Quick and Powerful Endpoint Compliance

/in , , , /by

Aura tracks endpoint compliance across your many organizational security controls and can quickly identify gaps for remediation.

From the Aura Metrics Compliance view in Aura, we can see all of the metrics that we have built using Aura’s metrics builder. The metrics builder allows you to build metrics tailored to your organizational security controls in just a few minutes.

Metrics Compliance View

Quick and powerful endpoint compliance

As you can see from the screenshot above, we have used the metrics builder to build endpoint compliance metrics for measuring compliance against several common security controls. This includes metrics for Endpoint Protection compliance, Full Disk Encryption compliance, and Vulnerability Scanning Compliance.

This view provides an executive level overview of compliance across all your metrics along with the number of non-compliant assets or endpoints for each, which we call defects.

For example, we can see from the Vulnerability Scanning Server compliance metric, we are at 96% compliance and it looks like our compliance is trending down. We can drill into this metric in more detail to 

Vulnerability Scanning Server Compliance View

The Vulnerability Scanning Server Compliance view will now load and we can see more detail about this particular endpoint compliance metric.

Vulnerability Scanning Server compliance

From the metric opportunities definition, we can see that we are looking for all servers discovered by Aura on the network in the past 15 days and at the top we can see this is 261 servers.

From the metric defects definition, we can see that we are looking for any discovered servers that have never been vulnerability scanned or have been scanned but not in the past 30 days. Then again at the top we can see there are 8 servers that are non-compliant defects. This leaves 253 servers compliant or 96.93% compliant.

This view also includes a timeline over the past 30 days, that tracks the non-compliant servers per day and the overall compliance. This is useful for trending in compliance over time. For example, perhaps you identify that these defect servers are all in a network segment that is not being scanned by your vulnerability scanned and you adjust your scanning policy accordingly to close the gap. You would then be able to track improvement over time.

At the bottom, we can see the list of non-compliant servers or the 9 defects. The columns you wish to display are completely customizable and there are options to set an alert or download the list to share with others, such as your operational person for remediation. 

This is just one metric of many and building your own custom metrics for your organizational endpoint compliance is quick and easy in Aura. 

If you would like to find out more about endpoint compliance and Aura Asset Intelligence, or to get a demo or free trial, please contact us today.

You might also like
Supercharge Splunk Enterprise Security with Aura Asset Intelligence
Accurately Associate Assets and Users to Security EventsAccurately Associate Assets and Users to Security Events
What’s New in Aura Asset Intelligence 3.0
Webinar – Crouching Users, Hidden Assets
Continuous CIS Controls Reporting
enterprise asset problemsSolving your Asset Problem is a New Year’s Resolution you can Actually Achieve
Webinar – Know your Unknowns – Strengthen Security with Continuous Asset Discovery for Splunk
Aura for Splunk Enterprise SecuritySplunk Enterprise Security & Aura Asset Intelligence: The Perfect Splunk Cybersecurity Pairing