HCL is pleased to announce the availability of the preview of BigFix CyberFOCUS Analytics 1.0 for BigFix Remediate, BigFix Lifecycle and BigFix Compliance.  

What Problems Does BigFix CyberFOCUS Analytics Target?  

The BigFix CyberFOCUS Analytics solution is designed to impact big unresolved problems that are the intersection of SecOps, ITOps and the C-Suite.  

  • The CEO is responsible for managing cyber risk, but how do you do that by making business decisions?  
  • SecOps is constantly learning about new threats that are targeting the organization, but it’s hard to partner up with ITOps to stop the threats.  
  • ITOps knows that SecOps has a bunch of priorities, but they can’t easily analyze what’s going on, or track progress, or partner with SecOps.  

What Is BigFix CyberFOCUS Analytics?

It is a way to help SecOps and ITOps team up to remediate vulnerabilities more efficiently: 

The BigFix CyberFOCUS Analytics solution is a unified set of analytics, built into the BigFix Vulnerability Remediation Solution, that takes BigFix-unique information and data (e.g., whether security patches were applied, if patch content is available), and combines it with threat information so that SecOps and ITOps have a novel way to collaborate and align together when proactively protecting against adversarial threats. It is designed to help SecOps and ITOps to reduce the friction between the two teams by answering questions for threats that are time urgent, based on information that only BigFix knows. For example, the CVE Remediation Simulator in CyberFOCUS Analytics tells you which CVEs have the highest value and LEAST BUSINESS DISRUPTION for the effort in remediating a group of CVEs that are ALL considered “Critical” to patch against a threat. This helps SecOps and ITOps to team up on game plans against adversarial threats.   

It is a way to help SecOps and ITOps and the CEO team up to manage cyber risk based on business decisions:  

The BigFix CyberFOCUS Analytics solution also helps SecOps and ITOps to work together, empowering them to maintain revenue flow and operational resilience and stay within the cyber risk tolerance for protection defined by the CEO and the Board. It also provides Protection Level Agreements that:

  • Links business goals and cyber risk, measuring them based on exploitable vulnerability exposure time.  
  • Is based on tools and processes that can be controlled by remediation processes and BigFix automation.  
  • Provides automated high-quality metrics and analysis that can be trended.

What Does BigFix CyberFOCUS Analytics Comprise?

 It comprises three new sets of analytics:  

    1. Advanced Persistent Threat CVE Analyzer confirms priority exposures to CVEs known to be used by MITRE ATT&CK Groups based on whether BigFix patched the CVEs; includes the CVE Remediation Simulator to do instant, real-time ‘what if’ analysis of changes in your vulnerability attack surface to prescribe remediations having the most protective power with the least effort; and correlates the BigFix Patch Content needed and the unpatched devices regarding the CVEs in question to provide immediate protection.  
    2. CISA KEVs Exposure Analyzer confirms priority exposures to CVEs in CISA’s Known Exploited Vulnerabilities Catalog based on whether BigFix patched the CVEs, compares your environment to the CISA-directed due dates for the CVEs and your performance against those due dates, provides information on a number of devices exposed and device vulnerability density, and correlates the BigFix Patch Content needed and the unpatched devices regarding the CVEs in question. 
    3. Protection Level Agreement Analyzer confirms performance against measurable cyber risk control points in reducing exploitable vulnerability exposure time that clearly link to business goals.

How Do I Get BigFix CyberFOCUS Analytics?  

The BigFix CyberFOCUS Analytics solution is available for all customers who have entitlements for BigFix Remediate, BigFix Lifecycle and BigFix Compliance, and will be generally available in December 2022.

How Do I Get More Information?

Learn more by visiting BigFix CyberFOCUS

Comment wrap
Further Reading
article-img
Automation | November 7, 2022
The 100% Secure Computers: FOCUS on Business Management of Cyber Risk
BigFix's FOCUS concepts provide a guide about how your organization strategizes about how cybersecurity and empowers you to find and implement controls that balance the needs of business and security simultaneously.
article-img
Automation | November 7, 2022
Viewing Endpoint Management Through a Security Lens
On November 8th, the HCL BigFix team launched some of the most innovative security-related capabilities in our history.
article-img
Automation | November 1, 2022
New OpenSSL V3 Vulnerabilities Are Exploitable – Act Now
The  OpenSSL V3 Vulnerabilities project announced details of vulnerabilities that exist in versions of the OpenSSL software versions earlier than version 3.0.7. They have released OpenSSL Version 3.0.7 to address these security vulnerabilities. BigFix can address and speed vulnerability remediation.
Close
Filters result by
Sort:
|