Randori and IBM Plan to Join Forces to Tackle Growing Attack Surface Risks
Attack surfaces are growing faster than security teams can keep up – to stay ahead, you need to know what’s exposed and where attackers are most likely to strike. You need an attack surface management platform. With cloud migration and the work-from-home boom dramatically increasing the number of external targets, being able to prioritize your attack surface from an attacker’s perspective has never been more urgent.
If an attacker comes from an external position, they aren’t going to exploit an IP address, hostname, or port. They will attack the underlying software exposed to the internet. Randori discovers these targets, and prioritizes them for remediation using a patent-pending Target Temptation model. This model considers how the software is deployed, vulnerabilities and weaknesses, and post-exploitation potential if the service is compromised.
Attack surface management (ASM) solutions provide an external attacker’s perspective of an organization’s attack surface – discovering and continuously monitoring the targets, services, IPs, domains, networks, hostnames, and other artifacts attackers see when targeting your business. With this new perspective, organizations can reduce their attack surface, prioritize remediation efforts based on the likelihood an asset will be attacked, and manage and report on their external security posture over time.
Black-Box Reconnaissance: Any ASM solution must automatically discover the external assets an attacker can see – this includes IPv4, IPv6, Cloud, and IoT Assets. Unlike asset management solutions, there should be no need to provide IP address ranges or other asset information to get started. Your domain name should be sufficient. Randori’s patented center-of-mass approach finds assets others miss and starts with only an email.
Continuous Monitoring: Your attack surface is dynamic; your ASM solution must be too. Assets come and go; ASM solutions must continuously monitor and track these changes and quickly alert users when a critical issue is found. Randori’s global network of dynamic cloud infrastructure is constantly monitoring to provide you the most authentic view of your external attack surface.
Shadow IT Discovery: Gartner estimates 1/3 of breaches will start with unknown assets. ASM solutions should make it easy to identify any assets you were not previously aware of by integrating with asset management solutions and supporting policy-driven rule & prioritization workflows. Randori’s rich integrations and policy-driven rules engine make it easy to automate the discovery of Shadow IT.
Risk-Based Prioritization: Not all assets have the same value to your organization or attackers. Any ASM should automatically provide an external threat assessment, identifying the most tempting issues to attackers. Leading ASM solutions go further, giving users rich capabilities for real-time risk-based prioritization. Randori’s prioritization engine combines the attacker’s perspective with business value, business impact, existing security controls, and remediation status to build a stack-ranked list of your most risky targets.
Bi-Directional API & Enterprise Integrations: Leveraged by vulnerability management, threat intelligence, and security operations teams, ASM solutions must enable teams to integrate into their daily workflows. Bi-directional APIs and the ability to integrate with SIEM, SOAR, asset management, and ticketing systems are critically important. Randori’s REST API and integration ecosystem make it easy to embed the attacker’s perspective.
Less Noise: Like real attackers, Randori is focused and targeted. While other ASM vendors index the entire internet, drowning you in false positives – we focus on uncovering your unique attack surface. For your overworked security team, this means less noise and more time for action.
Better Prioritization: You’ll always have more vulnerabilities than you can patch – the key is identifying the ones that intrigue hackers. Randori’s Target Temptation model identifies your greatest risks and raises them to the top – ensuring your team is tackling the right problems.
Enterprise Ready: Don’t just identify issues – act on them. Randori’s rich APIs, built-in reporting and integration with partners make it easy for your team to turn insights into actions.
Penetration testing, or pen testing, is the practice of testing a computer system, network, or web application for potential security vulnerabilities that an attacker might
IPv6 is big. Very big. Thanks to a 128-bit address format, there are 2^128 possible IPv6 IP addresses. To put this in perspective, astronomers reckon
For many, the concept of “the internet” conjures up an idea of a digital world, separate from our physical one and existing “somewhere out there.”
