Detectify announced a new Domains page and major improvements to existing capabilities for setting custom attack surface policies.
These updates bring control over attack surface data and enable organizations to seamlessly configure alerts for policy breaches based on their unique definition of risk, a feature unmatched by any other player in the EASM space.
Attack surfaces keep growing and becoming more diverse, making it increasingly challenging for organizations to obtain and make sense of the most relevant insights from their attack surface data.
Security teams highlight the need to identify and reduce risks unique to their business context.
Detectify users see an average of 300 breaches per set policy.
Over 70% of active policies today focus on spotting risky open ports, with 60% specifically alerting on any detected ports other than 80 or 443.
This emphasizes that identifying areas of the attack surface that could be improved, such as open ports, is key for security teams.
Their complete attack surface, at a glance: Security teams need a complete grasp of their attack surface evolution to support incident investigations or find out how their domains are exposed.
The new Domains page provides a complete view of all monitored domains within the attack surface with continuously attributed data to each domain, consisting of IPs, cloud providers, and even fingerprinted technologies over a period of time.
Customizable attack surface data based on their workflows: Security teams require continuous monitoring of exposures to take action on those issues in future occurrences.
Customers can now directly create customized policies for their attack surface data through the new Domains page when spotting anomalies.
This innovative workflow allows them to set up alerts for breaches aligned with their specific risk definitions, a capability not offered by any other EASM product.
Risk management that reflects their business context: Among security teams' jobs is the need to remain informed about the evolution of their attack surface, identify exposed elements, and pinpoint specific assets affected by exposure according to their unique risk definition.
The new Domains page enables users to assess potential exposure risks and set security policies based on completely new characteristics.
Detectify's new Domains page and enhanced Attack Surface Policies are now available to all Surface Monitoring customers.
New data points will continue to be released to the Domains page, which will further expand the specificity of security policies that users can create and receive alerts for.
Teams will soon be able to integrate alerts into their existing workflows through the Detectify API and Integrations platform.
This Cyber News was published on www.helpnetsecurity.com. Publication date: Mon, 27 May 2024 13:43:04 +0000