Asset Discovery
After you are onboarded with BreachLock for attack surface management, you can launch SET easily and fast for your first asset discovery scan.
SET scans the internet for all externally facing digital assets that contain or process sensitive information related to your organization, such as your domain(s), DNS, IPs, PII, PHI, and regulated data. The assets can be owned or operated by your organization, or they may be operated by third parties, including cloud providers, IaaS, SaaS, business partners, suppliers, vendors, or external contractors.
Use initial findings revealed to document, investigate, and make a plan to remediate rogue assets posing critical risks to your perimeter.
See SET’s initial results in your Asset Discovery dashboard, including:
-
Your primary organization
-
Total number of your related organizations with ASN (autonomous system number)
-
Interactive charts with trends, data analysis, and detailed context
- Total number of IP Blocks and IP ranges
- Total number of IP Addresses
- Total number of domains and sub domains
- Real-time List of your asset inventory
Inventory and Classification
After your initial discoveries have been validated, SET organizes your assets into a validated asset inventory with designated classifications for comprehensive attack surface management and day-to-day security operations. Your assets are organized using the pre-defined and customizable categories in your Vulnerabilities dashboard:
-
Asset Type
-
Technical specifications and properties
-
Business criticality
-
Compliance requirements
-
Framework identification
-
Business Owner
-
Customizable tags for additional classifications
See Your Vulnerable Assets and URLs and Take Action
Review all your affected assets and URLs associated with each discovered vulnerability. Analyze the vulnerability’s full description and how many assets have been affected.
Drill further into remediation recommendations and extract raw JSON data for historical context and workflow management.
Risk and Criticality Scoring
SET’s Critical Risk Scoring methodology calculates OSINT, CVSS, and known breach data into an associated risk score for each asset. Using assigned criticality categories, security teams can quickly sort through vulnerabilities and assets to reveal the top priorities for DevSecOps rapid remediation.
SET risk scores help you understand:
-
The risks associated with your asset inventory, including emerging critical risks DevOps needs to prioritize for remediation
-
The context you need on recent data breaches, zero-day vulnerabilities, data leaks, and other cyberattacks
-
The full list of vulnerabilities discovered and asset inventory on your external attack surface by risk category and criticality
The full list of vulnerabilities discovered and asset inventory on your external attack surface by risk category and criticality
The risk associated with a zero-day vulnerability with an easy-to-replicate PoC will multiply significantly every hour that zero-day vulnerability is left undiscovered and unpatched.
-
SET gives you continuous security monitoring capabilities for always-on external attack surface management.
-
SET scans and detects new vulnerabilities every day that are new to your environment, including emerging zero-day vulnerabilities, like log4j.
-
SET alerts you and your team when new exposure has been confirmed on your attack surface.
Malicious Asset and Incident Monitoring
Asset and data exposures – especially accidental exposures and publicly harvested data dumps – are the unknowns that CISOs and Security Leaders must proactively discover with an EASM platform to protect and defend their environments.
The SET platform gives Security Leaders the capabilities to orchestrate continuous DevSecOps identification and remediation workflows to stop preventable breaches from impacting the Security Operations Center and damaging the business.
Breached Credential Monitoring
Breached credentials are a risk as users notoriously reuse passwords and credentials for personal and business life. These breached credentials remain visible on the Internet long after they are initially compromised. Left exposed, this data could be further exploited through an exposed vector on your attack surface. SET gives you the OSINT to get the credentials refreshed and replaced before that happens.
With SET scanning your environment’s dynamically expanding attack surface, you can quickly identify when there are leaked employee credentials on the internet. This OSINT gives you the ability to manage the risks that a cybercriminal may use to impersonate one of your users with harvested credentials and/or stolen passwords to gain unauthorized access to your assets, network, and data.
See Your External Attack Surface with SET for EASM with Breachlock
Gain the visibility you need to see the risk exposures in your environment and take remediation action now with External Attack Management (EASM) from BreachLock’s SET platform.
SET is easy-to-use and streamlined for a complete EASM platform with advanced vulnerability scanning that helps you discover and identify the assets and vulnerabilities you have within your scanned environment – giving you real-time visibility to critical risks and exposures that you may have been unaware of before.
Today’s security leaders considering EASM need to take action to protect and defend their systems, users, and environment. Rogue assets – whether they are deployed by under-pressure in-house developers or an existential threat, such as a cyber criminal impersonating a CEO in a deepfake phishing campaign, today’s threat landscape is full of cybercriminals actively scanning the internet, looking for new targets.
Your SET EASM platform provides the actionable visibility you need to manage your externally exposed assets along with vulnerability management in a simple, easy, and streamlined UI.
