ThreatNG Security

View Original

August 1, 2023

Discover, Assessment, & Continuous Monitoring

IP Intelligence / Domain Intelligence

The ThreatNG Domain Intelligence Investigation Module now provides a comprehensive set of IP-related information, including the "Total Number of IPs Found," "Number of Shared IPs," "Number of Private IPs," "Number of ASNs," and "The Country Location of the IPs." This "IP Intelligence" significantly boosts overall Domain Intelligence and strengthens all aspects of our External Attack Surface Management (EASM), Digital Risk Protection (DRP), and Security Ratings solution platform. It offers enhanced visibility into an organization's IP landscape, helping understand the digital footprint and exposure to external threats. The feature improves risk assessment by analyzing shared and private IPs, aids proactive threat mitigation through ASN monitoring, and provides geographical insights for better compliance. It also increases cloud adoption awareness and contributes to more accurate Security Ratings. Moreover, the enhanced capabilities bolster Digital Risk Protection and efficient Attack Surface Management, enabling organizations to fortify their cybersecurity posture and protect their digital assets proactively.

Compromised Credentials Enhancement / Dark Web Presence

ThreatNG has significantly enhanced the Compromised Credentials Discovery and Assessment capabilities within the Dark Web Presence Investigation Module. The improvements include even more compromised credentials associated with organizational domains and employees fueled by our continuously updated compromised credentials intelligence repository (DarCache Rupture) of leaked usernames and passwords, identifying potential security risks from credential exposures. The solution identifies compromised credentials and assesses their severity and relevance to' assets, providing actionable insights for prompt mitigation. This enhanced capability empowers organizations to protect their digital identities better, prevent unauthorized access, and bolster their overall cybersecurity posture, ultimately minimizing the impact of data breaches and fortifying their resilience against cyber threats.

Reporting and Sharing

Ransomware Susceptibility Report

The new ThreatNG Ransomware Report is now available to all platform users! This comprehensive report assesses an organization's exposure to ransomware vectors by analyzing its susceptibility from the outside in. It features X Susceptibility and eXposure scoring, which examines the organization's attack surface and digital footprint. The report further delves into various ransomware infection vectors, such as Internet-Facing Vulnerabilities and Misconfigurations, highlighting the risks associated with assets directly accessible from the Internet. Additionally, it assesses the susceptibility to the dangers of BEC & Phishing, where attackers attempt to trick individuals into revealing sensitive information, and the risk of Precursor Malware Infections, which can pave the way for more significant cyber attacks. The report also emphasizes and highlights potential threats of Third Parties and Managed Service Providers, showcasing how interconnected business relationships can introduce cybersecurity risks. Take advantage of this essential tool to bolster your organization's ransomware defense strategy!

Known Vulnerabilities / Domain Intelligence

ThreatNG enhanced the presentation of "Known Vulnerabilities" within the context of External Attack Surface Management (EASM), Digital Risk Protection (DRP), and Security Ratings. This improvement involves comprehensive scanning and analysis of an organization's external-facing assets to identify known software, applications, and service vulnerabilities. In EASM, our solution actively detects and categorizes these vulnerabilities, providing detailed insights into potential weak points in the attack surface. As part of DRP, we continuously monitor for any public exposure of known vulnerabilities, alerting organizations to potential risks and enabling timely remediation. These vulnerability insights are integrated into our Security Ratings, offering a comprehensive view of an organization's overall security posture, allowing them to prioritize and address vulnerabilities effectively. This enhanced presentation empowers organizations to proactively manage their known vulnerabilities, strengthen their defenses against cyber threats, and maintain a robust security stance, ultimately reducing the risk of data breaches and enhancing overall cybersecurity resilience.

Email Security Configuration Assessment

ThreatNG has enhanced the presentation of "email authentication and security mechanisms" within the context of External Attack Surface Management (EASM), Digital Risk Protection (DRP), and Security Ratings. This improvement includes a comprehensive DMARC and SPF configurations analysis for an organization's email domains. In EASM, our solution actively scans and identifies email authentication settings, ensuring they align with industry best practices and are configured to prevent email spoofing and phishing attacks. As part of DRP, we monitor and track DMARC and SPF data to detect any unauthorized email sources or misconfigurations that could lead to potential email-based risks. These insights are integrated into our Security Ratings, providing a holistic assessment of an organization's email security presence. This enhanced presentation empowers organizations to proactively manage their email security, bolster their defenses against external threats, and build a trusted email communication environment, thereby reducing the risk of email-related cyber incidents and enhancing overall cybersecurity posture.

Platform Administration

Role-Based Access Controls Enhancements of White Label Reports

ThreatNG Role-Based Access Controls Enhancements for White Label Reports are significant for our service provider partners and end users. By implementing robust role-based access controls, we ensure sensitive information and customized reports are accessible only to authorized personnel. Service providers can now grant specific access rights to their clients, ensuring data confidentiality and maintaining the integrity of their brand. End users benefit from personalized, branded reports tailored to their needs, fostering trust and loyalty. This level of control not only enhances data security but also reinforces our commitment to empowering our partners and end users with a seamless, secure, and personalized experience, elevating the overall value of our services.