In a recently released Cybersecurity Advisory, the National Security Agency (NSA) and Cybersecurity and Infrastructure Security Agency (CISA) highlighted the most common cybersecurity misconfigurations in large organizations identified through blue team and red team assessments. The advisory stated that these misconfigurations illustrate systemic weakness in many large organizations, including those with mature cyber postures.

The advisory called on both organizations and software developers to take actions that will prevent malicious actors from taking advantage of these vulnerabilities. Organizations are advised to take steps such as:

While the guidance is straightforward, compliance is not. The complexity of modern enterprises makes implementing the recommendations extremely difficult to achieve. Networks are constantly being updated, configurations are being changed, and new equipment and software are being added by teams of engineers. For most organizations, there is not a single source of truth covering network topology, configuration, and behavior. Without a single source of truth, determining what needs to happen to embrace the guidance from CISA and NSA is virtually impossible.

The Forward Networks digital twin creates a mathematical model of the network covering the configuration, connectivity, and behavior of every device, making it possible to search the network like a database and set policy checks that ensure compliance.  

Forward Networks can prevent 5 of the 10 common misconfigurations identified by CISA and NSA:

  1. Default configurations of software and applications
  2. Improper separation of user/administrator privilege
  3. Insufficient internal network monitoring
  4. Lack of network segmentation
  5. Poor patch management
  6. Bypass of system access controls
  7. Weak or misconfigured multifactor authentication (MFA) methods
  8. Insufficient access control lists (ACLs) on network shares and services
  9. Poor credential hygiene
  10. Unrestricted code execution

For more information on how the platform helps engineers prevent these misconfigurations, please read our solution guide.

Trying to convince SecOps teams they need more data is like trying to convince a drowning person they need more water. SecOps teams are so overwhelmed they can’t even respond to 67% of the alerts they receive. On average, SecOps teams receive 4,484 alerts per day and spend over three hours per day manually triaging the alerts, costing $3.3 billion annually in the US alone. (Source: Vectra 2023 State of Threat Detection)

The problem is that the high-volume of data they are receiving lacks context. When you receive over 20,000 CVE announcements and over 1.5 million alerts, you do not need more data; what you need is actionable, timely data that provides context and a path for remediation.

Forward Enterprise is integrated with the NIST database and endpoint scanning solutions, Rapid7 and Tenable. This integration provides security teams a prioritized remediation report of the vulnerabilities that exist in their network ranked by exposure.

Join our co-founder, Nikhil Handigol on Thursday, August 24th at 2:00 p.m. EDT/11:00 a.m. PDT to see this in action.

During a live technical session, Nikhil will demonstrate our Tenable integration and highlight how the solution delivers complete attack surface visibility, empowering SecOps to proactively identify impacted hosts with critical vulnerabilities accessible from the Internet or other critical exposure points in seconds.

You’ll see how the integration with Tenable delivers an actionable exposed host report that incudes:

Most importantly, Nikhil will demonstrate how a mathematical model of the network helps make the plethora of network vulnerability data actionable.

Register for your seat now. [If you miss the live session, it will be immediately available on-demand via that same link.]

Top cross