Axonius 5.0 Debuts To Offer ‘Comprehensive’ Visibility, Security For Installed Software
The cybersecurity asset management vendor’s updated platform aims to provide organizations with a complete view into apps installed across their infrastructure. It’s a major step in the company’s effort to become a ‘system of record’ for infrastructure, CEO Dean Sysman told CRN.
Cybersecurity asset management vendor Axonius is seeking to provide unheard-of visibility into installed software applications with a major new update to its platform, which aims to dramatically improve an array of critical security and business functions, Co-Founder and CEO Dean Sysman told CRN.
Axonius 5.0, announced Tuesday, also enables correlation of data about installed applications with other parts of an organization’s digital infrastructure in a way that’s never been possible before, according to the company.
In an exclusive interview with CRN, Sysman said that the release of Axonius 5.0 and its new capabilities around installed software marks a major step in the company’s effort to become the industry’s go-to “system of record” for digital assets and infrastructure. “We’re not aware of any other platform that allows you to see this comprehensive level of your infrastructure,” Sysman said.
“Today, we’ll have devices, identities, vulnerabilities, installed software and SaaS applications, all in one platform,” he said. “I don’t know of any other platform that is able to see all of those together — definitely not in a comprehensive way that could include the entire infrastructure.”
[Related: The 20 Coolest Risk, Threat Intelligence And Security Operations Companies Of 2023]
The new version of the Axonius platform should only serve to make the company’s technology even more essential to the growing number of customers that are adopting it, according to Ben Dimick, director of security consulting services at Tevora, an Irvine, Calif.-based cybersecurity consultancy.
Axonius is resonating with customers because it “provides a way to really get a grasp on what’s happening all across the organization,” Dimick told CRN. “Those that get a chance to use [Axonius] and understand what it does, tend to adopt it quickly.”
At this point, most organizations fall into two categories, he said: “They either own Axonius, or they don’t understand what it does.”
In the past, the typical approach an organization would take to understand what it had in its infrastructure — whether for devices or installed software — has involved deploying more controls and creating more data, according to Sysman. Often, this occurs through installing an agent or scanning a network.
“Those approaches are great at creating more data,” he said. And yet, “the reason organizations are struggling to understand those aspects of their infrastructure is not because of a lack of data — but because of an abundance of it.”
Axonius has sought to offer a different method, focused on aggregating, normalizing and correlating the data that already exists. The company’s platform can utilize 700 adapters — integrations into existing products and controls that an organization might have — to pull together all of an organization’s relevant data. The platform then correlates the data and ultimately delivers “one singular answer,” Sysman said.
With the newest add-on capability — Axonius Software Management — the platform can also consume inventories of installed software, which brings a number of new security-related benefits to customers and partners, he said.
The enhanced visibility into installed apps can enable improved whitelisting and blacklisting of software, while also giving a boost to vulnerability management, Sysman said. Customers and partners will also be able to use the capability to determine which software is end-of-life or end-of-support — and in some cases, whether software licenses could be utilized more fully, he said.
The bottom line, Sysman said, is that the new functionality will “help you understand all the different versioning, all the different specific instances of a piece of software, in your environment. And that’s a really difficult problem.”
Another major feature that is getting introduced in Axonius 5.0, Asset Graph, will further help to improve prioritization of security efforts by visually showing the relationships between different assets in an infrastructure. For instance, the feature will allow an organization to see what software apps and identities are related to a certain device or to specific SaaS apps, Sysman said.
The Asset Graph feature “reduces the time it takes someone to understand all the relations of an asset to the other assets that are involved with it,” he said. All in all, “it’s definitely unique” as a capability.
In terms of the opportunities for solution providers, Axonius is working to assist VARs with creating “deeper relationships with their customers” and with MSPs to build managed services on top of the vendor’s platform, Sysman said. Axonius is a “channel-first company” and has committed that it “will never do managed services” itself, unlike some other cybersecurity vendors, he said.
Currently, Axonius is deriving 81 percent of its revenue from the channel, Sysman said. That’s up from two years ago, when the company reported that partners were contributing 50 percent of its revenue.
Axonius stands out in the crowded field of cybersecurity vendors because the company is “really creating a new market,” Tevora’s Dimick said.
The technology is “so different and so far-reaching compared to a lot of other solutions that are out there,” he said. And because Axonius is so unique, “it’s not necessarily displacing a lot of other things out there.”
For Tevora, the Axonius platform has become a central part of how the consultancy goes about helping to secure its customers. Tevora, in fact, has come to the conclusion now that it’s ”extremely difficult to operate an effective program without having Axonius in place,” Dimick said.
And its customers agree. “It’s something that resonates strongly with so many of our customers,” he said.
A big selling point is that Axonius allows organizations to “leverage what everybody else is already gathering” in terms of data, Dimick said.
For instance, for organizations that have assets managed by endpoint security products from multiple different vendors, “Axonius will be able to tie all of that in together and give you a comprehensive view of what’s happening all across the organization,” he said.
Axonius also enables partners and customers to utilize additional sources of data, Dimick said — such as for creating a report on users that are running certain software apps but don’t have the necessary endpoint controls in place. This can be crucial because with today’s geographically distributed workforce, “it’s becoming more difficult to keep an eye on and understand what might be happening on their endpoints,” Dimick said.
While some other industry players are starting to adopt similar approaches to Axonius, the company has the “first-mover advantage,” he said. “They have so many integrations that others don’t have.”
Most competitors, at this point, are either relying primarily on their own agents or are trying to get caught up on doing integrations, according to Dimick.
System Of Record
Sysman, who co-founded Axonius in 2017, said Axonius is ultimately filling a massive gap for organizations, given that there has never been a system of record in the past for IT infrastructure.
Other key segments have “one centralized platform that all the data funnels into,” such as Salesforce for sales and Workday for human resources, he said. But by comparison to those segments, infrastructure is “way more dynamic. It’s way more variable. And it’s much harder to keep track of than those other elements,” Sysman said.
That’s why better technology is needed to discover, aggregate and correlate the data about an organization’s infrastructure, he said. And it’s why Axonius believes it can “be that system of record for infrastructure for every stakeholder that is asking a question, or doing any kind of work on their infrastructure.”
The company, which has its U.S. headquarters in New York and its R&D office in Tel Aviv, is currently seeing revenue growth in the “high double digits” in terms of percentage, Sysman said. Based on its revenue growth between 2018 and 2021, Axonius was ranked at No. 3 on the latest Deloitte Technology Fast 500 list.
Axonius achieved a valuation of $2.6 billion in connection with its most recent funding round, of $100 million, in March 2022. While there are no imminent plans to pursue an initial public offering, it’s an option that Axonius may explore in the next few years, Sysman said.
“Our goal is to be able to grow and become one of the leading software companies in the world,” he said. “One of the ways to implement that is an IPO. Obviously, the larger you become, the more likely an IPO makes sense. So that’s definitely something that we’re thinking about and is part of our thinking [for] the future.”