In the era of DevOps and agile methodologies, where delivery speed and constant innovation are commonplace, effective security management becomes more critical than ever. This is where ‘Attack Surface Management’ (ASM) comes into play, aiming to detect, identify, and manage vulnerabilities that may arise on a day-to-day basis, but continuously.
At Faraday, we’ve developed ‘First Scan’ using Open Source technologies to assist our customers in taking their initial steps in cybersecurity. It helps visualize, identify and track the level of exposure a company has and the associated risks. First Scan scours the web for footprints of the company’s exposed domains and subdomains, providing clear and precise information about the state of the attack surface.
First Scan is the primary tool used by our red team and is born from the methodology they employ for their offensive tasks. This methodology consists of the following pillars:
Asset Identification: Using different strategies, we attempt to understand and detect where the infrastructure is located, what technology it employs, and what services are exposed.
Assessment: Once a list of assets and services is created, we proceed to identify possible flaws or insecure configurations of the services, allowing for rapid mitigation of potential vulnerabilities introduced in day-to-day operations.
Prioritization: Not all risks are equal. We discover the most critical ones and prioritize them based on exploit ease and potential impact.
Risk Reduction: First Scan aids in implementing strategies to reduce our attack surface: security controls, vulnerability patches, and applying best practices in our daily operations.
Continuous Securing: ASM is a frequent process that adapts to natural changes in engineering teams and provides rapid security feedback.
Even large companies with complete and efficient security teams are vulnerable. In this sense, what remains for much smaller start-ups without dedicated security teams?
In this context, at Faraday, we’ve decided to offer a unique, quick, and secure way to scan one or multiple domains and discover the weak points where attackers could infiltrate.
The questions are: Did you know how big your attack surface is? When was the last time you checked how exposed your infrastructure was?
