As a manufacturer-independent, cross-functional tool for security monitoring, AMPEG Security Lighthouse offers deep insight into the security status of the network. More than 350 pre-defined evaluations for ad-hoc and long-term analyses are available immediately after installation and offer a comprehensive analysis of the company network security level.
Structure without software agents
The Security Lighthouse collectors collect the information from central sources like management and log databases. After normalising, correlating and compressing the collected data for analysis, they are transmitted to the database of Security Lighthouse.
The quality of information is essential
Example IDS/IPS: Fixing a reported Common Vulnerabilities and Exposures (CVE) with the help of a new rule. While the analysis of the log file shows whether and how often a rule applies, it is of vital importance for the evaluation of the safety performance, whether a rule was enabled at all. If the rule for blocking an intruder has not been enabled, it cannot be logged either - the attacker can exploit the vulnerability. Without the additional evaluation of the management database of the IDS/IPS this information is not available.
- Overall security monitoring with more than 350 predefined analyses: see Assess the security situation
- Comparison of information from the patch management, inventory and intrusion prevention to an integrated CVE Catalogue to identify vulnerabilities and evaluate using CVSS score
- Status determination by checking against thresholds and limits:
Permanent comparison of the achieved security level compared to the defined thresholds and values
- Correlation of data from the different security areas like virus protection, patch management, inventory, SIEM etc.: see Analysed Security Areas
- Matching information from patch management and inventory to the integrated EoL catalogue to identify software that is no longer supported by the manufacturer.
- Overall reporting: see Alerts, Reporting, Export
- Minimum implementation effort: agents do not have to be rolled out
- Security Information Map: Helicopter view of the nationwide security status signalised by traffic light colours for the locations or operational units.
- Security situation in near real-time available:
Companies identify weak points in the network many times faster. They gain time to proactively take action and therefore to minimise the residual risk.
- Work effort reduced to a minimum:
The amount of work for the creation of ad hoc - and long term analyses and also KPIs is reduced to a minimum
- Flexible, personalised Dashboards provide all security officers, and, if required, process owners with targeted access to information relevant to security
- Role based access: see Role Managment
- Safeguarding of business processes by verifying the compliance status of the systems incorporated
- Analysis of the security status according to criticality, protection category of the IT system or assignment to a business process
- Verification of the efficiency of technical measures and calculation of key performance indicators for the continual optimisation of IT security
- Sharing information: current and focused information can be passed on to security officers
- Web application: no installation on the workstations required
Positioning: Link between security management and operation
Security Lighthouse offers the security management, administrators and process owner an up-to-date view of the security situation in the company - world-wide, and nearly in real-time. Together they can evaluate the current security situation and find answers to many questions at an early stage (see Assess the security situation).
In addition, AMPEG reacts quickly to requests of all kind and implements customer wishes very quickly, Sternberg adds, speaking about the positive experience of the introductory phase: There are no long waiting times as we have known them from other service providers. Our supplier delivered missing analyses within two to three weeks.
IT Security Officer, KWS SAAT SE
The findings that SCHOTT was able to draw from the data detected by Security Lighthouse were significant. "The control system clearly showed us where we stand. In a way, the data was sobering because we had thought that we were further ahead with our IT security. But that was not the case. However, and that was the positive thing about it, we now knew what deficits we had."
Head of Information Governance and Security at SCHOTT
“We are now able to show our improvements with facts and figures – we have measurements and analyses that we can pass on to management. What once was a vague gut feeling about IT security has now become specific, quantitative knowledge.”
Michael Schätzke, former Security Officer, Landesbetrieb für Statistik und Kommunikationstechnologie Niedersachsen (Lower Saxony Institute for Statistics and Communication Technology)