White Paper: Establishing a Defendable Core Network and Automating RMF Compliance
Combining continuous misconfiguration detection and auto-mitigation with risk-focused compliance analysis
Core network devices (firewall, routers and switches) are pivotal to the security of all networks. Each device is managed through a complex configuration. Errors arising in the configuration represent critical security risks to the network, its data and applications.
It’s why DISA ACAS augments its scanning capabilities by incorporating vulnerability and configuration assessment modules in its solution as well as traffic monitoring and reporting modules. The vulnerability scanning module provides information on vulnerabilities associated with the software/firmware version whilst the configuration module looks at the device configuration.
However, the ACAS configuration module is designed to look at each device setting individually, not in conjunction with other settings, leading to well-known accuracy issues and reports of significant time being wasted investigating false-positives findings.
As a result, since 2013, elite cyber teams across Department of Defense and Fourth Estate have complemented their core network vulnerability analysis with Titania’s highly accurate configuration auditing software, Nipper – resulting in time savings of up to 80% of a configuration audit compared to using ACAS.
This whitepaper summarizes how Nipper is able to achieve unrivalled accuracy in configuration auditing by virtually modelling the entire configuration as a single entity to consider interdependencies and suppress irrelevant findings. It will also demonstrate how this approach to detecting misconfigurations is enabling cyber teams to prioritize remediation workflows for firewalls, routers and switches, based on risk criticality – viewed through either Nipper’s security and/or compliance lenses, such as NIST 800-53 or CMMC.
Moreover, as configurations change daily and these advanced cyber teams have a need for continuous auditing as a foundational component of establishing a defendable core network and meeting zero trust architecture objectives – this whitepaper focuses on how Titania will provide them with continuous detection and remediation capabilities with Nipper Enterprise.