Close
  • Latest News
  • Artificial Intelligence
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Artificial Intelligence
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity

    How Brinqa Brings Actionable Insights to Cyber-Risk Management

    By
    Frank J. Ohlhorst
    -
    July 12, 2019
    Share
    Facebook
    Twitter
    Linkedin
      Brinqa.Risk.Mgt

      Defining context and performing risk analysis have become the cornerstone of building effective cybersecurity. After all, today’s ideology of risk avoidance has become one of the major methodologies for eliminating the threats posed by the latest attack vectors. Yet identifying attack vectors—as well as building resilient systems—takes a witch’s brew of analytics, data science and insight to create the potion of risk avoidance. This is something many enterprises have struggled to concoct in a speedy manner.

      Go here to see a listing of eWEEK’s Top SIEM Companies.

      Go here to see a listing of eWEEK’s Top Predictive Analysis Companies.

      Austin, Texas-based Brinqa—that spelling is indeed correct—is offering a prescription for mitigating cyber risk. The company’s cyber risk management ecosystem bundles together the technologies needed to bring forth context and relevance from security data, which is used to create knowledge driven insights to create effective risk avoidance and mitigation policies.

      The Platform Approach

      Brinqa uses a platform approach that combines data discovery using a data connector framework with an intelligence engine and an automation engine to create visual dashboards that highlight cyber risk. A data design studio offers administrators the ability to build and customize hierarchical models of business functions, processes, infrastructure, and applications.

      The company’s ideology of giving administrators the power to access hundreds of heterogeneous data sources, as well as bring big data style analytics into the picture may prove to be a game changer in the evolving cyber risk market. The more data that is fed into the system brings forth more precise insights, building an actionable model for risk analysis and risk avoidance, allowing enterprises to incorporate all feeds from data in motion, further fueling the ability to identify outliers and potential chinks in the data protection armor.

      It is important to note that a platform approach that integrates with existing ecosystems will prove to be one of the most important methodologies to deal with cyber risk, which evolves rapidly, meaning that using intelligent processing will be critical to expose previously unseen risks in heterogeneous environments.

      Brinqa is all about centralizing the data and exposing the relevance of that data in a meaningful fashion. The product uses dashboards to visually represent actionable insights around risk. The primary dashboard (left) is designed to present important risk and performance measure that require constant oversight and also highlights any immediate actions necessary. Dashboards can be customized and tailored for specific roles, such as business users, InfoSec professionals, analyst, remediation teams and so on.

      Customization is used to show the information that is most relevant to specific users when they first log in to the system. All dashboards and reports support drill-down capabilities driven by user-selectable metrics, which can surface additional information that is the most relevant to the user, making it easier to take action.    

      Ultimately, Brinqa brings visualization to risk measurement and relays the uncovered risk statistics via reports and dashboards, making it easier for security professionals to assess systems and determine relevant risk. What’s more, the platform is able to quantify the existing coverage of the vulnerability management programs, determine how many assets exist in the program and how many of those assets have been scanned recently, what is scan coverage for individual locations, data centers, etc. This report (right) is used by programs to ensure that their scanning coverage meets set goals.

      Hands on with Brinqa Cyber Risk Management Platform

      Deploying Brinqa can be a complex endeavor because of the number of data sources with which the platform can interact. However, the company provides pre-built risk/data models, one-click connectors, pre-defined data mappings, libraries of reports and metrics and other tools to ease the configuration burden and help businesses get up and running quite quickly.

      The company also offers components for on-premise data gathering, as well as cloud connectors and some hosted elements. These include the Brinqa server, which can be deployed on Google’s cloud services, as well as AWS and other hosts to deliver a true SaaS experiance.

      Ultimately, all the analysis and actionable insights are delivered to the Brinqa web application client, which is manifested as a browser-based console accessible from an internet connected PC. The web application runs the dashboards and acts as the interface between the user and the Brinqa server.

      It is important to note that processing takes place in the cloud, meaning that no latency is added to applications from Brinqa’s analytical processing and data gathering tasks. What’s more, much of the complexity can be hidden from the end user; Brinqa engineers are available to assist on setup and provisioning of the platform. Once provisioned, most users can quickly come to grasp with everything offered by the platform.

      By hosting the platform on a cloud and using agents to gather data, Brinqa has eliminated one of the biggest concerns of those managing network and operational security, the ability to scale. The cloud-based deployment reduces the complexities of scaling up or down by providing on demand provisioning of more resources or the ability to quickly de-provision un-needed resources. That proves important to businesses who have cycles of high application use due to seasonal or other events

      One specific area that Brinqa differs from other cyber-risk analysis products is in the concept of building an ontology. Simply put, an ontology in the world of cybersecurity consists of organizing a set of concepts and categories that reveals data properties and surfaces the relationships between those data properties. An example would be creating a category that consists of transactions related by data elements, such as time, source, or location, and then additionally finding relationships between other data elements, such as metadata and network movement.

      Ontology as an information science brings value to any ETL (Extract, Transform, Load) process used for data science and analytics. For Brinqa, the company’s solutions are built on a comprehensive, standardized data ontology that clearly defines, delineates and represents the common IT, security and business assets that comprise a typical enterprise technology infrastructure, and the relationships between them.

      Brinqa’s default ontology is built on cybersecurity best practices, industry standards and the company’s growing experience with real-world customers. Customers have complete access to the data modeling capabilities used to define and develop the default ontology and can further tune the risk models to accurately represent their unique environments.

      The ability to adjust risk models is crucial for effective risk analysis. What’s more, most organizations do not rely on any industry standards for implementing technology and security environments. Customization of the risk models allows organizations to leverage custom standards and account for areas where standards have changed over time. Customization allows users to derive better risk insights and better adapt the ontology to meet their specific needs.

      Ultimately, Brinqa is able to deliver risk insights that are relevant to an organization, and account for any unique characteristics that have an impact on risk analysis, which can be reflected in a businesses’ cybersecurity data models. Customization is also essential to keep pace with the constant change in the IT and cybersecurity landscape.

      The insights and orchestrated data that Brinqa provides can prove critical for organizations seeking to gain control of their data while also establishing compliance and protecting privacy. What’s more, the vulnerability assessment process lends itself well to defining policy and enforcing security rules. The ability to uncover relationships, behaviors and norms is quickly becoming one of the most important abilities of any AI-powered security system. Yet, the challenge has always been one of representing that information is a fashion easily understood by humans. Brinqa’s dashboards, reports and consoles readily accomplish that, allowing humans to take action where needed, before a vulnerability becomes an insurmountable problem.

      Categorizing and assigning levels of importance to vulnerabilities help system administrators deal with rapidly evolving cybersecurity challenges. Brinqa does a lot of the heavy lifting by calculating levels of risk, displaying the potential exploits and bringing forth additional data to help teams react proactively. What’s more, the concept of teams is heavily embedded in the Brinqa nomenclature and the company has instituted reports that help in team management.

      The package also offers the ability to automate and manage the risk remediation and validation process, which constitutes a natural progression from developing risk insights and prioritizing risks.

      The platform can transform the data science of risk detection into remediation tickets. Those tickets can be built using pre-defined rules (policies) that govern determinations of ownership, escalation chains, SLAs and other critical elements, consolidating relevant data into actions, vastly improving effectiveness, efficiency and consistency of threat mitigation.   

      By offering a visual representation of team progress, managers can quickly assess what vulnerabilities are being dealt with and the resources assigned to remediation. That helps to prevent issues from falling through the cracks and provides information that can be relayed to upper management.

      All things considered, Brinqa helps to simplify the onerous task of vulnerability management and brings forth the insights and tools needed to deal with vulnerabilities as quickly as possible. The product’s use of a defined ontology furthers cybersecurity professionals to deal with what may be considered unusual situations that may normally go unnoticed.

      Brinqa follows a subscription pricing model based on the number of assets in a deployment, with per asset prices starting at $24/asset/year.

      Frank Ohlhorst is a veteran IT product reviewer and analyst who has been an eWEEK regular for many years.

      Frank J. Ohlhorst
      Frank Ohlhorst is an award-winning technology journalist and IT industry analyst, with extensive experience as a business consultant, editor, author, and blogger. Frank works with both technology startups and established technology ventures, helping them to build channel programs, launch products, validate product quality, create marketing materials, author case studies, eBooks and white papers.
      Get the Free Newsletter!
      Subscribe to Daily Tech Insider for top news, trends & analysis
      This email address is invalid.
      Get the Free Newsletter!
      Subscribe to Daily Tech Insider for top news, trends & analysis
      This email address is invalid.

      MOST POPULAR ARTICLES

      Latest News

      Zeus Kerravala on Networking: Multicloud, 5G, and...

      James Maguire - December 16, 2022 0
      I spoke with Zeus Kerravala, industry analyst at ZK Research, about the rapid changes in enterprise networking, as tech advances and digital transformation prompt...
      Read more
      Applications

      Datadog President Amit Agarwal on Trends in...

      James Maguire - November 11, 2022 0
      I spoke with Amit Agarwal, President of Datadog, about infrastructure observability, from current trends to key challenges to the future of this rapidly growing...
      Read more
      Cloud

      IGEL CEO Jed Ayres on Edge and...

      James Maguire - June 14, 2022 0
      I spoke with Jed Ayres, CEO of IGEL, about the endpoint sector, and an open source OS for the cloud; we also spoke about...
      Read more
      Applications

      Kyndryl’s Nicolas Sekkaki on Handling AI and...

      James Maguire - November 9, 2022 0
      I spoke with Nicolas Sekkaki, Group Practice Leader for Applications, Data and AI at Kyndryl, about how companies can boost both their AI and...
      Read more
      IT Management

      Intuit’s Nhung Ho on AI for the...

      James Maguire - May 13, 2022 0
      I spoke with Nhung Ho, Vice President of AI at Intuit, about adoption of AI in the small and medium-sized business market, and how...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2022 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×