Managed Risk

Built on the industry’s only cloud native platform to deliver security operations as a concierge service — The LAN Network Managed Risk enables you to continuously scan your networks, endpoints, and cloud environments to quantify digital risks. Your security operations expert from the Concierge Security® Team works directly with you to discover risks beyond simple vulnerabilities, benchmark the current state of your environment, and implement risk management processes that harden your security posture over time.

The LAN Network Managed Risk continuously scans your networks, endpoints, and cloud environments for risky software, assets, misconfigurations, and accounts beyond simple vulnerability assessment tools. Delivered as a concierge service, Managed Risk helps you take a more proactive approach to security by identifying gaps to harden your security posture over time. Managed Detection and Response helps you detect, respond, and recover from active threats to neutralize their impact, while providing strategic guidance along your security journey.

There are three main differences in the external scans performed by the two solutions. The first is self-service access to the scanning configuration and results are available in the Managed Risk dashboard. The second is with Managed Risk — the scan frequency can be set to execute weekly, whereas the default scan is monthly with MDR. Finally, Managed Risk uniquely performs web application scans, which provides deeper granularity of exposure on any external facing applications such as portals or dashboards.

Currently, installing the Agent is not a requirement — but it is recommended. Audit and alert data collected from supported devices assists in detecting potential threats, as well as uncovering known vulnerabilities and risks. The Agent is required to be installed to address additional use cases, such as Host-Based Vulnerability Assessment and CIS benchmarking (Managed Risk), and Managed Containment (Managed Detection and Response) — where a host device is required to be contained.

The The LAN Network Agent can be deployed using a deployment tool such as General Policy Object (GPO) for Windows environments, or Jamf for MacOS environments. Since the installer generates a unique ID upon startup, it is not recommended or supported to install the agent on a “golden image” in Virtual Desktop Infrastructure (VDI) environments.

Existing The LAN Network Customers should submit a ticket to their Concierge Security Team (CST), who works directly with them to deploy the The LAN Network Agent in their environment. Existing customers can also contact their Customer Success Manager, which will trigger the same workflow of submitting a ticket to install the The LAN Network Agent with the CST.

Yes. The web application scanning capability will look for risks such as cross-site scripting, SQL injection, and other OWASP Top 10 types of attacks.

Audit trail information of changes made is recorded and can be requested from your security operations expert from the CST. Currently, this information is not visible in the Managed Risk Dashboard.

The Account Takeover capability is updated with new information obtained from dark and grey web sources weekly. These scans are completed on a monthly cadence to capture any corporate credentials or other critical personally identifiable information (PII) that may have been exposed as part of a publicly disclosed data breach.

The Network Vulnerability Tests (NVTs) arrive from the OpenVAS/Greenbone Community Feed. This feed is updated as needed but is generally updated daily. The LAN Network polls for new NVTs on an hourly basis.

Yes, when combined with The LAN Network Cloud Monitoring, Managed Risk features a Cloud Security Posture Management (CSPM) capability that can scan for vulnerabilities and misconfigurations in SaaS and IaaS environments such as AWS.

Yes, data from The LAN Network Agent is searchable in Log Search. AWN-Agent is the type.   

For CVEs and those with known exploits, the criticality of vulnerabilities is obtained based on CVSS information available. For other risks that are not pure CVEs, criticality is assessed based on factors such Network Vulnerability Tests (NVTs) that come from opensource feeds such as OpenVAS/Greenbone Community Feed.

The quantified risk score presented in the Managed Risk is calculated based on multiple factors. Get full details in the Quantifying Cyber Risk: Calculating the Arctic Wolf Risk Score Managed Risk Technology Showcase.

Built on the The LAN Network Platform and delivered by security operations experts, The LAN Network Managed Risk is designed to help you discover, benchmark, and harden your environment against a greater number of digital risks beyond vulnerabilities. The solution produces easy-to-understand risk scores delivered through insightful dashboards and reports provided by your Concierge Security Team (CST). Your CST works directly with you to add context to identified risks, deliver insight on configuration gaps and account takeover (ATO) exposure, and provide strategic guidance so you gain clarity on what you should do next to proactively mitigate risk.

• 24/7 monitoring
• Alert triage and prioritization
• Custom protection rules
• Guided remediation
• Detailed reporting and audit support
• Ongoing strategic security reviews

The Concierge Security Team (CST) is your single point of contact for your The LAN Network Managed Risk solution to help you through remediation if a critical risk is found. Your CST serves as your trusted security operations expert and as an extension of your internal team. They help you:

• Customize service to your needs
• Continuously scan your environment for digital risks
• Perform monthly risk posture reviews
• Provide actionable remediation guidance
• Deliver a customized risk management plan to prioritize remediation and measure progress