Your attack surface is dynamic and can change by the minute. New and unknown assets that tie back to your organization exist on the internet and can present severe security risk if not properly managed.

With the speed of digital business transformation, threat defense teams need an easy way to understand where their vulnerability management and assessment tools and processes leave them exposed, and where they should focus their efforts to reduce risk exposure.

RiskIQ Digital Footprint™ Risk Reporting provides security teams with an easy, accurate, and extensive way to understand the digital risk that is present in their digital footprint, reveal problems or issues with their internet-facing assets, and prioritize remediation actions to reduce risk. With the broad internet data collected by RiskIQ, your Risk Report and Risk Score accurately quantifies risk due to threat indicators present in your footprint and security posture and hygiene of your digital attack surface.

Digital Footprint Risk Report provides a dynamic view of risk in your internet-exposed Digital Footprint, allowing vulnerability, security, and asset management professionals the ability to drill down and examine the threat indicators and security posture components that make up the score and contribute significantly to your exposure to risk outside the firewall.

Threat indicators are active observations of malicious or suspicious activity in an organization’s digital footprint. Incidents that occur without remediation serve as indicators that an organization has security management gaps or has not responded to active threats. These types of indicators are:

• Host Reputation: Indicators that a host within your digital footprint is on a blacklist
• Malware: Indicators that malware is present on an asset within your digital footprint
• Phish: Indicators that an asset within your digital footprint has been associated with a phishing campaign
• IP Reputation: Indicators that an IP address or range within your digital footprint has been associated with malware, command and control services, botnets, or ransomware

An organization’s Security Posture is a measurement of the maturity of an organization’s security program to properly identify and secure external-facing assets. It is calculated based on observing and analyzing exposures against technical best practices and security policies (such as OWASP) that can mitigate inherent risk associated with internet-facing assets. Your security posture is made up of:

• Website CVE Exposure: Indicators that a website within your footprint is being run using an out-of-date or vulnerable software or framework
• Domain Administration: Measures the variations in domain management and contact details, indicating poor domain hygiene and management practices
• Domain Configuration: Indicators provided by the Extensible Provisioning Protocol (EPP) that can indicate potential domain hijacking or takeover vulnerability
• Hosting and Networking: Measures the degree of ownership associated with ASNs, which can indicate difficult to manage web assets
• Open Ports: Indicators that unnecessary or vulnerable ports that host common exploitable or vulnerable services are open and accessible on the internet
• Websites Security Policies: Indicators that website security policies (such as OWASP) are not being followed or complied with by web development teams
• SSL Configuration: Indicators of the type and expiration status of SSL certificates within your digital footprint
• SSL Organization: Measure of the variation in signing authorities or groups registering SSL certificates can indicate a difficult to manage SSL certificate portfolio that could result in expiration or misuse

Risk Reporting is a feature of RiskIQ Digital Footprint, an enterprise product that enables organizations to identify, inventory, and actively monitor external digital assets and exposures that exist online and outside the firewall. These assets can’t rely on traditional perimeter protection mechanisms and are the most critical to be monitored for the risk they present to the business if not properly secured or maintained. Get up-to-date information about your exposures and assets outside the firewall, and get true visibility into your external attack surface.