news tools reconnaissance

SecurityTrails Blog · Oct 24 · SecurityTrails team

Introducing ASR | The #1 Tool to Reduce your Attack Surface Area

Reading time: 5 minutes

From the very beginning, vulnerabilities, open ports and exposed critical applications have been the most easily detected components of your attack surface area, making them the most easily exploited by malicious actors.

Now, with the trending expansion of cloud services around multiple providers, this already-exposed area continues to grow exponentially. Not only must you focus on your web and database servers, but on your entire online infrastructure as well — and that includes not only bare metal servers, but also cloud services such as DNS servers, image servers, backup instances and much more.

The big question is: how are you keeping all these assets monitored? Do you know how many open ports you have for each one of them? What about the number of hosted domains, subdomain names and SSL certificates? How can you reduce your attack surface effectively to prevent cybersecurity threats?

For the past few months, our engineering team has been working diligently to find a fast and effective solution for all of these concerns.. Today, we’re excited to announce the immediate availability of our new product pilot: Attack Surface Reduction | ASR

How can you minimize your attack surface area with ASR?

There are a lot of OSINT tools around, however, not all of them allow you to browse through the most critical information, correlate that information and pivot from each dataset on the same interface. That’s why we built ASR. Let’s explore its main features and usages.

Main interface

Once you land in the main interface, you’ll be able to discover the total number of domain names and IP addresses found.

You’ll also see a summary of the most important things found in the account, such as: summary by hosting company, tag cloud and summary by open ports. You can then begin excluding web hosting companies, certain tags or common open ports (such as 80 and 443 for example) from the results.

On the same screen you’ll find the Asset Discovery Calendar that quickly lets you know how many assets were discovered/added in a single day.

ASR Asset Discovery Calendar

The export button allows you to export all the subdomains, apex domains and IP addresses into CSV format with a single click:

ASR Export

Inventory

The Inventory area is where you can import your own records, or explore the rest of the infosec data we have about your company. The full list includes:

  • Self imported records
  • Reverse DNS
  • Forward DNS subdomains
  • IP blocks by registrant name
  • IP blocks by computed domain
  • SSL by domain
  • SSL by common name
  • WHOIS by registrant org
  • WHOIS by reg email
ASR Inventory Interface

You can jump from the inventory interface directly to the IP address information, which will reveal infosec data related to that IP.

The Overview tab will show you a brief summary showing IP usage, geolocation, ASN number, open ports and detected software, including its version, passive DNS data, access network, tenant, and IP reputation.

One of the most interesting things to reducing your attack surface area are the exposed services and ports. Our scanning technology goes one step further and analyzes the name of the service and, if available, the exact software version:

ASR exposed services and ports

With this information at your fingertips, finding vulnerable services and unwanted open protocols is easier than ever.

Filtering noise on the Internet is no easy task, and that’s why ASR lets you discover IP addresses belonging not to real users but to fake ones that are mostly bots and scanning servers, this data can be seen from the Noise tab.

The Ports History tab enables you to explore not only current open ports, but the entire open port history over recent months, as shown here::

ASR Ports history tab

The Devices sub-tab lets you explore all devices related to this asset, enabling you to browse the connected devices by date and user agent.

And clicking on any one of them gives you exact information about that device. For example:

ASR Device information

Finally, the P2P tab will show you all torrent traffic for certain IP addresses, including detailed information about when it happened, the name of the material, its hash, category, subcategory and P2P source.

ASR Explorer

This option lets you explore intelligence data by domain or IP address. Choose either and you can filter your results by web hosting company, tag or open ports.

ASR Explorer also lets you filter by popular ports such as 80 and 443, as well as by common CDN providers such as Cloudflare or Incapsula.

ASR Explorer

From the ASR Explorer interface you can jump to any IP address or domain name and get access to exposed open ports such as SSH, FTP and more. You can even discover the full list of associated domains per IP.

ASR IP

The Rules and Activity tabs are still under development. Essentially, the former will reveal all the unique searches a user performs (however, we are working on expanding its functionality and features).

ASR Rules and Activity

And the latter will track those records recently added (the near future will see it track removed records as well).

ASR Rules and Activity 2

There is much more to come from our innovative ASR product, however, we’ve been really excited to show you what our engineering team has been doing for the past few months.

Are you ready to test ASR?

Stop exposing critical information, ports, SSL certificates, DNS and domain shadow infrastructure to the bad guys!

Get in touch with our sales team today — and access our limited pilot demo for enterprise-grade users. Provide your information below, and we’ll get you started:

Contact us

Fill out the form.