Interlock Drives Attack Surface Reduction and Faster Response Via Automated Actions and Workflow
RiskIQ’s Illuminate collects and generates unique asset information on your internet attack surface, including the exposures, vulnerabilities, and threats relevant to you. This information can be used to drive policy and workflow triggering actions in your security stack:
- Internet Asset Information
- Internet Context and Enrichment
- Exposures and Vulnerabilities
- Risks and Events
- Attack Surface Intelligence
- Surface Web Artifacts: IPs, Hosts, Domains, Certificates, etc.
- Threat Intelligence
- Third-Party Intelligence
- Digital Risk Intelligence
When RiskIQ detects malicious behavior in your Internet Attack Surface, it can tell your network security products to prevent or block communication from the Internet. This prevents C2, data exfil, and other unwanted communication from your network.
RiskIQ can tell your SIEM about events associated with your internet attack surface. . This allows your security operations team using a SIEM to make better decisions about reducing your attack surface, prioritizing patching, and expediting incident response activities.
RiskIQ can provide your CMDB real-time external attack surface information about all assets, including unknown assets and assets you rely on but are supported by 3rd parties. This provides a trusted single-lens view into your asset inventory, including your extended enterprise’s internal and external view leading to optimized decision-making.
Vulnerability Management Tools
RiskIQ can trigger vulnerability scanners when an unknown asset is discovered and can de-duplicate and cluster assets to reduce triage and patching efforts. The result is reduced cost and mean time to patch.
Modern DevOps drives rapid change with cloud assets and ephemeral workloads that often leads to misconfigurations and errors. With RiskIQ, your teams can provide continuous and automated vulnerability risk management.
RiskIQ Insights, Policy, or Events representing Exposures, Vulnerabilities, or Threats can automatically generate tickets, alerts, or actions in ticketing systems or tie into an existing workflow, eliminating any additional integration requirement.