Functional Assets & Pillars
Securing and monitoring digital presence can overwhelming. Once people dig into their digital presence across the dark, deep, and open web, they see how enormous it is and feel lost, hopeless, and ultimately give up on the whole effort. If they do take action, we have seen people employ a whack-a-mole style approach that can be costly and ineffective.
ThreatNG Threat and Risk Analysis [TaR]
A new cost-effective approach to digital risk and attack surface management. Your organization spent a chunk of the operating budget on siloed solutions for addressing security and risk across multiple departments but still has to dedicate many hours (if not weeks) to develop a clear picture of your threat and risk posture. Here’s why:
What is the Technical Attack Surface?
The Technical Attack Surface (currently popularized as the External Attack Surface) references all publicly available data that is revelatory about an organization's IT infrastructure, services, and applications.
What is the Business Attack Surface?
With the Technical Attack Surface being connected to vulnerabilities and misconfigurations of applications and IT infrastructure, the Business Attack Surface encompasses everything that is revelatory about the inner workings of an organization.
OSINT Top Ten: Number 1 - Domain Information
Coming in at number one of our OSINT Top Ten is Domain Information which includes all Domains, Subdomains, Certificates, Emails, and Permutations/Look-Alikes (Company Names, Domains, and Emails).
OSINT Top Ten: Number 2 - Social Media
It is essential to monitor what is broadcasted on social media for compliant branding, instances of malicious/negative sentiment, and for the appropriate level of information sharing.