As a financial company that deals in a critical aspect of their clients’ lives, Swiss Life attaches great importance to their corporate governance policies. In following with their procedures around international accounting, auditing, and a code of conduct to safeguard the interests of their shareholders, policyholders, and staff, Swiss Life wanted to better understand the risks contained within their external attack surface. To do so, they turned to Censys.
Benefits achieved
Since deploying the Censys Attack Surface Management Platform, Swiss Life has been able to:
Gain Full Visibility: Even with decommissioning processes in place, the Swiss Life team discovered a number of leftover corporate assets.
Determine Asset Origin: The platform’s asset attribution enabled Swiss Life to identify a clear link between how an asset was found and its origin.
Improve Workflow: Swiss Life could now effectively segment and manage assets within their dispersed teams, reducing the noise each division was exposed to.
Triage and Remediate: The team could now strategically prioritize risks and assign remediation tasks to the appropriate divisions, without compromising internal compliance.
Save Time: Automated asset discovery and monitoring displayed within a single platform view eliminated time previously spent on identifying and tracking corporate assets.
About Swiss Life’s security goals
Swiss Life has provided financial security for individuals and corporations for more than 165 years. With locations and teams dispersed throughout Europe, Swiss Life’s primary divisions fall within Switzerland, France, and Germany, with additional competency centers in Luxembourg, Liechtenstein, and Singapore.
In following with their procedures around international accounting, auditing, and a code of conduct to safeguard the interests of their shareholders, policyholders, and staff, Swiss Life wanted to better understand the risks contained within their external attack surface. Because their corporation is divided into several divisions, Swiss Life had faced challenges around not only having a bird’s eye view of the governance and compliance issues security teams were finding, but discovering vulnerabilities; each team was working on their own and following their own processes to uncover vulnerabilities.
“[How we] found what was unknown was by accident; there was no real standardized process to find the unknown.”
– Wolfgang Bauer, IT Security Manager, Swiss Life Deutschland Operations GmbH
Though the Swiss Life team already had Vulnerability Management (VM) tools in place, which scanned for internal assets as well as assets the team already knew about, they lacked a way to efficiently identify external assets or assets that were not located in data centers. Enter Censys.
Revealing internet exposure through the Censys Attack Surface Management Platform
Despite Swiss Life’s highly-dispersed teams and complex attack surface, Censys was able to quickly onboard the company onto the Censys Attack Surface Management Platform. Immediately after an initial Internet-wide scan, Swiss Life’s security leaders were able to see their Internet assets and prioritized risks in one place within their Censys dashboard. Although Swiss Life follows very stringent security policies, they were surprised to see how many “leftovers” the scan uncovered; even with processes in place for discontinuing and decommissioning services.
Swiss Life also found the Censys Workspaces capability to be incredibly useful for segmenting and managing assets within their dispersed teams. Security leaders could see vulnerable external assets as well as the division to which they belonged. Armed with this information, Swiss Life could easily alert the division’s security team to triage and fix the issue. The separation of workspaces also reduced the overall noise each division was exposed to, allowing them to focus on only the assets that belonged to them. Additionally, segmentation of divisions allowed visibility for leaders, but did not reveal attack surfaces to or between divisions, an essential need for compliance.
“Censys helps us see links between assets and DNS entries or outdated software, but in one screen so we don’t have to search for them.”
– Wolfgang Bauer, IT Security Manager, Swiss Life Deutschland Operations GmbH
How Censys compares to competitors
Swiss Life tested the Censys Attack Surface Management Platform as well as our competitors’ and found that Censys:
- Provided easier-to-understand classifications in our dashboard
- Established a clear link between how an asset was found and its origin
- Offered better visibility into software, risks, and certificates
“When managing any attack surface, finding a new risk means you must also find the person responsible for remediating. With Censys ASM Workspaces, it is simple and easy to segment our attack surface so that it is clear who within the division needs to take action.”
– Wolfgang Bauer, IT Security Manager, Swiss Life Deutschland Operations GmbH
Download the full case study.
Want to see Censys Attack Surface Management in action?
Schedule your free demo today!
Schedule Demo