Out of Stealth: Introducing Randori Recon

Randori: Frequently Asked Questions

Why are you building the world’s most authentic attack platform?

To help defenders train as they fight. Many security teams today don’t have the opportunity to spar against a motivated, well-funded adversary. We want to make this accessible to teams of all sizes, so that security leaders can easily understand their risk, communicate accurately across the company, and do this in a continuous, sustainable manner.

How long is my Free Trial?

When you sign up for a Free Trial, or request a Recon Report, we need approval from your organization to start black-box discovery on your Internet-facing environment, and want to understand your desired use-cases and timeline for the project.

Our standard trial is 30 days, during which you have full access to Randori Recon to understand your attack surface and see any changes.

What information do you need from our company to begin onboarding?

The Randori Recon Platform is completely black box and automated. We only need your corporate email address. You do not need to provide any IP address netblocks or asset lists.

What types of companies are best suited for Randori Recon?

Recon is best suited for any organization that wants to continuously understand their Internet-facing attack surface. If you’re trying to understand how an attacker would view your network amidst a cloud migration, a cadence of mergers & acquisitions, or during a seasonal transition, sign up for a free trial here.

Can Randori Recon discover infrastructure or attack surface hosted on Google, Azure, AWS, etc?

Randori Recon automatically discovers both on-premise and cloud hosted infrastructure. Recon uses several custom and open source intelligence (OSINT) gathering techniques, such as querying TLS certificate transparency logs, to understand your comprehensive attack surface.

Does our company need to notify our hosting or cloud providers about Randori’s Recon activity?

No, this is not necessary.

How often is Randori Recon gathering data?

Randori Recon scans continuously. As your perimeter is discovered, Randori Recon will both follow new breadcrumbs and continuously monitor previously discovered elements. With this methodology, there’s typically a larger number of actions starting out, followed by a smaller number of periodic actions. Randori Recon will automatically alert you of important changes to your perimeter over time.

How can the Randori platform integrate with my security stack?

The Randori platform has an API which can be used to programmatically access any data found by Randori Recon. Customers typically use the API to send this data to their existing SIEM for a centralized workflow and log management experience.

How does Randori safeguard my customer data?

Every component of the Randori Platform is uniquely credentialed and authenticated. The platform has been designed with an assumption of breach, and as such, components cannot retrieve information about a particular client without both component authentication and a signed user request. We apply the same “train as you fight” approach to our own platform and company network, with a combination of attack surface monitoring, preventative controls and segmentation, security awareness training, and internal red team activity.