Attack Surface Management Service

 

Investigate entry points of attack and reduce cyber-attack risks

Changing attack surface in zero-trust network

As corporate networks shift towards zero-trust thanks to increasing cloud use and teleworking, the entry points of malware (including ransomware) are also shifting. Moving from USBs and emails to network devices, cloud services, VPNs, and remote desktops is causing increasing damage. 

Attack Surface Management (ASM) service reduces the risk of cyber-attacks by looking into IT assets (servers, network devices, clouds, etc.) that could be targeted by cyber attacks, reporting on their vulnerabilities, and identifying ID information exposed on the Internet.

alex-kotliarskyi-QBpZGqEMsKg-unsplash-1

Investigate entry points from the attacker's point of view


Attack Surface Management service uses the OpenSource INTELLIGENCE (OSINT) method to investigate open IT assets directly connected to the Internet, such as public servers and VPN gateways, as well as credentials (user IDs and passwords) leaked on the Internet. As cyber attackers use the same method to surveil target organisations,  you can act as one of them to investigate the entry points of attacks and security risks of spoofing and take countermeasures for more urgent ones. Only the domain name is required for investigation, so it is possible to investigate your company's security risks and the entire supply chain, including overseas offices, group companies and business partners*.

*Supply chain surveys are carried out with the consent of the related companies.

Artboard – 2-1

Open assets that could serve as entry points

(VPN/RDP/SSH/vulnerability etc.)
Artboard – 3-1

Web login page

Artboard – 4-1

Compromised ID/password

TWO TYPES OFFERED

Specialist survey service & Continuous cloud management

Service Menu

Service Description

 

One-shot survey service by experts

  • Inventory of open assets
  • Vulnerability risk management
  • Detecting unauthorised access
  • Security risk measures for supply chain

 

Survey reports for the current situation and measure proposal

  • Survey: Open IT assets, software vulnerabilities, open ports, access-uncontrolled login pages, and compromised accounts
  • Online debriefing (optional)
  • Open price

 

Attack Surface Management cloud and investigation services

  • Continuous risk monitoring
  • Monitoring changes after one-shot survey

 

Hybrid version of one-shot service and ASM cloud

  • Annual survey service
  • ASM cloud operation and management done by customers
  • Open price