RiskIQ Digital Footprint®

Visualize and Defend your Attack Surface

What is your Digital Footprint?

Your digital footprint is your company’s digital presence. Many of these assets exist, change, and are vulnerable without the knowledge of security teams. You can’t protect what you don’t know about.

The Anatomy of a Digital Footprint

Your Digital Footprint

Known Assets

  • Corporate website
  • Known microsites managed by marketing
  • Marketing landing pages
  • Web applications
  • Company-owned domains
  • Company-owned or leased IP blocks
  • Known public-facing demo, development, and staging servers

Unknown Assets

  • Third-party JavaScript resources
  • Microsites created by vendors or as one-off pages
  • Assets and domains purchased outside of official protocol
  • Unknown, public-facing demo, development, and staging servers
  • Servers, sites, and web pages that were part of a merger or acquisition but not inventoried

Rogue and Malicious Assets

  • Web applications in your inventory injected with malicious JavaScript
  • Abandoned servers or domain names
  • Pages created outside of standard procedures
  • Unauthorized typosquatting domains
  • Assets in your inventory infected by malware
  • Assets in your inventory pointing to sites known to be malicious

Why is your Footprint important?

Why is your Footprint important?

Attackers performing reconnaissance will often find unknown, unprotected, and unmonitored assets to use as attack vectors. For a large enterprise, unknown assets often exist by the hundreds and are typically easy for even novice hackers and threat groups to find. Because they’re unmonitored, they provide an easy way in and out. To defend yourself, you need to know what attackers see when they’re looking at you. After all, following an attack or breach, saying “we didn’t know that asset existed,” doesn’t mitigate the damage done.

Beyond just knowing that an asset exists, it’s critical to understand what powers that asset such the type of server it is, software and frameworks running on that server, as well as any vulnerabilities associated with it. Exploited vulnerabilities on internet-facing assets are the leading cause of data breaches from external threat actors.

Once you have an accurate, detailed inventory of external assets in your digital footprint, it is far easier to understand, prioritize, and implement mitigation techniques to ensure that all of your external assets are protected. This inventory of your assets is also critical for compliance with numerous industry regulations.

What You Can’t See Will Hurt You

How does RiskIQ discover your Digital Footprint?

How does RiskIQ discover your Digital Footprint?

RiskIQ uses virtual user technology to discover web assets, including your own and third-party JavaScript, and experience them like a real user (or attacker performing reconnaissance) does, allowing you to accurately identify, monitor, and manage your entire internet attack surface from the outside in.

RiskIQ virtual users go beyond simple crawling, visiting websites using different browsers, varying click patterns and time on page to behave as a human user would. Our technology can continuously monitor websites while evading stealthy anti-detection techniques. Virtual users are launched from an evolving residential, commercial, and mobile proxy network of more than 500 egress points in more than 40 countries.

Using a network of tens of thousands of these virtual users, we scan the entire internet and collect telemetric data to produce a dynamic index of your web attack surface. This process illuminates websites, JavaScript, third-party JavaScript, mobile apps, URLs, web page content, ASNs, IPs, and nameservers, many of which are often not in your inventory. RiskIQ uncovers all digital assets appearing online that tie back to your organization, enabling your security team to understand the attack surface outside your firewall, bring unknown assets under management, and survey your digital footprint from the view of a global adversary.

Beyond an accurate, up-to-date inventory of all of your internet-facing digital assets, Digital Footprint also monitors those digital assets for changes, defacement, policy compliance, or even the appearance of malicious JavaScript or malware.

Community Edition

community edition

Organizations can get a glimpse of their external attack surface utilizing RiskIQ Digital Footprint® Community Edition. Using advanced internet data reconnaissance, RiskIQ automatically correlates internet-facing assets that have been determined to be connected to your domain and organization. This information aids vulnerability management and pen test programs and teams to easily determine external assets, including websites, apps, and components, that exist and may be potentially vulnerable to attack.

Digital Footprint Risk Reporting

risk reporting

Digital Footprint Risk Reporting provides security teams with an easy, accurate, and extensive way to measure digital risk for their organization, understand problems and issues within their footprint, and prioritize corrective action to reduce risk.

RiskIQ Risk Reporting capabilities take advantage of advanced internet reconnaissance and predictive analytics technology that deliver comprehensive external asset inventory, threat discovery, and risk insights. As a result, organizations can measure, track and benchmark their digital security posture – with confidence that findings are an accurate depiction of exposure to external threats from an attacker’s perspective and allow for efficient corrective action.

Digital Footprint Risk Reporting is included as a part of Digital Footprint Enterprise.

JavaScript Threats Module

JS Threats

JavaScript threats like Magecart now breach websites every five minutes. RiskIQ JavaScript Threats Module, with RiskIQ Digital Footprint, ensures customer trust in e-commerce by protecting companies’ high-traffic payment pages and other critical web applications from JavaScript attacks.

The JavaScipt Threats module is part of a comprehensive platform for reducing threats to organizations’ internet attack surfaces. It leverages RiskIQ’s proprietary global discovery infrastructure to build complete, dynamic inventories of organizations’ websites, and monitors first and third-party JS resources, creating alerts for malicious and suspicious changes so organizations can quickly detect JavaScript attacks.


Continuous Monitoring of Web Assets

Once the full inventory of digital assets has been established and confirmed, continuous monitoring of those assets is critical. Digital Footprint and JavaScript Threats Module provide continuous monitoring and scanning of digital assets for:

Malware and Malicious JavaScript
Detect sophisticated malicious behaviors designed to elude traditional web security scanners by viewing from the perspective of end-users targeted by these threats.

Detect failing infrastructure, unauthorized configurations, and DNS hijacking. Locate assets affected by a compromised infrastructure component.

Detect website defacement and inappropriate content appearing on web pages in your inventory.

Web Compliance
Continuously monitor all company-owned websites for content or code that does not comply with internal policies or government regulations.

PII/GDPR Adherence
Analytics to actively identify, inventory, and assess web assets and the respective pages, applications, forms, cookies, and notices associated with PII data collection.

RiskIQ Helps Lagardere Track Down Its Digital Footprint