Forescout unveiled Risk and Exposure Management, its cloud-native product designed to collate all data sources associated with an enterprise’s connected assets and calculate a unique multifactor risk score for each asset. The solution is designed to offer a more intuitive and quantitative approach to risk prioritization.

Enterprises are growing more vulnerable to attack due to new technology and business dynamics, according to Forescout. Security teams realize that existing approaches to cyber asset management can’t effectively scale to meet the diversity of asset types or track configuration and risk posture changes for their assets, making it exceedingly more difficult to conduct expeditiously any incident analysis.

The new Risk and Exposure Management solution addresses the challenge of security by tracking the changes to posture on a unique status-over-time view for every individual asset and enables security teams to act on intuitive cyber risk intelligence, through security workflow automation driven by the Forescout Platform.

According to the analysts at Forrester, CISOs are readily seeking new approaches to attack surface management that not only better support their teams, but also prove to their boards how they’re reducing risk exposure based on the effectiveness of their security investments.

“Enterprises require a simplified way to maintain both real-time and persistent asset intelligence for every asset – managed or unmanaged, physical or virtual, including OT/ICS, IoT devices and specialty subsets such as medical devices,” said Barry Mainz, Forescout CEO and president. “We’ve invested heavily in the Forescout Platform, and the enhancements we are making with the availability of Forescout Risk and Exposure Management provide that intelligence to help security teams effectively prove a reduction in risk posture of their enterprises’ evolving attack surfaces.”

Use cases and benefits of Forescout Risk and Exposure Management include:

  • Cybersecurity Asset Management: Discover and classify every device across any environment (90 days retention) to help IT security teams leverage asset context and status trends to streamline their operations.
  • Persistent Asset Risk Intelligence: Gain situational awareness of cybersecurity risk posture based on exposure from vulnerabilities and misconfiguration with a unique multifactor risk score.
  • Accelerated Incident Response: Leverage historical asset context to aid analysts’ proactive investigation of risks and reactive response to incidents and events to help minimize the blast radius and reduce mean-time-to-resolution (MTTR).
  • Enhanced IoT Security: Leverage high-fidelity IoT classification through non-disruptive, passive discovery techniques for deployment flexibility, with real-time identification of xIoT vulnerabilities to help security teams understand the attack surface and prioritize response actions.
  • Enhanced Medical Device Security: Clear and concise risk assessment of each connected medical device based on known exposures, attack potential and operational criticality, with insights into FDA class and recall status, to help ensure security without impacting patient care.

According to Forescout, leveraging this product’s capabilities, enterprises can feasibly obtain comprehensive asset intelligence and build a solid foundation for cyber asset attack surface management.