CanSecure is a risk management approach for continuous cybersecurity monitoring. CanSecure, utilized in conjunction with Cognoscenti, creates a baseline and Current System State (CSS) model to identify changes in an organization’s security posture. It conforms to the National Institute of Standards and Technology (NIST) Interagency Report 7756.
Baseline settings can be “enforced.” An enforced baseline value ensures that when system components, or data associated with those components, changes, it is immediately flagged, alerting to a system/component deviation from the baseline. When this occurs, the components being enforced are restored to the baseline state, ensuring applications are run under a known accepted state. Unauthorized software is removed, ports are turned off or on, and operational configurations are maintained according to expected standards.
CanSecure’s open- and closed-source applications are leveraged for penetration testing to ensure non-vulnerability of systems running on the network.
CanSecure uses White Hat methods. Test attacks are delivered both internally and externally to the running device. The software will identify what penetration tests are needed and aid the set up and running of these required tests.
In accordance with DHS guidelines and NIST standards for risk management (NIST Special Publication 800-37), CanSecure provides the final link in Continuous Asset Evaluation, Situational Awareness, and Risk Scoring (CAESARS) Architecture, as documented in DHS-MP100146.
CanSecure determines the actual state of IT assets, identifies gaps between the original baseline or CSS, with the desired baseline, assesses gap risk, provides scoring reflecting aggregate risk, and provides management reports and dashboards to make critical decisions concerning vulnerabilities, mitigation strategies, and asset and configuration management.
CanSecure has a setting up/configuration time-saving advantage. Once the network segment(s) are entered into the configuration and the scan frequency, Phen takes over.
Configuration time is about 30 seconds.
The scanning is initially setup by Phen (IP, ports, scheduling, intensity). As new systems enter the network and outdated systems leave, Phen is automatically adjusting the scanning software. As a system adopts new services or removes services, Phen is handling the adjustments to the scanning software and identifying/reporting any existing system anomalies.
This identifies/pinpoints vulnerabilities, and provides the capabilities to solve any and all problems.