HCL BigFix CyberFOCUS Analytics
Supercharging IT Operations to Secure the Enterprise
BigFix CyberFOCUS Analytics is a new capability designed to help IT Operations team discover, prioritize, and patch critical vulnerabilities and reduce cybersecurity risk in real time.
Unlike siloed processes based on disparate teams and tools, BigFix delivers a single, integrated solution that eliminates the inefficiencies in passing data from multiple tools to the different teams who are responsible for enterprise security.
BigFix CyberFOCUS Analytics are included with BigFix Lifecycle, BigFix Compliance, and BigFix Remediate. By leveraging endpoint information that only BigFix knows, BigFix CyberFOCUS Analytics provides the ability to simulate vulnerability remediations, to define and manage Protection Level Agreements (PLAs), and analyze CISA Known Exploited Vulnerability exposures.
Advanced Persistent Threat Mapping and a Vulnerability Remediation Simulator
The Vulnerability Remediation Simulator displays your vulnerabilities grouped by today’s more critical Advanced Persistent Threat families. Here, you can simulate the impact on your attack surface while minimize downtown time caused by patching actions. As an example, let’s assume the BigFix administrator wants to limit the exposure to Cobalt and Equation APT groups. The administrator can use CyberFocus Analytics to simulate the impact of remediating associated CVEs.
In the reports below, the administrator wants to understand how remediating CVE-2021-28655 will affect the APT exposure across the organization.
APT Exposure BEFORE remediation
Simulated Exposure AFTER remediation
Define and Manage your Protection Level Agreements (PLAs)
BigFix CyberFOCUS analytics introduces a new concept we call the Protection Level Agreement. These are a set of baselines that combine asset criticality, CVE criticality, desired patch levels, and compliance standards against agreed-to organizational service levels.
Protection Level Agreements (PLAs) are defined by IT and based upon business objectives.
Once operational, the PLA report shows remediation performance against the asset groups. Green bars denote meeting set goals; red bars denote missed targets.
BigFix CISA Known Exploited Vulnerability Exposure Analyzer
Another innovation is the BigFix CISA Known Exploited Vulnerability Exposure Analyzer, which maps your vulnerabilities to the constantly updated CISA Known Exploited Vulnerabilities list which defines the most critical threats in the world.
Using the report below, IT Operations can not only identify the most urgent and significant security gaps but can also easily ascertain which assets have the highest exposure across multiple dimensions including time. The largest circle represents the highest exposure across multiple dimensions including time and have not been remediated before the due date specified by CISA.
In report below, that critical vulnerability has been remediated and no longer appears on the graph.
Summary
With BigFix CyberFOCUS Analytics, IT operations can for the first time simulate the business impact of Vulnerabity Remediation while getting ahead of the biggest threats. They can also take a more active role in enterprise security by defining and measuring their performance in protecting the organization.
Benefits
Minimize business interruptions by simulating the impact of remediating specific vulnerabilities on the enterprise attack surface.
Use Protection Level Agreements to define and measure remediation efforts against agree-to targets defined by business stakeholders and IT Operations.
Prioritize remediation efforts by visualizing the magnitude of the attack surface against your PLA to address underlying vulnerabilities with respect to time.
