娇色导航

Welcome to DEMO, the show where companies come in and show us their latest products and features. I'm joined today by Shankar from Asimily, and he's going to show us some IoT security platform, right? Yes, absolutely. And thanks, Keith, for having me here.

So what the product is going to be showing me is called the similarly insight, correct? That's right. And who is this product designed for? And what kinds of things you're doing? What problems are you solving for people? Yeah.

So this product is a saw assemblies focuses on ot environments, so healthcare, smart cities, manufacturing, universities, that kind. So our focus is on CISOs.

And CIOs who want to get visibility into their IoT, ot iomt devices want to do vulnerability management, threat detection, their environments, they want to do incident response, they want to do configuration control, patching, and so on without a platform like this, what probably what would they end up doing?

What would a company do to try to gain that visibility? It's really hard. Because what people do today is manual, where they try to manually count the devices walk around, get information on their devices, and you know how it works.

By the time you complete one circle, new devices have come in, you're back to square one. Right? Right. Okay, so this, this, this takes a digital approach to making like, it's completely automated, it makes it simpler, efficient, less, less expensive. Number of benefits.

Okay, so you're gonna, so let's jump into the demo and show us a couple of features of the platform and and take it away. Okay, thanks a lot. Yeah. So here I have the assembly platform open. So I'll give you a quick overview of the assembly platform.

And then I'll walk into two or three features that you know, customers generally use. So the assembly platform. So first of all, before I talk about the platform, this is a snapshot of a customer. It's real data, it's not made up with permission from the customer.

And it's completely anonymized. So you won't see any date customer data somehow has been removed. Okay, the way we gather that data is by putting an appliance inside the network, where we can gather data passively.

So we are not scanning any device, we have the option of scanning devices as well. So if you don't have the ability to completely passively scan, we can scan and get the same information using a proprietary methodology.

But considering the environments we are in a lot of customers prefer us to get data passively. Okay, okay. And this is all automated end to end, you're not entering any information here. So the way they are.

So what happens is once a customer deploys, literally in less than an hour, they can do the deployment, they log into a web portal, and then they are able to see all this data.

So when you log into the web page portal, generally, you see a summary screen first, you see a summary screen, which has different charts and graphs, I'll walk through two or three use cases, you have an asset screen, which has more information about the assets and the environment, you click on a device, you have detailed device information ports application, so on, you have a configuration screen where you can configure the solution in many different ways.

Then you have a reporting screen where there's a ton of reports, and then you can bookmark whatever pages you want. Okay, so that's really the structure of the product. Okay, so let's walk over a couple of like three or four use cases that I mentioned.

So right at the top, you can see the full thing here, but there are like 104,000 devices that we have discovered.

This includes IoT devices, IoT devices, IoT devices, IoT devices, so anything could be an IP camera, a printer, a badge reader, a SCADA controller, a PLC, an infusion pump, whatever it is the environment discovery class.

This was like a smart cities and environment or an infrastructure, light sensor, light sensor, graphic processing units, based where the plants are there. So PLC SCADA controllers, RTU, sensors, all of that, right.

Okay, this was in healthcare, you have infusion pump, ultrasound university, you will find printers, IP cameras, were right. So this includes everything we do discover it, workstations, servers, because those are part of the environment. So we do discover and categorize them, but our focus is on IoT, OT.

Okay, then this tells you what is what percentage of those devices have at least one vulnerability highlight as what percentage of devices have at least one vulnerability that can be taken advantage of by an attack. So in this case, you had 104 100,000 devices, so 1300.

So that's what I'm saying. 3%? Yeah, approximately, and that's one of our core IP, if we are able to narrow it down to around one person to the device. One, it even gets better when you actually look further in class classification.

This tells you what percentage of devices potentially can be taken advantage of by an attacker. Yeah, but right now, we aren't yet telling what percentage of them are high impact in your environment. I'll give them that we get to the next one. Ah, this is this is anomaly.

Likelihood is what can be what can happen in the future based on vulnerabilities, anomalies or current threats in the environment, any misconfigurations, any default, username, passwords, any malware, all of that is included any lack of regulation, because you're regulated in these environments, anywhere where you're not following regulation, so on, it's all covered under normal.

Okay. Okay. So let's go into the inventory use case. So this chart tells you what are the top 10 device type manufacturers, OS device families, and you can click on see all and you can drill into any one of them.

But if you click on see all it will show you will take you to the page, where it'll show you all the devices in the environment. And we let it load. And then from here, you can effectively slice and dice the data in more than 40 different ways.

Right? You can say show me all the device types in the environment. For example, I can click on device types. And in this environment, it will show you all the device types that are present. Right.

So you can see here that our access control systems, you know, badge readers, building management systems, controllers, fax machines, hatchback controllers, you know, there's an efficient pumps as lighting devices, like you have this logic controller, there's like a programmable logic controller, you know, PCs, phones, printers, you name it, it's their projectors, right?

Smart TVs speaker. So everything that is there in the environment, we are categorizing it, we are someone like doing it. And this is all automated, we are not actually manually entering, okay, you can say show me all the operating systems in the environment.

So for example, you can click on operating system, you can click on operating system here.

And it will show you all the different operating system, it can be a real time operating system, like any Roku, can be Android, all kinds of Android, there can be iOS, it can be Linux, we keep scrolling, you'll see a lot of Linux kind of operating systems, you know, different kinds of Linux represent a Mac here that you see in this environment.

And this isn't necessarily telling you that there's vulnerabilities on them. This is just inventory. This is Genesis, what it's found on the on the system, exactly. Okay, all kinds of Windows.

And what is interesting about these environments, you'll find all the way to Windows XP, Windows Vista, Windows NT 4, right. So you find every kind of operating system, this is some of the most heterogeneous environments you'll ever see anywhere in the world. So that's what we're discovering.

And there are many other ways you can see all the models and so on.

So even if they weren't even if you weren't concerned necessarily about the security, just having this would let you find out if you have any Windows XP systems and because you don't want to get rid of those or upgrade absolutely all you want to know how many IP cameras do you have?

People actually don't know how many printers they have, how many IP cameras they have, you know how many badges they have, this tells you like exact inventory of what is there on the network? And then they also can find out like, how are they split across your network?

What VLANs they're present on? How are they distributed? Yeah. And if you click on like a VLAN, it actually tells you what devices are present on the VLAN. How's it distributed. And so you can actually get an understanding of your entire network.

And you can even take actions here, which we'll skip for now. But you can effectively get full information about all the devices in the environment, how they're connected, how they're distributed, and where they are connected to.

So you can effectively go in and you can actually look at like where are they transmitting traffic? Which countries are they sending traffic to which organizations are connecting to him, let it load which services are being used to dial out external to the organization.

So this kind of visibility truly allows you to understand what's happening in the environment. Okay, so now let's jump ahead to the next dynamic use case.

So now if you're looking at the availability, and well, no, if you're looking at vulnerabilities, what, like that's the key that you want to look at, right? And that's why you will have this ones are vulnerable, so that I need to fix right.

So once you have the information on visibility, you want to focus on the ones which are vulnerabilities and which ones to prioritize.

So one of the unique things about assembly is we are able to take the total vulnerabilities we analyze, and we do something called exploit analysis, which tells you is there a path for the attacker in this environment, there's some AI at the back that does it.

But what it allows us to do is understand you have a vulnerability, but can an attacker even take advantage of it. And so when we do our analysis is a core IP, we get it down to point zero to 2%.

And then we translate it into devices based on impacts with impacting the environment, data impact, and so on. And here we are narrowed down to the top 0.004% or something.

So there are four devices in the environment out of 100,000 devices, which truly have a high risk, high likelihood high. Okay, right. And I can click on these devices and say what are those devices which are high likelihood, high impact, it gives me these devices.

I can click on one of these further and see, okay, show me what vulnerabilities are there.

It says that the CVS there's one potential CV which is in something called SMB one, even though it's Windows eight, Windows eight literally has hundreds of CVS, which are old, because it's an old operating system, but we are now down to one vulnerability, okay.

And we have a recommendation here on how do you mitigate the risk, you can click on fix, and it automatically converts it into an app policy, which you can click on apply or download and apply. Okay.

And so the beauty of this is you are not only taking the devices, discovering them, matching them to the vulnerabilities prioritizing them giving the recommendation converting them into a NAT policy, right. And even before you apply the policy, you can run a simulator on it.

And you can say, Okay, before I apply, let me see what would happen if I apply this policy. Okay, I this was a policy network function, I click on fix, and you can see the big change in school, right? So you can actually simulate things in your environment.

So right, currently, it's nine, and then you click the fix and it goes down to four. So I know this action is going to have a material impact in my environment. Yeah, right.

And that's the power of actually assembly because not only were we prioritizing, giving you recommendation, but the allowing you to experiment, okay. And then you also have analytics, yeah, we also have threat detection.

Now there are other ways to mitigate which I won't be able to you can actually group devices and segment them. You can do micro segmentation you there are many other ways to do it. And we integrate with pretty much every nak and firewall.

But beyond that we have waves to actually analyze the traffic and look for anomalies, threats, like maybe there is an obsolete TLS version.

It can it's the potential possibility for an attack, maybe there's malware, malicious domains that is browsing blacklist domains is browsing, maybe it's using the called credentials, and you can drill into any one of them.

And you can say DNS lookup or malicious domain, which the devices are using a malicious domain lookup, because these are probably containing malware, there might be iPhones in there, and they're doing this across all devices, because malware can originate from anywhere.

And then you can actually look at all this information and you can see where is the malware coming, and you can again, fix quarantine and quarantine in these devices as well. Is it a situation then when we're a CSO hears about a vulnerability or something is publicized.

And, and that's when they would want to look at their network to see if so I think this requires a proactive approach here automatically, every day we are pulling the vulnerabilities, we analyzing it, and you don't want to wait till something happens.

Alright, so it's not necessarily that they'd be searching for a specific vulnerability, but but every day they they, some people use a platform to search. But a bigger possibility is also that you will be already prioritizing it for them.

They know what is really actionable in their environment, what should be ready because of vulnerability, just because it's present because of an analysis doesn't make it at risk in your environment. Every environment is different, right?

And so the ability to know what is material in your environment is unique to assembly. And then they can do a number of other things as well. They can actually do forensic analysis.

We have a forensic analysis module that can capture data, they can create policies to actually figure out if there is any low and slow attacks happening in the environment.

We are launching a module for configuration control pretty much next month, and there's more coming right provides complete get a lot you got a lot of stuff going on here. A lot of great stuff. So there. Obviously there's more features and details that you'd want.

So where can people go for more information about the platform so you can come to assembly.com and reach out to us for that they can write directly to me shankar@asimily.com They can also write to info@asimily.com Get more information and always available alright Shankar thanks for the demo.

Thank you so much.