Armis, leading agentless device security platform provider today announced a new Risk Assessment Service that empowers qualified Armis Partners with the ability to fully leverage the Armis agentless device security platform and create a more strategic advisory relationship with their clients.
Whether the client is going through M&A, divestiture, complying with strict regulations such as FAR889, or concerned about the workforce coming back to the office, the Armis device security platform can quickly, and with high fidelity, provide deep insight into the customer’s environment, provide actionable risk data as well as recommendations for mitigation.
The Armis device security platform can be used stand alone to deliver the assessment service, or in conjunction with other technologies to deliver a broader solution offering such as Endpoint Detection and Response (EDR).
“Visibility of all devices across an organization is fundamental to any security strategy,” said Peter Doggart, Vice President of Business Development at Armis. “The risk assessment is a powerful tool for partners, which enables them to help their customers get an accurate inventory of all connected devices and determine their risk so that security professionals can take proactive measures to reduce their attack surface and comply with any regulatory requirements and identify and prioritize all vulnerabilities.”
Partners are provided full access to the Armis platform and Knowledgebase including device inventory, classification, and device risk assessment for 30 days.
This allows our partners to provide their customers with a detailed findings report, which includes a complete overview of all managed, unmanaged, IoT, OT and IoMT devices in their environment along with associated risks, anomalies, and threats found during that period. Partners then have the opportunity to convert this initial Risk Assessment into a licensed product sale by working with Armis to fully deploy the platform.
PARTNERS EXPRESS THEIR SUPPORT
“The Armis Agentless Security platform allows TEKsystems to extend our existing Audit & Assessment program by identifying and reporting risk levels on previously unidentified devices. This is ideal for our clients looking to make fast Merger & Acquisition (M&A) decisions while still performing through due diligence on existing security posture.” – Adrian Alonso, NDS Practice Manager at TEKsystems.
“As we plan, build, and run end-to-end security programs, our joint clients are realizing the benefits of Armis’ ability to locate and segment the devices putting their organizations at risk. We were able to move a client from having zero confidence in their network visibility to complete peace of mind on their foreign-owned IoT devices within three weeks.” – Sean Tufts, practice director, IoT/OT, Optiv.
The 30-day Risk Assessment Program for Partners is composed of asset inventory and classification and risk and threat assessment. Data is stored for partners for up to 90-days and is used to create the findings report. To enhance the experience for the Partner and Client, the service also includes support from an Armis Solution Architect.
ASSET INVENTORY AND CLASSIFICATION
The Armis platform discovers and classifies every device in the customer’s environment including servers, laptops, smartphones, VoIP phones, smart TVs, IP cameras, printers, HVAC controls, medical devices, industrial controls, and more.
This comprehensive asset inventory provides detailed information such as device type, manufacturer, model, location, username, operating system, installed applications, and connections made over time.
RISK AND THREAT ASSESSMENT
After identifying a device, Armis calculates its risk score based on multiple factors including:
- Vulnerabilities such as unpatched software versions, or known hardware exploits.
- Anomalies such as port scans and devices accessing malicious domains.
- Threats such as exploitation of vulnerabilities like Solarwinds, EtherOops, Nat Slipstreaming v. 2.0, CDPwn, URGENT/11 or BLEEDINGBIT.