What advice do you have for others considering IONIX?

I helped to select the product and purchase or negotiate the contract terms for the product. I was on the team that set up, implemented, or customized the solution. The KPI would be the completeness of attack surface visibility, the remediation time target, and the effectiveness of other surveillance and monitoring processes like a double-checking mechanism. Initially, the problem we encountered was understanding the full spectrum of the attack surface, particularly with internally operated network address spaces and third-party operated address spaces. We also used the solution to see what the network address looks like and whether it is clean regarding vulnerabilities from a security standpoint. From a prioritization perspective, IONIX is super helpful. It has its own prioritization algorithm. Unlike other scanners, IONIX sees whether the detected vulnerabilities can be exploited. This gives us a very, very clear view of what we need to fix now and what we need to fix in 30 to 60 days. So, the solution provides very, very clear visibility. Prioritization is also very helpful because of the accurate distinction of network ownership between third-party and my team operations. Having the right ownership marked appropriately helps get the right people to take the right actions very quickly. We waste much less time figuring out the ownership, which is very helpful. We have other means to identify assets that are most critical to our operations and have the biggest impact on our risk exposure. IONIX helps ensure we do not miss any among our many thousands of IP addresses. If somebody has a random IP address, we can very quickly say it is in this category owned by these people. IONIX helps a lot with ownership rather than just priority or criticality. IONIX identifies digital supply chain risks in the third-party digital products and services our organization uses. IONIX helps us with a third party because it already has a view of all our third parties and their connectivity back into my organization. They also monitor the potential exposure of these third parties. When things are exposed, IONIX is very quick to point it out so that we can work with the right third party to remediate very, very quickly. I would not be able to identify and monitor all of them internally. It's just a scaling problem. IONIX is able to scale very, very, very quickly into each of those third parties and identify them. This is only for any of the internet phasing types of IP addresses. IONIX has tremendously helped reduce our organization's false positives. The false positives can come because of many different reasons. Firstly, IONIX helps us accurately identify which assets we own. We get many different reports daily, but we often don't own those assets. That's why it is not a false positive. Even if the issue exists, we always get to the wrong owners. IONIX helps a lot with getting the reports to the right people. We also get a lot of different reports about vulnerabilities that generally don't exist. The solution's detection is very accurate. IONIX helps us get to the right owner or the right reason very, very quickly just because of the accuracy of their data. The solution's Action Items are written in simple language so that IT personnel can fix them rather than needing security experts. IONIX correlates the data with the right CBE number, which helped to do further research if necessary. IONIX's language is genuinely industry-friendly, so the instructions are clear. IONIX provides automated integration into our SOC tools. The solution has APIs from which we pull data. Once we pull the data, we use it in many different ways, shapes, or forms, including asset inventory and prioritization. There are a few criticality adjustments, but mostly, it is used for priority and ownership. It took us about 60 days to start seeing the benefits of IONIX. Initially, it took some effort to ensure that our network rangers recorded or detected accurately. We need a little bit of an education session with IONIX to be able to distinguish between our assets and the third parties' assets. A certain level of investment from my side was required, and if I did not do that work, then any of the data coming from IONIX would be useless. The initial investment is what makes it accurate. Once a one-time investment is made, we can get very accurate detection and results out of IONIX within 60 days. The solution's Active Protection feature automatically mitigates specific exploitable vulnerabilities without action on our part. The Active Protection feature requires zero amount of work from my organization. It offers a great deal of protection as soon as IONIX can detect it. It is one of those exceptional cases when we have to do nothing, and the tool does everything to offer us protection. The solution's Threat Exposure Radar provides a unified view of critical exposures across our entire attack surface. Every organization will have its own operated IP address space and third party. In some cases, some of our websites are also linked to relatively unknown organizations. The solution's Threat Exposure Radar helps us identify where the threats are located and gives us a one-panel view of the entire landscape. It is one of those TV screens that gives us an executive view of where things are and whether we're healthy or not. IONIX has significantly helped reduce our mean time to remediate. We also have the service of a support analyst, with whom we meet regularly. Not only are we getting the wording in the form of a website, but we also get somebody who can explain things to the technical team. They're very, very responsive, and they answer very quickly if we have any questions. Over the last four years, we have gone through two people, and both of them are very, very technical and able to articulate very complex topics to us in a very, very clear manner. In addition, the meantime to remediate comes back to the accuracy of the data. We have many other vendors in this space. The accuracy of the data and the ability to portray ownership to us is very, very crucial. Once you have the right data, the action becomes much more effective. We don't use the solution's Threat Exposure Radar to prioritize threat remediation because we use many other analytics and pull in multiple data sources to do that. That particular feature is not as useful for us, but it's only because we have many other tools and data sources to consider. We have invested very heavily in that. The solution's false positive ratio is extremely low because it's able to recognize which assets are mine and which are not. That helps to reduce a lot of confusion, which is a big deal. If we look at the reporting numbers by other vendors in this particular space, IONIX reports about half of the vulnerabilities to me. I would say 90% of those half will be false positives. It's not just whether it recognizes the vulnerability we care about but where those vulnerabilities occur. If it is not mine, I cannot take action. Reporting it to me makes no sense, and it would only waste my time and cause a lot of confusion. I would say reducing false positives is a big deal. Overall, I rate the solution a nine out of ten.

I would rate IONIX nine out of ten. No maintenance is required from our end. The key to effectively prioritizing risks lies in understanding the data IONIX provides. This data needs to be actionable, meaning it should tell you what issues to address first. By thoroughly grasping the information, you'll be able to make informed decisions about which risks your team should focus on resolving.

I would rate IONIX ten out of ten. I was on the implementation team for the IONIX deployment. I am also an admin and user of IONIX. The only aspect of IONIX that I consider to be maintenance involves taking action to rescan the system whenever a vulnerability is identified. For anyone considering IONIX, I recommend adopting a security-focused mindset. This tool empowers you with clear instructions to address potential vulnerabilities that hackers might exploit.

To those evaluating IONIX, I would advise to definitely understand what their risk tolerance is and make sure they are seeing the value in a tool like this upfront before purchasing. They should make sure that they are seeing the things that they would expect to see out of a tool like this, especially if they are coming from nothing at all. IONIX's action items are written in simple language so that IT personnel can fix them, rather than needing security experts to do so, but they are a little bit lengthy in some cases. You can get to the resolution without the help of the security team. However, you would need to summarize some of that before giving it to someone who does not know anything about it. It is very lengthy. The descriptions are very verbose. For communicating to our organization’s executives, we are just using severities. It does help at a high level, but the executives do not go into the platform. I would recommend IONIX to others. I would rate it an eight out of ten.

I would rate IONIX a nine out of ten. IONIX can provide automated integration into our SOC tools but we can't take advantage of this because our infrastructure is on-premises and they mainly connect to cloud services. We currently have some processes in place that are proving difficult to manage effectively. One challenge is the high volume of project work, which often delays the prioritization of identified vulnerabilities. However, we are actively working on improving our system to prioritize these vulnerabilities and reduce our mean time to remediation. We have eight people that use IONIX all from the same team. The only maintenance required is keeping track of the domains being scanned. We can add new domains to the list of scanned objects when needed. I recommend IONIX to others, but it depends on the customer's specific needs. A proof of concept is advisable.