Browse Fenix24 Reviews

Cyber asset attack surface management (CAASM) is focused on enabling security teams to overcome asset visibility and exposure challenges. It enables organizations to see all assets (internal and external), primarily through API integrations with existing tools, query consolidated data, identify the scope of vulnerabilities and gaps in security controls. These tools then continuously monitor and analyze detected vulnerabilities to drill down the most critical threats to the business and prioritize necessary remediation and mitigation actions for improved cyber security.

• Argos99
  4.6

  9 Reviews

External attack surface management (EASM) refers to the processes, technology and professional services deployed to discover internet-facing enterprise assets and systems and exposures that could be exploited by malicious threat actors. EASM is useful in identifying unknown assets and providing information about the organization’s systems, cloud services and applications that are available and visible in the public domain and therefore can be exploited by an attacker/adversary. This visibility can also be extended to the organization’s subsidiaries or third parties. EASM are most commonly cloud-based products and services but can also be delivered ‘as a service’. EASM appeals to security operations functions involved with penetration testing, vulnerability management and threat hunting who want better visibility of their internet-facing assets to complement their threat and exposure management program.

• Argos99
  4.2

  6 Reviews

Security information and event management (SIEM) is a configurable system of record that collects, aggregates and analyzes security event data from on-premises and cloud environments. SIEM processes security event data for the purposes of threat detection, investigation and response. It natively supports data normalization and offers user-configurable detection content and reporting to orchestrate threat mitigation and satisfy compliance requirements. These solutions are delivered via a SaaS platform or client-hosted on-premises or private cloud. The security information and event management (SIEM) system must assist with: 1. Aggregating and normalizing data from various IT and operational technology (OT) environments. 2. Designing and executing near real-time monitoring and alerting content. 3. Enriching and investigating security events of interest. 4. Supporting manual and automated response actions. 5. Maintaining and reporting on current and historical event data.

• Argos99
  4.0

  1 Review

Security orchestration, automation and response (SOAR) solutions combine incident response, orchestration and automation, and threat intelligence (TI) management capabilities in a single platform. SOAR tools are also used to document and implement processes (aka playbooks, workflows and processes); support security incident management; and apply machine-based assistance to human security analysts and operators. SOAR solutions must provide: - Highly customizable workflow process management that enables repeatable automated tasks to be turned into playbooks that run in isolation or joined together into more sophisticated workflows. - The ability to store (locally or in a third-party system) incident management data to support SecOps investigations. - Manually instigated and automated triggers that augment human security analyst operators to carry out operational tasks consistently. - A mechanism to collate and better operationalize the use of threat intelligence. - Support for a broad range of existing security technologies that supports improved analyst efficiency and acts as an abstraction layer between the desired outcomes and the custom-made set of solutions in place in your environment.

• Argos99
  5.0

  1 Review