EAB Global improves attack surface security within 15 seconds using NetSPI Cyber Asset Attack Surface Management (CAASM)


About EAB Global
EAB is an education technology, research, and marketing organization with the goal of making education smarter and communities stronger, helping thousands of schools and millions of students thrive.
For more information, visit https://eab.com
NetSPI Solutions
Cyber Asset Attack Surface Management (CAASM)
Industry
Higher Education and Corporate Markets
Employee Count
2,000
Headquarters
Washington, D.C.
Challenge
EAB Global, a company focusing on education technology, marketing, and research, faced challenges identifying assets and vulnerabilities on its changing attack surface. The current process required multiple team members to check five or more different, disconnected security tools, such as vulnerability scanners, mobile device management (MDM) tools, and endpoint detection and response (EDR) tools, which provided only parts of the information needed.
Previously, they would use one tool to understand Windows computers, another for Macs, another for servers, and the list goes on. It was a time-consuming, manual process, which was further complicated when major security events, such as Log4Shell, occurred.
They needed to know what assets they had, which were at risk, and the deep context of them in a single platform. Realizing a nose-to-the-grindstone, work harder approach was not enough, they looked for a way to unify their systems and work better, faster, and smarter.
Solution
EAB Global decided to review CAASM solutions to inventory assets, contextualize findings, and consolidate security tools into a single source of truth. They wanted to work with a team that listened to their challenges and hustled to optimize the tool and outcomes for their organization.
NetSPI CAASM gave them a single source of truth about assets, vulnerabilities, and deep data contextualization. This allowed them to accurately answer attack surface questions in seconds. When EAB Global saw the NetSPI CAASM team turning their ideas for platform updates into reality, and even building a connector for their unique technology stack, they believed in the product, the vision, and The NetSPI Agents supporting it.
“When the recent CrowdStrike incident happened, I was able to log into NetSPI CAASM, search for any systems with that software, and knew that we had 43 systems impacted within 15 seconds.”
– Brian Markham, CISO at EAB Global
Results
Accelerate time to identify risk
NetSPI CAASM was a turnkey setup process to connect their EDR, MDM, and other tools, consolidating what was once disparate information in a single location. Once connected, they efficiently identified gaps and consistently applied security controls across their network. They have recognized comprehensive inventorying and contextualization of assets and vulnerabilities, which has allowed them to further improve their internal and external attack surface security.
Contextualization and visibility across the organization
They saw value using NetSPI CAASM across the organization. Junior analysts learned how to think through alerts with blast radius details and enriched data context, and executives used customized dashboards and querying to immediately answer questions, visualize the potential impact of vulnerabilities on systems, and prioritize resources.
“NetSPI CAASM has saved EAB Global time, money, and helped us mature our program by helping answer questions faster and more accurately.”
– Brian Markham, CISO at EAB Global
Solve shadow IT challenges
As a result of NetSPI CAASM, EAB Global has been able to identify and protect against shadow IT risks. One of the biggest values of the CAASM solution has been the ease in immediately identifying risk. For example, when a VPN software vulnerability was recently released, the team checked to see if anyone internally was using the application, despite that it wasn’t company approved.
With NetSPI CAASM, it was fast and simple to take action by searching for this software across the entire network and discovering that 20 people were using that vulnerable VPN software.
“This would be one of the first things I would recommend investing in because it allows you to answer fundamental questions about your environment, and if you don’t know what you’re securing, you can’t possibly secure it.”
– Brian Markham, CISO at EAB Global
Explore more success stories

Trimble enhances and secures product development with NetSPI PTaaS
BISO, Trimble
“When we have a trusted partner and platform like NetSPI to focus on finding our gaps it really takes us to that next level of cybersecurity maturity.”

HumanGood Empowers IT Team to Reduce Network and Cloud Risk with NetSPI PTaaS
Vice President of IT Operations, HumanGood
“I’m a big believer in doing penetration testing every year. We do have healthcare facilities, skilled nursing – and those tend to be targets for malicious actors. So, I wanted to make sure we were ready for anything.“

Nuspire partners with NetSPI to safeguard customer trust
Chief Executive Officer, Nuspire
“What makes NetSPI an effective proactive security partner is their focus on innovation. We at Nuspire are very forward thinking. And when you sit down with the strategists at NetSPI, the way that they’re thinking about evolving their platform, the way that they’re thinking about the future, they’re going to innovate products and services that are cutting edge. So, it gives us a sense of comfort that we’re partnering with someone that’s going to be there for the long haul.”