How We Can Help
Our consultants understand the types of information that attackers seek in order to gather information about your organization. Combining our automatic tasks that go out and actively hunt for information pertaining to your organization, our consultants also perform manual reconnaissance, providing your network team with a simplified list of potential exposures for review.
Depending on your organization’s needs, we can also alert your team whenever a new potential attack vector becomes visible, allowing your network team to quickly identify and remediate any potential threats.
Some of the types of information that we seek during our attack surface intelligence tasks include:
Potentially Dangerous Ports
Compromised Employee Email Addresses
Compromised Email Addresses
If your employees’ email addresses got compromised, would you know? Many employees use the exact same password with their corporate email address as they do with their personal accounts. Therefore, a single account compromise could result in access to several accounts belonging to one person.
Using our compromised email address checker, we can determine when, if, and how your employees’ account credentials were compromised and leaked into databases.
Network Port State Changes
There are many times where network administrators make changes to the systems that face the public Internet environment. This happens for many reasons — the network environment grows, a new server is deployed, implementation of ingress filtering, etc. In some cases, network ports may change without your network staff’s knowledge, or it may just simply be an unintended change.
Attackers usually perform scans across the Internet on a 24/7 basis, so it would only be a matter of time until this is discovered by a malicious attacker. Vonahi Security can quickly detect when network port state changes and alert your network staff, just in case they’re unaware.
Sensitive Data Exposures
Every once in a while, employees go out on the Internet and attempt to troubleshoot issues on their own. In these specific cases, employees may unintentionally provide internal and sensitive information without being aware, resulting in information disclosures. In other cases, other employees, including administrators, may simply just not be aware of the sensitive information that could be disclosed when interacting with certain web-based services.
Vonahi Security can perform routine checks against several publicly accessible sources, including forums, support sites such as Stackoverflow, sites including paste and source code, including GitHub and Pastebin, and additional sources. Once identified, one of our security experts will review the identified information and alert your network staff with high priority.
Want to Learn More?
Monitoring threats on the public Internet that could affect your organization is a challenging task. Learn more about the benefits of our attack surface intelligence service and how it can help your organization stay secure.