Asimily Solutions for the Public Sector

Deny easy attack vectors and reclaim time with centralized and easy IoT Patching. Patching can be done in bulk, manually, scheduled, or fully automated. In each case, Asimily automates the steps of a manual download and upgrade using tested, manufacturer-supported processes and binaries. This is targeted at devices that can be safely, remotely upgraded, such as printers, security cameras, and networking equipment.

Targeted Attack Prevention offers the simplest possible fix to nullify a potential exploit. These 180+ techniques selected by Asimily Labs and Asimily's patented software stack allow customers to get the most efficient fix possible that still allows the device to operate. These are contextual to the environment and derived from the Attack Vector Analysis.

For any security vulnerability that can be addressed by creating a security enclave for that device, Asimily can create well-tailored, segmentation, or micro-segmentation policies to incorporate into your network infrastructure. These policies can be created by grouping any combination of devices in the network.

Asimily creates a record of each device with as much detail as possible, removing duplicates and using multiple sources to enrich each device's record. The result is a source of truth about devices that can be used for vulnerability prioritization, risk mitigation, and other protective services. Information gathering starts with passive network monitoring for maximum safety, though additional optional active scans and integrations with other systems like DHCP, Vulnerability Scanners, and others can lead to a richer inventory.

Asimily analyzes not only each networked device, but also its traffic across the network. This helps determine allowable patterns of safe behavior and makes adversary-created traffic (malware) more detectable. Network traffic is presented visually and in other forms to gain quick insights into specific devices and their behavior.

For medical devices, Asimily can detect the usage patterns for devices with high detail. For example, for imaging devices, Asimily can track the nature of scans done and the time when the scans were done. This helps with operational planning, capital expenditures (CapEx), fleet management, and orderly decommissioning of older devices. In addition, across all devices, Asimily can track when it was on or off, utilization across the day, and other key information.

For recalls as announced by the FDA or other similar groups, Asimily will keep track of them and alert you if a recall advisory is present for the device that is in your inventory. Operational recalls are also included.

Asimily will determine if a vulnerability is present on any of the devices in a customer's inventory. It is then prioritized based on different factors like use case of the device in the environment, how the device is configured and connected, exploitability in the wild, etc. For vulnerabilities listed in the National Vulnerability Database or similar databases (Known Exploitable Vulnerabilities, manufacturer alerts, etc.), for example, if a vulnerability is being actively exploited in the wild or expected to be (including using Exploit Prediction Scoring System (EPSS)), Asimily will take that into account.

For every new security vulnerability detected in each customer's environment, Asimily Labs will analyze it and determine the different ways in which the vulnerability can be taken advantage of by an attacker. The attack vector is then compared against the configuration of a given device in a given environment, and a determination is made whether there is a path for an attacker to exploit that vulnerability for that device in the environment. This analysis helps eliminate many of the vulnerabilities that might be present but are not a threat.

This partly relies on Asimily's own, patented technology that uses a variety of text sources about devices. This is then combined with the MITRE ATT&CK Framework to map out the attack vectors, and help determine a way to block a successful exploit.

Asimily Risk Simulator will determine the risk reduction benefit from any specific action to close a vulnerability or address an anomaly. This information can be used to most efficiently choose an action to reduce risk for any device in a device fleet, before investing the time and resources. For example, by clicking on a recommendation for an anomaly or vulnerability, the user can see how the Risk Score will change when the fix is applied.

Using a combination of Asimily-crafted and user-created policies, monitor any parameter on any device to set policies that can detect indicators of compromise (IoC) for hard to detect attacks like Low and Slow Attacks as well as detect any changes that could be in violation of the organization policy (eg: No inbound request to a device from external to the organization). Policies are created using an easy-to-use wizard that does not require coding.

Asimily analyzes all network traffic to detect the presence of malware, mis-configurations, anomalies and even devices which might violate regulatory guidelines.

For any device, manually or automatically trigger recording of its network traffic - an essential input for your incident responders' forensic analysis. This can be tied to Anomalies and Policies to ensure the packet captures are triggered when the anomaly or policy violation occurs.

Asimily ProSecure allows customers to understand the risk of medical devices before connecting to the network. They can learn how secure individual models are of devices they are considering, and make good choices between price and security performance, knowing how devices can be hardened by Asimily. ProSecure can also be used for Risk Modeling to understand how different network configurations can affect the Risk of the device.

With a complete database of devices and the understanding of how other Asimily customers have hardened them, learn how to harden any of your devices to the best level ever seen.

Asimily captures known good states for any IoT, OT, and IoMT and alerts if it ever drifts from its golden state. Get notifications, alerts, comparisons, and reports. This is useful in situations where an inadvertent change was made, such as from manufacturers remotely, third parties, Internal tools, or ransomware. The golden state of the device can also be used to help recover the device to its good operating state. (Note that the recovery has to be done manually, but the golden state of the device helps with the recovery process.)