Cybersecurity Features

Cyber Security (aka cybersecurity) sign - for CyberSecurity features
Assimilation Cybersecurity provides a broad set of  cybersecurity features and advantages to help you secure your systems.  Below you’ll find both the current set of cybersecurity features and those from our roadmap.  As with all Assimilation products, they integrate closely with each other and with our comprehensive, always-up-to-date and scalable CMDB.

Cybersecurity Features


Feature Description Notes
Tight CMDB integration All our data is stored in the CMDB; our capabilities are tightly integrated with it – minimizing configuration effort, and ensuring data is up to date.
Discovery of all active systems Every active system (IP address) is discovered on every monitored subnet. 30% of all outsider intrusions come through machines which have been lost track of. Acting on this data significantly reduces your chances of a successful outsider attack. We provide a predefined report which lists all IP addresses not owned by systems running our agent. [1]
Cannot trigger net security alarms All discovery takes place locally, with no packets sent on the network. Although the Assimilation Cybersecurity software may create alerts of its own, it cannot set off network-based security alarms elsewhere based on its security-related discovery. Our discovery process does not send any packets.
Discovery of checksums of net-facing applications We discover the checksums of every network-facing binary, library and JAR. This permits auditing of versions and outlier analysis to discover compromised network services or those corrupted by undetected disk errors.
Discovery of active port/services Allows the creation of tools to perform batch-type validation of existing ports and services on agent-equipped machines against local standards.
Alert on new open ports Allows the creation of tools to provide real-time verification that new ports and services are in accordance with local standards.
Attack surface visualization We provide a tool which creates a visualization of the attack surfaces of individual systems.
Discovery of security settings We discover a wide variety of security settings, ranging from authentication (PAM) settings, to /proc/sys settings, and a variety of other security settings.
Package version discovery Since we know the version of every package on every machine, and provide standard reports for this information, this can be compared against new security alerts to aid in mitigation planning.
Best practice validation We provide validation of system configurations against a customizable set of security best practices. This is basically “best practices as code”, that is, we translated best practices to code, and then we evaluate changes to your systems in terms of these coded best practices. Our default rules come from the IT Best Practices project.
Risk scoring and triage We provide a risk scoring and triage system based off the best practice compliance. Scores are computed based on compliance and triage methods based on efficient methods for reducing risk.
Extensible Assimilation-Security is easily extended to customize it to collect any security-related configuration or settings that your enterprise needs.
Event API We provide an event API to receive notifications of changes to discovered objects and statuses such as ports, services, checksums and other security-related entities.
Command line API We provide a variety of security-related canned reports from the command line. New reports are easily added with basic knowledge of Cypher.
REST query API We provide a JSON-based REST interface to all our canned queries (shared with the command line).
[1] Not usually available to cloud-hosted agents.

Cybersecurity Features Roadmap

Roadmap Feature Description
nmap of new MAC addresses Each time a new MAC address appears on the network, use nmap to perform an operating system profile on the device. Note that this is intrusive (sends packets) and requires proper authorization before configuring.
Extended device characterization Follow up nmap profile with SNMP and other methods to classify a device in more detail.
GUI For understanding and interacting with security issue statuses and details with a desktop and mobile-aware interface.
Security alert service Provide a service which consolidates vendor security alerts into a single feed.
Security mitigation support Provide alerts based on the security alert service which simplify management of security patches. A child alert would be created for each system which requires a patch. Alerts are automatically resolved as patches are applied.
OS support Add support for operating systems beyond Linux. FreeBSD and Windows come to mind.

See A Demo

Maybe you’re from Missouri, or maybe you just want to see Assimilation discovery and monitoring in an online demo (it’s pretty exciting!). In either case, we’re perfectly happy to show you. Show Me A Demo!. In addition the most recent two videos include live demos. Or for a personal live demo, contact us, and we’ll set one up for you.

Watch A Video

If you’re a deep techie or maybe just one of those people who really wants to know how the technology ticks, we’ve given pretty deep technical talks on the Assimilation Suite.  If so, then by all means we’d be happy to accommodate you. Show Me A Video!

Let’s Talk!

To schedule a free consultation to see if the Assimilation System Management Suite is right for your organization, just press the button!

Schedule a Free Consultation