Get a Snapshot of your Digital Footprint to Understand your Attack Surface

July 25, 2017, Sam Curcuruto

According to a recent SANS survey, 70% of organizations lack the tools and means to reduce their attack surface, a fact that isn’t necessarily surprising. Even though entire security teams are dedicated to setting up and securing the perimeter of an organization, as businesses embrace new digital transformations, it means that their attack surface continues to expand and change daily.

Currently, 92% of customers using RiskIQ Digital Footprint Enterprise had, at best, partial visibility into their Internet-exposed digital assets before partnering with RiskIQ, half of which claimed to increase their insight into digital threats by at least 50% with our automated discovery and management capability. Now, we’re making that same information and intelligence available to all threat defenders with Digital Footprint Snapshot.

From the Outside-in, See Yourself As an Attacker Does.

Security teams lack visibility into all of the ways that they can be attacked externally, and struggle to answer the question, “where are the weaknesses in the armor?” The answer lies in understanding what belongs to your organization, how it’s connected to the rest of their asset inventory, and what potential vulnerabilities are exposed to compromise.

Before, defenders had to manually perform reconnaissance on their own organization, spending hours collecting and analyzing Internet data, scanning ports, looking for externally accessible assets that are vulnerable to compromise—but RiskIQ makes this manual discovery and analysis work automatic.

Through our advanced Internet reconnaissance, we have been collecting and correlating information about the Internet and the assets that are connected to it for nearly a decade, observing the connectivity between hosts, domains, and IPs and the organizations to which they belong. This data provides vulnerability managers, asset managers, and penetration testers with the intelligence they need to bring their external, Internet-facing assets under management and ensure that they have a complete picture of their attack surface.

Join the RiskIQ Community for Free and Understand your Attack Surface

Signing up for RiskIQ Community Edition now gives you access to one of the most popular RiskIQ products–Digital Footprint. When you register or sign in with your organizational email address, you get a glimpse into your organization’s attack surface, as seen below:

RiskIQ is making it easier than ever to get a glimpse of your attack surface with Digital Footprint Community Edition and Digital Footprint Snapshot.

Fig-1 Screenshot of RiskIQ Digital Footprint inventory for riskiq.net, automatically generated by entering the email domain @riskiq.net

RiskIQ’s Digital Footprint provides a comprehensive, automated list of Internet-accessible assets that connect to your organization. You can filter them based on asset type and asset insights (those with open ports, CVE rating, or those which appear on Threat Intelligence blacklists), all displayed with a connectedness score relating back to your primary domain.

RiskIQ Digital Footprint Snapshot

Digital Footprint Snapshot provides an on-demand, cost-effective external asset intelligence report that allows security teams to view and download the full details about their digital footprint, including host names, IP addresses, domains, WHOIS registration details, and ASNs.

Information included in your Snapshot can be used to augment vulnerability scanning programs, helping your team better understand and uncover additional infrastructure that belongs to your organization, which can inform about other, previously unknown assets that need to be scanned and inventoried to protect them from exploits and vulnerabilities.

Penetration teams will save hours of time by including the automated intelligence in their reconnaissance efforts when looking for exposed devices and assets, ensuring full coverage of all Internet-facing assets and closing gaps and optimizing their testing efforts.

Take the Next Step: Digital Footprint Premium and Enterprise

For organizations who are maturing their threat defense teams, Digital Footprint Premium and Enterprise provide an active, near-real-time inventory that is updated and detailed continuously. Beyond just one-time or quarterly reports, your security team can truly manage your inventory of external assets as your dynamic attack surface grows and changes.

Fig-2 Digital Footprint Premium & Enterprise, featuring an active, curated inventory and Insights Dashboard

Using tags and categorization, as well as intelligent filters and insights dashboards to highlight critical gaps in security posture and hygiene, your team will be armed with an always on, always up-to-date inventory and proactive alerting. Get API access to share data directly between Digital Footprint and your CMDB, asset management, or vulnerability scanning applications. Couple that intelligence with asset monitoring capability to crawl and check critical assets for unsanctioned changes, compromise, malicious behavior, or vulnerable components, and you have the most comprehensive way to discover and monitor your attack surface to protect your business, brand, and customers.

Sign up for Digital Footprint Community Edition today to see yours!

Share This