Intruder, a leader in exposure management, announced an integration with DomainTools, the global leader in domain and DNS threat intelligence, to utilize its DNSDB database and upgrade the Intruder Attack Surface Management (ASM) platform to illuminate customers’ entire attack surface with the best database available for attack surface discovery. Enterprise plan customers are now equipped to automatically detect related subdomains that are not being monitored within an existing exposure management program.
Intruder’s ASM now integrates Passive DNS (pDNS) data to provide broader coverage and visibility on top of their existing capabilities focused on certificate transparency and active domain name system (DNS) data. Security and IT teams can now automatically discover and secure assets that are not already integrated into their exposure management program – and in doing so help combat the threats emanating from the misconfiguration and accidental exposure of Shadow IT.
In the initial pilot program of 60 Intruder customers, 100 percent saw an increase in the number of related subdomains detected by Intruder. 44 percent saw more than 10 additional subdomains detected and 23 percent saw more than 50 detected. For several of the largest estates analyzed in the pilot, access to DNSDB enumerated hundreds of thousands of related subdomains (and in one case over a million). This shows the breadth of the enterprise attack surface that defenders have to deal with, and underpins the essential need for tools like this.
Also Read: KBRA Launches K-SIM Platform for Structured Credit Analysis
“Incorporating DomainTools data into Intruder’s offering is more than just a new advantage for our customers to secure their external perimeters with confidence but an important step in our company’s philosophy,” said Andy Hornegold, vice president of product at Intruder. “Building platforms that handle multiple relevant functions and equip teams to quickly close their vulnerability gaps is far more effective than manual processes or integrations between disparate point solutions. The platformization of security represents a crucial step forward for IT teams to manage increasingly complex infrastructures and fight off increasingly sophisticated attackers.”
Hunting Down the Weaknesses and Threats Caused By Shadow IT
Shadow IT refers to systems developed within an organization which are unknown to the team responsible for security. Though there may be policies to prevent them from being created, there are always ways in which systems slip through the gaps. Unfortunately, these hosts are still discoverable to attackers and even simple weaknesses on those machines will leave organizations both exposed and completely in the dark.
One important element of the battle against Shadow IT is to have tools in place which can enumerate subdomains that are in use by an organization. Developers may be able to create new systems and servers at will, but to make web services accessible and secure, they’ll need a subdomain for the host. Once these subdomains are identified, vulnerability scans help defenders detect weaknesses before attackers do.
SOURCE: Businesswire