Reactive security measures respond to cyberattacks that have already happened. While cybersecurity spending is increasing, cyberattacks are also becoming more frequent. To mitigate risks and prevent potential attacks, proactive actions must be combined with reactive actions. CYFIRMA offers an external threat landscape management solution that possesses predictive and intelligence-based cybersecurity capabilities to provide insights into the attackers’ perspective. In this executive view report, we will consider CYFRIMA’s DeCYFIR product.
Organizations often take security measurements after they are already exposed to threats and vulnerabilities. Such organizations need a system that is capable of identifying impending risks targeting them and the other actors in their supply chain. Predictive intelligence is a combination of cyber threat intelligence, vulnerability intelligence, attack surface discovery, and brand intelligence, with risk scores and remediation plans. In other words, predictive intelligence enables organizations to have an action plan before they are under attack. CYFIRMA’s ETLM (External Threat Landscape Management) platform is a predictive intelligence solution that delivers a collection of services to stay ahead of cybercriminals.
Classifying, protecting, and identifying digital assets as well as prioritizing and remediating exploited vulnerabilities have always been important measures to mitigate cybersecurity risks. With assets, devices, resources, hardware, and software, being changed, patched, or updated continuously, it is critical to have an approach that automates security measurements at a level of functional breadth and depth in coverage of systems that traditional perimeter security solutions and endpoint protection systems have not been able to deliver before. ETLM’s continuous and proactive approach to identifying and managing the external threat landscape allows organizations to be more confident about having comprehensive visibility into what an attacker could target, about knowing where exploitable vulnerabilities exist and prioritizing those that still need to be fixed to be better protected from new vulnerabilities.
Predictive intelligence platforms like ETLM often come with admin consoles hosted in SaaS (Software as a Service) and PaaS (Platform as a Service) deployment models where they also integrate with software security solutions like SOAR (Security Orchestration, Automation and Response) and SIEM as well as Vulnerability Management (VM) and Threat Intelligence tools. Although they share the same goals, VM is a subset of ETLM. In contrast to VM, ETLM offers Vulnerability Intelligence, a more holistic approach to organizations’ cybersecurity operations by focusing not only on software or code-based vulnerabilities, but also on attack vectors that can impact networks and systems in an IT infrastructure. In addition, predictive intelligence solutions offer threat intelligence and data collection and analysis as an out-of-the-box capability.
As a cybersecurity platform, ETLM must deliver core capabilities like automated discovery and identification of assets, malicious asset monitoring, vulnerability monitoring, risk and vulnerability prioritization, cloud asset and misconfiguration discovery, unmanaged device discovery, reducing shadow IT risk, brand intelligence, dark web scanning, threat intelligence, , risk score generation to deliver prioritized remediation plans. Supplementary capabilities like data encryption, compliance management, and software supply chain security can also be important.
Full article is available for registered users with free trial access or paid subscription.
Register and read on!
Sign up for the Professional or Specialist Subscription Packages to access the entire body of the KuppingerCole research library consisting of 700+ articles.