System Management & Security

System Management & Security can be a struggle. What hardware is there, what IoT devices are connected, what are the proper calibration settings and /or software versions, and more importantly – which go undetected? From malicious software to old devices, keep your system up to date.

Our Intelligent CyberSecurity Platform™, “ICSP™” for short, is ClearArmor’s cybersecurity software and management framework. It creates a data-driven visual model of your entire IT landscape – it maps out the landscape how it is now and it automatically updates itself as your network changes. ICSP uses innovative processes to provide you with detailed network and system information, at the speed of now. With the ability to evolve as your network and technology evolves, ClearArmor’s Intelligent Discovery Bots™ (InDiBots™) actively monitor the network, creating a network baseline and presenting configuration & utilization information about your real / virtualized network and computing devices – including data flows and interactions – down to the subnet and device level. In today’s environment of BYOD (bring your own device) and IoT (internet of things) there are more pathways into your network, increasing the odds of a breach or hack.

Intrusion Detection

The ClearArmor Intelligent CyberSecurity Platform™ (ICSP™) is available to interface with data acquired from leading Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), and firewalls. By bringing data on events of interest into the ClearArmor ICSP, clients are better empowered to correlate data and continuously improve on a client organizations overall cybersecurity health. The interface to each unique IDS, IPS, and Firewall is facilitated by a BOT configured to speak to that system. To the ClearArmor ICSP these systems information is presented as a source of key CyberSecurity data.

Log Analysis

Log Analysis, SIEM (Security Information and Event Management) provides client organizations with powerful tools to increase understanding of ongoing issues, potential issues, and undesirable events. Allowing these systems to do what they do best, but at the same time bringing in critical information to the ICSP CyberSecurity Intelligence system, the ability to correlate information across systems, data sources, and patterns is facilitated.

System Hardening

The ClearArmor ICSP provides clients with multiple tools to facilitate Audit and Compliance activities. Through continuous monitoring of Audit templates, client organizations can proactively manage and remediate risk and vulnerability exposure specific to systems, software, subnets, locations, and more. Clearly information is presented with respect to vulnerabilities leading to systems that meet organizations system hardening guidelines.

Change Detection

Client Organizations are faced with a need to continuously audit systems. This auditing, whether it be Active Directory, open ports, admin accounts, share drives, and other changes is critical. Early detection of system changes allows for a proactive approach to CyberSecurity.

Patch Management

Whether using client legacy systems or adopting patch management and software distribution methods provided by the ClearArmor ICSP, clients are continuously presented with the current state of their systems, related software, and operating systems. By continuously presenting this data to client organizations, foundational elements of CyberSecurity are promoted.

Vulnerability Scanning

A plethora of vulnerability scanning methods and systems exist. These vulnerability scans range include (but are not limited to Anti Malware, to SCAP (Security Content Automation Protocol), Active Directory configurations, OVAL (Open Vulnerabilities Assessment Language), Web Site Vulnerability Scanners, Software Specific Vulnerability Scanners (IE Database Scanners), PII (Personally Identifiable Information), and many others. By Allowing clients to bring these scanned finding into the ClearArmor ICSP CyberSecurity Intelligence system it is no longer part of an independent silo but instead part of a holistic view into an organizations overall cybersecurity risk.

Malware Scanning

AntiMalware and Endpoint protection software are a ubiquitous part of all organizations IT administration and CyberSecurity teams’ toolsets. Often the information provided by these systems is locked into an independent silo, limited for use to a select few, and with little ability to correlate information across multiple teams and data consumers. By pulling this information into the ClearArmor ICSP CyberSecurity Intelligence System greater understanding of trends, relationships with other data, and current state of a client’s overall CyberSecurity risk is enabled.

Monitoring

Don’t bring a human to a machine fight. By providing client organizations with a tireless set of systems that monitor CyberSecurity in a holistic and correlative manner, data is no longer reviewed after the fact but before negative impacting events occur and as situations evolve. Client organizations monitor all elements of CyberSecurity allowing for an orchestration of events, findings, and recommendations. Compliance and Internal Audit Teams can directly ingest information they need while allowing SOC and administrative teams to ingest their information. All monitored as to who can access what information, and when it was accessed.

Software Distribution

Whether using client legacy systems or adopting patch management and software distribution methods provided by the ClearArmor ICSP, clients are continuously presented with the current state of their systems, related software, and operating systems. By continuously presenting this data to client organizations, foundational elements of CyberSecurity are promoted.

IoT Device Monitoring

IoT means a great many things to a large audience. To CyberSecurity systems it looks like a computing device that communicates on a network. Some IoT devices may communicate back to an internet based service (Nest Thermostat, NetGear Arlo Security Cameras, Ring Doorbell Camera, and others). Some IoT devices come from unique or limited use clients leveraging small Raspberry Pi and similar systems.  More are coming online in the form of Medical and Health related or remote telemetry systems. In the end, anything that can communicate to another system is an IoT device. Sometimes these devices are easily discovered as to kernel, manufacturer, version, use. Other times they are not. ClearArmor corporation identifies devices as they are discovered, and if they are not previously flagged as approved for communicating on your network your designated teams are alerted as to their location an and other information regarding their operation.