Attack Surface Intelligence

Attack Surface Intelligence2018-06-07T20:33:04+00:00

Passively Identifying Your Exposures

When an attacker targets an organization, a lot of the homework involves discovering as much information about your organization as possible, including employee names, their job roles, email addresses, potential usernames, software used within the organization, and a lot more.

Finding such information could be possible due to employees unintentionally providing sensitive/confidential information to websites, such as forums, social media, etc. This lack of awareness could result in an attacker gathering enough information to perform a successful attack.

Vonahi Security offers an attack surface intelligence service to perform routine checks against databases and publicly available resources to identify information that may be valuable to an attacker when targeting your organization. While your network staff is focused on other tasks, our consultants can monitor Internet resources for information that may cause security concerns.

How We Can Help

Our consultants understand the types of information that attackers seek in order to gather information about your organization. Combining our automatic tasks that go out and actively hunt for information pertaining to your organization, our consultants also perform manual reconnaissance, providing your network team with a simplified list of potential exposures for review.

Depending on your organization’s needs, we can also alert your team whenever a new potential attack vector becomes visible, allowing your network team to quickly identify and remediate any potential threats.

Some of the types of information that we seek during our attack surface intelligence tasks include:

  • Potentially Dangerous Ports

  • Doppelganger Domains

  • Sensitive Data

  • Compromised Employee Email Addresses

Compromised Email Addresses

If your employees’ email addresses got compromised, would you know? Many employees use the exact same password with their corporate email address as they do with their personal accounts. Therefore, a single account compromise could result in access to several accounts belonging to one person.

Using our compromised email address checker, we can determine when, if, and how your employees’ account credentials were compromised and leaked into databases.

Network Port State Changes

There are many times where network administrators make changes to the systems that face the public Internet environment. This happens for many reasons — the network environment grows, a new server is deployed, implementation of ingress filtering, etc. In some cases, network ports may change without your network staff’s knowledge, or it may just simply be an unintended change.

Attackers usually perform scans across the Internet on a 24/7 basis, so it would only be a matter of time until this is discovered by a malicious attacker. Vonahi Security can quickly detect when network port state changes and alert your network staff, just in case they’re unaware.

Sensitive Data Exposures

Every once in a while, employees go out on the Internet and attempt to troubleshoot issues on their own. In these specific cases, employees may unintentionally provide internal and sensitive information without being aware, resulting in information disclosures. In other cases, other employees, including administrators, may simply just not be aware of the sensitive information that could be disclosed when interacting with certain web-based services.

Vonahi Security can perform routine checks against several publicly accessible sources, including forums, support sites such as Stackoverflow, sites including paste and source code, including GitHub and Pastebin, and additional sources. Once identified, one of our security experts will review the identified information and alert your network staff with high priority.

Want to Learn More?

Monitoring threats on the public Internet that could affect your organization is a challenging task. Learn more about the benefits of our attack surface intelligence service and how it can help your organization stay secure.

Get In Touch

Let us get monitor the Internet for your next potential threat.