Actively manage (inventory, track, and correct) all enterprise assets (end-user devices, including portable and mobile; network devices; non-computing/Internet of Things (IoT) devices; and servers) connected to the infrastructure physically, virtually, remotely, and those within cloud environments, to accurately know the totality of assets that need to be monitored and protected within the enterprise. This will also support identifying unauthorized and unmanaged assets to remove or remediate.

WithSecure can help you reach compliance in two devices asset types.

1.1      Establish and Maintain Detailed Enterprise Asset Inventory

1.3      Utilize an Active Discovery Tool

WithSecure Elements Infinite provides means to regularly scan and inventory both external and internal assets on the networks.

Actively manage (inventory, track, and correct) all software (operating systems and applications) on the network so that only authorized software is installed and can execute, and that unauthorized and unmanaged software is found and prevented from installation or execution.

WithSecure can help you reach compliance in five software asset types.

2.2      Ensure Authorized Software is Currently Supported

2.3      Address Unauthorized Software

2.5      Allowlist Authorized Software

2.6      Allowlist Authorized Libraries

2.7      Allowlist Authorized Scripts

Using device profiles, one can fulfil the technical capability to restrict what software is allowed to be installed and executed for a device group. Profiles can also be used to give certain devices documented exceptions to organisations allow lists.

One can also restrict both what libraries and scripts are allowed on a device using device profiles. Restrictions can be based on digital signatures, versions, naming and more.

Establish and maintain the secure configuration of enterprise assets (end-user devices, including portable and mobile; network devices; non-computing/IoT devices; and servers) and software (operating systems and applications).

WithSecure can help you reach compliance in three devices asset types.

4.4      Implement and Manage a Firewall on Servers

4.5      Implement and Manage a Firewall on End-User Devices

4.8      Uninstall or Disable Unnecessary Services on Enterprise Assets and Software

WithSecure Elements templates can enable the use of firewall profiles that make special firewall rules for different device classes possible and automated. For a certain device profile, one may configure both port and service-based rules.

Develop a plan to continuously assess and track vulnerabilities on all enterprise assets within the enterprise’s infrastructure, to remediate, and minimize, the window of opportunity for attackers. Monitor public and private industry sources for new threat and vulnerability information.

WithSecure can help you reach compliance in five software asset types.

7.3            Perform Automated Operating System Patch Management

7.4            Perform Automated Application Patch Management

7.5            Perform Automated Vulnerability Scans of Internal Enterprise Assets

7.6            Perform Automated Vulnerability Scans of Externally Exposed Enterprise Assets

7.7            Remediate Detected Vulnerabilities

WithSecure Elements Infinite automatically identifies OS and application vulnerabilities together with recommended patches. In addition, it will also give prioritized recommendations based on business criticality, severity and if asset is present in critical attack paths in the environment.

Both internal and externally exposed assets may be scanned.

Patching and general software update for both OS and 3^rd party applications can be automated or partially automated depending on business need.

Improve protections and detections of threats from email and web vectors, as these are opportunities for attackers to manipulate human behaviour through direct engagement.

WithSecure can help you reach compliance in two software and one network asset types.

9.1            Ensure Use of Only Fully Supported Browsers and Email Clients

9.3            Maintain and Enforce Network-Based URL Filters

WithSecure Elements application control can restrict the use of web browsers and email clients that can be run on local devices. Furthermore, multiple levels of URL restrictions may be put in place depending on organizational need.

Prevent or control the installation, spread, and execution of malicious applications, code, or scripts on enterprise assets.

WithSecure can help you reach compliance in six devices asset types.

10.1    Deploy and Maintain Anti-Malware Software

10.2    Configure Automatic Anti-Malware Signature Updates

10.3    Disable Autorun and Autoplay for Removable Media

10.4    Configure Automatic Anti-Malware Scanning of Removable Media

10.5    Enable Anti-Exploitation Features

10.6    Centrally Manage Anti-Malware Software

10.7    Use Behaviour-Based Anti-Malware Software

This domain is covered in full by the WithSecure Elements Infinite service. Anti malware software is an integral part of the domain and is continuously updated.

WithSecure Elements supports extensive control and scanning of USB or alternatively attached storage, including automatic file execution.

All aspects of WithSecure Elements are centrally managed through Elements Security Center.

For anti-exploitation WithSecure Elements provides features, including behaviour-based, such as DeepGuard, DataGuard, Rollback, XFence (macOS) where data can be safeguarded from encryption, and it can even spot zero-day malware.

Operate processes and tooling to establish and maintain comprehensive network monitoring and defence against security threats across the enterprise’s network infrastructure and user base.

WithSecure can help you reach compliance in three device asset types.

13.2    Deploy a Host-Based Intrusion Detection Solution

13.7    Deploy a Host-Based Intrusion Prevention Solution

13.11 Tune Security Event Alerting Thresholds

WithSecure Elements Infinite delivers an MDR service based on the EDR product. This EDR will both detect and enable response actions to be taken by WithSecure Detection & Response team.

In addition, three important functions, WithSecure Threat Intelligence, Incident Response Team and the Detection & Response Team are collaborating to tune and evolve the EDR alerting to match the current and future threats.