RiskSense Platform – the industry’s most comprehensive, intelligent platform for managing cyber risk. © 2018 RiskSense, Inc.

SOLUTION BRIEF FOR RISKSENSE ATTACK SURFACE VALIDATION FOR NETWORKS

RiskSenseAttack Surface Validation

for Networks

RiskSense Platform – the industry’s most comprehensive, intelligent platform for managing cyber risk. Page 1

SOLUTION BRIEF FOR RISKSENSE ATTACK SURFACE VALIDATION FOR NETWORKS

Designed to Meet Unique Network NeedsNetworks are complicated, layered, and designed to meet the unique requirements of the business. No two are alike and they constantly change and evolve. Organizations have trouble keeping up with the growing amount of vulnerabilities within their network. Understandably, they also have difficulty identifying when a combination of vulnerabilities provides the possible attack vector to open network segments to more exposure than others. Do you have the manpower, expertise, and experience to quickly assess the most likely attack scenarios across your entire organization? Our customers need immediate results, RiskSense Attack Surface Validation for Networks provides the third-party assessment giving the guidance and next-best actions to remediate and minimize risk.

RiskSense Attack Surface Validation for Networks helps identify, prioritize threats, and provides our clients with immediate results allowing them to secure their business and assets. Networks pose the largest expanding attack surface as organizations grow and adopt new digital business and customer to partner engagement strategies. Vulnerability density is high and it’s important to understand where the true exposure points lie. RiskSense Attack Surface Validation discovers the vulnerabilities most likely to be used by cyber adversaries to infiltrate and exploit organizations. Our services then look at possible opportunities utilizing postexploitation techniques to try to launch successful lateral attack across your organization.

Our depth of coverage provides visibility to common and newly emerged vulnerabilities:

• Configuration Exposures and Open Source Weaknesses• Patching Priorities and Accessibility to Unsupported Technologies• Exposed Services and Protocols• Cryptographic Vulnerabilities

Discovering vulnerabilities is not enough, especially for complex environments. Our services are geared to identify potential attack paths where layered vulnerabilities across diverse technologies allows for progressive business exposure.

Known attack techniques are time-consuming to reproduce, RiskSense has the only AI-assisted penetration testing service that expedites this process. Also, our experts and discipline for attack surface testing led to the creation and sharing of open-source code to the security community that rapidly replicates sophisticated post-exploitation techniques across large scale networks. These unique tools allow RiskSense to focus more on the sophisticated attack vectors that may be present in the network and deliver greater value with our Network Attack Surface Validation services.

External and Internal NetworksRiskSense performs network attack surface validation for organizations ranging in size from small businesses to Fortune 500 corporations. The RiskSense attack surface validation methodology is continuously updated to align with the latest industry and attack trends. It is recommended to perform both external and internal network testing for a true representation of an organizations exposure. Network configuration, micro segmentation and software defined networks allows for more dynamic and complex environments. Businesses need to look at traditional perimeters but also the protected internal assets and data exploring how they may be exposed when a trusted user might venture beyond their role and responsibility.

Exposing Cyber Risk Layer by Layer

SOLUTION BRIEF FOR RISKSENSE ATTACK SURFACE VALIDATION FOR NETWORKS

RiskSense Platform – the industry’s most comprehensive, intelligent platform for managing cyber risk. Page 2

Network Attack Validation PhasesThis service is comprised of five distinct phases, as shown below.

Automated Scanning• OS Fingerprinting• Port and Services Fingerprinting• Vulnerability Identification Missing Patches Misconfigurations• Coding Errors OWASP Top 10 CWE/SANS Top 25 Most Dangerous Software Errors

Penetration Testing• Exploit Development • Vulnerability Exploitation• Attack Vectors• Code Execution• Data Injection and Manipulation• Data Exfiltration

Reporting• Data Aggregation• Threat Correlation• Exploit Documentation

Infiltration VectorLateral Kill Chain

• Vulnerability Prioritization• Remediation Playbooks• Cyber Risk Quantification

Passive Reconnaissance• Darkweb Mining• Environment Scoping

IP Addresses Mapping Web Services Enumeration

Attack Surface Enumeration• Software Attack Surface Web Application User Interfaces

Access Controls URL Crawling/Spidering Business Logic Identification Identification of Input Vectors and Reflection• Network Attack Surface

Target IP AddressOperating System VersionsPorts, Protocols, Services

PHASE1

PHASE2 PHASE4

PHASE3

PHASE5

Phase 1: Passive Reconnaissance: Obtain a comprehensive fingerprint of the client’s test systems through passive recon-naissance. Reconnaissance is used to identify the intelligence attackers can collect through passive means, without triggering alerts on organization security devices.

Phase 2: Attack Surface Enumeration: Enumerate the sum of an organization’s security risk exposure.

Phase 3: Automated Scanning: Use leading network vulnerability scanners to test a targeted network for critical vulnerabilities.

Phase 4: Penetration Testing: Attempt to validate the discovered vulnerabilities manually in order to determine possible methods of network compromise and/or access to sensitive data. Our team utilizes multiple post-exploitation techniques to properly demonstrate the nature and potential consequences of a breach.

Phase 5: Reporting: Collect all evidence in the form of screenshots, requests, responses, and commands issued during all phases of the assessment. The results with details of the exploited vulnera-bilities, their severity and recommendations for remediation.

RiskSense Platform – the industry’s most comprehensive, intelligent platform for managing cyber risk. Page 3

SOLUTION BRIEF FOR RISKSENSE ATTACK SURFACE VALIDATION FOR NETWORKS

A Clinical AnalysisModernizing Results Delivery – Enhancing ValueRiskSense Attack Surface Validation for Networks leverages the RiskSense Platform as a key component of the service and value we provide to customers.

Network Security Posture Assessment ReportsThe Security Posture Assessment Report provides an organization with an overview of IT infrastructure elements and functional components regarding their vulnerabilities. Internal and external reports are available. These reports include:

• A summary and ranking of the critical areas that anorganization is most likely to encounter. Our risk rankingmethodology categorizes risks as High, Medium, andLow priority based on many factors, including ease ofexploitation, host business criticality, and threatprevalence.

• Penetration Testing Summary detailing the findingsfrom internal and external attempts to compromise IT systems. This report highlights individual vulnerabilitiesor chain of vulnerabilities and the potential attack pathsassociated with them and how they may becomecompromised and the risks associated.

• Results from the Passive Reconassaince, Attack Surface Enumeration, and Automated Scanning stages are delivered through the RiskSense Platform, customers see the progression and depth of coverage this service provides.

• Findings and associated data are passed into the platform, quickly identifying all of the relevant vulnerabilities with risk ranking and remediation recommendations.

• Our clients receive their Network Security Posture Report through the platform allowing them to produce .pdf reports on demand but also drill down on specific focus areas adding in host business criticality to the elements identified in the assessment findings.

© 2018 RiskSense, Inc. All rights reserved. RiskSense and the RiskSense logo are registered trademarks of RiskSense, Inc. SB_RSASVNetwork_07102018

RiskSense Platform – the industry’s most comprehensive, intelligent platform for managing cyber risk.

Contact Us Today to Learn More About RiskSenseRiskSense, Inc. | +1 844.234.RISK | +1 505.217.9422 | info@RiskSense.com

SCHEDULE A DEMOCONTACT US READ OUR BLOG

About RiskSenseRiskSense, Inc., is the pioneer and market leader in pro-active cyber risk management. The company enables enterprises and governments to reveal cyber risk, quickly orchestrate remediation, and monitor the results. This is done by unifying and contextualizing internal security intelligence, external threat data, and business criticality across a growing attack surface. The company’s Software-as-a-Service (SaaS) platform transforms cyber risk management into a more pro-active, collaborative, and real-time discipline.

The RiskSense Platform® embodies the expertise and intimate knowledge gained from real world experience in defending critical networks from the world’s most dangerous cyber adversaries. As part of a team that collaborated with the U.S. Department of Defense and U.S. Intelligence Community, RiskSense founders developed Computational Analysis of Cyber Terrorism against the U.S. (CACTUS), Support Vectors Intrusion Detection, Behavior Risk Analysis of Vicious Executables (BRAVE), and the Strike Team Program.