AgileSec supports cryptographic agility with a robust cryptography discovery and tracking platform. AgileSec enables full cryptographic discovery and visibility in your environment. Build a centralized cryptographic inventory, efficiently reduce risk exposure, and simplify compliance with AgileSec.
AgileSec Core Concepts
AgileSec’s core functionality is enabling full cryptographic discovery and visibility for users. Determine noncompliance with internal policies and external regulations, find weaknesses or vulnerabilities, and gain visibility and understanding of your cryptographic environment.
Cryptographic Discovery
Discovery is fundamental to assessing risk and planning for important cryptography transitions such as navigating from classical public-key cryptography to post-quantum cryptography.
Discover where you have deployed cryptographic objects such as TLS certificates, SSH keys, tokens, algorithms, protocols, and cryptographic libraries throughout your environment. Deploy lightweight, purpose-built modules or leverage your existing EDR and vulnerability management tools to perform comprehensive scans, gather data, and leverage information into action.
Cryptographic Visibility
Cryptographic visibility enables proper risk assessment and ongoing cryptography management planning, including when regulations change. AgileSec’s platform provides centralized, continuous cryptographic visibility to help focus risk remediation efforts.
Detect hidden vulnerabilities and automatically verify whether critical apps and systems are using compliant, up-to-date, and secure cryptography. Easily identify and prioritize findings for efficient risk reduction with robust dashboards, reports, and filtering capabilities. Easily prove compliance to regulatory bodies with customized reports and risk policies to meet specific requirements and report on migration processes.
AgileSec Platform Overview
AgileSec is a security scanning and compliance platform built to identify, assess, and manage risks across cloud, container, infrastructure-as-code, and hybrid environments.
AgileSec platform delivers:
-
Flexible deployment configurations to meet any organizational or technological constraints, including redundancy, high availability, or global implementation needs.
-
Scalable module framework to tackle discovery of cryptographic objects across diverse systems and technology stacks.
-
Enterprise-grade security with SSO/SAML, encryption, and access control.
-
On-demand and scheduled scanning, including remote execution for on-premises or air-gapped assets.
-
Intelligent post-scan processing for policies for automated risk classification, de-duplication, and auto-resolution of findings.
-
Robust reporting through structured findings, search, and dashboards.
Key Design Elements
-
Flexible, Robust Architecture - Asynchronous, event-driven architecture enables horizontal scalability, fault tolerance, and resilience.
-
Powerful Analytics Engine - Automated analysis of discovered cryptographic objects automatically checks against regulations and highlights issues important to you. Control policies for issues' risk scoring and customize whenever needed.
-
Extensible Modules Framework - Build your discovery network over time by scaling deployment of current modules and adding modules for new applications and environments. As coverage grows, inventory will automatically adjust and scale accordingly.
-
Security by Design - Security-first design includes encryption and centralized secrets management.
-
Multi-tenant isolation in SaaS - Complete physical separation of data and configuration between customers when operating as a shared SaaS platform.
AgileSec Technical References
AgileSec platform high-level technical details, including overall architecture, key components, data flows, security model, and supported deployment topologies.
AgileSec Architecture
AgileSec’s platform is designed for scalability, extensibility, and enterprise security. From single-node configurations for small environments to multi-node stretch clusters with 100% uptime requirements, AgileSec is highly scalable for your use case. For high-level architecture and components information, see AgileSec Architecture and Components.
AgileSec Data Flows
AgileSec scans may be triggered via Platform UI, REST API, Automated Schedule, or Unified Sensor CLI. The scan is executed against the target systems and produces raw findings to send to the AgileSec Platform for processing and reporting.
For an end-to-end overview of a typical scan job’s data flow, see AgileSec Data Flows.
AgileSec Security Model
AgileSec incorporates multiple layers of protection for data in transit, at rest, and during processing. The platform enforces strict isolation, encryption, and authentication across all components and deployment models. For information on AgileSec’s Security Model, see AgileSec Security Model.