a push button and get us that result. So our quarterly controls testing, that we spend a lot of time and effort on, validating agent availability will be done much, much quicker with Sevco.

Well, for us, we have our system managers say that our assets are covered by all of our security agents, and we’re finding with Sevco that that’s not always accurate. Their inventories weren’t kept up to date, especially when you have an ephemeral environment. We have servers that are up and down daily, nightly, that disappear. If our automation processes don’t make sure that the agents are all on there, we’ll have Sevco be able to real-time, give us an inventory of systems missing the agents. So it’s critical from that perspective.

On the workstation side, we are about 50% VDIs and VDI I servers that support those VDIs. And we’ve had some instances where the system managers say that there’s security agents on them, but due to a programming error in their automation, it was missing it. So Sevco gives us real-time access to that information.The main feature that we’re interested in is the front page, the dashboard. It’s right there. We’re using that to then focus in on servers, systems, applications across the security tool spectrum.