VULNERABILITY ASSESSMENT SERVICE
Authentic Intelligence’s Vulnerability Assessment Service provides a unique solution for your business. Rather than the generic solutions that other companies offer, we are able to focus around a particular industry to provide solutions. Authentic Intelligence identifies your unique vulnerabilities and generate a sandbox for simulating hacking attacks. By utilizing this unique environment, we can better evaluate solutions and provide your company with a plan to detect and prevent breaches. We offer a guided Q/A process that integrates with any data source to better prepare your company for attacks.
Our focus is preventative rather than reactive, which is possible because we base our solutions on all information coming into the repository and provide dynamic script implementation for data collection and prevention. We can even integrate with COTS Business Intelligence products such as Halo or Tableau rather than complicating your endeavor with a new, difficult-to-integrate analytic interface. We utilize Microsoft Power BI reporting and visualization to better analyse the results.
THE AI ASSESSMENT SERVICE
Guided and Automated Question/Answer
- Administrator identifies the assets to protect and aspects about the company such as the industry
- Additional questions relevant to specific vulnerabilities are raised based on automated network scanning
- Vulnerabilities and Remediation dashboard
- Guided/Continuous Q/A process to raise new questions based on new discoveries
Microsoft Power BI Dashboard
- Analytic’s and predictive analytic’s to report on threats and potential threats
- Utilize Power Map to show locational threat information
- Power BI Q/A interface to generate dynamic graphs in real time based on question/answer interface
- Import data from other sources including other products databases
Open Analytic’s Interface
- Utilization of SQL Server Analysis Services (SSAS) to create a cube that can be utilized by third party BI tools such as Halo BI, Tableau, etc.
- Integration with other security products analytic’s such as Splunk.
Advantages for Healthcare
The healthcare industry has become notorious for security breaches. Insufficient security has been documented in multiple areas of healthcare networks.
- SQL Server Database implementation for commonly used products such as EdiFecs and MDX often use SQL Server authentication with connection strings stored in plain text in files.
- Data warehouses include sensitive data including healthcare identifiers along with complete name, address, and birth date in plain text.
- Many organizations do not comply with HIPAA requirements, which that mandate all viewers of each member healthcare record be tracked. Failure to comply with HIPAA regulations can result in civil and criminal penalties, such as fines up to $1.5 million per year for violations. HIPAA violations can also lead to lawsuits, damaged reputations and loss of the public’s trust.
AI-Protect includes several built-in modules that specifically target healthcare providers, providing a complete design pattern for ensuring adequate security within ETL healthcare solutions.
Data Security Framework
AI-Protect is a comprehensive data security appliance focused on end-to-end security of data targeting the CIA triad identified by ISC2
- Confidentiality: Users only have the level of access to the data for which they are authorized
- Integrity: Unauthorized tampering is prevented with data lineage traceability
- Availability: Data is available when needed and protected from destruction
AI-Protect focuses on “machine-solving” instead of merely machine-learning, a proactive over reactive approach, as well as real-time detection and prevention rather than after-the-fact analysis.
The AI-Protect Suite consists of four complementary modules:
- Assessor: Assesses vulnerabilities through automated techniques as well as via an intelligently guided interview process to provide a detailed data security score and generate recommendations. This process identifies key assets that require auditing and protection along with the associated logging agents.
- Auditor: Captures data accesses associated with key assets based on the Assessor findings, storing into a central repository to enable not only analytics but real-time monitoring and protection via the Protector module.
- Protector: Generates action for not only warning of threats but also preventing threats in real-time through an extensible script repository and a profiling framework that learns about data content, applications, pathways, and users.
- Analyzer: The analyzer provides a continuous feedback loop that iteratively improves the effectiveness of the overall suite. It integrates with off-the-shelf machine-learning, A/I, and predictive analytics products in a holistic fashion to improve its own performance. It includes a reporting and visualization interface for measuring effectiveness of the framework.