Every day, thousands of websites are compromised, opening a backdoor to sensitive customer, employee, and company data and damaging the trust between organizations and consumers. Whether the motive is personal, political or financial, any online business can—and will—be victimized if they lack visibility into their digital attack surface.
According to Symantec, which maintains one of the world’s most comprehensive vulnerability databases, It's never been more important to secure your company’s websites. In its 2016 Threat Report, 76% of corporate websites they scanned had vulnerabilities,15% of which were critical.
Companies usually counter cyber threats using several different tools, including firewalls, endpoint devices, and service-based solutions—but these tools only provide a partial view of the organization's digital attack surface. Because certificates expire, software requires patching, and assets associated with partner infrastructure can be compromised, despite these controls, your organization could be at serious risk.
Many cyber attacks target website infrastructure, such as third-party components. For example, ransomware malware, which encrypts data across a company’s network until they pay a ransom to unlock it, is evolving into more dangerous variants. Samsam, the newest evolution, which was implicated in the infection of a hospital in Maryland, attacks organizations by compromising old or improperly configured instances of JBoss.
RiskIQ Enterprise Digital Footprint enables cyber security teams to quickly discover and report on outdated frameworks in their Digital Footprint (including outdated versions of JBoss), regardless of where they are located on the Internet. This intelligence is easily exported for use by the SOC and patch management team and imported into vulnerability scanners to ensure they can verify and remediate vulnerable systems.
RiskIQ's new “Insights” dashboard provides rapid visibility into risky web assets in an organization’s Digital Footprint—including legacy versions of frameworks like JBoss. Insights also identifies targets of external threats like outdated versions of Wordpress and Drupal Content Management Systems, which were supposedly responsible for the recent "Panama Papers" Breach.
The Symantec report also says that among the most frequently targeted sites for malware are Technology, Business, and Shopping sites. Via RiskIQ’s Malware Events, organizations can avoid being part of this trend by scanning for any malware on the websites in their digital inventory. Each event is reported in a format designed to help site owners track down the source and extent of a potential problem and provides plain-English summary of Info on the event and a view into things like:
- Affected host information with details to help clean up each instance
- Threat URLs to identify the root source of the malware
- Pages affected to understand how many pages on the host are serving malware
Don’t be a statistic. With visibility into your digital attack surface, your cyber security team has the high ground in the fight to protect your organization and its data.
The RiskIQ Intelligence Connector for Microsoft Azure Sentinel Is the Context-Rich Force Multiplier Security Teams Need
Digital initiatives have changed the enterprise attack surface and how organizations appear online, both to users and malicious actors. Meanwhile, the threat landscape has evo...