Product Overview and Insight: Armis Security

eWEEK PRODUCT OVERVIEW AND INSIGHT: Armis is designed to protect organizations from cyberthreats created by the onslaught of unmanaged and IoT devices.

1-PO_Armis

Today: Armis Security (enterprise-class device security software)

Company description: Armis is an agentless, enterprise-class device security platform, designed to protect organizations from cyberthreats created by the onslaught of unmanaged and IoT devices. The company claims that Fortune 1000 companies trust its real-time and continuous protection to see and control all managed, unmanaged, un-agentable and IoT devices–from traditional devices such as laptops and smartphones to new smart devices, such as smart TVs, webcams, printers, HVAC systems, industrial control systems and PLCs, medical devices and more. Armis provides passive and unparalleled cybersecurity asset management, risk management and automated enforcement. Armis has the world’s largest device knowledge base, tracking more than 280 million devices, tracking device behavior, connections and history.

Enterprises are benefiting from a huge business transformation, resulting in an explosion of connected devices--bigger than the number of PC and mobile devices combined. By 2021, up to 90% of these devices will be unmanaged as IoT devices. Beyond desktops, laptops and servers, these new devices include everything from industrial control systems and PLCs, to medical devices, to smart TVs, security cameras, printers, HVAC systems, building automation systems and more. The exponential increase in the number of these devices is hard to identify and secure, providing an ever-expanding attack surface for malicious actors to exploit to disrupt production, impact patient care, or result in financial loss. 

Armis has three distinct advantages to identify and secure unmanaged and IoT devices: 

  • Agentless: Armis is agentless and does not require software to be installed on devices.
  • Passive: Armis is 100% passive, so there is no risk of disrupting or crashing sensitive business or IoT devices through scanning. 
  • Real-time & Continuous: Unlike solutions that work or are applied periodically, Armis is always on, always protecting.

Armis enables users to:

  • Discover all devices: The most comprehensive cybersecurity asset management providing discovery and asset inventory of all devices, managed, unmanaged, physical or virtual, on or off the network
  • Identify risks and gaps: Passive, real-time continuous risk and vulnerability assessment of devices, including the deepest device behavior and threat intelligence 
  • Automate Enforcement: Active threat alerting & remediation  of threats to compromised devices.

Market:  IoT security

International Operations:  

  • NA
  • EMEA
  • APAC

Product and Services 

  1. Device Knowledgebase: The world’s largest cloud-based, crowd-sourced device behavior knowledge base, tracking 280 million devices and growing. Each device profile includes unique information such as how often each device communicates with other devices, over what protocols, how much data is typically transmitted, whether the device is usually stationary, what software runs on each device, etc. Armis then compares real-time device behavior to a “known-good” baseline and identifies policy violations, misconfigurations, or abnormal behavior. When a device acts suspiciously or maliciously, Armis can disconnect or quarantine the device.
  2. Agent-based security (endpoint protection, EDR, etc.): Most companies are only effective on endpoints that can accept an agent (“managed” endpoints), but Armis’ platform is 100% agentless and effective on managed, unmanaged and IoT endpoints.
  3. Network Access Control (NAC): The Armis platform discovers devices on the network and in the airspace (Bluetooth, Zigbee, etc.), assesses the risk of all devices – managed and unmanaged, detects threats and has a device knowledge base (8 million different device profiles) that makes it far easier to deploy than NAC.
  4. Network Scanning Tools: The Armis platform conducts 100% passive monitoring, with no scans or disruption. It’s effective for managed and unmanaged devices and is 100% comprehensive coverage, regardless of network topology.
  5. Network Firewall: Armis protects devices at the access layer, is focused on device state and behavior and provides an extensive cloud-based, crowd-sourced knowledge base for deep understanding of appropriate (and inappropriate) device behavior.
  6. SIEM: Armis does not rely on logs, it directly assesses risks and detects threats of all devices, integrating them into and complementing SIEMs.
  7. Network Traffic Analysis (NTA): Armis generates a complete inventory of hardware and software, a risk assessment for every device and can detect policy violations and other forms of inappropriate behavior.

Insight and Analysis

From a security professional in Gartner Peer Reviews (July 2020):

“I've been very happy with the Armis solution for identifying new and unknown devices in our environment. The fingerprinting functionality is very helpful as a research tool, and the alerting around IoT threats is not something that we get from the other platforms we've deployed.”

-------------------------------------------

From a professional security admin on G2Crowd (2020):

What do you like best about Armis?

“Simple to use and very user friendly. Web-based platform. I came across Armis while I was overseas and used it for a few months. It was very easy to learn and manage. Very easy to customize reports and a very comprehensive booking system.”

What do you dislike?

“It's web-based with no option for an Android or iOS app. Having an app would be a huge advantage for people in the field. Since being web-based, there is no backup option if the internet is disrupted.”

Recommendations to others considering the product:

“Great web-based software for booking.”

What problems are you solving with the product? What benefits have you realized?

“Armis is can be accessed by multiple users and updates in real time. Hence no overlapping of bookings and duplications. It also has the ability for multi-layer security, thus restricting users to certain modules.”

----------------------------------------

Examples of current customers:

  • Mondelēz International
  • Oracle
  • Flex
  • Sysco Foods
  • Allergan
  • Mattress Flex
  • Clearent

Delivery

The Armis platform is a cloud-based solution that does not use agents and does not require the installation of any hardware in your environment. The Armis platform can install in as little as minutes, requires no network changes, and uses the infrastructure you already have, in addition to integrating with your existing IT security and management systems.

Pricing: Information available upon consultation. See contact information below.

Other key players in this market:

  • Zingbox
  • ForeScout
  • Axonius
  • CyberMDX
  • Medigate
  • Claroty

Contact information for potential customers: https://www.armis.com/platform/security-platform/

-------------------------------------------------------------------

eWEEK is compiling an IT products and services section that encompasses most of the categories that we cover on our site. In it, we will spotlight the leaders in each sector, which include enterprise software, hardware, security, on-premises-based systems and cloud services. We also will add promising new companies as they come into the market.

Chris Preimesberger

Chris J. Preimesberger

Chris J. Preimesberger is Editor-in-Chief of eWEEK and responsible for all the publication's coverage. In his 15 years and more than 4,000 articles at eWEEK, he has distinguished himself in reporting...