Remediation – Simplify the Fixes
This post discusses details about how Darwin Attack allows you to fix vulnerabilities in an efficient manner.
Unearthing and charting all the digital assets that dwell beyond an organization's internal sphere is what we refer to as External Asset Discovery. To paint a clearer picture, examples of these digital assets could be web applications, services based in the cloud, devices powered by the Internet of Things (IoT), and network devices.
Evolve Security has found unknown assets in 91% of our customers running External Attack Surface Management (EASM) in the first 30 days. This crystalizes the importance of continuously running digital asset discovery as part of a robust security program and EASM service.
The recent April 2024 guidance from the NIST National Vulnerability Database backlog creates additional concerns as only the most severe vulnerabilities are being identified in 2024. Currently a backlog of 7,000 CVE’s need analysis. If the NVD returned to previous analysis rates its looking between 100 to 150 days to burn down the backlog. The vulnerability severity does not need to be published for it to be utilized against your known or un know assets.
A Recent SSH Terrapin attack ( CVE 2023-48795 ) targets a widely used protocol to secure access to servers, services, and applications. The fundamental flaw in the SSH protocol impacts 15 million servers globally. Evolve Security’s threat hunting team identified several servers on client infrastructure impacted by the Terrapin vulnerability and suggest appropriate patching strategies.
Numerous factors underline the significance of asset discovery. For one, it enables organizations to keep track of their assets comprehensively. Moreover, asset discovery significantly contributes to security and regulatory compliance. Through identifying all existing assets, organizations can effectively evaluate potential risks, implement appropriate security updates and establish protective actions to safeguard sensitive information and ward off unauthorized access. Let's now dig deeper into the salient benefits of asset discovery:
In the progressive world of IT management, dealing with the vast range of obstacles blocking your path in IT asset discovery is crucial. Grasping these challenges by the reins is a key step towards maintaining complete and proactive control over your attack surface.
Here's a look at some of these hurdles:
If you're still using the old-school spreadsheet method, it could be high time you considered incorporating asset discovery software into your process.
Asset discovery utilizes sophisticated automated OSINT methodologies to scour the internet, identifying and mapping out assets that form the digital perimeter of your organization. These assets typically include IP addresses, domains, and fully qualified domain names. Attempting to navigate IT asset discovery through manual measures can be an elaborate and time-consuming endeavor, often resulting in unidentified assets which potentially elevate the level of risk.
To ensure that your asset inventory remains current, it is important to conduct asset discovery on a frequent basis. As your organization's digital perimeter is perpetually evolving, it becomes crucial to have systems in place that can not only detect new services but also monitor changes to known assets that could introduce risks.
Manual Validation and verification process are the key to unlocking the value of Digital asset discovery. Having a team behind internal security orgs can assist in the mundane or janitorial IT aspects that undertake a continuous program to identify and verify the attack surface. Evolve Security’s Offensive SOC can drive the digital asset discovery as part of an attack surface management program.
Synergy between asset discovery and incident detection lies at the root of the problem. Over 60% of breaches have been linked to unpatched vulnerabilities per Automox. Detecting incidents begins with understanding the assets the cyber team has been remitted to secure. Without the ability to perform a robust vulnerability and pentesting program against these unknown assets they are likely to qualify for having unpatched systems leading to exploitation.
Building bridges across functions on the importance of engaging the cyber team early on the registering of new services. How these efforts can lead to protecting profits, and enabling growth by protesting the assets from the get go. This communication can be included or highlighted in company wide security awareness training, and across interdepartmental leadership meetings. Sharing stories with statistics similar to the estimated cost of cybercrime can detail specifics on damaged reputation or disruption to operations. Utilizing a robust attack surface reduction strategy can contain quarterly reports that identify new IT assets that were tagged, and a synopsis of the cyber risks facing the business.
IT asset discovery is the beginning of an effective External Attack Surface Management program. In this initial phase of identification begins the process of creating a baseline for a penetration tester to see your organization as adversaries do. Evolve Security includes a penetration test in every EASM service. After this baseline is achieved continuous IT asset discovery is utilized to find new services as they pop up. In 2023 Evolve Security found new services in 54% of customers after 30 days. A unique proposition is to close this loop with human validation of the new services, and if vulnerabilities are found to surge penetration testers for testing continuously throughout the year.
Darwin Attack is the EASM platform to combine digital asset discovery and proactive continuous penetration testing via Evolve Security EASM.
Schedule a demo today to strategize on how to organize your assets within the Darwin platform:
Unlock your organization's full security potential and uncover even more vulnerabilities than before by choosing our advanced penetration testing services.