BigFix CyberFOCUS Analytics is a new capability designed to help IT Operations team discover, prioritize, and patch critical vulnerabilities and reduce cybersecurity risk in real time.
Unlike siloed processes based on disparate teams and tools, BigFix delivers a single, integrated solution that eliminates the inefficiencies in passing data from multiple tools to the different teams who are responsible for enterprise security.
BigFix CyberFOCUS Analytics are included with BigFix Lifecycle, BigFix Compliance, and BigFix Remediate. By leveraging endpoint information that only BigFix knows, BigFix CyberFOCUS Analytics provides the ability to simulate vulnerability remediations, to define and manage Protection Level Agreements (PLAs), and analyze CISA Known Exploited Vulnerability exposures.
Advanced Persistent Threat Mapping and a Vulnerability Remediation Simulator
The Vulnerability Remediation Simulator displays your vulnerabilities grouped by today’s more critical Advanced Persistent Threat families. Here, you can simulate the impact on your attack surface while minimize downtown time caused by patching actions. As an example, let’s assume the BigFix administrator wants to limit the exposure to Cobalt and Equation APT groups. The administrator can use CyberFocus Analytics to simulate the impact of remediating associated CVEs.
In the reports below, the administrator wants to understand how remediating CVE-2021-28655 will affect the APT exposure across the organization.
APT Exposure BEFORE remediation
Simulated Exposure AFTER remediation
Define and Manage your Protection Level Agreements (PLAs)
BigFix CyberFOCUS analytics introduces a new concept we call the Protection Level Agreement. These are a set of baselines that combine asset criticality, CVE criticality, desired patch levels, and compliance standards against agreed-to organizational service levels.
Protection Level Agreements (PLAs) are defined by IT and based upon business objectives.
Once operational, the PLA report shows remediation performance against the asset groups. Green bars denote meeting set goals; red bars denote missed targets.