Faraday Blog

In Security, the concept of attack-surface (or attack surface) refers to the set of entry points that an attacker can use to access a system or application and carry out an attack. In other words, it is the complete map in which a system or application can be violated. They may include software vulnerabilities, insecure configurations, unauthorized access, open ports, application programming interfaces (APIs), among others. The larger the attack surface of a system or application, the greater the risk that an attacker could exploit a vulnerability and compromise the security of the system.

We have just released a YARA to detect vulnerable images of Acropalypse in scale. We also added a sanitization script to remove extra information from PNG files.

In this second part (part one), we will show a step by step of a security analysis having in mind a basic methodology:
- Perform a passive recognition of the target
- Go through an active recognition
- Identify vulnerabilities coming from an automatic scanning
- Exploit these vulnerabilities
- Wrap up with an executive report

We are excited to announce the release of our latest update, packed with several new features and improvements designed to enhance your vulnerability management experience

Whether your IT department or security team needs to operate and protect your system and data, vulnerability management tools are the way to go. They offer the best way to coordinate and automate the process from beginning to end. It is what is called Orchestration. It is one of the key concepts to bear in mind when doing vuln management..

We started 2023 with fresh and new fixes. One of the most awaited features in this release is the "Trending" category to the enrichment field to help you perform a much more accurate risk score.