Magecart Strikes Again
Ticketmaster, British Airways, and Newegg have all been compromised. Who’s next? Read our research to see how we discovered the breaches.
IDG Connect: 2017 State of Enterprise Digital Defense Report
Findings quantify the security management gap and business impact of external web, social, and mobile threats.
Get the Research Report
Frost & Sullivan: The Digital Threat Management Platform Advantage
The material benefits of a platform-based approach to security outside the firewall.
Read the Report
2018 Holiday Shopping Season Threat Activity: A Snapshot
The 2018 holiday shopping season was the largest ever for online retailers, but threat actors filled their pockets, too.
So what did the threat activity around this shopping frenzy look like?
Rackspace Accelerates External Digital Threat Investigation with RiskIQ PassiveTotal
Download Case Study
EMA Radar™ Q4 2017 Report
RiskIQ ranked a technology and value leader in digital threat intelligence management.
Get the Analyst Report
According to a recent SANS survey, 70% of organizations lack the tools and means to reduce their attack surface, a fact that isn’t necessarily surprising. Even though entire security teams are dedicated to setting up and securing the perimeter of an organization, as businesses embrace new digital transformations, it means that their attack surface continues to expand and change daily.
Currently, 92% of customers using RiskIQ Digital Footprint Enterprise had, at best, partial visibility into their Internet-exposed digital assets before partnering with RiskIQ, half of which claimed to increase their insight into digital threats by at least 50% with our automated discovery and management capability. Now, we’re making that same information and intelligence available to all threat defenders with Digital Footprint Snapshot.
Security teams lack visibility into all of the ways that they can be attacked externally, and struggle to answer the question, “where are the weaknesses in the armor?” The answer lies in understanding what belongs to your organization, how it’s connected to the rest of their asset inventory, and what potential vulnerabilities are exposed to compromise.
Before, defenders had to manually perform reconnaissance on their own organization, spending hours collecting and analyzing Internet data, scanning ports, looking for externally accessible assets that are vulnerable to compromise—but RiskIQ makes this manual discovery and analysis work automatic.
Through our advanced Internet reconnaissance, we have been collecting and correlating information about the Internet and the assets that are connected to it for nearly a decade, observing the connectivity between hosts, domains, and IPs and the organizations to which they belong. This data provides vulnerability managers, asset managers, and penetration testers with the intelligence they need to bring their external, Internet-facing assets under management and ensure that they have a complete picture of their attack surface.
Signing up for RiskIQ Community Edition now gives you access to one of the most popular RiskIQ products–Digital Footprint. When you register or sign in with your organizational email address, you get a glimpse into your organization’s attack surface, as seen below:
Fig-1 Screenshot of RiskIQ Digital Footprint inventory for riskiq.net, automatically generated by entering the email domain @riskiq.net
RiskIQ’s Digital Footprint provides a comprehensive, automated list of Internet-accessible assets that connect to your organization. You can filter them based on asset type and asset insights (those with open ports, CVE rating, or those which appear on Threat Intelligence blacklists), all displayed with a connectedness score relating back to your primary domain.
Digital Footprint Snapshot provides an on-demand, cost-effective external asset intelligence report that allows security teams to view and download the full details about their digital footprint, including host names, IP addresses, domains, WHOIS registration details, and ASNs.
Information included in your Digital Footprint Snapshot can be used to augment vulnerability scanning programs, helping your team better understand and uncover additional infrastructure that belongs to your organization, which can inform about other, previously unknown assets that need to be scanned and inventoried to protect them from exploits and vulnerabilities.
Penetration teams will save hours of time by including the automated intelligence in their reconnaissance efforts when looking for exposed devices and assets, ensuring full coverage of all Internet-facing assets and closing gaps and optimizing their testing efforts.
For organizations who are maturing their threat defense teams, Digital Footprint Premium and Enterprise provide an active, near-real-time inventory that is updated and detailed continuously. Beyond just one-time or quarterly reports, your security team can truly manage your inventory of external assets as your dynamic attack surface grows and changes.
Fig-2 Digital Footprint Premium & Enterprise, featuring an active, curated inventory and Insights Dashboard
Using tags and categorization, as well as intelligent filters and insights dashboards to highlight critical gaps in security posture and hygiene, your team will be armed with an always on, always up-to-date inventory and proactive alerting. Get API access to share data directly between Digital Footprint and your CMDB, asset management, or vulnerability scanning applications. Couple that intelligence with asset monitoring capability to crawl and check critical assets for unsanctioned changes, compromise, malicious behavior, or vulnerable components, and you have the most comprehensive way to discover and monitor your attack surface to protect your business, brand, and customers.
Sign up for Digital Footprint Community Edition today to see yours!
The RiskIQ #ThreatHunting workshops keep coming. Next stop: Austin, TX
Beware -- Hackers using web skimmers to attack online retailers, writes @lconstantin https://t.co/gZzyX0jxU5 @RiskIQ #Magecart #hacking #WebSecurity #ecommerce #cyberattack
We have updated the blog to include data showing that Amerisleep has been affected by #Magecart since 2016, not 2017.
Consumers may lose sleep over these two newly disclosed #Magecart attacks https://t.co/HNSKlTEfAQ
We've shipped off to Boston with partners @FlashpointIntel and @ProtectWise to help beef up the #ThreatHunting skills of local cybersecurity pros. Read more about RiskIQ's threat hunting workshops here: https://t.co/yLaydKK4CH
MyPillow and Amerisleep wake up to Magecart card theft nightmare https://t.co/3M6twr8Gcb by @SecurityCharlie