Rumble and Noetic integrate to automate workflows that solve coverage gaps
Lack of visibility, correlation, and automation are major hurdles impeding security vulnerability identification and mitigation. Existing tooling often imprecisely fingerprints anything but common devices like standard-issue workstations. Some tools miss unmanaged and orphaned devices entirely. Identification coverage gaps for an attack surface are all too typical as a result. Leveraging additional sources of asset data can help but only if properly chained together for actionable insights that may be automated for effective mitigation.
Rumble is an asset inventory and network visibility solution that helps security and IT teams know every asset and stay on top of changes in the network. Noetic is a cyber security asset management and controls platform that delivers visibility into cyber security posture, cloud and on-premise environments, using existing insights from IT management and security tools. Together, Rumble and Noetic can identify coverage gaps and automate workflows to address them.
Most asset inventory solutions have gaps in what they detect. Rumble covers all of your bases, including managed and unmanaged devices, IT and OT infrastructure, devices at work and at home. On top of accurate OS and service fingerprints, Rumble learns attributes such as installed anti-malware products, secondary network interfaces, and Windows domain memberships.
Rumble fits well into any organization. Many asset inventory solutions use aggressive scan tactics that can destabilize some IT and OT devices. Rumble only sends well-formed IP packets and does not use security probes. The proprietary unauthenticated scanner means no agents on every device, no collecting passwords from different teams and organizations, and no access to SPAN ports in your sprawling network. Rumble offers easy deployment for fast and accurate asset inventory.
Noetic’s integration with Rumble offers out-of-the-box functionality for immediate value in the form of queries, workflows, and functions. Using provided queries, users can quickly see which assets are already scanned or still to be scanned by Rumble. Predefined workflows allow Noetic users to ingest all supported entities from Rumble, but that is not all. Noetic provides a bidirectional connector to Rumble, so users can also queue a scan on a Rumble Explorer directly from Noetic.
The agentless connector also exposes underlying capabilities of Rumble to support integrated workflows that link capabilities across multiple solutions. An organization can automatically create a ServiceNow ticket for orphaned or unmanaged assets through visibility from Rumble combined with Noetic’s workflow engine. Similarly, an organization can automatically identify devices missing an EDR agent and remediate with automated deployment, with no human intervention.
Aside from workflows for continuous improvement, Noetic provides updated views of cyber risk. Noetic’s Rumble integration provides a dashboard to see high-level statistics to highlight previously unknown assets, possible rogue wireless access points, and security coverage gaps. Beyond the dashboard, Noetic correlates and aggregatesDo the Rumble asset inventory with data sources for a multi-dimensional, holistic view of the entire cyber estate.
To link Noetic and Rumble, enable the Rumble connector in the Noetic platform. You will need to provide a Rumble API key to link the two applications, you can then schedule a regular import feed to ensure your data is fully up-to-date.
The Rumble connector comes with out-of-the box workflows, queries and functions that are designed to take advantage of Rumble’s capabilities, such as ingesting specific data types or scheduling additional scans.
Get Rumble Professional free for 21 days
Deploy Rumble and build your asset inventory in minutes.Start your trial
January 24, 2020
Syncing Rumble Assets with Splunk
We are excited to announce the availability of an official Splunk Addon for Rumble! This addon uses the new Asset Sync API included in version 1.3.1 of the platform and supports two modes of operation. The New Assets Only mode will only pull in assets that have not been …Read More