惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

Jina AI
Jina AI
宝玉的分享
宝玉的分享
Last Week in AI
Last Week in AI
Help Net Security
Help Net Security
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
人人都是产品经理
人人都是产品经理
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
GbyAI
GbyAI
博客园_首页
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
MongoDB | Blog
MongoDB | Blog
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
L
LINUX DO - 最新话题
PCI Perspectives
PCI Perspectives
博客园 - 三生石上(FineUI控件)
V2EX - 技术
V2EX - 技术
Spread Privacy
Spread Privacy
T
Tor Project blog
量子位
阮一峰的网络日志
阮一峰的网络日志
S
SegmentFault 最新的问题
小众软件
小众软件
博客园 - 叶小钗
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
Blog — PlanetScale
Blog — PlanetScale
H
Help Net Security
Y
Y Combinator Blog
N
News | PayPal Newsroom
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO
T
Tenable Blog
Scott Helme
Scott Helme
G
GRAHAM CLULEY
大猫的无限游戏
大猫的无限游戏
aimingoo的专栏
aimingoo的专栏
IT之家
IT之家
Schneier on Security
Schneier on Security
F
Fortinet All Blogs
Martin Fowler
Martin Fowler
T
Threat Research - Cisco Blogs
博客园 - 司徒正美
Application and Cybersecurity Blog
Application and Cybersecurity Blog
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
Attack and Defense Labs
Attack and Defense Labs
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
The Last Watchdog
The Last Watchdog
L
LangChain Blog
C
Check Point Blog
Google Online Security Blog
Google Online Security Blog
V
Visual Studio Blog
Latest news
Latest news

The Register - Security: CSO

Anthropic's Mythos has The Kettle crew curious, skeptical 'People's Panel' to check if UK wants controversial Digital ID will cost £630K Top npm package backdoored to drop dirty RAT on dev machines Lightning-fast exploits mean patch fast, says Cisco Talos Lightning-fast exploits mean patch fast, says Cisco Talos Smooth criminals talking their way into cloud environments, Google says Cybercrime up 245% since the start of the Iran war Scattered Lapsus$ Hunters seeks women to defraud helpdesks Every day in every way, passwords are getting worse CISA quietly updated ransomware flags on 59 flaws last year Deepfake job seeker applied to work for an AI security firm Deepfake job seeker applied to work for an AI security firm AI-powered cyberattack kits are 'just a matter of time' AI-powered cyberattack kits are 'just a matter of time' FortiGate SSO bug still exploitable despite December patch FortiGate SSO bug still exploitable despite December patch Judge tosses CrowdStrike shareholder suit over 2024 outage DRAM shortage may drive firewall prices higher: analysts Ransomware attacks kept climbing in 2025 as gangs refused to stay dead Around 1,000 systems compromised in ransomware attack on Romanian water agency 1,000 systems pwned in Romanian Waters ransomware attack Half of exposed React servers remain unpatched amid attacks CISA warns spyware crews are breaking into Signal and WhatsApp accounts FCC guts Salt Typhoon telco rules despite espionage risk CISA orders feds to patch Oracle Identity Manager zero-day SEC drops SolarWinds lawsuit that painted a target on CISOs everywhere SEC bails on SolarWinds lawsuit Palo Alto kit sees massive surge in malicious activity amid mystery traffic flood Palo Alto kit sees massive surge in malicious activity Countries use cyber targeting to plan strikes: Amazon CSO Overconfidence is the new zero-day as teams stumble through cyber simulations UK's Cyber Security and Resilience Bill makes Parliamentary debut Cyber insurers paid out over twice as much for UK ransomware attacks last year Cyberpunks mess with Canada's water, energy, and farm systems Trump's workforce cuts blamed as America's cyber edge dulls Feds flag active exploitation of patched Windows SMB vuln How malware vaccines could stop ransomware's rampage Salesforce refuses to pay ransomware crims' extortion demand Germany slams brakes on EU's Chat Control snoopfest Germany slams brakes on EU's Chat Control snoopfest Employees regularly paste company secrets into ChatGPT Oracle tells Clop-targeted EBS users to apply July patch Red Hat repos raided, claims cybercrew, files stolen Suspected Chinese spies broke into 'numerous' enterprises UK gov acknowledges 'strong case' for JLR financial support JLR extends shutdown – again – as toll on workers laid bare UK chancellor blames cyberattacks on Russia despite evidence Fortra discloses 10/10 severity bug in GoAnywhere MFT Entra ID bug could have granted access to every tenant UEFI Secure Boot for Linux Arm64 – where do we stand? JLR says cyber cleanup to take additional week Insider blamed for FinWise data breach affecting nearly 700K Nork snoops whip up fake military ID with help from ChatGPT UK government dragged for incomplete security reforms Church of England abuse victims exposed by lawyer's email US spy chief claims UK backdown on Apple backdoor demand Workday confirms CRM breach via social engineering Black Hat/DEF CON: AI more useful for defense than hacking Ex-White House cyber guru talks Microsoft security fails CISA releases malware analysis for Sharepoint Server attack China: US spies used Microsoft Exchange 0-day to steal info Security pros drowning in threat-intel data Identity attacks surge 156% as phishermen get craftier Organizations can’t keep up with supply chain security musts Amazon CISO: Iranian hacking crews ‘on high alert’ UK data watchdog fines 23andMe £2.3M over 2023 breach Employers are demanding too much from junior cyber recruits FCA warned four staffers who pocketed regulator data Ransomware just wrecked your network – now what? Ivanti RCE attacks 'ongoing,' exploitation hits clouds Ex-NSA listened to Scattered Spider's calls: 'They're good' Snowflake CISO talks lessons learned from breaches, improv Why CVSS is failing us and what we can do about it Infosec pros still aren't nailing the basics of AI security Ransomware crims targeting systems between IT and operations NCSC and industry at odds over how to tackle shoddy software Powerschool extortionists may not have deleted stolen data CrowdStrike trims workforce by 5 percent, aims to rely on AI NSO Group must pay Meta $168M in WhatsApp spy case Ghost in the shell script: Boffins seek code correctness How Intruder finds what others miss in cloud security Linux malware can avoid syscall-based endpoint protection Infosec pro blabs about alleged malware mishap on LinkedIn The future of AI in cybersecurity in a word – optimistic CVE board 'kept in the dark' on funding, members say Security snafus caused by third parties up from 15% to 30% Blue Shield shared 4.7M people's health info with Google Ads Who needs phishing when your login's already in the wild? US cyber defenses are being dismantled from the inside Bug hunter obtains an SSL cert for Alibaba Cloud in 5 steps
Why aggregating asset inventory leads to better security
Pete Constantine Pete Constantine · 2025-05-13 · via The Register - Security: CSO

PARTNER CONTENT For many organizations, managing IT assets is like trying to complete a jigsaw puzzle without all the pieces. Despite massive investments in security tools and controls, many companies still have critical gaps in their ecosystems that leave them vulnerable to breaches.

Often, these gaps stem not from a lack of tools (as if such a thing exists in security) but from incomplete visibility and integration across them. By aggregating and analyzing data from multiple systems, security leaders can gain a more robust picture of their IT inventory and security posture.

The challenge with disparate security tools

It’s not unusual for enterprises to deploy a wide array of security tools. The average organization uses roughly 10 of them, covering everything from endpoint management to identity and access control. These tools often operate in silos, creating fragmented and occasionally contradictory reports.

Let's look at a practical example. Consider an organization using these tools:

  • Microsoft Intune and Jamf for mobile device management (MDM)
  • CrowdStrike for endpoint detection and response (EDR)
  • Tenable for managing vulnerabilities
  • Microsoft Entra for identity and access management (IAM)

On paper, each system might appear to report accurate asset figures. For example, both Intune and Jamf might show 5,000 managed devices, while Entra reports 4,500 user accounts. At first glance everything looks secure, but collecting and analyzing inventory from these tools in the aggregate reveals a more complex picture.

Finding the gaps in disconnected data

The first step in finding control inventory gaps is typically a lengthy, manual effort. Perhaps data is exported and dumped into a complex, multi-tab nightmare spreadsheet. Others may turn to more nuanced but equally challenging SQL and Power BI queries. Aggregating asset and control inventory has been one of the foundational capabilities we're building at Prelude to reduce dependency on lengthy, manual exercises that ultimately contribute enormous value to your security program.

Whatever the path to correlating which devices have X and Y tools, surprising discrepancies often come to light. Leaning on our previous example, we may find now that our actual inventory is 5,500 managed endpoint devices, not 5,000. And within this aggregated data set:

  • 200 devices are missing CrowdStrike's sensor protection.
  • 300 devices lack MDM coverage, leaving them without configuration policies.
  • 100 devices are missing Tenable data, meaning vulnerabilities aren’t being tracked.

Even more concerning would be any issues related to the functionality and efficacy of existing security tools on those new devices:

  • 150 devices (3 percent) have a broken or misconfigured EDR system, meaning they’re operating in a suboptimal state, like CrowdStrike's Reduced Functionality Mode.
  • 300 devices (6 percent) lack recent vulnerability assessments.
  • 200 devices (3.5 percent) that should report to MDM haven’t done so recently, making them effectively rogue devices.

When we apply the same process to our users, the gaps can be just as alarming:

  • Of the 4,500 users in the directory, 75 have no associated device record in critical security controls, making their devices completely unmanaged and unknown.
  • Of the 75 users, 15 carry a high risk with access to sensitive data (like your finance and sales teams), compounding the threat to organizational security.

Because these disparate security tools don't talk to one another, these gaps are rarely visible when each tool is evaluated in isolation. Looking at asset management in the aggregate detects them, offering organizations a previously unattainable level of insight into their true security posture.

How does any of this happen?

One of the biggest challenges in cybersecurity is not new threats and vulnerabilities, but an unclear picture of what needs to be secured. When I ran product management at Tanium, we often found that between 10-15% of an organization's devices were unmanaged and missing at least one management or security tool. While this happens quite easily already, remote work and an increasing number of tools available means the likelihood for gaps to pile up has only grown.

As a security leader, you may inherit that company with 4,500 employees and 5,000 devices. These are the known variables. You have contracts with CrowdStrike for 5,000 devices, Entra for 4,500 users and so on.

But perhaps other devices were never properly retired or acquired through non-standard channels, such as bring-your-own policies or temporary project teams. Small oversights like these pile up. Devices get added without proper tracking, and as the business grows and evolves, the gap between what you think you have and what you really have widens. With inventory happening on many different platforms, the things you don't know can hurt you.

How an aggregate asset inventory supports your security program

Control gaps, missing data, and misconfigurations aren’t just technical hiccups; they can be the difference between thwarting a cyberattack and suffering a career-ending breach. Many security teams and tools get hung up on false positive suppression, tuning detections, and the next best vendor. But knowing what to secure—and ensuring your current tools are doing so—is a lion's share of the battle.

Complete visibility into what you need to secure

Looking at asset management in the aggregate provides a single source of truth for IT inventory by consolidating data from all your various security tools. Instead of relying on each tool’s reports, organizations gain a unified view of their assets, including devices, user accounts, and cloud resources.

Not only does this expose any blind spots in your control environment, but it affords greater operational efficiency for your team. With a single source for your inventory, your team spends less time reconciling disparate reports and more time focusing on meaningful improvements to your program.

Improved control coverage and performance

The simplest way for an attacker to evade EDR is to go where it isn't. By aggregating data, organizations can ensure that critical controls such as EDR, MDM, and vulnerability management are applied consistently across all assets. It’s much easier to identify which devices are missing protections or misconfigured when you’re looking at the full picture.

Aggregate asset management highlights gaps in real time, allowing teams to address vulnerabilities before attackers exploit them. Whether it’s a rogue device, a misconfigured control, or outdated vulnerability data, these risks can be mitigated proactively when they’re visible.

Justification of control investments

Best-of-breed security tools are only as effective as you enable them to be. You invest heavily into tools like your EDR and IAM platform and have certain expectations of what they'll do to protect your business. Those tools immediately lose value when entire segments of your estate aren't being covered or have fallen into suboptimal performance states. By establishing your full inventory of assets, you can lay the foundation for a better defense built with tools you're already invested in.

Better security starts with better inventory

The complexity of today’s IT environments demands a new approach. Aggregate asset management ensures the most comprehensive visibility into your assets, strengthens security tool integration, and delivers actionable insights to close critical gaps in your security posture.

If you'd like to learn more about what we're doing at Prelude to make this an easier reality for teams at scale, create an account and start connecting your tools.

About the author Pete Constantine has a storied history in product management and development of endpoint security products. Formerly the chief product officer of Tanium, Pete now leads product development at Prelude Security, focusing on building capabilities that empower teams to easily evaluate the coverage, configuration, and efficacy of their security tools.

Sponsored by Prelude Security