Policy Management

Data Aggregation Reconnaissance Component for Risk Appetite and Representation

Elevate your security posture with ThreatNG's DarcRadar, a unified policy management hub for External Attack Surface Management (EASM), Digital Risk Protection (DRP), and Security Ratings. DarcRadar empowers you to take control with customizable risk configuration and scoring, allowing you to tailor risk tolerance to your organization's needs. Dynamic Entity Management goes beyond traditional monitoring by enabling you to define and incorporate any person, place, or entity, including brand names, into your discovery and assessment policies. Fine-tune your investigations with granular control over what's included and excluded through exception management. Finally, leverage the efficiency of pre-built templates to create customized policies quickly, saving you valuable time and resources. DarcRadar puts you in the driver's seat of your security strategy.

Customizable Risk Configuration and Scoring

Align Security with Your Business: Risk Scoring Tailored to Your Needs

ThreatNG empowers users to tailor their security posture by selecting externally visible settings and configurations relevant to their digital environment. This unique feature allows for the customization of risk appetite levels, aligning security ratings with the organization's specific risk tolerance and operational context. Users can adjust their risk parameters and receive security scores that accurately reflect their unique security priorities and the external threat landscape they face.

Dynamic Entity Management

Comprehensive Entity Definition for Discovery and Assessment

ThreatNG’s 'Comprehensive Entity Definition for Discovery and Assessment' capability enables users to define and incorporate any person, place, or entity, including brand names, into their discovery and assessment policies. This capability supports the inclusion of specific entities in initial and continuous external investigations, ensuring comprehensive monitoring and protection of all relevant assets. Users can customize their investigation parameters to include key elements critical to their organization's security, enhancing the accuracy and scope of threat detection and risk management. This feature is a powerful tool in the fight against digital threats, providing users with a comprehensive view of their security landscape.

Policy Exception Management

Manage Exceptions with Confidence: Streamlined Policy Enforcement

The ThreatNG 'Policy Exceptions Management' capability is designed to streamline the handling of deviations from standard security policies. This feature allows users to efficiently manage, document efficiently, and track exceptions, ensuring that all deviations are accounted for without compromising overall security posture. Users can set exception criteria, receive alerts on potential policy violations, and maintain an audit trail for compliance and accountability. This facilitates a balanced approach to security policy enforcement and operational flexibility, enhancing the organization's overall security.

Policy Templates

Investigate It All: Tailored Policies for Every Digital Risk

ThreatNG simplifies policy creation with pre-built templates that cater to various use cases within External Attack Surface Management (EASM) and Digital Risk Protection (DRP). These templates cover various investigation areas, including Domain Intelligence, Social Media monitoring, and Sensitive Code exposure. You can tailor policies to address Cloud and SaaS vulnerabilities, Third-Party security risks, and even Brand Protection concerns. With options to investigate everything from archived web pages to the dark web, ThreatNG's policy templates empower you to define specific elements for investigation, such as potential data leaks, susceptible servers, or even public passwords, ensuring a thorough assessment of your digital risk landscape.

The following policy templates are provided within the platform:

Attack Surface and SecOps

Brand and Reputation Monitoring

Cloud and SaaS Visibility

Cloud Exposure

Digital Risk Protection

Due Diligence, M&A, and Integration

External Attack Surface Management

Archived Web Pages

Cloud and SaaS Exposure

Dark Web

Domain Intelligence

Online Sharing Exposure

Search Engine Exploitation

Sensitive Code Exposure

Sentiment and Financials

Social Media

Technology Stack

Errors

General Advisories

IoT Entities

Persistent Exploitation

Potential Sensitive Information

Privileged Folders

Public Passwords

Susceptible Files

Susceptible Servers

User Data

Web Servers