ThreatNG Security

View Original

December 5, 2023

Discovery, Assessment, and Reporting 

The ThreatNG all-in-one external attack surface management (EASM), digital risk protection (DRP), and security ratings solution Delta Reporting facility has been enhanced for all of the following investigation modules:

Domain Intelligence

DNS Intelligence

Domain Record Analysis

It Includes additions, modifications, or deletions of DNS entries. Delta reporting facilitates detecting unauthorized or unexpected changes promptly. For instance, detecting a sudden change in the authoritative DNS server could indicate a potential compromise.

Email Formatting

Changes in email formatting can indicate phishing attempts or social engineering. Delta Reporting in this submodule helps organizations track alterations in email formats, enabling them to respond swiftly to potential threats.

Subdomain Intelligence

Cloud Hosting

Delta Reporting is crucial for tracking changes in subdomains related to cloud hosting providers. Rapid identification of new hosting providers or changes in hosting configurations helps organizations avoid potential security risks associated with cloud infrastructure.

Subdomain Content Identification

This submodule includes tracking changes in various subdomain content types such as development environments, admin pages, applications, demo pages, VPNs, APIs, errors, phone numbers, and emails. Delta Reporting provides timely updates on these changes, allowing organizations to promptly identify and address security concerns.

Certificate Intelligence

Associated Organizations

Changes in associated organizations linked to digital certificates can indicate organizational restructuring, partnerships, or potential security risks. Delta Reporting ensures that organizations are aware of such changes, enabling them to assess and respond accordingly.

IP Intelligence

Delta Reporting in the IP Intelligence submodule is crucial for tracking changes in IP-related information. This includes IP address assignments and modifications. Detecting sudden changes in IP addresses can help organizations identify potential threats or changes in their network infrastructure.

Sentiment and Financials

The Sentiment and Financials Investigation Module within the ThreatNG platform and Delta Reporting provide organizations with valuable insights into non-technical aspects of cybersecurity. Enhancements were made to the following:

Layoffs Mentions

This module monitors and reports changes in mentions related to employee layoffs or workforce reductions. Delta Reporting enables organizations to identify and respond promptly to significant workforce changes. Sudden layoffs may indicate financial instability or internal issues, and reporting is crucial for risk assessment and mitigation.

ESG Violations

ESG factors are increasingly important for companies, and violations can have legal, financial, and reputational consequences. Delta Reporting ensures organizations are quickly informed of new violations or changes in this domain, allowing for proactive risk management.

U.S. Securities and Exchange Commission (SEC) Filing Information

SEC filings contain critical financial and regulatory information. Delta Reporting ensures organizations stay current with any alterations in filings, such as changes in financial status, leadership, or legal matters. This is essential for compliance and strategic decision-making.

Dark Web Presence

The Dark Web Presence module within the ThreatNG platform, integrated with Delta Reporting, plays a crucial role in monitoring and mitigating risks associated with activities on the dark web. Enhancements were made to the following:

Ransomware Events

Ransomware is a significant threat, and early detection of ransomware events is vital for a proactive response. Delta Reporting ensures that organizations are promptly alerted to new ransomware activities, enabling them to take swift action to protect their data and systems.

Dark Web Mentions

Delta Reporting in this submodule helps organizations stay informed about new mentions or discussions related to their assets on the dark web. This enables them to assess the threat level and take appropriate measures to enhance security.

Online Sharing Exposure

The Online Sharing Exposure Investigation Module in the ThreatNG platform, complemented by Delta Reporting, is designed to monitor and analyze an organization's online exposure. It includes tracking how and where information is shared or exposed online. Organizations must know how their information is shared online to understand potential risks associated with data exposure. Delta Reporting ensures timely updates on changes in online sharing exposure, allowing for proactive risk management.

Reporting and Sharing Improvements

Load Time

Enhancements in load time ensure a faster and more responsive user experience within the ThreatNG platform. This facilitates quicker access to critical information and allows security teams to analyze and respond to potential threats efficiently.

Delta Report User Experience

The user experience in Delta Reporting has been optimized with smart shortcuts, streamlining the analysis of Delta reports. This improvement enhances usability, enabling security professionals to quickly navigate and extract actionable insights from delta reports more efficiently.

Exposure Summary Report

The Exposure Summary feature has been refined, providing a more comprehensive and easily digestible overview of an organization's online exposure. This enhancement allows security teams to quickly grasp the extent of potential risks and take proactive measures to address vulnerabilities.

Technology Identified Count

The platform offers an enhanced count of identified technologies, providing a more accurate and detailed analysis of an organization's technology stack. This improvement contributes to a more precise understanding of the attack surface, aiding security teams in developing targeted risk mitigation strategies.

Platform Administration Improvements

Error Notifications

The platform's administration capabilities have been enhanced with improved job notifications, particularly during error scenarios. This refinement ensures that administrators receive timely alerts and insights into potential issues, facilitating a swift and effective response to maintain operational integrity.

Account Notifications to End Users

User engagement and awareness are prioritized with improved account notifications. End users now receive more informative and user-friendly notifications, enhancing their understanding of security-related events and actions required, thus promoting a proactive approach to digital risk management.

User Experience for Result Data, Scanner, and Account Management

User experience (UX) has been significantly improved across result data, scanner, and account management interfaces. This enhancement ensures administrators a more intuitive and streamlined experience, fostering efficient navigation and decision-making within the ThreatNG platform's administration features.