A NEXT GENERATION ISO / NIST / CIS COMPLIANT CYBERSECURITY FRAMEWORK THAT ENABLES TOTAL NETWORK SECURITY MANAGEMENT THROUGH A SINGLE PANE OF GLASS

DETECT • MITIGATE • PROTECT

Ready to get started, or want to learn more?

Contact Us!

The ClearArmor Process is Unique

The unique ClearArmor CyberSecurity Process is based upon a defined, structured, and  complete approach to Network Security.  The key to the process is the real-time automated bot-driven collection and analysis of network and endpoint data.  Endpoints include physical and virtual UNIX, Linux, Windows Servers, workstations, printers, routers, switches, IP Phones, IP Devices, cell phones, tablets, and other IT network devices.

The process manages and automates compliance and penetration testing.  It provides real-time analysis and alerts and historical forensic analysis.

The process permits complex hardware and software queries in real-time with no delay against network components.

The process incorporates management and data collection of the following ClearArmor processes through a single pane of glass.

 

  • Asset Inventory
  • Malware Detection
  • Asset Utilization
  • Monitoring
  • Audit and Compliance
  • Network Utilization
  • Automation / Workflows
  • Patch Management
  • Central Database
  • Reporting
  • Change Detection
  • Software Distribution
  • Cloud Solution
  • System Hardening
  • Endpoint Management
  • Threat Alerts (Stix and Taxii)
  • Intrusion Detection / Prevention / Integration
  • Threat Information Sharing
  • IoT Device Monitoring
  • Threat Intelligence
  • ITSM CMDB
  • Vulnerability Scanning
  • Log Analysis / SIEM
  • Wireless Detection

NIST and CIS Compliance

The National Institute of Standards and Technology (NIST) and the Center for Internet Security (CIS) have have established a set of individual controls and recommendations that together significantly bring down the probability of an undetected threat. A CyberSecurity process based on the use of independent stove-piped point solutions will not work.  The Detection, Mitigation, and Protection against network threats cannot be managed by independent, stand alone solutions. The key to identifying and defeating threats is a solution based upon analysis of the required number of individual solutions that work together to identify threats. The ClearArmor Process meets the recommendations of NIST and CIS.

Network Definition

The key to any CyberSecurity process is a clear and precise definition of the network. Without a real-time, current, accurate, and precise defined network infrastructure CyberSecurity is impossible. Without a real-time, current, accurate, and precise defined software inventory both NIST and CIS compliance is also impossible.

The ClearArmor network definition process is based upon over 20 years of experience in the world’s largest and most secure networks – including the Department of Defense (SIPRnet and NIPRnet), secure military networks, global financial institutions, industry communication companies, and cable corporations.

The ClearArmor Process defines millions software applications, security patches, individual files, and network hardware – this data coupled with ClearArmor’s encyclopedia of associated product information provides a total visual data-driven definition of the network. The analysis and management of this data permits the ClearArmor process to meet NIST and CIS compliance requirements.

The ClearArmor Process is real-time, automated, fast, and permits full network data and information analysis. CyberSecurity is based on data analysis. The ClearArmor database provides real-time current data and uniquely provides historical data of all endpoint, server, and network changes – including network operations. ClearArmor provides three distinct real-time query engines one of which is a natural language engine. Query results are returned with no delay and in real-time.

Some of the ClearArmor Product Features are Listed Below: 

CyberSecurity Intelligence

Multiple Data Source Integration

Data Mashups

Alert

Static Reports

Static Dashboards

Dynamic Dashboards

Role Based Intelligence Access

Information Access logging

Automated Report Distribution

CEO Aggregate and Drill Down Dashboards

Compliance Officer Aggregate and Drill Down Dashboards

CISO Aggregate and Drill Down Dashboards

CSOC Aggregate and Drill Down Dashboards

IT Admin Aggregate and Drill Down Dashboards

CyberSecurity Management Daily

Compliance Audit

Automated Compliance Auditing

Landscape Based Audit

Endpoint Category Based Audit

Military Grade Audit Engine

CisCat Scan Engine Interface

CIS Benchmark Consumption

SCAP 1.0-1.2 Compliance Audit Support

Oval 5.3-5.11.1 Compliance Audit Support

XCCDF 1.1.4, 1.2 Compliance Audit Support

CPE 2.3, 2.3 Compliance Audit Support

CCE 5.0 Compliance Audit Support

ARF 1.1 Support

AI 1.0 Support

TMSAD 1.0 Support

HTML Based Reporting

Text Based Reporting

Excel Based Aggregated Reporting

Executive & Technical Dashboard Reporting

Organizational Defined Compliance Thresholds

Native Scan Target Automation

Vulnerability Testing

Landscape Based Scanning

Automated Scanning

Endpoint Category Based Scanning

Military Grade Vulnerability Engine

Automated NVT Feed Updates

Automated SCAP Feed Updates

Aggregated Vulnerability Reporting

Common Vulnerability Enumeration

Distributed Intelligence

Acquisition Bots - ENP

Acquisition Bots - EPM

Acquisition Bots - FLW

Package Distribution Bots - EDA

Package Distribution Bots - EDU

Package Distribution Bots - EPAC

Integration Bots - EPMC

Integration Bots - ESUMC

Integration Bots - EFLWC

Integration Bots - EDS

Core Bots - EAP

Core Bots - EDTC

Core Bots - ECMP

Core Bots - Workflow Manager

Core Bots - EMQS

Extender Bots - AD Bot

Extender Bots - Vulnerability Engine 1 Scanner Bot

Extender Bots - Compliance Engine 1 Scanner Bot

Network

Networked Device Identification

Endpoint Info Acquisition

Endpoint Identity Info Acquisition

Continuous Network Identification

ARP Enumeration

ICMP Enumeration

LAN Manager Enumeration

AD Data Acquisition

HP Openview Enumeration

SCCM Enumeration

DNS Enumeration

Reverse DNS Enumeration

Endpoint Services Enumeration

NetBios Data Acquisition

WMI Data Acquisition

SNMP Data Acquisition

NetServer Data Acquisition

Stand Alone Network Bot Implementation

Distributed NETwork BOT Implementation

Enterprise Network Topographer

End Point

Resident Bot Based Scanning

Unique Hardware Normalization

Zero Footprint Bot Scanning

Hardware Configuration Acquisition

Hardware Manufacturer Identification

Hardware Model Identification

Hardware End of Life Identification / End of Support

Hardware User Identification

UNIX OS Identification

LINUX OS Identification

Windows OS Identification

VWMARE Host Identification

Oracle OVS Host Identification

AIX LPAR Identification

AIX VIOS Identification

NPAR identification

VPAR Identification

Virtual Server Identification

Unified Service Account Reporting

System Baseline Identification / Update

System Baseline Deviation

End of Life / End of Support Identification

Categorization

Landscape based Hardware Categorization

Use Based Hardware Categorization

Endpoint Category Grouping

File Load Watcher

Unauthorized File Execution Termination

Unauthorized File Execution Block

New Process Execution Logging

Black Listing

White Listing

SWID Tag Whitelisting

Sha1 / Sha1 / MD5 File Hash Validation

Allowed Directory Execution Protection

Denied Directory Execution Protection

Whitelisting

Automated Hardware Whitelisting

Assisted Manual Hardware Whitelisting

ID of Newly Identified Hardware

Assisted Software Whitelisting

Non Whitelisted Software Execution Prevention

Server Utilization

CPU Load Monitoring

CPU Core Monitoring

Memory Utilization

Process CPU Allocation Monitoring

Process Memory Allocation Monitoring

I/O Monitoring

I/O Per Process Monitoring

Physical Disk Utilization Monitoring

Network I/O Monitoring

Monitoring

Hardware Utilization

Installed Software Utilization

Threshold Alerting

Server Utilization

Server Monitoring

Threshold Alerts

Grouped Server Monitoring

Services Monitoring

Grouped Services Monitoring

Application Monitoring

Active Directory (AD) BOT

AD Forest Acquisition

AD Tree Acquisition

AD Site Acquisition

AD OU Acquisition

AD Computer Account Acquisition

AD User Account Data Acquisition

AD User Account Monitoring

AD Computer Account Data Acquisition

AD Acomputer Account Monitoring

Group Policy Acquisition

Group Policy Monitoring

AD OU Acquisition

AD OU Membership

AD Security Group Acquisition

AD Security Group Policy

AD Distribution Group Acquisition

AD Locked Accounts Monitoring

AD Key Group Membership Monitoring

AD Security Event Monitoring

Platform

Encrypted Message Queuing

Isolated Network Data Integration

On Premises Implementation Support

SaaS Implementation Support

Centralized Task Management

Workflow Creation and Management

Graphical Workflow Creation

Custom Defined Fields

HRIS Data Integration

Secure File Distribution

Secure Bot and Agent Distribution

Secure Software Distribution

Signed / Encrypted Distribution Package Creation

Data Related

SQL Server Support (Vers 1.0)

PostgreSQL Support (Vers 2.0)

Robust Mesg. Queue Functions

Workflow Driven Processes

Secure Data Query Repository


YOU CAN'T SECURE WHAT YOU CAN'T SEE


You need to define the network before you can secure it.

Learn More

DON’T BRING A HUMAN TO A MACHINE FIGHT

Criminals use bots and automation to attack your network. An automated, bot-driven security infrastructure is the only effective response.

Learn More

BE PROACTIVE, NOT REACTIVE


Cybersecurity requires rapid responses and aggressive threat detection.

Learn More

IMMEDIATE DATA ACCESS & ANALYSIS


Current status and past history at your fingertips for enhanced analysis.

Learn More

ClearArmor’s Cyber Governance Framework and Intelligent CyberSecurity Platform (ICSP) acquires the data granularity necessary to drive the other aspects of your CyberSecurity program. Discover your network, not just that devices exist, but also comprehensive data about the devices. Over 47,000 types of hardware discovered – Over 650,000 distinct software packages discovered – Visibility into all subnets and independent networks – Normalization of discovered data. ClearArmor’s Cyber Governance Framework then uses this data to run against a multitude of industry standards, regulations, and controls to produce audit reports and compliance documentation.

Stay Updated

Join our mailing list to get updates, news & events, free resources, and best practices so you can keep your network secure.