Balbix D3: A New Dawn for Faster Burndown of Exposures and Vulnerabilities

The Master Group

Improving Asset Visibility, Patch Speed, and Reducing Breach Risk

Balbix helped The Master Group address problems of visibility and risk-based prioritization by automating asset inventory and continuous attack vector monitoring.

The Challenge

François and his team were using Tenable’s Nessus Professional static scanner to scan their networks. The scanning was manual, and the tool did not provide any intelligence on which vulnerabilities and CVEs to address first. They were stuck doing these tasks manually, a process fraught with inefficiencies, leaving the team frustrated. What they were looking for was:

  • An accurate asset inventory to be the foundation to their cybersecurity program
  • Continuous risk-based vulnerability management
  • Vulnerability prioritization
  • A reduction in their mean time to patch (MTTP) security issues

“We didn’t have a good source of authority on all the IP connected devices in our environment and we didn’t have appropriate asset classification. Our vulnerability scans took such a long time to run, and when finished, there was a lack of prioritized information on which vulnerabilities and systems to address and patch first. As a result, by the time I received the report, the information was already out-of-date,” recounted François.

“Our vulnerability scans took such a long time to run and when finished, there was a lack of prioritized information on which vulnerabilities and systems to address and patch first. As a result, by the time I received the report, the information was already out-of-date.”

François Lepage,
The Cybersecurity and Infrastructure Manager

Enter Balbix

The Master Group, with over 5000 assets under management, saw the value of the Balbix platform from the get-go. “The Balbix platform allowed us to address all of these problems of visibility, scanning speed, and risk- based prioritization. With Balbix, our inventory is automatically categorized and sorted in real-time so there is no question about what we have in our environment. The ability to further break down the assets by multiple attributes and create groups for custom dashboards and reporting was a huge advantage. The list of risk insights prioritized by asset importance enabled us to identify and address the most critical threats first,” said François.

The Master Group was able to:

  • Obtain a real time, automated inventory of all assets
  • Create an automated risk-based and operationally based categorization of managed and unmanaged assets in their environment, both fixed and mobile
  • Analyze and categorize usage, network traffic, and other key attributes for each asset
  • Continuously monitor each asset for attack vectors such as unpatched operating systems and software, missing encryption, weak and reused passwords, obsolete software, OS requiring upgrades and more
  • Prioritize patching based on asset criticality to the enterprise, and reduce their MTTP

“We use the Balbix risk classification system to identify the most critical assets to patch first. As a result, we have reduced breach likelihood from 88% to 35% in the past year,” said François. “Our patching efficiency has also improved dramatically. Our MTTP has gone from 100 days to 38 days, a 62% increase in speed to patch.”

Since deploying Balbix, The Master Group has seen some outstanding results:

  • 50% more assets have been identified compared to the previous inventory process
  • 62% increase in the speed to patch vulnerabilities
  • 77% decrease in the number of unpatched vulnerabilities
  • 69% reduction in breach risk over the first 6 months since deploying Balbix

Automated Asset Inventory

At Master Group, Balbix’s continuous monitoring capability discovers, identifies, and categorizes all assets, apps, and services. Assets and traffic flows are analyzed to determine asset criticality and cyber-risk. Customizable dashboards with search capabilities enable them to easily use their inventory information for compliance and cybersecurity visibility.

“I can see 50% more assets with Balbix that I didn’t even know we had. I was even able to follow the progress of my Windows upgrade program through the asset details available in Balbix,” said François.

Vulnerability Prioritization

Vulnerabilities are prioritized based on 5 factors: severity, threats, asset exposure, business criticality and security controls, and then dispatched to risk owners for automatic or supervised mitigation. The ability to define remediation groups for asset classes and business workloads, and assign to risk owners, enables the security team to drive improvement on key metrics such as MTTP and risk.

Cybersecurity Posture Reporting

François also recognizes Balbix’s role in helping facilitate cybersecurity communications to leadership. The unified, comprehensive view of The Master Group’s cybersecurity posture with vulnerabilities contextualized in risk terms, a prioritized list of needed mitigation actions, and the ability to benchmark risk owners enables his team to stay on top of their responsibilities.

“With Balbix, I am also able to quantify where our security posture is to the leadership and demonstrate the effectiveness of our security program,”

“With Balbix, I am also able to quantify where our security posture is to the leadership and demonstrate the effectiveness of our security program.”

François Lepage,
The Cybersecurity and Infrastructure Manager