Red Sift ASM & Red Sift Certificates: the missing link in your CTEM strategy
by Billy McDiarmid
According to Gartner, Attack Surface Management (ASM) refers to the “processes, technology and managed services deployed to discover internet-facing enterprise assets and systems and associated exposures which include misconfigured public cloud services and servers.” This broad category of tooling is used within Continuous Threat Exposure Management (CTEM) programs, with many vendors within it having their own flavor of ASM. However, despite the breadth of offerings on the market, a lot of vendors have gaps in functionality that make the steps of a CTEM program—Scoping, Discovery, Prioritization, Validation, and Mobilization—difficult to achieve.
Red Sift ASM & Certificates are focused on first class asset discovery, comprehensive configuration monitoring, and in-depth analysis of network and security standards.
Why do we focus on this?
Configuring security features on web and email services is hard.
What’s the impact?
This lack of oversight means that misconfiguration and misalignment are rife. There are frequent costly outages, severe impacts on performance, as well as unknown security exposures. Infrastructure and applications are often exploited through man-in-the-middle (MITM) attacks, SSL stripping, cookie hijacking, protocol downgrades, domain and subdomain takeovers, cross-site scripting, injection attacks, and more. Development costs have increased because systems are not deployed securely by default, and are instead secured after the fact, often forcing developers to go back to fix already-deployed systems.
This level of poor security posture erodes customers’ faith, and creates damaged reputations, regulatory issues, compliance issues, penalties, increases insurance costs, and leads to lost business.
Recommended by LinkedIn
Why do other ASM tools not help with these types of attacks?
Many ASM tools lack good visibility of external infrastructure and often prioritize CVEs—publicly disclosed cybersecurity vulnerabilities—instead. While addressing CVEs is important, this focuses on what is wrong now rather than what can be improved on for the future. This view ignores misconfigurations and misalignments that lead to the types of attacks mentioned above. In addition, they often provide less comprehensive results because their data is not refreshed continuously or in real-time, resulting in out-of-date results.
ASM tools often ignore the importance of certificates too. A healthy certificate estate is a key way to mitigate MITM attacks and avoid service downtime. Expiration monitoring in ASM tools is either unavailable or poorly implemented, and often important metadata is missing.
Red Sift ASM & Certificates: the missing link in your CTEM strategy
We think Security and Engineering people deserve better.
Red Sift ASM & Certificates continuously discover, inventory and help manage your business’s critical external-facing and cloud assets. They allow you to get a view of your entire attack surface – including assets you didn’t know existed. This enables you to be aware of and remediate configuration risks before bad actors can take advantage.
Red Sift ASM & Certificates continuously scan domains, hostnames, and IP addresses so that data is always fresh. You can then build an inventory of your external-facing and cloud assets without spreadsheets or manual processes, as well as connect to cloud providers, certificate authorities, registrars, and managed DNS providers to import and monitor all of your assets.
Real-time internet activity feeds identify new properties that belong to you and automatically add them to your inventory. This provides you with in-depth, real-time data about each asset, making it straightforward to take action as soon as a misconfiguration or unmanaged asset is identified. The ability to provide an organization’s full asset inventory, and monitor it in a continuous and real-time manner, is something that other tools are not capable of at such a comprehensive level. To find out more, visit our Red Sift ASM and Red Sift Certificates web pages.
IT Transformation, Cyber Audit and Regulatory Compliance.
7moJorge Montiel M. Presenting at eCrime Nordics in Stockholm. Educating Nordics customers on Cyber Resilience.