Cybersecurity posture startup Balbix Inc. today announced a new Center for Internet Security Benchmark automation tool that allows compliance teams to obtain updated CIS Benchmark reports, identify their most vulnerable assets and reduce security risks.

The new service has been designed to tackle the issue wherein businesses often undertake CIS Benchmarking once a year and don’t understand how these controls reduce security risks.

Balbix argues that compliance teams often gather data about assets using a manual scanning tool or through audits or assessments, then add any reported vulnerabilities, misconfigurations and control information associated with those assets and compile reports in a spreadsheet for auditors to address their requirements. Typically, these steps can take several weeks or months to complete.

With the introduction of new U.S. Security and Exchange Commission regulations requiring companies to report data breaches within four days, security and compliance teams need to understand their most significant assets and applications to determine if incidents were material. That’s because they now need to create disclosure reports within days instead of weeks and months.

The new release from Balbix addresses these issues, allowing compliance teams to validate more easily whether their assets comply with required CIS Benchmarks and other standards. The new release allows for the efficient validation of asset compliance providing real-time, always-up-to-date reports via dashboards.

In addition, Balbix also identifies the most critical assets to a business and the associated vulnerabilities, misconfigurations, control failures and security issues. The intelligence obtained allows security teams to implement best practices recommended by CIS or to further harden critical assets against potential attacks.

The new capabilities further enhance risk quantification, since the compliance reports strengthen Balbix’s existing risk quantification product, which analyzes millions of data points to express security risk in monetary terms. Adding compliance posture reporting allows for more accurate cyber risk assessments.

“Our mission at Balbix is to empower organizations in enhancing their cybersecurity posture through automation and AI,” Chief Executive Gaurav Banga said ahead of the new release. “We’re elevating that mission, equipping compliance and security teams to address their concerns holistically, keeping businesses ahead in an ever-evolving threat & compliance landscape.”

Image: Balbix