Assess the security situation
Besides equipping you with the Security Information Map, AMPEG Security Lighthouse supplies you with more than 300 analyses in the form of lists and charts. The correlation information from various security areas makes it possible to generate independent analysis across all sections (e.g. Correlation - Security Level).
Data stored over several years can be used to access detailed, comparative long-term observations and KPI's. These analysis perform valuable services during process optimisation.
To the following questions, you get a response:
- Where is the greatest risk located?
Which locations or operational units are compliant or not compliant in which security areas?
- What is the security status of the process-relevant, critical systems?
- Have updates been successfully installed on schedule (roll-out timeline)?
- Has the security situation improved in the different areas (KPIs)?
- Which mobile devices do not comply with the standards (e.g. are unencrypted)?
- Which updates have not yet been installed on which systems, and which vulnerabilities from the CVE Catalogue does this affect?
- Which vulnerabilities from the CVE Catalogue occur on the inventoried products?
- Does the network contain systems that are connected neither to the antivirus system nor to the patch management system although they have been entered in the active directory or the inventory (status: “no coverage”)?
- What percentage of the systems are configured in compliance with the security standards, and which safety requirements are violated?
- Which laptops are used without encrypted hard drives?
- Which systems have been found to contain unwanted software?
- Which systems do not have the desired version of the software or operating system installed?
- According to the comparison between vulnerability management and the patch management system, which updates are ready to be distributed in the network to quickly close identified vulnerabilities?
- Which vulnerabilities leave us exposed to an attack, and how great is the risk based on the CVSS score or the severity assessment?
- In which systems or locations was the virus first found?
- Which locations have a low incidence of viruses, and which have a particularly high incidence?
- Which detections has the Intrusion Prevention System reported, and which vulnerabilities from the CVE Catalogue does this affect?
- How many accounts are blocked, and how many have an expired password or do not require a password?
- How far along is the roll-out of, for example, a new operating system for workstations (Book of Standards)?
- And much more.
Current answers are available at any time
AMPEG Security Lighthouse is a web-based application that needs no installation on a workstation. So you can access the current data at any meeting directly from a web browser, and start analysing the current security situation. The extensive preparation of a presentation, whose content may even already be outdated, is eliminated.
System Security Overview (SSO)
The System Security Overview (SSO) enables you to keep a close eye on each single system. The SSO provides all relevant system information in a clearly arranged dashboard.
Which analysis you would like to feature on the SSO dashboard can be configured at administration level. The analysis "System Configuration Management Handicap" is pictured above.
Closing The Gap
Security Lighthouse represents the binding link between security management and IT operations.
"One of the biggest mistakes security officers make is to blindly trust the success messages given out by their systems."
Raimund Genes †, former CTO Anti Malware at TREND MICRO
Visibility concerning the actual security status of IT systems is a important requirement for ensuring high quality in IT security.