The Cybersecurity and Infrastructure Security Agency released its first remote monitoring and management software guidance document on Wednesday, part of the agency’s larger Joint Cyber Defense Collaborative initiative.
The Remote Monitoring & Management Cyber Defense Plan specifically focuses on the potential vulnerabilities within RMM software installed on network endpoints.
RMM software is commonly used to monitor the safety landscape of a given network, and can grant remote access to some system configurations. Malicious hackers who target these systems through endpoint access often maintain long-term and uninterrupted access into a business’s digital networks, a technique CISA refers to as “living off the land.”