Subdomain Intelligence External Attack Surface Management EASM Digital Risk Protection Services DRPS Security Ratings Cybersecurity Ratings Cyber Risk Ratings

Subdomain Infrastructure Exposure

Gaining External Visibility: Uncover Hidden Risks in Your Subdomains

Your organization's digital footprint extends far beyond your primary domain. Subdomains often host critical services and sensitive data, making them attractive targets for attackers. Without a clear understanding of your exposed infrastructure, you could leave your organization vulnerable to breaches and disruptions. Our Subdomain Intelligence module provides the visibility to identify and assess externally facing assets across all your subdomains. This empowers you to proactively address vulnerabilities, strengthen security posture, and protect critical assets. Go beyond standard discovery with custom port scanning, allowing you to define the scope of your investigation and uncover hidden infrastructure that traditional scans might miss. This deeper level of analysis helps you identify proprietary applications, development environments, shadow IT systems, and misconfigured services, providing a comprehensive view of your subdomain landscape and its associated risks.

Application & Service Security

Discover the full range of applications and services exposed across your subdomains, from web applications and APIs to remote access services and containerized environments. Gain insight into potential vulnerabilities and implement robust security controls to protect against web application attacks, unauthorized access, and data breaches. Continuously monitor your application and service landscape to ensure ongoing security and compliance.

Hidden Remote Access Protocols

Go beyond well-known remote access methods and consider underlying communication mechanisms. Identify instances of RPC, a general technique for inter-process communication, helping organizations assess and secure these implementations. Detect exposed SMB services, often used for file sharing in Windows environments, allowing for proactive mitigation of vulnerabilities that could lead to ransomware attacks or data breaches.

Mail and Messaging

Email remains a critical communication channel, but it's also a common target for attackers. Identify exposed SMTP and IMAP services to gain crucial visibility into your organization's email infrastructure. Assess your email security posture and implement necessary safeguards against spam, phishing attacks, and malware distribution, ensuring the confidentiality and integrity of your organization's email communications.

Web and APIs

Web applications and APIs are often the primary interface between your organization and the outside world. Acquire an in-depth understanding of your web and API attack exposure by automatically detecting and inventorying all HTTP, HTTPS, and Kubernetes API endpoints within your organization's domains and subdomains. Implement essential security protocols, like HTTPS enforcement and strong API authentication, to safeguard against web application threats, data leaks, and service interruptions.

Kubernetes

Containerized environments and microservices architectures introduce unique security challenges. Achieve unmatched insight into your Kubernetes deployments by identifying exposed Kubelet and Kube Controller Manager instances. Assess the security posture of your containerized environments, implement robust access controls and authentication mechanisms, and protect against container escapes, unauthorized access, and data breaches.

Remote Access and Management

Remote access services are essential for managing and maintaining systems, but they can also be entry points for attackers. Gain unparalleled visibility into exposed remote access and management services. Identify and assess potential risks associated with services like SSH, RDP, VNC, and Telnet running on your external-facing infrastructure. Proactively address vulnerabilities and misconfigurations, reducing the risk of unauthorized access, data breaches, and system compromise.

VoIP and Telephony

Secure contemporary communication systems by identifying vulnerable VoIP services. Evaluate security settings and defend against eavesdropping, denial-of-service attacks, and other threats that might interrupt communication or jeopardize sensitive discussions.

Data Security

Uncover all systems that store and manage your organization's critical data, from databases housing sensitive customer information to directory services controlling user access. Identify vulnerabilities and implement essential safeguards to prevent unauthorized access and data breaches. ThreatNG also delves into securing file transfer processes, ensuring your data remains protected both in storage and in transit, and continuously monitors for changes and new exposures.

Databases

Databases are the heart of many applications, storing valuable and often sensitive information. Uncover potential risks by identifying exposed databases of all types – SQL databases (MS SQL, MySQL, Oracle, PostgreSQL), NoSQL databases (MongoDB), and in-memory data stores like Redis. Ensure proper security controls, such as access restrictions and data encryption, are in place to safeguard this critical data from unauthorized access and breaches.

File Transfer and Synchronization

Secure file transfer is crucial for protecting sensitive data in transit. Maintain a tight grip on your file transfer security posture by identifying instances of FTP and Rsync services running on your external infrastructure. Assess security configurations and ensure that sensitive data is not exposed during transit by employing secure alternatives like SFTP whenever possible.

Directory Services

Directory services like LDAP are central to user management and authentication. Go beyond surface-level analysis to identify and assess potential risks associated with exposed directory services. Implement strong access controls, authentication mechanisms, and monitoring capabilities to safeguard sensitive user data and prevent unauthorized access to your organization's directory infrastructure.

IoT and Embedded Device Security

Identify the growing number of embedded and IoT devices within your organization's network, pinpointing potentially vulnerable devices and assessing their security configurations. ThreatNG helps implement necessary safeguards to prevent unauthorized access, data breaches, and privacy violations, ensuring the security of your evolving IoT ecosystem.

IoT Device Security

Identify the vast array of internet-connected devices within your organization, including those often overlooked in traditional security assessments. ThreatNG detects devices using UPnP (Universal Plug and Play), vulnerable networked security cameras, publicly accessible DVRs, and exposed webcams, empowering you to secure these devices and protect against unauthorized access, data breaches, and privacy violations.

Embedded Systems Security

Embedded systems—the hidden computers within specialized devices like industrial control systems and medical equipment—require unique security considerations. These systems can be vulnerable due to their resource constraints and specialized functions. This category focuses on identifying these systems, particularly those with critical roles. This includes pinpointing exposed industrial control systems accessible via HTTP, a significant security concern, and addressing potential vulnerabilities in other embedded systems to ensure their safe and reliable operation.

Network Security

A strong network security posture is the foundation of a resilient organization. Identify and assess the security configurations of various network protocols critical to maintaining a secure environment, including those used in industrial control systems and specialized environments. ThreatNG provides visibility into your network's attack surface, allowing you to proactively address vulnerabilities and protect against unauthorized access, data breaches, and disruptions.

General Networking

Even essential networking components can pose security risks if not properly configured. Diligently work to protect your network by uncovering gateways that use HTTP for communication, highlighting the dangers of unencrypted data transfers. Empower your organization to prioritize the transition to HTTPS, guaranteeing secure communication and thwarting potential eavesdropping or man-in-the-middle attacks.

Network Protocols

Network protocols form the backbone of communication within and between systems. Extend your commitment to comprehensive security by identifying instances of SNMP, RTSP, and various industrial protocols (DNP3, EtherNet/IP, PROFINET) running on your external infrastructure. This visibility enables you to assess the security configurations of these protocols, implement necessary safeguards against unauthorized access and data breaches, and ensure the integrity and availability of your network infrastructure.

Industrial and Specialized Protocols

Specialized network protocols are often used in critical infrastructure and industrial environments. Thoroughly identify these protocols, including DNP3 and EtherNet/IP, to fortify vital infrastructure and safeguard industrial control systems against unauthorized access and potential disruptions. Gain a complete overview of your network's attack surface, even in specialized environments.

Custom Port Scanning

Go beyond standard service discovery and take complete control of your subdomain investigations. With custom port scanning, you define the scope. Input your list of ports to uncover potentially exposed infrastructure that conventional scans might overlook. This unlocks endless possibilities, allowing you to identify:

Proprietary Applications and Services

Uncover internal tools, custom protocols, or non-standard services running on unexpected ports.

Shadow IT Systems

Detect unauthorized services or applications running on your subdomains without your knowledge.

Development and Testing Environments

Identify development servers, staging environments, or temporary infrastructure that might be inadvertently exposed.

Misconfigured Services

Uncover services running on non-standard ports due to misconfigurations, which could introduce security risks.

By tailoring your scans to your specific needs and concerns, you better understand your subdomain landscape and uncover hidden risks that could otherwise go undetected.