Take this quiz to discover your organization's level of network security risk
1. What is your level of visibility into your network to understand network and security changes?
We have zero visibility
The only visibility we have is through an excel spreadsheet that we use to track security policy and changes.
We can track baseline changes, but changes are adhoc without an understanding of the impact across the network.
We can compare historical changes but there is little documentation
We document all of our network and security policy change requests, to understand who made them, when and why
We have mapped all the firewalls, devices and routers and cloud instances on our network but we still lack real-time visibility
2. How optimized is your firewall to mitigate risk?
We have no idea . . .
We know we have unused, redundant and shadowed rules
We routinely clean up firewall rules manually
We can identify overly permissive rules and risky policy change requests
We understand the impact of a rule change across the entire network
We can automatically remove risky and unused rules
3. How long does it take to perform security changes in your environment? What is your average SLA?
Two weeks to two months
Over a week
6 hours to 12 hours
1 hour to 6 hours
4. What is your level of automation?
Everything is an adhoc, manual process
We have low level automation with our ticketing system
We have semi-automated workflows
We can do real-time change design and analysis of firewall rules
We automate the provisioning of network change requests
We have zero-touch security policy change automation
5. What is your level of audit readiness?
We struggle to meet basic compliance requirements
Our process is very manual and resource intensive
We have segregation of duties and change tracking to pass basic compliance but it is still a manual process
We can easily perform compliance analysis and generate reports against industry regulations
We can ensure application compliance with network security policies
We have continuous compliance built into our zero-touch change automation processes
6. What is your level of security visibility in the cloud?
We are aware of changes are being made in cloud infrastructure that put us at risk but we don't have visibility into that change.
We have some basic visibility track into our cloud configurations but have no way to know if DevOps is follow security policy.
We can identify risky and non-compliant configurations based on security groups and tags
We have the ability to troubleshoot our north-south and east-west traffic as it traverses the network
We have an automated process for provisioning and making changes in our cloud infrastructure along with security configurations.
We have a tight integration with DevSecOps to model change within policy and ensure compliance built into the DevOps process
Click the button below to see your results
to view your personalized risk mitigation report with recommendations.
View your risk mitigation report