As threats develop and assault surfaces get extra advanced, corporations proceed to wrestle with the multitude of instruments they make the most of to deal with endpoint safety and administration. This may depart gaps in an enterprise’s capacity to determine gadgets which might be accessing the community and in making certain that these gadgets are compliant with safety insurance policies. These gaps are sometimes seen in outdated spreadsheets which might be used to trace and handle asset stock, configurations, vulnerabilities, and extra. Finally, this will increase organizational threat whereas stifling effectivity and productiveness.
That is why unified safety and endpoint administration has gained floor, as famous in Gartner’s Hype Cycle for Endpoint Safety, 2022. As a part of the market’s want to realize a clearer, real-time image of their gadgets and safety posture, Syxsense launched its Enterprise platform final 12 months to deal with the three key components of endpoint administration and safety: vulnerabilities, patch, and compliance. Based on Syxsense, unified safety and endpoint administration (USEM) is the reply to enabling groups to realize management over the widespread use of private gadgets and the growing mobility of company-owned gadgets on the community.
With that in thoughts, they developed assist of cellular gadgets along with conventional gadgets like desktops and laptops, based mostly on a Zero Belief framework for consumer and device-based entry to sources that is simple to make use of. This offers groups the power deal with endpoint administration and safety operations from a single platform.
We just lately took a better have a look at the Syxsense Enterprise platform.
First issues first
Syxsense’s platform: What that you must know earlier than diving in:
- A 14-day free trial is accessible and trial customers have entry to Syxsense Enterprise, with options like Zero Belief and MDM out there that you could take a look at with your individual gadgets.
- Cortex automation engine: Whereas many different options provide strategies for detecting vulnerabilities, Syxsense Enterprise affords automated remediation of these vulnerabilities. The automation is thru a drag and drop interface that does not require any coding and helps activity and workflow sequencing and coverage implementation. Plenty of frequent workflows have already been constructed out and you’ll run them in your gadgets with out having to arrange the automation by yourself.
To facilitate this product evaluate, the workforce at Syxsense gave us entry to the newest model of their platform. This is what we discovered:
Getting Began
Utilizing the Syxsense platform, safety groups can acquire visibility into their surroundings and uncover the endpoints speaking over the community. As an example I am a system administrator excited by making an attempt the service. That is the primary display screen I see. Within the nook it reveals the place I can simply Add Units so I do know the place to begin and I can see the dashboards the place data on the gadgets I add will show.
After I go so as to add a tool, it reveals me the supported gadget varieties and the downloadable agent for every sort. I additionally see the Discovery Agent the place I can discover and add a number of gadgets which have the agent downloaded already.
Utilizing the gadgets I simply added to my stock, I can take a look at what the platform can provide.
The ‘Units’ button on the left aspect panel reveals you all of the gadgets which have already been added to your stock.
What caught my consideration was the little circle subsequent to the gadget identify. The inexperienced, orange, or crimson colour of the circle signifies the present well being of the gadget based mostly on patch standing and energetic vulnerabilities so you’ll be able to see the well being of your gadgets at a look.
By proper clicking “Queries”, now you can entry the Question Designer and filter your gadgets with totally different attributes you choose.
For a pattern, I ran a question for all gadgets working Home windows OS. After you run the question, you’ll be able to carry out duties on the gadgets returned out of your choice.
Within the Syxsense Enterprise platform, you’ve gotten entry to tons of several types of duties, together with: Safety Scan, Patch Deploy, Software program Deploy or Safety Remediation. I made a decision to run a patch deployment to see what would occur.
As you’ll be able to see, the console reveals you six steps to stipulate the patch deployment activity I wish to carry out, beginning with figuring out the record of gadgets the duty will goal. I created a brand new question for gadgets with important patches.
After I chosen my question, Syxsense confirmed me a set of choices for managing the content material deployed to the focused gadgets.
I can instantly deploy my patch or, if I do not wish to run the duty proper now, the platform offers me choices for scheduling my deployment. I can deploy at a specified time with a calendar choice or make the duty reoccur on a schedule.
After I ran the patch deployment activity, it was simple to see which gadgets have been missed. I can then select to rerun the duty on new gadgets or gadgets that have been unavailable throughout the deployment window.
What caught my consideration subsequent is the Cortex workflows.
You possibly can construct sequences of various safety actions that run routinely based mostly on the standing of focused gadgets. I added a number of paths for the automation to comply with based mostly on the success or failure of every motion.
It is easy to make use of. I did not want to jot down any code, the platform is designed so you’ll be able to simply drag and drop actions into the builder and customise them as you construct. There’s additionally fairly a couple of server upkeep workflows already constructed on the platform that I can simply choose and run straight away.
I chosen the Zero Belief Trusted – Safety workflow and named it “Safety Posture”.
As soon as I’ve configured the workflow, I can select the gadgets I wish to run it on and the way usually.
My activity was to check the system, so I wished to see how nicely the platform handles reporting on the totally different actions I’ve carried out. Within the Syxsense platform, you’ll be able to deploy a activity to run a report.
The platform affords a number of choices for studies. There’s even studies for HIPAA, PCI and SOX compliance.
I resolve to run the “HIPAA Working System and Utility Vulnerability Scan” report.
It offers me a number of data and there is a abstract part that reveals me the proportion of patch compliance and graphs for compliance by severity and compliance by CVSS. That is an fascinating report with an in depth overview of your environmental compliance, with nice visualizations already in-built.
Conclusion
Syxsense Enterprise is a stable endpoint administration and safety platform with many options to make day-to-day IT and safety operations simpler. Many corporations depend on a number of instruments to deal with vulnerability scanning, patch administration, configuration administration, cellular gadgets, and remediation, however Syxsense combines it multi functional answer. It is easy to see the place a single answer like Syxsense might cut back prices and threat whereas enhancing effectivity.
If you would like to see extra, you’ll be able to join a demo of Syxsense right here.