RiskIQ has been delivering digital attack surface discovery and monitoring capabilities to the largest companies in the world for nearly a decade now. The cornerstone of digital threat defense has been the ability to understand what’s in your digital footprint to protect critical internet-facing assets.
Web Component Details in your Digital Footprint
Knowing what software and services are running on internet-facing assets is key to being able to understand where your organization is susceptible to attack through vulnerabilities. RiskIQ Digital Footprint provides inventory asset detailing to give you an up to date picture of what web components are running on those internet-exposed assets.
These web components also show their history over time, enabling organizations to understand changes, upgrade and patching cadence, and historical exposure.
It’s with this set of web components that we’re enhancing your Digital Footprint inventory. Today, we’re introducing new ways that defense teams can quickly find assets which pose a risk to an organization: CVE matching to inventory asset components and assets that violate OWASP security policies.
CVEs and CVSS Scores on Digital Footprint Assets
Common Vulnerabilities and Exposures, or CVEs, are cataloged vulnerabilities which have been found in the wild. CVEs are associated with specific software that is running on a machine, whether those are servers, endpoints, or any other type of device, and assigned a unique number associated with that vulnerability.
Along with the CVE number, CVEs are assigned a Common Vulnerability Scoring System (CVSS) score. This CVSS score rates the criticality of the vulnerability in an attempt to help vulnerability management teams prioritize which vulnerabilities must be addressed immediately, or which can be managed during regular patch processes.
In Digital Footprint, you can now quickly search for internet-exposed assets affected by certain CVEs or with certain CVSS scores (like those rated “critical” with a score of 10).
This matching of CVEs to internet-facing assets enables cyber security teams to better understand exploitable vulnerabilities that exist within your digital attack surface.
OWASP Security Policies
The Open Web Application Security Project (OWASP) is a trade group and non-profit that has developed standards for developers to create secure websites and web applications.
OWASP has a set of standards that should be followed when developing websites or web apps. These include evaluating the page, looking for things like:
- HTTP Strict Transport Security (HSTS)
- Public Key Pinning Extension for HTTP (HPKP)
When RiskIQ details an asset in your inventory, we check to see if any of these OWASP security policies are violated. Assets in your Digital Footprint inventory can be filtered or searched on to see where there may be issues for triage and resolution.
These new web component search and filtering capabilities are available to current Digital Footprint customers today. Want to learn more about your Digital Footprint? Sign up for Digital Footprint Community Edition for free!
The RiskIQ Intelligence Connector for Microsoft Azure Sentinel Is the Context-Rich Force Multiplier Security Teams Need
Digital initiatives have changed the enterprise attack surface and how organizations appear online, both to users and malicious actors. Meanwhile, the threat landscape has evo...