External Asset Discovery

Many organisations have made a substantial investment in network based security analysis tools. For those with more complex, diverse, and distributed IT infrastructures a major challenge in making effective use of internal tools is simply knowing where to point them. It is a common scenario: you have thousands of services spread around the globe that span a wide range of on-prem SaaS, and cloud based hosts. In front of you is a dialog box from your corporate scanning tool and it is asking for an IP range, what are you going to type in?

Our External Asset Discovery service is designed to provide a comprehensive view of the assets that make up your organisation’s external attack surface. This data can be used to significantly increase the ROI from existing tools. Having a clear view of which assets are externally reachable can also add focus to internal penetration test or red-team activities and can provide critical risk input to any vulnerability remediation or patch deployment processes.

Our standard External Asset Discovery offering includes:

  • Internal use of our EdgeScope tool to discover your organisation’s external attack surface. We can constrain the engagement to specific locations or areas if required.

  • Production of a machine readable report covering the discovered attack surface. By default this is a JSON file listing active hosts ports, services and known host names for all live assets in your attack surface. We can provide this in an alternative format to suit any existing security tools or processes.

  • If required, we can also include a set of matched components and vulnerabilities in the surface report.

  • We are also able to provide results for a custom surface search, such as reporting all instances of a specific string or a regular expression match from all external assets. This can be used for a range of vulnerability analysis and compliance purposes.

We can offer this service as a single one-off engagement or can provide a regular set of updates as your attack surface evolves. If you are looking for a continuous attack surface data feed then we can also offer a custom API to enable external asset date to be integrated into your existing analysis tools.

If you would like a quote for this service, or would like to discuss any specific requirements, then get in touch.