Challenges
Without the continuous asset discovery and intelligence provided by Aura, a large biopharmaceutical was dealing with incomplete and inaccurate asset inventory, increasing the risk of assets being unprotected, and significantly slowing security investigations.
Results
Aura has provided the company with accurate, complete, and continuously updating asset inventory, delivering real-time insights into security control compliance, and allowing the cybersecurity team to perform faster and more thorough security investigations.
Millions of Assets Across Multiple Sites and Countries
The company is a research-based, global biopharmaceutical who discovers, develops and manufactures medicines and vaccines, they generate several billions in annual revenue, have over 30 manufacturing sites worldwide and employ over 50,000 people.
Understandably, a company of this size and global presence has a large network footprint and a lot of IT assets. It is critical for their cybersecurity team to have complete and accurate security visibility across all network assets, know who is using them and when, and ensure they are adequately protected.
The cybersecurity team faced three key challenges that were solved using Aura Asset Intelligence:
-
- Incomplete and inaccurate asset inventory.
- Trouble attributing assets to IPs during security investigations.
- Difficulty measuring compliance against several security controls.
Assets discovered to date, along with 300,000 discovered identities.
Minimum amount saved by increasing return from existing systems and directing staff focus.
Cumulative days saved during security investigations from added asset context and intelligence
Accurate and Complete Inventory
With Aura, the company has access to a continually updating inventory of assets and identities, that are accurate and complete, and keeps track of all changes over time. Before Aura, there were multiple sources of record depending on asset type, such as a CMDB for server/workstation asset management and other systems for mobile assets. However, many assets were found to be missing or entered in these systems incorrectly. The complete inventory provided by Aura has provided a much-needed source of truth, bringing together these different sources, helping to discover previously unknown assets, and delivering context and enrichment for key cybersecurity activities.
“Aura has become a foundational solution, that we use as a basis for many activities in cybersecurity”
Director, Cybersecurity Solutions
Instant Attribution During Investigations
With Aura, the company can quickly find out the who, what and when during security investigations. Before Aura, the ability to accurately attribute IP addresses to assets and identities was a manual process, working with multiple data sources. The attribution capability offered by Aura helps the team save hours of effort and to drive more complete and thorough investigations.
“Aura helps us to quickly identify machines and for incident responders to better triage and investigate”
Director, Cybersecurity Solutions
Real-time Compliance Against Security Controls
With Aura, the company utilizes the built-in metrics framework to report on real-time compliance against several security controls. Before Aura, answering questions such as whether an asset is running AV or is fully encrypted was a challenge, involving a large amount of data engineering and manual verification effort. Aura quickly identifies gaps across many different security controls and provides the team with real-time security visibility into new endpoint- based security initiatives.
“Aura allows us to flag critical manufacturing sites and alert when endpoint tools go stale”
Director, Cybersecurity Solutions
Aura Asset Intelligence runs on Splunk. If you would like to find out more or to get a demo or free trial, please contact us us today.