Armis supported this global financial services organization that is on a mission to be the best in its sector in cybersecurity. For years, it has been proactively conducting self-audits to get to a point where it could claim with confidence that it has 100% coverage.
With approximately 5,000 worldwide employees, a global technology estate, and thousands of devices on their network, the organization’s security team has installed “nearly every tool in the world” on its mission to security maturity. In addition to dozens of Security-as-a-Service (SaaS) solutions, the security team has also built an in-house tool that automates security reporting by pulling application programming interfaces (APIs) into an SQL database to correlate the data and present in a dashboard.
When the manager of security engineering learned about Armis and viewed a quick demo, he thought, “This could help our vulnerability management program immensely. We’ll be able to have full visibility in our environments, and all the gap analysis for our security tools.” He shared Armis with his supervisor, and they quickly arranged a proof of value (PoV).
The PoV took about two weeks to complete. The manager and his team integrated Armis with nearly 20 products in their existing security stack. Prior to the PoV, the organization’s configuration management database (CMDB) team had estimated that the organization had about 6,000 assets. But Armis discovered three times that many. “Armis has shown that we have major gaps in our CMDB and in our endpoint security tools. We have gaps in our vulnerability management program. It’s that gap analysis that we’re going to be homing in on first,” said the manager.
During the PoV, the manager and his team also learned that Armis could replace the “business security automation (BSA)” reporting tool they had built in house. The manager’s supervisor who built that tool, “fell in love with” Armis. He was all for Armis replacing his own software, even after many months of work, because it freed up time for him to move on to other projects. If only they’d known about Armis sooner. “I’m surprised it took so long for someone to market this product as well as Armis did,” said the manager.
The supervisor isn’t the only one who will be saving time on engineering work in the near future. “Our vulnerability management team is excited about being able to skip about a year’s worth of engineering work,” noted the manager. Prior to Armis, the six-person team had been working on manually integrating their asset warehouse with other tools. Now their job is much easier.
Given that this financial services organization has had nearly 20 mergers and acquisitions (M&As) over the past several years, there’s a lot that could potentially fall through the cracks while onboarding all the new networks, servers, and data centers. The manager had been relying on tribal knowledge to know whether things existed or not. Now Armis has given him a better, more accurate way to identify and remediate vulnerabilities.
“There are regulatory requirements that require us to have an effective vulnerability management program,” pointed out the manager. With the “big three” tools he uses for vulnerability management; “There’s only so much they can provide in that layer, and they require a lot of care and feeding.” He can now layer Armis on top of the other vulnerability management tools so they can all be cross-referenced to get the visibility they need.
“Vulnerability management, risk-based assessments, and gap analysis were our biggest use cases,” asserted the manager. As he points out, Armis gave them the ability to “find needles in a haystack.” It cuts through the noise and pinpoints the most vulnerable assets. “If I went into our current vulnerability manager, I would probably find over a million unpatched vulnerabilities,” the manager explained. “It’s impossible to get that to zero.” Armis gives his team a way to narrow that number down to a few hundred of the most critical assets within seconds.
With the prioritized list of vulnerabilities now handed off to his team, the manager’s next big task is to complete the integrations with the rest of the software tools in the organization’s extensive security stack. These tools include directory services, virtual device management, advanced firewalls, vulnerability management, network mapping software, cloud computing platforms, identity and access management, and more. Once completed, this project will provide the organization with a unified dashboard of data feeds that will enable broader and deeper insights.
The manager noted that he has requested three additional integrations for Armis to build so that he and his team can cross reference all of their security tools and have bidirectional integration across the entire security architecture. Although they’ve only had Armis for about a month, the manager affirmed, “I can say, with complete confidence that Armis has given us a view of 100% of the assets in our environment.”
Read the full case study to learn more.
Sign up to receive the latest news