Asset Inventory
Within cybersecurity, an asset inventory is a comprehensive list of all hardware, software, and digital resources that an organization owns, controls, or relies on. It's a fundamental component of any security program, providing visibility into the organization's digital landscape.
Here's a more detailed breakdown:
Hardware: This includes physical devices like servers, workstations, laptops, mobile devices, network equipment (routers, switches), and IoT devices.
Software: This encompasses operating systems, applications, databases, firmware, and other software running on the organization's systems.
Digital Resources: This can include data, cloud services, websites, domain names, IP addresses, and digital certificates.
Purpose: The primary purpose of an asset inventory is to provide a clear understanding of what needs to be protected. It helps organizations identify vulnerabilities, manage risks, and respond to security incidents effectively.
Key Attributes: An adequate asset inventory includes details about each asset, such as:
Asset type
Owner
Location
Configuration
Software installed
Security posture
Business criticality
ThreatNG provides significant capabilities for discovering and identifying an organization's external-facing assets, which is a crucial first step in creating a comprehensive asset inventory.
External Discovery: Identifying External Assets
ThreatNG's external discovery is designed to identify an organization's assets that are visible from the internet. This includes:
Websites and web applications
Servers and network infrastructure
Domains and subdomains
Cloud services and SaaS applications
Mobile applications
This process provides a foundational inventory of the organization's external attack surface.
External Assessment: Gathering Asset Details
ThreatNG's external assessment modules gather detailed information about the discovered assets, enriching the inventory:
Domain Intelligence: The Domain Intelligence module provides extensive details about domain names, DNS records, subdomains, and related technologies.
Technology Stack: ThreatNG identifies the technologies used by web applications and other systems, providing software inventory information.
Cloud and SaaS Exposure: ThreatNG identifies the organization's cloud services and SaaS applications.
Mobile Application Discovery: ThreatNG discovers mobile apps in app stores.
This assessment process adds valuable attributes to the asset inventory, such as:
Asset type
Technology stack
Associated services
Security characteristics
Reporting: Presenting the Inventory Information
ThreatNG's reporting capabilities can present the asset inventory information in a structured and organized format.
Inventory reports provide a clear view of the organization's external-facing assets.
Continuous Monitoring: Keeping the Inventory Up-to-Date
ThreatNG's continuous monitoring ensures that the asset inventory remains current.
It detects any changes to the organization's external attack surface, such as the addition of new assets or changes to existing ones.
Investigation Modules: Deep Dive into Asset Details
ThreatNG's investigation modules allow security teams to delve deeper into the details of specific assets.
For example, the Domain Intelligence module enables a detailed domain configuration and subdomain analysis.
Working with Complementary Solutions
ThreatNG's asset inventory data can be integrated with other security and IT management solutions.
For example, it can be combined with an internal Configuration Management Database (CMDB) to completely view the organization's assets.
ThreatNG provides robust capabilities for discovering, identifying, and inventorying an organization's external-facing assets. This information is crucial for effective cybersecurity and risk management.