• Book Demo

Security Intelligence for Government Organizations

Security Intelligence Helps Government Agencies Think Ahead About Vulnerability Management

Vulnerability management challenges in government environments

The need to protect highly sensitive data against increasingly sophisticated advanced persistent threats necessitates that government entities remain at forefront of IT security. However, key challenges persist in government IT security environments, including:

  • Compliance – The Federal Information Security Management Act (FISMA) and National Institute of Standards and Technology (NIST) provide critical guidance, and recent revisions on security controls and risk assessment acknowledge the evolving threat environment.
  • Disparate organizations – Agencies siloed by mission or function can spur “not my issue” attitudes and obscure an overall risk picture.
  • Mobility and transparency – Mobile employees, demands for new services, and government focus on transparency in daily operations have inadvertently opened doors for sophisticated advanced persistent threats.
  • Reactive approaches – Reactive security architecture that simply monitors and defends isn’t enough. This approach tends to provide volumes of data with little real security insight to enable preemptive action against threats.

Try our unique ROI Calculator to see how your organization can save costs across the board with CORE. 


 

Continuous Monitoring: Proactive Vulnerability Management

CORE Security solutions for predictive security intelligence enable government agencies to meet and exceed many of NIST’s recommendations for Information Security Continuous Monitoring. CORE customers conduct regular, safe, and controlled assessments across a wide range of threats vectors and gain insight regarding operational security posture. With SCAP (1.0, Rev 2) reporting, agencies can provide proof to auditors, Cyber Scope and others of their adherence to the letter and spirit of NIST guidance. 

  • NIST SP 800-137: Information Security Continuous Monitoring for Federal Information Systems and Organizations
  • NIST SP 800-39: Guide for Applying the Risk Management Framework to Federal Information Systems
  • NIST SP 800-53: Recommended Security Controls for Federal Information Systems and Organizations

 


NIST SP 800-137: Information Security Continuous Monitoring for Federal Information Systems and Organization Guidelines

What the Guidance Says: How CORE Predictive Security Intelligence Solutions Can Help:

Ongoing assessment of security controls…with assessment frequencies based on an organization-wide continuous monitoring strategy. NIST Special Publication 800-137, page 10

 According to NIST, continuous testing is the best way to “ensure ongoing situational awareness ... and gain ongoing knowledge of associated threats and vulnerabilities.

  • Assess IPS/IDS, firewalls and other defenses against real-world attack techniques
  • Dynamically reveal paths that attackers would use to access sensitive assets
  • Continuously assess changing infrastructure and proactively identify weaknesses

Configuration and change management control processes for organizational information systems, throughout their SDLCs. NIST Special Publication 800-137, page 10

Reduce security testing effort + configuration and change management costs. Know where to act and ensure focus on addressing proven issues -- not security logs or false positives

  • Scale to repeatedly test environments with large numbers of targets
  • Ensure that defensive technologies are configured to protect against current threats
  • Dynamically test custom and COTS applications using the same techniques as attackers

Security impact analyses (SIA) on changes to organizational information systems and their environments of operation for any adverse security impact to systems, mission/business and/or organizational functions which said systems support. NIST Special Publication 800-137, page 10

Get true security assessments and predict the downstream impact of threats

  • Test continuously to assess changing infrastructure against the latest threats
  • Dynamically reveal paths that attackers and malicious insiders could use to access sensitive assets
  • Assess critical systems and deliver proactive threat alerts of downstream impacts

Security status reporting to organizational officials designed to enable data-driven risk mitigation decisions with minimal response times and acceptable data latencies. Considerations include organization relevant threat data. NIST Special Publication 800-137, page 10

Pinpoint and validate the actual risk. Make better and smarter remediation decisions and communicate security standing over time

  • Assimilate multiple data sources (e.g., network and web scanners) to validate potential threats as real
  • Deliver data using terminology specific to your locations, mandates, data types, etc.
  • Benchmark and track security posture over time


NIST SP 800-39, Revision 1: Guide for Applying the Risk Management Framework to Federal Information Systems Guidelines

What the Guidance Says: How CORE Predictive Security Intelligence Solutions Can Help:
Risk AssessmentAssessing risk within the context of the overall risk strategy. Entities need to determine:

 

    • Threats to organizations
    • Internal and external vulnerabilities
    • Harm/impact assessment
    • Likelihood

Risk Tolerance
Get relevant information to make credible, risk-based decisions for your core missions and business functions.

Risk Framing Input
Gather inputs on threat sources and vulnerabilities including hostile, cyber and physical attacks as well as approaches in determining exploitable weaknesses or deficiencies in hardware, software or firmware components.

By traversing exploitable weaknesses throughout your environment, CORE Security solutions can reveal the precise risk to systems, databases and data types that you deem as “critical,” thereby helping you lower your risk profile

  • Continuously assess the security of assets as new attack techniques surface, as new vulnerabilities are discovered, and infrastructure changes
  • Test the internal and external relationships between inter-connected IT systems
  • Determine remediation priorities to ensure that security improvements are aimed at addressing the most critical, true risks


NIST SP 800-53, Revision 4: Security and Privacy Controls for Federal Information Systems and Organizations Guidelines

CORE Security Vulnerability Management Solution for Government
RA-5 (9) Vulnerability Scanning/Penetration Testing and Analyses CORE solutions are defined controls that meet NIST specifications for “malicious user testing, penetrating testing and other forms of security testing.”

 

CORE Insight Enterprise continuously replicates threats while seeking to compromise defined business assets through web, network and client-side channels. CORE Insight helps security executives to benchmark and measure enterprise-wide security posture, verify actual business risks, and validate mandated security controls.

CORE Impact Pro replicates attacks across web applications, network systems, endpoints, email users Wi-Fi networks, and network devices. Impact offers the largest library of commercial-grade exploits available, plus a full complement of pre- and post-exploitation capabilities.

RA- 5 (10) Correlate Scanning Information from scan tools to determine presence of multi-vulnerability and multi-hop attack vectors

Reduce security testing effort + configuration and change management costs. Know where to act and ensure focus on addressing proven issues -- not security logs or false positives.

 

CORE solutions integrate with the most widely-used network and web vulnerability scanners, allowing you to import scan results and run exploits to test identified vulnerabilities.

CORE solutions also enable you to automate multi-stage or multi-hop pivot attacks, revealing how chains of exploitable vulnerabilities across multiple threat vectors can open paths to your organizations mission-critical systems and data.

Next Steps

Request Info

SHARE