As businesses migrate to digital channels to improve their product offerings, promote business and enhance customer and employee engagement, their online presence and attack surface simultaneously expand—opening doors to brand misuse and even data theft. In order to address this mounting business issue, WhiteHat Security, the leading application security provider committed to securing digital business, announced it has partnered with RiskIQ, the global leader in digital threat management, to offer threat defenders complete, point-in-time snapshots of their brands’ online presence beyond the firewall.
The relationship leverages RiskIQ Digital Footprint Snapshot technology to expand the reach of the WhiteHat Discovery tool, used to find and catalog businesses’ web applications and assets, from within the corporate network to across the entire internet.
Digital attack surfaces are comprised of known, unknown, unsanctioned, poorly maintained and lost internet-facing assets, such as web pages and social media profiles, that may contain vulnerabilities open to cyber-attack. Given building breach, reputation and privacy compliance risks, security teams must have the ability to map, inventory and monitor business-relevant assets outside the firewall.
Now with RiskIQ Digital Footprint Snapshot, WhiteHat Discovery customers can access a timestamped, automated discovery and detailed inventory of external assets that comprise an attack surface. The resulting report allows enterprises to discover and understand unknown, rogue and exposed internet-facing web assets, apps and infrastructure across diverse domains, ANS, IPs, hosting sites and service providers that are connected with their organization. The information contained in the snapshot can be used by vulnerability management teams to augment and enhance vulnerability assessment tools and asset inventory systems.
Benefits of the enhanced WhiteHat Discovery solution include:
- On-Demand – Extensive, active internet reconnaissance capabilities enable you to package cost-effective, point-in-time external asset intelligence reports for your organization
- Automated – Automatically generate a list of assets that are connected to your organization based off a keystone owned asset and WhiteHat Discovery’s observed historical data and advanced algorithms
- Extensive – Drill down into each asset and see details like IP address, hosts, ownership information, server type and components and frameworks running on the asset
- Actionable – Online reports can be shared internally and allow for external asset data export via CSV into popular vulnerability, GRC and asset management solutions
“WhiteHat is known for its ability to provide an extensive view of assets, and by partnering with our team, customers will have more visibility and an unobstructed view into their digital presence, making the pertinent data easy to see and, therefore, manage and protect,” said Lou Manousos, CEO, RiskIQ. “Greater than 80 percent of data breaches are due to external threats, which means that even if you have an active approach to identify vulnerabilities you are only addressing a portion of the risk.”
“Every day, we are faced with newer, more advanced technologies to make our digital lives easier; however, with that advancement comes the development of new threats that exploit related vulnerabilities. So, if you don’t know what your attack surface is how can you effectively protect it?” said Craig Hinkley, CEO, WhiteHat Security. “WhiteHat has the reconnaissance to help businesses implement a sophisticated examination of digital assets, and now we are partnering with RiskIQ to make that evaluation even faster, automated and complete.”