Black Hat

3 Must-See Sessions at Black Hat 2019

It’s that time of the year again: Black Hat 2019 is almost here. As always, it should be a great event with top-of-the-line keynotes, fascinating sessions, amazing options from the vendor community (Expanse included), and of course an opportunity to mingle with friends and colleagues in the security industry.  

Continue reading

Globe

What We Got Wrong About the Internet

In order to effectively protect our customers, Expanse cultivates a deep understanding of the Internet. We use our global perspective to help our customers understand both what they own that is connected to the public Internet and how to keep their assets secure. Since joining Expanse as a software engineer, I’ve learned about many pervasive, incorrect assumptions related to the history and structure of the Internet – many of which I myself used to hold. These bad assumptions have cropped up throughout the history of the Internet and continue to influence how many think about cybersecurity today.

Continue reading

Cloud Discovery

Cloud Discovery Continues to Be Hot for IT Ops

Over the past decade, IT processes have become increasingly decentralized at most organizations. Because the control of Internet-connected assets is so dispersed, it’s an ongoing challenge for organizations to appropriately manage asset lifecycles and monitor for exposures. Few things have contributed to the decentralization of IT — and the asset management challenges that come with it — more than the rise of the cloud.

Continue reading

Types of Risky Communications You Should Watch Out For

Types of Risky Communications You Should Watch Out For

How do you know who your assets are talking to? If you don’t have visibility into risky communications your assets and employees are engaging in, you can’t secure your network and your data. Subsidiaries and strategic suppliers only make this more complicated, because while you don’t generally have direct visibility into their networks, risky behavior can still negatively affect your security posture.

Continue reading

Common Cybersecurity Issues

3 Security Issues Every Organization Should Worry About

Before joining Expanse as a Cyber Risk Analyst, I worked as a cybersecurity consultant for one of the Big Four auditing and professional services firms. In that time, I got a front-row seat to the security challenges facing enterprises today. I learned to be skeptical of the cyber maturity of the “big guys,” or the large and well-established enterprises that are connected to the daily lives of millions. While working with clients of all sizes across multiple industries, I realized very few organizations have even a decent grip on their actual cybersecurity posture.

Continue reading

Simplify Security with Automated Asset Discovery and Monitoring

Simplify Security with Automated Asset Discovery and Monitoring

A comprehensive understanding of what assets are yours is the foundation of a secure organization. If you have gaps in visibility or assets you don’t know about, then you are at risk. These gaps and unknowns are the footholds that attackers will use to get into your organization.

Because networks change frequently (even daily), the asset list you had yesterday is not likely to be accurate unless it’s being continuously updated automatically. That means that if you’re using a manual process, such as self-reporting and an Excel spreadsheet, you’re already behind.

An automatically populated asset list allows your security teams to pull from a list that is continuously updated, including when infrastructure or configurations change, mergers occur, or new assets are put into production. You can automatically learn when a server or service is exposed, like the accidental exposure of a database to the Internet, a poorly configured remote endpoint running RDP, when the Marketing or Human Resources team launches a new service in an unapproved cloud vendor in Asia, or when your developers stand-up an insecure test or dev system in AWS. These are all potential unknown unknowns and points of entry into your organization.

It’s Time for a Global View of Your Internet Assets

Your existing suite of security tools only secures what they know about. Vulnerability Management tools, for example only scan what is known. Cloud Security Management Platforms, meanwhile, only manage accounts you already know about — you tell them what to watch, and then they’ll watch them.

With Expanse Expander, however, you discover all of your Internet-exposed assets, including those you don’t know about. Those unknowns are often a large part of your exposed attack surface — we routinely discover 30% more assets than a given organization was tracking previously.

We do this by continuously indexing the entire global Internet and collecting data about all the assets we discover. We use customer signatures like certificates, domains, registration information, and more to automatically tie the assets we see back to their parent organization, providing our customers with a complete, outside-in view of their networks and everything that belongs to them. With our new Cloud Module, we can even associate assets in the constantly changing ephemeral IP space back to organizations. We do this across all cloud providers.

Security begins with knowing what you need to protect. Learn more about how to automatically discover and monitor your Internet-connected assets in our latest tech brief:

Increasing Your IQ Around Attack Surface Reduction

Your Attack Surface Problem Is Really an Asset Management Problem

The foundation of effective security is knowing what you need to protect. Without a full inventory of your Internet-connected assets, you don’t have a clear picture of your attack surface. And that means you can’t identify and remediate exposures. While many organizations today may think they understand their attack surface, the truth is that they don’t because of a fundamental breakdown in asset management and governance.

Continue reading

If You Leave it They will Come

If You Leave It, They Will Come

The idea of security through obscurity has been universally rebuffed by laymen and experts alike. Even so, it is still widely relied upon in even the most security-aware organizations. But hiding an asset or vulnerability or weakness from people only works for so long. Eventually, people find it. And those people aren’t always the good guys.

Continue reading

Machine speed attacks create new security risks for remote workforce tech

Machine-speed Attacks Create New Security Risks for Remote Workforce Technologies

RDP and other productivity-enhancing tools leave organizations exposed to attacks on their ever-changing attack surface

In a previous post, we discussed advances in technology that have made it possible to scan the entire public Internet much faster than ever before. Because of these advances, the thought that exposures can simply hide on the Internet is no longer true. You may think that your organization isn’t a target for cybercriminals, but the ease through which an exposure can be found opportunistically means that you may end up a victim anyway.

Continue reading

Quantitative Methods for Assessing Cyber Risk - Part 3

Part 3: Quantitative Methods for Assessing Cyber Risk

Accurately model risk to up-level cyber discussions and evolve security postures

Most businesses are very comfortable assessing risk, whether it be from a project failing, market uncertainty, workplace injury, or any other number of causes. But when it comes to cyber security, rigor disappears, hand-waving commences, and analysts pick a color (red, yellow, or green).

Continue reading

Quantitative Methods for Assessing Cyber Risk Part 2

Part 2: Quantitative Methods for Assessing Cyber Risk

Accurately model risk to up-level cyber discussions and evolve security postures

Most businesses are very comfortable assessing risk, whether it be from a project failing, market uncertainty, workplace injury, or any other number of causes. But when it comes to cyber security, rigor disappears, hand-waving commences, and analysts pick a color (red, yellow, or green).

Continue reading