AMPEG Security Lighthouse supplies you with more than 350 analyses in the form of maps, lists and charts. The correlation of information from different security areas makes it possible to generate independent analysis across all sections (e.g. Correlation - Security Level).
Data stored over several years can be used to access long-term observations. These analysis perform valuable services during process optimisation.
For example, you can get an answer to the following questions:
- Where is the greatest risk located?
Which locations or operational units are compliant or not compliant in which security areas?
- What is the security status of the process-relevant, critical systems?
- Have updates been successfully installed on schedule (roll-out timeline)?
- Has the security situation improved in the long term (trend analyses)?
- Which mobile devices are not compliant (e.g. are unencrypted)?
- How good is the security level of the factory systems?
- Which network devices have an outdated firmware version?
- Which updates have not yet been installed on which systems, and which vulnerabilities from the CVE Catalogue does this affect?
- Which vulnerabilities from the CVE Catalogue occur on the inventoried products?
- Does the network contain systems that are connected neither to the antivirus system nor to the patch management system although they have been entered in the active directory or the inventory (status: “no coverage”)?
- What percentage of the systems are configured in compliance with the security standards, and which safety requirements are violated?
- Which laptops are used without encrypted hard drives?
- Which systems have been found to contain unwanted software?
- Which systems do not have the desired version of the software or operating system installed?
- According to the comparison between vulnerability management and the patch management system, which updates are ready to be distributed in the network to quickly close identified vulnerabilities?
- Which vulnerabilities leave us exposed to an attack, and how great is the risk based on the CVSS score or the severity assessment?
- In which systems or locations was the virus first found?
- Which locations have a low incidence of viruses, and which have a particularly high incidence?
- Which detections has the Intrusion Prevention System reported, and which vulnerabilities from the CVE Catalogue does this affect?
- How many accounts are blocked, and how many have an expired password or do not require a password?
- How far along is the roll-out of, for example, a new operating system for workstations (Book of Standards)?
- And much more.
Current answers are available at any time
AMPEG Security Lighthouse is a web-based application that needs no installation on a workstation. So you can access the current data at any meeting directly from a web browser, and start analysing the current security situation. The extensive preparation of a presentation, whose content may even already be outdated, is eliminated.
"One of the biggest mistakes security officers make is to blindly trust the success messages given out by their systems."
Raimund Genes †, former CTO Anti Malware at TREND MICRO
Visibility concerning the actual security status of IT systems is a important requirement for ensuring high quality in IT security.