Why you should care about your expanding attack surface
An attack surface in the realm of information security is the variety of ways a given asset can be interacted with and, therefore, potentially attacked. Maintaining a minimal attack surface is a fundamental part of any information security program.
As organizations evolve and related infrastructure becomes more complex, it is challenging to keep track of one’s internet-connected assets. In the past, it may have been sufficient to simply walk into a server closet and count, or utilize an asset inventory system to produce a list of assets. With virtualization, cloud computing, mergers and acquisitions, bring-your-own-device (BYOD), the Internet of Things (IoT), and other advancements in rapid development and technology, information security professionals are facing complicated asset sprawl. An increase in the number, diversity, and complexity of assets results in an increased attack surface and therefore more potential risk to organizations.
Fortunately, Rapid7 has something that can help: Project Sonar and InsightVM Sonar Attack Surface Monitoring.
What is Project Sonar?
Project Sonar is an internet scanning project that regularly examines assets exposed on the public internet. For several years, the project has been collecting vast troves of metadata related to assets on the public internet. The metadata is collected from two different sources: endpoint scanning and the global domain name system (DNS).
Metadata from endpoint scanning
With endpoint scanning, Sonar connects to a given port and protocol on all public IP addresses —for example, 80/TCP for default HTTP—and then interacts with the service. The results of these interactions include metadata that can be ..
Support the originator by clicking the read the rest link below.
