Have you ever come into the office on a Monday and were completely surprised by your boss asking about some new public facing zero-day that was released over the weekend? How would they react if you had no idea what they were talking about? How would they react if you both knew about the new vulnerabilities, which assets were affected and already started the remediation process?
In this blog post, we are going to discuss an external scanning strategy that you will want to implement with your InsightVM deployment to help with this very question.
External scanning, public scanning, or attack surface scanning is when your external- or public-facing assets are scanned from an external scanning engine to get that hacker point of view. These systems are especially in danger, as they are exposed directly to the full force of internet-based hackers from around the world. For this reason, these external assets need to be prioritized for immediate resolution, especially when new critical vulnerabilities show up.
This is a five-part workflow, including Attack Surface Monitoring with Project Sonar, setting up an external scanning engine, site setup, alerting, automated actions, and vulnerability reporting/remediation.
Step 1: Set up an external scanning engine
There are a few different ways to get an engine that can scan your external attack surface from the hacker point of view. The easiest way is the Rapid7 shared hosted engine, which is as easy as a call to your CSM. You could also set up a scan engine in a remote data center or hosting ..
Support the originator by clicking the read the rest link below.
