Higher Education Institution Improves Cybersecurity Posture with NodeZero
When the chief technology officer of a higher education institution was looking for a better way to identify and prioritize security vulnerabilities on the school’s servers and networks, his first interaction with Horizon3.ai and NodeZero was kicked off with an impressive tone.
“I wanted to see a proof of concept, and Horizon3.ai solved one of our biggest security holes with this PoC,” or proof of concept, he says. During the first operation, NodeZero may have compromised the domain administrator account.
Not a single account, in fact, but four, via an LLMNR vulnerability.
Without a lot of work we were able to clean this up even before getting a NodeZero license – that was huge,
said their IT manager.
Cybersecurity presents a complex challenge for the school, as it is spread across multiple campuses and managed remotely. The Chief Technology Officer is the most senior technology staff member in the organization. The role oversees 400 endpoints within the organization, in addition to securing approximately 600 students on their own VLAN/subnet during the school year.
NodeZero offers more specificity
Previous tilt testing options were helpful, but often left the team looking for vulnerabilities that turned out to be unworkable.
“A lot of times it was just informational and didn’t really affect your safety,” he says.
With Horizon3.ai, “One of the things that really struck me is that it’s not just the tool – and the tool is fantastic – but it’s the people around the tool that are available, in chat, to schedule meetings.When I was running the PoV (proof of value), someone was there.
It was also sold on NodeZero by its ability to run on demand.
“What convinced me was seeing him at work, and since we know security is a journey, not a destination, the idea of being able to continuously run analytics and pentests is great,” says -he.
The team now performs weekly pentests to maintain vigilant cybersecurity on its network, he notes.
Make the most of your time
Time management and focus of effort is huge to maintain a strong security posture. Hunting down every lead with equal time and energy is not helpful when we know that not all vulnerabilities are exploitable.
“You have critical issues down to informational severity, but I believe a tool much more when it says it’s a critical misconfiguration that we compromised – oh and by the way, here’s your password chopped,” he said. “When it happened, I recognized the first and last character and knew it was the password.”
Contextual scoring based on critical impacts helps determine where best to deploy limited resources to secure
“It’s the difference between locking up a house and saying how I might break in – that window might not be locked, that door might not seem secure. But if you can actually break in, that’s essential It’s the difference between telling me something could happen and something did.
Easy solutions, but you have to find them first
While the LLMNR vulnerability wasn’t a huge challenge to fix, discovering it was a bit of a shock, says the CTO — and that’s why regular testing is so helpful. Security is so vast that it is difficult to cover everything.
“We try to work to secure our network, but it’s possible for any organization to miss things or have little holes” in their security, he says. A solution like NodeZero can find those small gaps that expose the organization to risk so the team can close them quickly and easily.
“With stuff like LLMNR, patching isn’t difficult if you have the tools to fix a lot of machines at once,” he says. It’s about identifying those risks in the big picture that is the real fight.
NodeZero helps find out what you don’t know, he says, and tells you how to fix it so you don’t waste time searching for the answer.
“You’re not chasing after a long list of vulnerabilities,” he says. “This reduces the task of securing your network because you start with the critical and most impactful elements. You get a view of things you’re not going to get without a pentest.
Since they started integrating NodeZero into their security profile, other features such as external pentesting have been released and added to the usefulness of the solution.
“There are a lot of tools out there that just give you the tool and you’re on your own,” he says.
“The support, being able to schedule a time to answer a question, it all helped. They work with us instead of saying “We got them, let’s move on to the next account”.
The post office Higher Education Institution Improves Cybersecurity Posture with NodeZero appeared first on Horizon3.ai.
*** This is a syndicated blog from the Security Bloggers Network of Horizon3.ai Written by Horizon3.ai. Read the original post at: https://www.horizon3.ai/higher-education-organization-improves-cybersecurity-posture-with-nodezero/