Illustration of security software protecting endpoints.
Image: Adobe Stock/ArtemisDiana

Syxsense recently unveiled its all-encompassing suite – Syxsense Enterprise, which comes with patch and vulnerability management, MDM, zero trust, automation and orchestration capabilities, and remediation.

Syxsense began as a patch management company, but it has steadily expanded into vulnerability scanning, endpoint management, remediation, mobile device management and zero trust. It still offers patch management at the core of its products but also provides a combined patching and vulnerability management product with Syxsense Secure.

Diane Rogers, chief product officer at Syxsense, spoke about the company’s roadmap at the recent Syxsense Synergy event.

Supercharging automation and orchestration

Syxsense has been heavily investing in its automation and orchestration engine, Syxsense Cortex. Cortex simplifies complex workflows, including patch and vulnerability management, with drag-and-drop, no-code technology. The goal is to make it easier to monitor an organization’s attack surface and cybersecurity posture.

By eliminating scripting, users can quickly deploy software and patch rollouts while visualizing all workflows and processes. In addition, it can conduct pre-checks to ensure there is enough disk space and available CPU resources on each endpoint prior to deploying patches or taking other remediation steps. Prebuilt logic determines if a reboot is needed after a patch or other action; it automatically checks with IT to gain approval for an action and then carries it out.

“Cortex makes endpoints intelligent and proactively reduces risk,” Rogers explained.

Syxsense Cortex Receptors on each device sense risk, detect changes in distributed environments and transmit that data in real time to your management console. The Cortex Processor listens to, identifies and processes data and initiates Cortex Workflows as multi-step actions to resolve issues. The near-future roadmap for Cortex includes the addition of more intelligence.

“Cortex is evolving further: We can now push instructions in real time to clients and have added a zero-trust evaluation engine that always assumes a device is untrusted until it is verified,” Rogers explained. “Individuals, applications and processes need to be validated as trustworthy,” she added.

Within the next month or so, a bidirectional alerting engine will be released, according to Rogers. If a user turns off virus scanning or some other security feature and loses access to resources such as NetSuite, IT is alerted and can turn the security features back on to restore NetSuite service. Cortex then automatically verifies and approves access to the application.

“Our alerting engine will help eliminate alert fatigue because IT can configure it to align alerts to their needs and turn off the rest,” said Rogers. “It will connect and collaborate with ServiceDesk, ConnectWise and other service desk applications to satisfy compliance and recordkeeping requirements.”

It will also be able to pick up such things as policy violations or rogue software that’s been installed. Capacity planning functions are also being added to Syxsense Cortex, as well as enhancements to existing alerts related to zero-day vulnerabilities, critical patches and problems such as misconfigurations and open ports. Finally, developers are looking at how to better integrate generative artificial intelligence into Syxsense Cortex.

Improving the user experience

Many organizations are grappling with remote or hybrid work environments and are looking for a simple way to monitor and improve the digital employee experience.

DEX is very much a part of the Syxsense roadmap. Syxsense plans to build mechanisms to gather user sentiment on device operation. For example, the system will be able to execute a troubleshooting and repair process if an application stalls or fails more than once in a 24-hour period.

“Our next release will improve the employee experience with devices that are automatically reliable, consistent and dependable,” said Rogers. “We can collect user interactions and device behavior to make them easier to use and resolve the most common device problems they are facing such as fixing why [Microsoft] Word sometimes crashes on one device or suggest the removal of licenses they no longer utilize.”

Subscribe to the Cybersecurity Insider Newsletter

Strengthen your organization's IT security defenses by keeping abreast of the latest cybersecurity news, solutions, and best practices. Delivered every Monday, Tuesday and Thursday

Subscribe to the Cybersecurity Insider Newsletter

Strengthen your organization's IT security defenses by keeping abreast of the latest cybersecurity news, solutions, and best practices. Delivered every Monday, Tuesday and Thursday