December 5, 2023
Discovery, Assessment, and Reporting
The ThreatNG all-in-one external attack surface management (EASM), digital risk protection (DRP), and security ratings solution Delta Reporting facility has been enhanced for all of the following investigation modules:
Domain Intelligence
DNS Intelligence
Domain Record Analysis
It Includes additions, modifications, or deletions of DNS entries. Delta reporting facilitates detecting unauthorized or unexpected changes promptly. For instance, detecting a sudden change in the authoritative DNS server could indicate a potential compromise.
Email Formatting
Changes in email formatting can indicate phishing attempts or social engineering. Delta Reporting in this submodule helps organizations track alterations in email formats, enabling them to respond swiftly to potential threats.
Subdomain Intelligence
Cloud Hosting
Delta Reporting is crucial for tracking changes in subdomains related to cloud hosting providers. Rapid identification of new hosting providers or changes in hosting configurations helps organizations avoid potential security risks associated with cloud infrastructure.
Subdomain Content Identification
This submodule includes tracking changes in various subdomain content types such as development environments, admin pages, applications, demo pages, VPNs, APIs, errors, phone numbers, and emails. Delta Reporting provides timely updates on these changes, allowing organizations to promptly identify and address security concerns.
Certificate Intelligence
Associated Organizations
Changes in associated organizations linked to digital certificates can indicate organizational restructuring, partnerships, or potential security risks. Delta Reporting ensures that organizations are aware of such changes, enabling them to assess and respond accordingly.
IP Intelligence
Delta Reporting in the IP Intelligence submodule is crucial for tracking changes in IP-related information. This includes IP address assignments and modifications. Detecting sudden changes in IP addresses can help organizations identify potential threats or changes in their network infrastructure.
Sentiment and Financials
The Sentiment and Financials Investigation Module within the ThreatNG platform and Delta Reporting provide organizations with valuable insights into non-technical aspects of cybersecurity. Enhancements were made to the following:
Layoffs Mentions
This module monitors and reports changes in mentions related to employee layoffs or workforce reductions. Delta Reporting enables organizations to identify and respond promptly to significant workforce changes. Sudden layoffs may indicate financial instability or internal issues, and reporting is crucial for risk assessment and mitigation.
ESG Violations
ESG factors are increasingly important for companies, and violations can have legal, financial, and reputational consequences. Delta Reporting ensures organizations are quickly informed of new violations or changes in this domain, allowing for proactive risk management.
U.S. Securities and Exchange Commission (SEC) Filing Information
SEC filings contain critical financial and regulatory information. Delta Reporting ensures organizations stay current with any alterations in filings, such as changes in financial status, leadership, or legal matters. This is essential for compliance and strategic decision-making.
Dark Web Presence
The Dark Web Presence module within the ThreatNG platform, integrated with Delta Reporting, plays a crucial role in monitoring and mitigating risks associated with activities on the dark web. Enhancements were made to the following:
Ransomware Events
Ransomware is a significant threat, and early detection of ransomware events is vital for a proactive response. Delta Reporting ensures that organizations are promptly alerted to new ransomware activities, enabling them to take swift action to protect their data and systems.
Dark Web Mentions
Delta Reporting in this submodule helps organizations stay informed about new mentions or discussions related to their assets on the dark web. This enables them to assess the threat level and take appropriate measures to enhance security.
Online Sharing Exposure
The Online Sharing Exposure Investigation Module in the ThreatNG platform, complemented by Delta Reporting, is designed to monitor and analyze an organization's online exposure. It includes tracking how and where information is shared or exposed online. Organizations must know how their information is shared online to understand potential risks associated with data exposure. Delta Reporting ensures timely updates on changes in online sharing exposure, allowing for proactive risk management.
Reporting and Sharing Improvements
Load Time
Enhancements in load time ensure a faster and more responsive user experience within the ThreatNG platform. This facilitates quicker access to critical information and allows security teams to analyze and respond to potential threats efficiently.
Delta Report User Experience
The user experience in Delta Reporting has been optimized with smart shortcuts, streamlining the analysis of Delta reports. This improvement enhances usability, enabling security professionals to quickly navigate and extract actionable insights from delta reports more efficiently.
Exposure Summary Report
The Exposure Summary feature has been refined, providing a more comprehensive and easily digestible overview of an organization's online exposure. This enhancement allows security teams to quickly grasp the extent of potential risks and take proactive measures to address vulnerabilities.
Technology Identified Count
The platform offers an enhanced count of identified technologies, providing a more accurate and detailed analysis of an organization's technology stack. This improvement contributes to a more precise understanding of the attack surface, aiding security teams in developing targeted risk mitigation strategies.
Platform Administration Improvements
Error Notifications
The platform's administration capabilities have been enhanced with improved job notifications, particularly during error scenarios. This refinement ensures that administrators receive timely alerts and insights into potential issues, facilitating a swift and effective response to maintain operational integrity.
Account Notifications to End Users
User engagement and awareness are prioritized with improved account notifications. End users now receive more informative and user-friendly notifications, enhancing their understanding of security-related events and actions required, thus promoting a proactive approach to digital risk management.
User Experience for Result Data, Scanner, and Account Management
User experience (UX) has been significantly improved across result data, scanner, and account management interfaces. This enhancement ensures administrators a more intuitive and streamlined experience, fostering efficient navigation and decision-making within the ThreatNG platform's administration features.