The Covid-19 pandemic's impact on business has been dramatic and pervasive. Employees across industries transitioned to remote working -- and many of them stayed there. As they connect to corporate networks with various devices over unsecured home networks, they expand the attack surface and open the door for bad actors. Zero-day vulnerabilities are common, and malicious activity often flies under the radar until it's too late.
What's more, an ever-increasing reliance on IT means businesses are continually expanding their digital footprint, making enterprise security and threat management more challenging than ever. Today, 57% of connected devices are vulnerable to medium or high-severity attacks.
To mitigate risk and protect corporate assets and data, organizations must take a proactive approach and implement end-to-end attack surface management that protects against both known and potential zero-day vulnerabilities.
Effective Risk Analysis Requires Accurate IT Asset Data
Businesses of all sizes in all industries leverage Lansweeper's IT asset discovery platform to discover and identify all network-connected assets -- IT, OT, and IoT. Our solution gathers in-depth information about those devices -- hardware specifications, installed software, user details, and more -- creating a complete and accurate IT asset inventory to enable rapid threat detection and more reliable prevention.
Using advanced Asset Radar and Credential-free Device Recognition (CDR) technologies, Lansweeper detects assets the moment they connect to the network, without the need for credentials or complex configurations, delivering complete coverage and unmatched accuracy, and eliminating blind spots across the IT environment.
Tough on Cyber Threats, Just Like Our Partners
Cybersecurity solution provider ArcusTeam is addressing the challenge of threat mitigation with its Saas-based precognitive attack surface management solution, DeviceTotal. DeviceTotal provides contextual-based threat prevention, mitigation, and eradication for connected and future connected devices, by leveraging a vast catalog of devices and information about their security posture.
DeviceTotal features two advanced technologies -- Contextual Risk Assessment (CRA) and Automatic Reverse Engineering (ARE) -- to secure and mitigate current and future devices, calculate the device risk in context to the environment, and provide a comprehensive and actionable security posture report. In this way, the solution enables organizations to take a proactive stance against cyber threats. They can:
- Calculate and expose device and the network risk in a contextual way.
- Access clear actionable insights and security recommendations for software updates, patches or workarounds
- Prioritize responses based on organization, site, or device-level business context, risk, impact and more
"DeviceTotal provides holistic visibility and control over the risk and security posture of all connected devices because it can identify threats before they reach the network."
-- Daniel Falzon, VP of Channel and Partnership Alliances, ArcusTeam
However, a prerequisite for DeviceTotal's effectiveness is access to an organization's IT asset inventory. For many organizations, this is a manual process:
- They enter the device details manually. Organizations lacking a comprehensive IT asset inventory can enter device information by hand into DeviceTotal, such as the brand name of the device, the type and model of the device, firmware and installed software, and so on.
- They upload a CSV file. Many organizations maintain IT asset inventories in Excel spreadsheets, which can be exported and uploaded into DeviceTotal.
Once the information is entered or uploaded, DeviceTotal can work its magic. But, unfortunately, manual processes such as keying in data and maintaining spreadsheets are prone to error. Without full visibility into all the devices connected to the network, it's impossible to provide DeviceTotal with a complete list, or the data to assess vulnerabilities in the network.
While uploading a spreadsheet can eliminate re-keying, spreadsheets themselves are typically incomplete and error-prone. In fact, spreadsheets are usually obsolete the moment they're completed. As a result, using either one of these approaches can leave blank spots in the asset inventory, inhibiting DeviceTotal's ability to provide 100% risk accuracy.
Fortunately, there's a third option: an API to Lansweeper.
Lansweeper's Advanced Deep Scanning Leaves No Stone Unturned
Through a partnership with Lansweeper, ArcusTeam simplifies the process of uploading IT asset data into DeviceTotal, while ensuring complete visibility across the IT estate. Lansweeper users can connect to DeviceTotal via API, to instantly and automatically upload up-to-the-minute IT asset data.
Lansweeper combines agent-based and agentless scanning to discover all connected assets across the IT infrastructure. It explores the IT environment and retrieves granular data about every device, such as device type, location, users, installed software, logon information, and more, creating an always-accurate and complete IT asset inventory that IT teams can use for a number of IT scenarios.
Lansweeper's Asset Radar and Credential-free Device Recognition (CDR) technologies leave no stones unturned, discovering and cataloging any remote personal devices, rogue and forgotten devices, and shadow IT or other assets that would likely be omitted from spreadsheets and other manual device logs. In this way, it can provide full and complete visibility across the IT estate in minutes, saving teams time, money and resources while improving the accuracy of the IT asset inventory.
"With the API to DeviceTotal, Lansweeper customers can quickly and automatically upload all IT asset data, and know for certain that the information is complete, accurate, and up to date," said Falzon.
"Clients who take advantage of the Lansweeper API to upload IT asset data into DeviceTotal reduce operational overhead while gaining access to the benefits of both solutions. Not only do they simplify and improve the process of creating and maintaining a complete and accurate IT asset inventory, they can rest assured that DeviceTotal is proactively preparing for and mitigating potential cybersecurity threats across their entire IT estate."
-- Daniel Falzon, VP of Channel and Partnership Alliances, ArcusTeam
Seamless Integration Delivers the Best of Both Worlds
ArcusTeam clients who use Lansweeper in conjunction with DeviceTotal benefit from full visibility and knowledge about how their assets may impact their risk and security posture. At the same time, Lansweeper customers no longer have to outsource attack surface management, and risk assessment and mitigation, because they can benefit from insights and recommendations from DeviceTotal.
Organizations that leverage the integration can achieve 100% risk accuracy and attack vector visibility for every device and site across the entire organization, including all vulnerabilities associated with assets, along with actionable threat mitigation recommendations. They can also benefit from the ability to forecast the impact of potential changes to the IT infrastructure on their overall security posture, and use that information to make informed decisions about IT investments.
"Clients who take advantage of the Lansweeper API to upload IT asset data into DeviceTotal reduce operational overhead while gaining access to the benefits of both solutions," Falzon said. "Not only do they simplify and improve the process of creating and maintaining a complete and accurate IT asset inventory, but they can also rest assured that DeviceTotal is proactively preparing for and mitigating potential cybersecurity threats across their entire IT estate."
Falzon added that setting up the integration with Lansweeper was easy and the support from the Lansweeper team, unmatched. "Lansweeper is the leader in the field of asset management, and our solutions are highly complementary," he said. "Through our partnership, mutual customers can benefit from total risk assessment instantaneously, and start strengthening their security posture from day one."
- Leverage complete and accurate IT asset data 100% risk accuracy and attack vector visibility
- Reduce operational overhead by eliminating manual, error-prone data entry
- Proactively mitigate potential cybersecurity threats for current and future connected devices
- Gain insight into the potential impact of infrastructure changes to inform decision-making around IT investments