Expanse - Know Your Unknowns

Expanse Debuts New Product to Detect Supply Chain Vulnerabilities and Drive Operational Improvements

Expanse Inc

By Expanse Inc, 10.15.2019

SAN FRANCISCO, Oct. 15, 2019Expanse, the leader in Internet Operations Management for IT and Security, today introduced its newest product offering, Expanse Link. Expanse Link enables global organizations to manage their strategic suppliers by accurately identifying and managing a strategic supplier’s Internet assets and risks. With continuous visibility across the supply chain, organizations can drive operational improvements that reduce risk for both the organization and the supplier. Expanse Link is used to secure the largest and most complex supply chains in the world, including those of the U.S. Department of Defense.

Suppliers can pose significant operational and strategic risk to the organizations they work for. These risks include business interruption in the event of an attack on a supplier, loss of sensitive data or intellectual property shared with the supplier, or attacks that use supplier networks as a stepping stone into the organization’s network. Organizations have employed various strategies for supply chain security, but none have provided the continuous visibility needed to drive operational change and improve security outcomes throughout the supply chain.

“Most breaches that disrupt operations start with an exposed Internet asset, which unfortunately means that organizations face substantial risk of disruption to their own operations when these risks occur on the networks of their strategic suppliers and business partners,” said Matt Kraning, co-founder and CTO of Expanse. “Without a complete identification of all strategic suppliers’ Internet assets and global communications, and a lack of tools and services to manage those assets, parent and supplier organizations risk being compromised. The Expanse platform provides a one-of-a-kind global Internet perspective by continuously tracking all publicly routable assets and services, as well as configuration and communication details to maintain an effective and secure supplier infrastructure. Expanse Link extends this visibility to strategic suppliers so the parent organization can hold them accountable to the same standards they insist on for themselves, as well as help their suppliers rapidly identify and fix problems they would not have been able to find on their own.”

As a platform for shared governance between an organization and a strategic supplier, Expanse Link makes it possible for organizations to assist suppliers with remediation as well as to hold them accountable for security and policy lapses. The product uses proprietary mapping technology to discover Internet assets and services relating to the supplier across registered ranges, commercial IP space, and dynamic cloud environments, as well as detect risky and out of policy network communications from any part of the network of any supplier. This data is then surfaced in a web portal and RESTful API, enabling organizations to integrate information about their supply chain into existing tools and processes. Organizations can then review, triage, and monitor any exposures or policy violations. 

Key capabilities of Expanse Link include:

  • Complete discovery of Internet assets on-premises and across all cloud providers, leading to full visibility. 
  • Accurate attribution and full data transparency so that suppliers and parents can quickly determine if an exposed asset is business critical. 
  • Daily data updates to quickly verify remediation. 
  • Remote detection of risky and out-of-policy network traffic across all global supplier networks without installing or configuring any local sensors.

For more information on Expanse Link, please download the white paper Identifying and Managing Strategic Supply Chain Risk, read our blog, and register for the webinar scheduled for Nov. 6 at 10 a.m. PT/1 p.m. ET.