Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
LanTech
HELPING
YOU
ACHIEVE
YOUR
BUSINESS
GOALS
FASTER
SINCE
1997
8(a)
SDB
WBE
DBE
MBE
The screen shot below identifies the 49 vulnerabilities between two subnets. While this screen shot does not show all
of the data, Cauldron provides the following on all vulnerabilities: what the vulnerability is; from where; to where and
CVE descriptions as to how to remediate the vulnerability.
8200 Greensboro Drive, Suite 900 McLean, VA 22102 Phone: 703-462-5439 Fax: 703-404-4066 - www.lantechinc.net
LanTech
HELPING
YOU
ACHIEVE
YOUR
BUSINESS
GOALS
FASTER
SINCE
1997
8(a)
SDB
WBE
DBE
MBE
Given additional information, the decision on what to remediate first may be made as it may relate to the value of the
asset as risk.
Cauldrons flexibility.
Cauldron can visualize network topology from a single IP address to another; from a single IP address to anywhere;
from anywhere to a single IP address; and from anywhere to anywhere. This flexibility allows for strategic and
management decision-making as to where best to remediate or to prioritize remediation efforts.
8200 Greensboro Drive, Suite 900 McLean, VA 22102 Phone: 703-462-5439 Fax: 703-404-4066 - www.lantechinc.net
LanTech
HELPING
YOU
ACHIEVE
YOUR
BUSINESS
GOALS
FASTER
SINCE
1997
8(a)
SDB
WBE
DBE
MBE
or
LanTech
HELPING
YOU
ACHIEVE
YOUR
BUSINESS
GOALS
FASTER
SINCE
1997
8(a)
SDB
WBE
DBE
MBE
The two screen shots show dramatically different results. Thus, analysts/administrators can model changes to the
infrastructure and the results in the overall security posture. Management can decide whether patch management or
infrastructure efforts (or a combination of the two) would be the best course of action.
Using the scan data and firewall data, management can see the dynamics and the synergies between varied data sets
to proactively stay ahead of an expanding network and persistent threats.
Additional data elements can be included in the future. Cauldron is not limited to only using scan data and firewall
data. The expanding toolset for security management is creating expanding data sets for possible use. A total
integration with the spectrum of toolsets will require an integrator with cleared access to the data to provide the last
mile of services. The engagement of an integrator using the Cauldron application will allow for direct data feeds from
a variety of security management tools.
A common tool in varied environments.
Cauldron will directly import various data thereby providing a common management tool to allow for oversight of
differing applications.
Using its network topological modeling tool, CAULDRON, organizations will analyze aggregated IT data from intrusion
detection and vulnerability scans, taking in consideration firewall policy rules and network security configuration source
data. The integration of outputs of the various network tools/devices (vulnerability scanners, firewalls, and real-time
event managers) into CAULDRON represents a non-standard vendor-specific solutions that has the following key
features:
Generates node-to-node, bi-directional, combined vulnerability visualization
Creates synergy between disparate data sets about your IT environment (from varied tools) to reveal all
possible paths of cyber attack in a single visualization
Transforms raw security data into a roadmap - all known attack paths from attacker to target are succinctly
depicted; providing targeted remediation information
Delivers near-real time Situational Awareness for the executive and/or for the engineer in the SOC
Delivers a Common Operating Picture for consistent review of distributed environments
Analyzes vulnerability dependencies (combined vulnerabilities), finding all possible attack paths through a
network
Discovers multi-step paths of attack a single CVSS score does not indicate the true severity of a vulnerability
- combined vulnerabilities in context
Shows all possible attack paths into a network; not just from or to a single IP address
Provides predictive, strategic modeling capability for aspects of change to the network; will a change to the
firewall remediate a class of vulnerabilities or create a new class of problems
Provides predictive capabilities for optimal network defenses and well-planned responses to attack
Provides for persistent metadata for handling false positives and high priority assets
Scalable functional with thousands of computers / hundreds of subnets with associated combined
vulnerabilities
Calculates the impact of individual and combined vulnerabilities on overall security
Supports both offensive (e.g., penetration testing) and defensive (e.g., network hardening) applications
Creates network hardening reports for first layer, last layer and minimum effort; exports as CSV or HTML
Supports targeted remediation efforts and reporting processes; shortens the cycle of remediation
Supports one-to-one; one-to-any; any-to-one; and any-to-any visualizations of combined vulnerabilities
Supports enhanced data sets for Zero Day attacks; for application specific development; for extended
perimeter protection from persistent threats
Supports the formulation of plans for rapid and appropriate attack responses
Puts the networks overall vulnerability position in context, not just a single IP address.
8200 Greensboro Drive, Suite 900 McLean, VA 22102 Phone: 703-462-5439 Fax: 703-404-4066 - www.lantechinc.net
LanTech
HELPING
YOU
ACHIEVE
YOUR
BUSINESS
GOALS
FASTER
SINCE
1997
8(a)
SDB
WBE
DBE
MBE
Summary
Organizations can now aggregate data, create synergies and more effectively address the expanding cyber
security challenges by using Cauldron. Change management cycles can be measured in hours, not days. Overall
security reviews can be in days, not weeks. Better decisions can be made because more types of data are in
consideration. Remediation resources can be more effectively deployed.
8200 Greensboro Drive, Suite 900 McLean, VA 22102 Phone: 703-462-5439 Fax: 703-404-4066 - www.lantechinc.net