The Cybersecurity and Infrastructure Security Agency (CISA) has recently issued Binding Operational Directive (BOD) 23-01, to make measurable progress toward enhancing visibility into agency assets and associated vulnerabilities. In this post, we outline the requirements of this directive and explain how Aura Asset Intelligence helps to not only meet, but exceed these requirements.
This directive applies to all Federal Civilian Executive Branch (FCEB) Agencies and focusses on two core activities essential to improving operational visibility for a successful cybersecurity program: asset discovery and vulnerability enumeration. The goal is to achieve the following outcomes:
- Maintain an up-to-date inventory of networked assets
- Identify software vulnerabilities
- Track asset enumeration, asset coverage and currentness of vulnerability signatures
- Provide asset and vulnerability information to CISA’s CDM Federal Dashboard
Continuous and comprehensive asset visibility is a basic pre-condition for any organization to effectively manage cybersecurity riskSource: Cybersecurity and Infrastructure Security Agency (CISA)
The continuous asset discovery and vulnerability compliance capabilities provided by Aura Asset Intelligence help to ensure all of these goals can be met with ease.
Use Aura to Meet the BOD 23-01 Required Actions
All FCEB agencies are required to take the following actions on all federal information systems in scope of this directive. Let’s identify how Aura helps to meet or exceed each of these required actions.
Perform automated asset discovery every 7 days
- Aura discovers all assets on the network on a continuous basis, along with a full history of asset activity over time. Aura records all associated IP addresses, hostnames, users, mac addresses and more.
Initiate vulnerability enumeration across all discovered assets every 14 days
- Aura provides real-time visibility into the completeness of vulnerability enumeration across all discovered assets.
Initiate automated ingestion of vulnerability enumeration results
- Aura works alongside your vulnerability solutions to provide much needed asset context and vulnerability coverage insights and integrates with your external systems.
Develop and maintain operational capability to initiate on-demand asset discovery
- Aura exceeds this requirement by continually discovering all assets on the network and provides an on-demand interface for performing instant asset investigations.
Deploy Aura to Beat the Deadline
The deadline for meeting the required actions above is April 3, 2023, which is less than six months away. Fortunately, Aura Asset Intelligence can be deployed and configured within your Splunk environment in just days, not months. In addition, Aura is approved for US Government agency use and sourcing. Contact us today for more information or a demo.