Services to secure your Internet Edge.

Our experts provide the knowledge, experience, and operational guidance you need to secure your Internet Edge.

Expanse’s services provide proven methodology, expertise, tools, and education to help ensure your organization’s success. From enablement and beyond, your Technical Account Manager, backed by Expanse Cyber Risk Analysts and Data Scientists, helps you continually derive business value from your investment and reduce your Internet Edge risk.


Classification of Customer IP Ranges

IP Address
 Business Mapping

Understand assets and their relationships to your organization to prioritize exposures and remediate them quickly.

Exposures are prioritized depending on what part of an organization they fall under. For example, a core asset communicating with a potential command and control (C2) node is higher priority than an unmanaged asset. Understanding how assets map to an organization is critical for identifying ownership, leading investigations, and shortening exposure window lengths. Expanse provides this asset context so that customers can understand their highest priority exposures and remediate them efficiently.

IP Address Business Mapping provides context:

  • IP addresses are validated as organizationally-owned assets
  • IP addresses are classified by organizational unit
  • The point of contact responsible for each IP address is identified
Customer exposures over time

M&A Diligence

Assess target Internet Edge health before subsuming its risks.

Companies are targeting aquisitions without having full visibility
into the target’s assets to be integrated into their security ecosystems and the risks they’re acquiring as a result. An M&A Diligence report from Expanse can ensure your company is paying the right price, IT is allocating enough resources for integration efforts, and Compliance and M&A Security are accounting for all risks they’re subsuming.

M&A Diligence reports uncover:

  • Subsidiary network mapping, including identification of all IP addresses, domains, and certificates attributable to the subsidiary
  • The number of assets the subsidiary’s IT team did not know about
  • The number of critical exposures across the subsidiary’s network
  • The types and characteristics of those exposures, including those that are most risky
  • Compliance with your company’s IT policies
Supplier exposures this month

Strategic Supplier Diligence

Protect your supply chain and strategic partners.

Companies are partnering with strategic suppliers without having full visibility into the supplier’s risks that they’re subsuming as a result. A Strategic Supplier Diligence assessment from Expanse can ensure that CISOs and compliance leaders have an accurate and current understanding of their strategic business partners, context behind evaluations of supplier security and their specific risks, an improved security ecosystem through escalation of identified security risks with the suppliers, and complete visibility into the organization’s Internet Edge.

Strategic Supplier Diligence reports illuminate:

  • Strategic supplier network mapping to identify all IP addresses, domains, and certificates attributable to your suppliers
  • The number of critical exposures across your strategic supplier’s network
  • The types and characteristics of those exposures, including which are riskiest
  • Flow analysis to identify risky policy violations, such as unencrypted communications with your strategic suppliers
Outstanding assets unsuccessfully divested

Divestiture Diligence

Know that you’re not leaving assets behind.

Companies are unsuccessfully divesting subsidiaries, and the result is that assets are still comingled and present security, brand, and legal risks. A Divestiture Diligence report ensures that IT is properly divesting assets.

Divestiture Diligence reports include:

  • Divestiture network mapping to identify all IP addresses, domains, and certificates attributed to the divestiture
  • Identification and tracking of divestiture status, including co-mingled items that contain both divested and parent organization assets
  • Flow analysis to determine if systems at the parent company and the divested entity are still regularly communicating when they shouldn’t be
Multi-Hop Flow Analysis

Threat Hunt

Investigate potentially malicious network behaviors beyond your firewall.

Expanse provides rapid analytical support to defensive threat hunt and incident response missions, producing actionable leads based on minimal initial indicators of compromise or digital signatures. We start with trace evidence – even a solitary fact – and build associations between that evidence and all other Expanse data across the global Internet. This includes device identity, configuration, and related flows.

Threat Hunt assistance includes:

  • Enumeration of all assets on the public Internet that share digital signatures similar to the indicators of compromise (IOCs)
  • Discovery of communications between intrusion set assets, as well as with potential command and control (C2) nodes
  • Identification of attempted communications between intrusion set assets and those on your network
  • Multi-hop enumeration of an intrusion set’s campaign infrastructure
  • Surfacing of new intrusion set signatures that may have been previously unknown