Surface Guard

Continuous attack surface discovery and vulnerability analysis

Complexity creates Risk

The seemingly endless flow of critical vulnerabilities combined with increasingly complex, diverse and rapidly changing infrastructure is stretching current vulnerability and patch management processes to breaking point.

The diminishing time window between vulnerabilities being disclosed and exploited also means that teams running these processes are under constant pressure to implement highly complex mitigations in a very short time period.

In these circumstances even the very best people and processes will never deliver complete protection. The combination of complexity, volume of work and relentless time pressures almost guarantees that some things will be missed.

Attackers focus on the Weakest Link

Current attackers are known to target darker corners of an organisation’s infrastructure in order to gain an initial foothold. These ‘shadow’ infrastructure components can range from unknown assets managed by oversees branch offices through to long forgotten infrastructure that was never fully decommissioned.

In other words, the components that are most likely to be missed by current patch management processes are increasingly likely to be the ones targeted by attackers. This is not a coincidence, it simply reflects a change in attacker behaviour that takes advantage of a weak link in an organisation’s defenses.

An exploit Safety Net

Surface Guard is designed to provide an additional layer of defense against exploitable vulnerabilities that are missed by an organisation’s existing vulnerability and patch management processes.

We use a combination of sophisticated attack surface discovery and continuous security monitoring to detect potential security risks anywhere in an organisation’s attack surface. All findings are then manually reviewed and validated to ensure that any noise is filtered out.

Our goal is to only report high confidence and high risk issues. We essentially take the perspective of an Internet-based attacker and will report any issues that we believe such an attacker would attempt to exploit. This provides a low-noise, high-value vulnerability feed that can help our customers to quickly address the most critical issues.

Extra Help When you need it

If you need additional cybersecurity effort then we can also provide bolt-on consulting engagements to augment our standard service coverage.

We can provide independent technical security engagements covering a diverse range of areas including: M&A due diligence, in-depth analysis of specific vulnerabilities or vendor fixes, product security assessments, historic exposure analysis and cybersecurity insurance assessments.

Customers with an active Surface Guard subscription receive a 25% discount on our normal consulting rate for all bolt-on engagements.

Our unique combination of highly skilled security engineers and proprietary automation technology enables us to deliver an effective level of sustained coverage at a highly competitive price point. The table below outlines our normal Surface Guard service levels, we are also happy to provide customised coverage levels to meet specific customer requirements. The service is provided on an annual subscription basis.

*Prices are provided as a guide only, the actual price will depend on the size and complexity of your infrastructure. Engagements are subject to our standard terms of service.

Get in touch today to see how Surface Guard can help to keep your business secure. We are always happy to discuss specific requirements and are committed to providing balanced and technically informed guidance on the best way forward.

  • +44(0)1487 404302

  • sales@secmatics.com.

You can find other contact options on our Contact Page and more details of our standard services on our Services Page.