Virtualization Technology News and Information
RSA Conference 2024 Q&A: Ordr Will Showcase Its Recently Launched OrdrAI CAASM+ (Cyber Asset Attack Surface Management) Product

VMblog RSA 2024 

Are you attending the RSA Conference?  It's the world's leading information security conference and exposition.  The event is taking place May 6 - 9, 2024 at the Moscone Center in San Francisco.  This year's theme: The Art of Possible - as we collectively create works that will change our perspective on what we can accomplish. Let's celebrate limitless opportunities, challenge the status quo, and explore new horizons together.

Read this VMblog exclusive interview with Pandian Gnanaprakasam, Chief Product Officer and Co-Founder of Ordr, a leader in AI-powered asset intelligence.

ordr logo 

VMblog: To kick things off, give VMblog readers a quick overview of the company. 

Pandian Gnanaprakasam:  Sure thing. Ordr's platform provides complete, real-time visibility and insights for every network-connected asset, including devices, users, installed software, SaaS applications, and cloud workloads. This is important because the explosive growth of connected assets in use across the enterprise make it impossible for accurate cybersecurity decisions to be made without comprehensive asset visibility. Our technology provides these insights to security teams.

VMblog: How can attendees find you at the show? How many folks are you sending? What can attendees expect?

Gnanaprakasam:  We're looking forward to seeing folks at RSA this year. I'll be there, along with Ordr CEO Jim Hyman, CRO Kevin Arsenault, CMO Danelle Au, VP Product Management Srinivas Loke, Head of Partner Sales Bryan Wallace and many other talented product experts.

We'll have a meeting area in Fogo DeChao (co-sponsoring alongside Synack), and will also be at booth number 3338, over in the Moscone South Expo. Anyone who stops by can learn more about our recently launched OrdrAI CAASM+ (Cyber Asset Attack Surface Management) product, which delivers complete visibility into assets and the enterprise attack surface. Unlike other CAASM+ solutions, we not only discover assets via API-connectivity to existing tools, but we also complement that with our own Ordr Discovery Engine and Ordr Software Inventory. This helps us deliver the accuracy, context and completeness needed to have a single source of record on assets.

We also bring to OrdrAI CAASM+ our learnings about solving critical connected asset security challenges in some of the most complex verticals in the world, like healthcare and manufacturing industries, where this accuracy and context is critical for patient care or business operations.

Security teams can start with OrdrAI CAASM+ and then expand to our existing OrdrAI Protect products for in-depth threat detection, behavioral intelligence and segmentation for mission-critical IT, IoT and OT assets.

VMblog: How many times have you sponsored the RSA Conference?

Gnanaprakasam:  We're a regular attendee and sponsor of the annual RSA Conference. We've been a sponsor 4 times, except during COVID.

VMblog: What made you sponsor RSA this year? Is this a must sponsor event for your company?  

Gnanaprakasam:  RSA is the biggest annual gathering of security professionals in the world, and it happens in our backyard. It's a tremendous opportunity to hear what the latest minds in security have to say about the industry, and to network with customers, partners and peers. We wouldn't miss it.

VMblog: What key challenges are leaders facing today? What examples can you cite?  

Gnanaprakasam:  A common lament we hear from CISOs is that they are responsible for the security of every asset in their organization whether they know about it or not. And at the rate that attack surfaces are expanding, it creates a major challenge for security teams. They are tasked with understanding and protecting their organizations, but if you can't see everything in your environment, how can you protect it?

Ordr addresses this need by discovering every asset, monitoring for vulnerabilities, security gaps and threats, and securing every asset in real time. We are very flexible in our ability to automate action if there is an issue, whether it is generating a ticket to patch a device, shutting down a port, terminating a session, quarantining a device, or implementing Zero Trust segmentation policies. These policies can all be generated by Ordr and enforced on existing security and networking infrastructure.

In one customer environment, we were able to reduce dwell time from days to minutes because of the insights that Ordr provided. In another example, our customer was manually identifying assets, and having to write powershell scripts to try to understand what types of software applications were running on them. We were able to automate this process and make an inventory available continuously to them. This helped increase visibility by 2x, because they were not aware of devices that were in the network and deployed by other teams. Our customer was able to allocate resources previously performing manual inventory towards higher value tasks - and reaped cost and time savings.

VMblog: What is your message to RSA attendees coming out to the show this year?

Gnanaprakasam:  You can't protect what you can't see, and so ask yourself: Do you truly know what's connected to your network? Have you been able to keep up with the rapid expansion and evolution of your company's attack surface? Do you have a precise, real-time understanding of your environment and the context needed to rapidly react when a new zero day is brought to light? If the answers to any of these are no, then be sure you come by and chat with us.

VMblog: What market needs or problems are you addressing in the security space?

Gnanaprakasam:  With the rising frequency of enterprise cybersecurity incidents, it's imperative that security teams not only identify what assets they own, but also know what's running on those assets, including software operating versions, permissions - and what those connected assets are accessing. These insights provide security teams with a prioritized list of vulnerabilities and risks that can improve cybersecurity hygiene, accelerate incident response and reduce risk.

Ordr believes that asset visibility alone falls short in empowering teams to proactively safeguard their attack surface. Comprehensive asset intelligence is essential for teams to proactively uncover and fix asset risks and exposures. We provide a frictionless option for organizations to manage their entire asset attack surface, incorporating devices, users, installed software, cloud operations, and SaaS instances into a single source of the truth.

VMblog: What are some of the key takeaways of your solution that RSA conference goers should be aware of? And what sets you apart from the competition?

Gnanaprakasam:  In enterprise environments where asset landscapes are complex and interconnected, Ordr can help bridge the gap between physical and digital assets, giving customers comprehensive, accurate visibility. Our approach goes beyond traditional API-reliant methods, capturing data for all assets - including often overlooked devices, such as IoT, OT, industrial controllers, and legacy systems. Data and business insights are the foundation of our platform, which we developed around three principles: comprehensiveness, depth of coverage, and proven accuracy.

VMblog: What are some top priorities for security leaders at RSA to consider this year?

Gnanaprakasam:  Obviously, AI will be on the tip of everyone's tongue again this year. But I think what security leaders need to start thinking about is whether the AI being discussed can actually help a company's security teams - or if it's just hype. AI will become more important to the industry as it matures, but the key word here is ‘matures.' Not everything is ready for AI, and that's OK. Look through the hype to see the reality, and whether an ‘AI-driven' solution actually has the goods to help you today. In the OrdrAI CAASM+ product, we recently added a Generative AI-powered that helps simplify the ability for security and IT teams to query questions about their security posture.

VMblog: What are some of the security best practices you would deem critical?

Gnanaprakasam:  It's never a bad idea to improve visibility, at all levels. It's really the only way to counter expanding environments and the resulting expansion of responsibilities. As they say, knowledge is power, and this couldn't be more true when it comes to security.

VMblog: The keynote stage will be talking about major themes this year. But what trends are you seeing that we should be aware of in 2024 and beyond?

Gnanaprakasam:  One of the biggest trends we've seen in the industry thus far this year is that security teams and organizations have come to understand that there are not going to be additional resources available for them to expand their teams; they need to do the best they can with the resources they already have. This has led to a renewed interest in solutions that embrace automation and can improve outcomes, while also being efficient for them to use.

VMblog:  You mention the need for real-time, accurate visibility into the assets connected to an organization's network. But what should security teams do with that information when they have it?

Gnanaprakasam:  Great question. It really comes down to taking that visibility and using it to inform your security posture, so you can more effectively make the right decisions. Prioritize the top vulnerabilities impacting your business. Identify security coverage gaps with your EDR (endpoint detection and response) or MDM (mobile device management). Pinpoint users with privileged access. Enrich your CMDB. Generate Zero Trust segmentation policies to limit asset communications and lateral movement. Visibility can strengthen all other efforts.

VMblog:  Why is it so important to have visibility when a new zero day comes to light?

Gnanaprakasam:  When a new zero day vulnerability is uncovered, everyone scrambles - vendors to see if they're impacted and offer a patch, and security teams to understand and mitigate any risk, of course. But attackers also scramble as well, canvassing organizations to see where they can exploit that vulnerability. It becomes a race against time. If security teams can instantly see any potential impact in their environment it gives them the ability to act quickly - patching or segmenting connections and mitigating exposures before attackers can gain access. Visibility changes the game.

VMblog: As a show sponsor, do you have any tips for attendees to better prepare or handle the conference?

Gnanaprakasam:  As anyone who's attended can attest to, the show is an awesome, but incredibly busy experience. Come prepared - think about who is most important to meet with and learn from, but at the same time, block off enough time to learn more about something new you heard about at the event. It could be a booth visit, or attending a presentation on the fly, but leave the flexibility to do that and you won't be disappointed.


Published Monday, May 06, 2024 7:30 AM by David Marshall
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<May 2024>