From the very beginning, vulnerabilities, open ports and exposed critical applications have been the most easily detected components of your attack surface area, making them the most easily exploited by malicious actors.
Now, with the trending expansion of cloud services around multiple providers, this already-exposed area continues to grow exponentially. Not only must you focus on your web and database servers, but on your entire online infrastructure as well — and that includes not only bare metal servers, but also cloud services such as DNS servers, image servers, backup instances and much more.
The big question is: how are you keeping all these assets monitored? Do you know how many open ports you have for each one of them? What about the number of hosted domains, subdomain names and SSL certificates? How can you reduce your attack surface effectively to prevent cybersecurity threats?
For the past few months, our engineering team has been working diligently to find a fast and effective solution for all of these concerns.. Today, we're excited to announce the immediate availability of our new product pilot: Attack Surface Intelligence | ASI
How can you minimize your attack surface area with ASI?
There are a lot of OSINT tools around, however, not all of them allow you to browse through the most critical information, correlate that information and pivot from each dataset on the same interface. That's why we built ASI. Let's explore its main features and usages.
Once you land in the main interface, you'll be able to discover the total number of domain names and IP addresses found.
You'll also see a summary of the most important things found in the account, such as: summary by hosting company, tag cloud and summary by open ports. You can then begin excluding web hosting companies, certain tags or common open ports (such as 80 and 443 for example) from the results.
On the same screen you'll find the Asset Discovery Calendar that quickly lets you know how many assets were discovered/added in a single day.
The export button allows you to export all the subdomains, apex domains and IP addresses into CSV format with a single click:
The Inventory area is where you can import your own records, or explore the rest of the infosec data we have about your company. The full list includes:
- Self imported records
- Reverse DNS
- Forward DNS subdomains
- IP blocks by registrant name
- IP blocks by computed domain
- SSL by domain
- SSL by common name
- WHOIS by registrant org
- WHOIS by reg email
You can jump from the inventory interface directly to the IP address information, which will reveal infosec data related to that IP.
The Overview tab will show you a brief summary showing IP usage, geolocation, ASN number, open ports and detected software, including its version, passive DNS data, access network, tenant, and IP reputation.
One of the most interesting things to reducing your attack surface area are the exposed services and ports. Our scanning technology goes one step further and analyzes the name of the service and, if available, the exact software version:
With this information at your fingertips, finding vulnerable services and unwanted open protocols is easier than ever.
Filtering noise on the Internet is no easy task, and that's why ASI lets you discover IP addresses belonging not to real users but to fake ones that are mostly bots and scanning servers, this data can be seen from the Noise tab.
The Ports History tab enables you to explore not only current open ports, but the entire open port history over recent months, as shown here::
The Devices sub-tab lets you explore all devices related to this asset, enabling you to browse the connected devices by date and user agent.
And clicking on any one of them gives you exact information about that device. For example:
Finally, the P2P tab will show you all torrent traffic for certain IP addresses, including detailed information about when it happened, the name of the material, its hash, category, subcategory and P2P source.
This option lets you explore intelligence data by domain or IP address. Choose either and you can filter your results by web hosting company, tag or open ports.
ASI Explorer also lets you filter by popular ports such as 80 and 443, as well as by common CDN providers such as Cloudflare or Incapsula.
From the ASIExplorer interface you can jump to any IP address or domain name and get access to exposed open ports such as SSH, FTP and more. You can even discover the full list of associated domains per IP.
The Rules and Activity tabs are still under development. Essentially, the former will reveal all the unique searches a user performs (however, we are working on expanding its functionality and features).
And the latter will track those records recently added (the near future will see it track removed records as well).
There is much more to come from our innovative ASI product, however, we've been really excited to show you what our engineering team has been doing for the past few months.
Are you ready to test ASI?
Stop exposing critical information, ports, SSL certificates, DNS and domain shadow infrastructure to the bad guys!
Get in touch with our sales team today — and access our limited pilot demo for enterprise-grade users.