Product showcase: ImmuniWeb Discovery – attack surface management with dark web monitoring

Help Net Security
Thursday, October 20, 2022

• 863
• 4
• 4
• 4
• 2
• More
• 4
• 4
• 4

Organizations around the globe struggle to identify their IT assets hosted in a multicloud environment, on premise or managed by numerous third parties. The lack of visibility prevents the cybersecurity teams from protecting their corporate IT infrastructure and data, inevitably leading to disastrous data breaches. Worst, as the recent example with Uber has convincingly demonstrated, CISOs and other cybersecurity executives may be personally liable and even face criminal prosecution for data breaches affecting their organizations.

In theory, the visibility and inventory of your digital assets is a tenable starting point, however, visibility without understanding of the surrounding cyber threat landscape is not enough to prevent sophisticated cyber threats and intrusions in 2023.

ImmuniWeb, a global application security company with over 1,000 enterprise customers, solves the problem with its flagship offering ImmuniWeb Discovery. The underlying concept is simple and efficient: combining Attack Surface Management (ASM) with dark web monitoring to boost their synergized value, making the “1+1=3” formula possible.

Just enter the name of your organization to launch the discovery and to illuminate its entire attack surface, including web applications and APIs, exposed cloud endpoints and storage, VPN and RDP services, unprotected databases and network storage servers, mobile apps and web services on their backends, and even IoT devices accessible from the Internet:

Importantly, every single IT asset will be mapped onto the cyber threat landscape, visualizing the ongoing phishing campaigns targeting your customers or employees, dark web announcements selling access to your compromised systems or corporate data, rogue mobile applications usurping your corporate identity, stolen credentials from your applications or third-party systems processing your data, and IoCs found on your systems.

Eventually, all of the detected IT assets will be classified by the internal risks, such as known vulnerabilities and misconfigurations, and by the external threats, such as past, ongoing or planned cyber-attacks.

In contrast to other dark web monitoring vendors, you are not required to provide the keywords or names of your executives for a comprehensive search of incidents on the dark web. ImmuniWeb Discovery will automatically seek every single IT asset, trademark, brand, employee name and other keywords on the dark web to compile the most comprehensive and inclusive report on the security incidents.

Crucially, your shadow IT, especially shadow cloud assets, may be already compromised unbeknownst to you. Traditional keyword-driven dark web search is poised to miss them, whilst ImmuniWeb Discovery will likely detect and rapidly report them to you:

Once you have a holistic visibility of your external attack surface enhanced with the surrounding cyber threat landscape, you can manually add IT assets that are undiscoverable by the existing OSINT techniques. In our experience, over 95% of your external assets will be discovered, whilst the rest can be manually added or imported at no additional cost in a few clicks. This step will ensure a 99.9% visibility and continuous monitoring of your external attack surface.

All newly discovered IT assets can be automatically classified upon detection and placed into specific groups, labeled with customizable tags. For instance, all newly discovered web applications running on EC2 instances in a specific AWS region, may be placed into a dedicated group. Immediately, the relevant people in your team will be notified, simplifying and accelerating the asset triage.

Similarly, alerts can be configured for newly detected misconfigurations, weaknesses or vulnerabilities affecting the existing IT assets, ensuring the prompt response. Of note, you may customize the security risks using CVSS scale (or otherwise) within each group to implement a granular risk management strategy for every group of assets.

Smart search and triage features enable you to identify all misconfigured assets from a specific country, network or cloud service provider in two clicks, saving the valuable time of your security analysts. All data can be selectively exported in XLS or PDF file, as well as via API in JSON format.

Additionally, every misconfiguration is equipped with actionable remediation guidelines, elaborating how to fix the problem. In case of questions, our security analysts are available 24/7 via a live support or by email to help your software developers and DevOps engineers. Executive dashboard is available to demonstrate the temporal progress of your team in all areas, spanning from web and cloud security to incident response.

Comprehensible visualization of the historical improvement of your cybersecurity posture is a potent argument to convince the Board or executives of the great job your team does and request supplementary budget, quarterly bonus or even a salary increase:

Finally, the pricing model of ImmuniWeb Discovery is transparent and predictable: regardless of the number of your IT assets or security incidents found on the dark web, the monthly subscription fee remains intact. Our 24/7 expert support is included by default and provided at no additional cost. Learn more: www.immuniweb.com.