What is Device Intelligence
What is Device Intelligence
Today, organizations use devices to connect to the internet for business daily. The huge number, type and mix of these devices in the business environment is creating a larger attack surface to manage and control. Not all devices are visible and it is important that organizations should see all devices in the environment to exercise granular control to mitigate risks and data loss. The data created and used by IoT devices is expected to seamlessly traverse through devices, networks, remote office and cloud environments. The resulting volume of structured and unstructured data will challenge the security practitioners in effectively tracking the data and protecting it. According to the International Data Corporation (IDC), there will be over 55.7 billion connected IoT devices by 2025, generating almost 80B zettabytes of data.
The Device Intelligence solution uses HyperContext, an agentless smart device security platform providing granular device context, and TruID, a unique device identifier and authenticity rating technology, to discover managed and unmanaged devices on your corporate network. The solution further analyzes hundreds of parameters from the discovered devices and leverages the rich contextual intelligence for device classification, risk assessment, granular access control and network segmentation, facilitating zero trust security for IoT devices.
Device Intelligence addresses the IoT device security gaps in the hybrid enterprise using artificial intelligence and machine learning:
- Device classification and visibility – Agentless device discovery with rich contextual intelligence, enabling automated classification and device mapping, and providing deep insights into device activities and behavior.
- Cybersecurity asset management – Granular search and reporting for the discovered assets, comprehensive cybersecurity asset management with built-in asset inventory engine, true-up asset inventory and asset management database through integration with ServiceNow CMDB, VA, MDM, EDR.
- Device risk assessment – Continuous device monitoring to detect anomalies, generate unique device risk scores and map alerts based on device classification and tags. Streamlined SOC automation and enriched alert handling with SIEM and SOAR integrations.
- Access control and segmentation – Dynamic device grouping and micro segmentation based on context and real-time device behavior for granular, precise access to sanctioned devices and orchestrating actions using existing network systems such as firewalls and network access controls.
Device Intelligence extends zero trust to the IoT environment through discovery, classification, and management of IoT devices in the hybrid enterprise network. The zero trust engine in the system network performs risk analysis against a particular request or action. It creates a numeric assessment of the riskiness of allowing a particular request/action, which the policy engine uses to make an ultimate authorization decision.
Zero trust in a smart device context means that each user, device, data flow, and location is monitored continuously and granted/revoked access to other resources on the network based on these observations. To do this effectively, the Device Intelligence solution studies:
- HyperContext – Deep context about every device, resource, and user in and around the network.
- Micro-Segmentation – Ability to dynamically micro segment devices based on the HyperContext and geolocation.
- Dynamic Control – User access control of devices and resources in the network based on context and real time threat assessment.
- Automation – A policy engine driven by a combination of an understanding of the organization’s requirements and automation to handle devices at the IoT scale.