Your organization’s leadership is 12 times more likely to be the target of a security incident and nine times more likely to be the target of a data breach than they were last year. Find out how they can be protected.
Read the Datasheet
Gift Cardsharks: The Massive Threat Campaigns Circling Beneath the Surface
Learn about the attack group primarily targeting gift card retailers and the monetization techniques they use.
Get the Report
Threat Hunting Workshop Series
Join one of our security threat hunting workshops to get hands-on experience investigating and remediating threats.
Attend an Upcoming Workshop
Inside Magecart: New RiskIQ & Flashpoint Research Report
Learn about the groups and criminal underworld behind the front-page breaches.
Threat Hunting Guide: 3 Must-Haves for the Effective Modern Threat Hunter
The threat hunting landscape is constantly evolving. Learn the techniques, tactics, and tools needed to become a highly-effective threat hunter.
Securing the mind-bogglingly fast expansion of your organization’s digital presence caused by setting up a remote staff may seem overwhelming—especially considering the boom in internet-exposed assets already happening over the past decade.
Businesses have been undergoing a digital transformation demanding rapid migration to the cloud and expanded adoption of web, mobile, and social platforms. These initiatives, which expand organizations’ digital presence far across the internet, are badly exposing the limitations of network security controls like firewalls, DLP, and network monitoring. According to the Verizon Data Breach report, external-facing web applications, into which network security tools lack visibility, comprised the vector category most commonly exploited in hacking-related breaches.
This digital transformation, already challenging long-held views of cybersecurity, was sent into hyperdrive by COVID-19. Almost overnight, workforces and business operations were decentralized and flung all over the world even farther than before, widening protection gaps and turning security protocols on their heads. Personnel, now forced to work from home, moved the edges of their organization’s digital attack surfaces along with them.
To put the sheer scale of what security teams are now tasked with defending into perspective, we analyzed RiskIQ’s internet-wide telemetry and massive internet data collection to reveal the true extent of the modern corporate digital attack surface. In our latest research, ‘Analysis of an Attack Surface,’ we’ll highlight five areas that we feel help to frame the challenges faced in going beyond network security controls to discovering unknowns outside the firewall.
Excerpt of the report
All five of these areas underline a need to extend security programs outside the perimeter to foster a more informed approach in this new age of cyber defense.
Report highlights include:
1. The Global Attack Surface is much bigger than you think: RiskIQ observed 2,959,498 new domains (211,392 per day) and 772,786,941 new hosts (55,199,067) across the internet over two weeks, each representing a possible target for threat actors.
2. Sometimes hackers know more about your attack surface than you do: Looking at the attack surfaces of FTSE-30 companies, each organization had, on average, 324 expired certificates and 46 Web frameworks with known vulnerabilities.
3. The hidden attack surface: In Q1 2020, RiskIQ identified 21,496 phishing domains across 478 unique brands.
4. The mobile attack surface: In 2019, RiskIQ discovered 170,796 blacklisted mobile apps across 120 mobile app stores and the open internet.
For the full insights and analysis, download the full report here: https://www.riskiq.com/research/analysis-of-an-attack-surface/
RiskIQ is the leader in attack surface management. We help organizations discover, understand, and mitigate exposures across all digital channels.
Enrich @Splunk security with attacker-facing asset discovery. Build reports, dashboards, identify vulnerabilities, and enable proactive attack surface management. Learn more and get the app! https://bit.ly/38wV3rm
Security in Google Play is improving, but bad actors can still place mobile apps there. In 2019, RiskIQ detected 25,647 blacklisted apps in the Google Play Store.
'Joker' Android Malware Pulls Another Trick to Land on Google's Play Store http://ow.ly/xniR50AuqJ6 by @jaivijayan #Android #malware #GooglePlay #mobile
Digital change expands what lives outside the firewall. We checked and counted up what we saw. Get the report and take command of your digital attack surface. https://bit.ly/3cOzJ0T
Ready to achieve #ThreatHunting mastery? Check out our most recent threat hunting workshop - we'll show you how to discover unknowns and investigate threats across your organization's attack surface https://bit.ly/2BUDF3V
As the pandemic rages on, we have an election coming up and that brings another round of targeted and themed attacks. RiskIQ Security Intelligence Services Add-on for Splunk helps you extend your program, protecting your organization and constituents. #protect2020 https://twitter.com/RiskIQ/status/1281241793040916483
RiskIQ Security Intelligence Services for @Splunk puts our unmatched internet telemetry at the fingertips of Splunk users, a powerful shield from the onslaught of cybercrime leveraging current events such as #COVID19 and the election. Read more: https://bit.ly/2Oa8ZhH