CAULDRON provides the user with visualizations of its analysis results. It is quite simple to use and installs in a couple of minutes. Once installed, feed your vulnerability scans into CAULDRON to visualize what is truly exploitable. It gives the user information about attack paths, vulnerabilities, and exploits used, as well as recommendations for how network security can be effectively improved with minimal addition of security mechanisms. It is currently being used in federal agencies to evaluate performance and perform vulnerability analysis.
A
recent addition to CAULDRON that makes the solution even more valuable is the
ability to feed firewall rules into the tool.
CAULDRON can then be used as an electronic or virtual sand table where
rules can be changed in the feeds to role-play/scenario review the impact of
these changes on attack paths and vulnerabilities.
It is a fantastic tool that can be used in the change management cycle
prior to any testing to validate and determine impact of rule changes on the
environment. It is quite a game
changer that saves a significant amount of time.
It is truly a risk-based toolset in that you can see what is exploitable
and focus your valuable resources in a timely manner.
No more wondering what is exploitable.
No more trying to patch and reconfigure everything since there are blind threats
and vulnerabilities. I can now
proactively predict the attack vectors.
Once the attack model (network and potential exploits) is defined, CAULDRON generates an attack graph for a given user-defined attack scenario. The scenario may define particular starting and/or ending points for the attack, so that the graph is constrained to lie between them, or may be completely unconstrained (all possible starting and ending points).
Attack graphs can also guide the placement of intrusion detection/prevention sensors, correlate intrusion alarms, handle missed alarms, and filter false alarms. (View the video)
At one customer, an 81-host system with more than 2,300 open Internet ports was analyzed for vulnerabilities. The normal practice would have required engineers to manually interpret vulnerability scan data, find critical attack paths and eliminate critical vulnerabilities. This takes hours and in depth expertise and is much like walking around the neighborhood at night with sunglasses on.
This would have taken weeks to do. CAULDRON found the attack paths, identified the critical exploits, recommended solutions, and helped eliminate 75 percent of the vulnerabilities in a few hours.
Want to learn more? Contact us know for a 30-minute webinar or let us know if we can demonstrate the solution live in your organization.
ISO17799, OCTAVE, CISSP, CISM, Sarbanes Oxley, SOX, CobiT, 27001, ISMS, ISO-27001, ISO 27001, ISO27001, 27005, 27002, GRC, prevention, 17799, proactive, FISMA, defense in depth, arabic, jihadi, cyber jihad, cyber terrorism, holistic security, 201 CMR 17, governance, risk, compliance, Jeff Bardin, Wireless Security, CMM, ITIL, ITSM, Sarbanes Oxley, security awareness, risk, threat, threat matrix, security metrics, ISO1779 training, 21 CFR 11, NSA IAM, BITS, risk management, security in the sdlc, secsdlc, security program, security strategy, business impact analysis, Treadstone 71, bourne, CISM, penetration testing, risk, GRC, detective controls, preventative controls, HIPAA, GLBA, Graham-Leach-Bliley, SAS 70, intrusion detection, interim CISO, interim CIRO, CIRO, CISO, chief security, FFIEC, financial services, trust, continuity, risk assessment, maturity, vulnerability scans, data classification, assessments, disaster recovery, homeland security, security metrics, rosi, roi, training, security posture, threat vulnerability pairs, vulnerability management, security services, information security, risk management, business risk, controls, holistic security, defense in depth, Governance, Risk and Compliance, information risk management