Technology

One of SAFE’s 5 Vectors of Assessment

The speed of digitization and cloud adoption has increased multiple fold in the COVID era. Businesses are relying more than ever on technology to not only run their day-to-day operations but also to find a competitive advantage against their peers.

However, using vulnerabilities in the same technology stack, cyber attacks are exponentially increasing. 68% of organizations have been victims of just endpoint attacks in 2019.

Today
businesses lack a dynamic, real-time and consistent visibility of their organization-wide hybrid technology stack that is constantly evolving. They need a platform that quantifies risk consistently across their technology verticals to ensure an “apples to apples” comparison and helps to identify the places which need immediate attention.
businesses lack a dynamic, real-time and consistent visibility of their organization-wide hybrid technology stack that is constantly evolving. They need a platform that quantifies risk consistently across their technology verticals to ensure an “apples to apples” comparison and helps to identify the places which need immediate attention.
Prioritize your vulnerabilities on the same dashboard
SAFE gives a Dynamic, Real Time and Consistent Score to every Cloud Instance, IP address and Application in your environment and has the ability to dynamically group them together to monitor their overall cyber security risk posture.

What do we factor in
for the SAFE Score per IP?

SAFE applies a patented Bayesian Network-based supervised Machine Learning algorithm to assign a score between 0 to 5 to every asset - a normalized view to provide an objective understanding, aligned with the breach likelihood of your organization through the asset.
Asset Specific Control and Individual Flags
Organization level controls
Asset Information Policy Controls Cybersecurity Products Controls Configuration Controls Vulnerabilities Asset Breach Probability [0-1] Asset SAFE Score [0-5]
Asset Information Asset Breach Probability [0-1] Asset SAFE Score [0-5] Policy Controls Cybersecurity Products Controlss Configuration Controls Vulnerabilities

Dynamic security controls that form a part of the SAFE Score

01
Cloud Instances
02
SaaS Applications
03
Infrastructure (IPs)
04
End Points (Laptops)
05
Applications

Cloud Instances

  • Frequency-based EC2 Assessment
  • Frequency-based S3 Assessment
  • Frequency-based IAM Rules Assessment
  • Azure Cloud Security Assessment
  • Azure Cloud Security Configuration Assessment
  • Frequency-based Azure Cloud Security Assessment
Coming Soon!

SaaS Applications

Daily Office 365 Security
Via graph API provided by Office 365
Daily GSuite Security
Via Enterprise API provided by GSuite

Infrastructure (IPs)

Daily Configuration (Hardening) Assessment
Native agent-less scanning via PIM/PAM
Frequency-based Vulnerability Assessment
Via integrations with popular VA tools
SIEM Monitoring
Via integrations with popular SIEM tools

End Points (Laptops)

Daily Configuration (Hardening) Assessment
Native agent-less scanning via PIM/PAM
SIEM Monitoring
Via integrations with popular SIEM tools
Frequency-based Vulnerability Assessment
Via integrations with popular VA tools

Applications

Frequency-based DAST Assessments
Via integrations with popular DAST tools
Frequency-based SAST Assessments
Via integrations with popular SAST tools

SAFE Deploymentin your environment

Agent-less Assessments
for all Infrastructure
SAFE supports hundreds of operating systems to perform daily security hardening and configuration assessments via the Privilege Access & Identity Management Solution in your organization (eg. Cyber Ark)
Agent-based
for only Windows & Mac Devices
SAFE deploys a light-weight agent that performs a services-based security monitoring on only the Windows and Mac end points on a daily basis.
API-based
for SaaS applications, VA, EDR and SIEM Tools
SAFE takes a one-time API access to your VA, EDR and SIEM tools and then aggregates the data daily while factoring in the micro and macro scores. SAFE also performs an API-based assessment of popular SaaS tools such as Office 365 and GSuite.

Prioritize your
vulnerabilities with the
TSAR gaps framework

Know what and what not to patch!

Similar to the TSAR Bomb, SAFE has a concept of the most “deadly” vulnerabilities that you should “really” worry about. The Cyber Intelligence Team of SAFE monitors hundreds of deep and dark web forums for the most impactful, popular and easy to use exploits that you should PRIORITIZE.

Wikipedia
150,000+
Total Number of CVEs in the NVD
23,433
CVEs Weaponized with Exploits
2,567
Remote Code Executable CVEs
247
TSAR Vulnerabilities

Dynamic, consistent and continuous score and actionable insights one can expect from SAFE

Macro Group wise score
  • Business Unit wise SAFE Score
  • Operational Unit wise SAFE Score
  • Technology Vertical wise SAFE Score
  • Location wise SAFE Score
  • Third Party Contractor wise SAFE Score
  • Organization Wide SAFE Score
Micro Asset wise SAFE Score
  • Score per IP Address in the Network
  • Score per ARN on the cloud
  • Score per Application

How trustable is your technology stack?

Get SAFE Now