Policy Management
Data Aggregation Reconnaissance Component for Risk Appetite and Representation
Elevate your security posture with ThreatNG's DarcRadar, a unified policy management hub for External Attack Surface Management (EASM), Digital Risk Protection (DRP), and Security Ratings. DarcRadar empowers you to take control with customizable risk configuration and scoring, allowing you to tailor risk tolerance to your organization's needs. Dynamic Entity Management goes beyond traditional monitoring by enabling you to define and incorporate any person, place, or entity, including brand names, into your discovery and assessment policies. Fine-tune your investigations with granular control over what's included and excluded through exception management. Finally, leverage the efficiency of pre-built templates to create customized policies quickly, saving you valuable time and resources. DarcRadar puts you in the driver's seat of your security strategy.
Customizable Risk Configuration and Scoring
Align Security with Your Business: Risk Scoring Tailored to Your Needs
ThreatNG empowers users to tailor their security posture by selecting externally visible settings and configurations relevant to their digital environment. This unique feature allows for the customization of risk appetite levels, aligning security ratings with the organization's specific risk tolerance and operational context. Users can adjust their risk parameters and receive security scores that accurately reflect their unique security priorities and the external threat landscape they face.
Dynamic Entity Management
Comprehensive Entity Definition for Discovery and Assessment
ThreatNG’s 'Comprehensive Entity Definition for Discovery and Assessment' capability enables users to define and incorporate any person, place, or entity, including brand names, into their discovery and assessment policies. This capability supports the inclusion of specific entities in initial and continuous external investigations, ensuring comprehensive monitoring and protection of all relevant assets. Users can customize their investigation parameters to include key elements critical to their organization's security, enhancing the accuracy and scope of threat detection and risk management. This feature is a powerful tool in the fight against digital threats, providing users with a comprehensive view of their security landscape.
Policy Exception Management
Manage Exceptions with Confidence: Streamlined Policy Enforcement
The ThreatNG 'Policy Exceptions Management' capability is designed to streamline the handling of deviations from standard security policies. This feature allows users to efficiently manage, document efficiently, and track exceptions, ensuring that all deviations are accounted for without compromising overall security posture. Users can set exception criteria, receive alerts on potential policy violations, and maintain an audit trail for compliance and accountability. This facilitates a balanced approach to security policy enforcement and operational flexibility, enhancing the organization's overall security.
Policy Templates
Investigate It All: Tailored Policies for Every Digital Risk
ThreatNG simplifies policy creation with pre-built templates that cater to various use cases within External Attack Surface Management (EASM) and Digital Risk Protection (DRP). These templates cover various investigation areas, including Domain Intelligence, Social Media monitoring, and Sensitive Code exposure. You can tailor policies to address Cloud and SaaS vulnerabilities, Third-Party security risks, and even Brand Protection concerns. With options to investigate everything from archived web pages to the dark web, ThreatNG's policy templates empower you to define specific elements for investigation, such as potential data leaks, susceptible servers, or even public passwords, ensuring a thorough assessment of your digital risk landscape.
The following policy templates are provided within the platform:
Attack Surface and SecOps
Brand and Reputation Monitoring
Cloud and SaaS Visibility
Cloud Exposure
Digital Risk Protection
Due Diligence, M&A, and Integration
External Attack Surface Management
Archived Web Pages
Cloud and SaaS Exposure
Dark Web
Domain Intelligence
Online Sharing Exposure
Search Engine Exploitation
Sensitive Code Exposure
Sentiment and Financials
Social Media
Technology Stack
Errors
General Advisories
IoT Entities
Persistent Exploitation
Potential Sensitive Information
Privileged Folders
Public Passwords
Susceptible Files
Susceptible Servers
User Data
Web Servers