Digital Risk Protection
Reduce the chance of successful compromise by finding weaknesses before attackers do
  • Asset Identification
  • Risk Awareness
  • Threat Intelligence
  • Exposure Monitoring
  • External Attack Surface
  • Dashboards
  • Reporting
  • Security Posture

Schedule a session with an engineer to determine how you can benefit from Discovery. Available in cloud-based or on-prem solutions.

Data Sheets

Identify Gaps. Reduce Risk. Worry Less.

59% of IT security teams claim that they are not effective at identifying and closing gaps in IT security infrastructure. Even if penetration tests are conducted in a timely manner, results become outdated the moment they're received. Thus, companies need to always have updated information and be able to see the infrastructure through the lens of an attacker to ensure it's well protected.

Introducing

Unlike an annual penetration test that becomes out-of-date once concluded, DISCOVERY is an automated solution that continuously assesses and monitors your users, networked environment, and brand for weaknesses ("just as an attacker would") 24x7x365 days.

Key Features

Asset Identification

Machine assisted analysis to rapidly identify organizational assets.

Risk Awareness

24x7 monitoring for issues to promptly notify about infrastructure-related risks.

Threat Intelligence

Analysis of IoC feeds and potentially typo-squatted domains to provide actionable insights.

Attack Surface Visibility

Understanding of your organization’s external attack surface, identifying the full scope of vulnerabilities, technologies and assets connected to your infrastructure.

Dashboards

Visualization of identity's security posture to easily define which require the most attention.

Reporting

Support of technical and leadership reports to communicate overall cyber health state and trends of identities assets.

HOW IT'S DONE

Our Capabilities

01

Identify

Discovery assures you always have the full and up-to-date enumeration of your infrastructure to take action before the actual breach occurs.

02

Assess

Discovery enriches the information about your infrastructure by determining installed technologies and identifying vulnerabilities present.

03

Monitor

Discovery monitors every aspect of public infrastructure so that your IT / SOC teams will always be aware of what attackers see and recover.

04

Report

Discovery provides reports suitable for different user groups to enable them to follow best practices, patch systems in a timely manner, and identify and remove weaknesses.

05

Defend

Based on the discovered issues, Discovery proposes remediation strategies to focus the effort of IT teams in the most efficient and effective way.

Identity Enumeration

Analyst + machine learning approach to automated asset detection and mapping.

Rapidly identify publicly exposed infrastructure within hours of deployment. Discover what attackers see using tailored crawling, scanning, “dorking”, and integration into other enumeration services commonly used by attackers.

  • Tracks over 800 million of active domains across the globe
  • Monitors over 500 million active IT / OT hosts
  • Stays up-to-date by performing over 8 billion actions per day (ports scanned / pages crawled / certificates retrieved)
  • Maintains database of over 330M SSL Certificates including those not found within the transparency database
  • Leverages patterns of confirmed hosts to identify those that are associated to an identity but perhaps not tracked by or known to IT teams
Schedule a demo
workspace graph
dns firewall dashboard
Assess Vulnerabilities

Leverage passive vulnerability mapping for initial insight and active assessment for confirmation.

Once domains and hosts have been identified, Discovery will attempt to determine characteristics such as hardware, operating system, installed software and patches. Much of this information is made available through running publicly accessible services.

  • Over 100,000 unique product / version detections supported by the system
  • Passive detection of over 12,000 vulnerabilities, and active detection of over 50,000 vulnerabilities
  • Vulnerability assessments are enriched with confidence levels and other metadata such as “can mitigation be detected” to enable easy removal of false positives
  • Integration into National Vulnerability Database (NVD) allows us to notify if a newly published CVE impacts any systems within minutes
Schedule a demo
Maintain Cyber Hygiene

Gain insight into how IT teams maintain public infrastructure.

As Discovery constantly monitors changes within your public infrastructure, it tracks state across days, months, and years. This allows us to provide reports on how your infrastructure changes over time.

  • Identify and monitor publicly visible security mechanisms
  • Identify accessible hosts deployed with default enabled
  • Identify issues with SSL/TLS certificates (traffic encryption)
  • Identify gaps in the passwords policies
  • Identify accounts, which use exposed credentials
  • Monitor suspicious domains to protect the brand
Schedule a demo
workspace graph
dns firewall dashboard
Monitor Network Environment

Customizable crawling and scanning to keep environment up-to-date.

Based on client requirements, Discovery may refresh certain client assets as often as once per minute. By monitoring every aspect of public infrastructure I.T. / SOC teams will always be aware of what attackers see.

  • Identify changes in infrastructure
  • Identify new software installed
  • Identify new hosts / services
  • Identify new indicators of compromise
Schedule a demo
Threat Intelligence

Correlate public and private threat intelligence to public infrastructure.

Check to see if infrastructure is listed in any public IoC / Blacklist feed. Conduct daily checks for typo-squatting type attacks.

  • Typo-squatting detection
  • Technical stack compromise awareness
  • Identify if hosts are associated in blacklists / IoC feeds
  • Over public 160 threat intelligence feeds consumed
Schedule a demo
workspace graph

News and Blog

Our Recent News

Get all the latest updates by subscribing to our newsletters

Lorem Ipsum Dolor
Release

New Release

View More
Cyber Security
Bespoke

Cyber Security Development

View More
Data Sheets
Resources

Datasheets

View More