Asset Discovery in India – Redhunt Labs

1. Home About Us Products Resources Career Blog Contact Us Email Us Untracked Assets and their Risks – Discussion with Cybernews Home / Blog / Attack Surface Management / Untracked Assets and their Risks – Discussion with Cybernews  Shubham Mittal  14 February, 2022 What are you loo Search Untracked Assets and their Risks – Discussion with Cybernews ALL CATEGORIES Nowadays, securing and managing a company’s digital footprint has become an even more difficult challenge. With so many subdomains, code repositories, and applications, some untracked assets are bound to be overlooked. As the attack surface expands, visibility of the complete landscape is essential to keep an organization’s assets safe. Attack Surface Management Business CISOGuides News & Announcements Pentesting Press-Release Project Resonance Security Best Practices Security Risks Technology Tips Tool-Release LATEST POST 6 Reasons You Need to Manage Your External Attack Surface Attack Surface Management – Risks of an Exposed Docker Image Nowadays, securing and managing a company’s digital footprint has become an even more difficult challenge. With so many subdomains, code repositories, and applications, some assets are bound to be overlooked. As the attack surface expands, visibility of the complete landscape is essential to keep an organization’s assets safe. Analysing Misconfigured Firebase Apps: A Tale of Unearthing Data Breaches (Wave 10) Scattered and unsecured assets can often prove to be attractive entry points for an attacker. Attack Surface Management – Risks of an Exposed Service / Port  Sudhanshu Chauhan Director & Co-Founder, RedHunt Labs OpenSSL v3: Two High- Priority Patches and A Week of Horror That’s why various cybersecurity tools, including penetration testing, exist to protect companies from cyber threats. To discuss penetration and other cybersecurity, we invited Sudhanshu Chauhan of RedHunt Labs – a company on a mission to discover and eliminate risks that can often go undetected. BLOG ARCHIVES What was the journey like since your launch back in 2019? March 2023 November 2022 October 2022 September 2022 June 2022 May 2022 April 2022 March 2022 February 2022 January 2022 December 2021 November 2021 October 2021 September 2021 June 2021 May 2021 March 2021 February 2021 December 2020 November 2020 July 2020 June 2020 April 2020 May 2019 We started RedHunt Labs in 2019 with a mission to solve one problem, i.e. to help companies continuously manage their Attack Surface and eliminate shadow IT risks. We were able to raise an angel round within a month of incorporation. We also started a fully owned subsidiary for technical operations. In 2020 we released our SaaS platform and have been able to acquire multiple customers for our ‘NVADR’. The team has now grown to 35+ and we recently crossed the milestone of USD$ 1 million in ARR. Attack Surface Management (ASM) product There were multiple challenges during the journey so far, be it the COVID situation, or identifying the Product Market Fit, however with support from our customers, advisors, and community, we have been able to overcome them and look towards a bright future for the company. Can you tell us a little bit about what you do? What makes RedHunt Labs stand out? We are an Attack Surface Management (ASM) company, where we help organizations maintain holistic cybersecurity of their modern digital footprint, globally, by eliminating shadow IT risks and taking control of their ever-evolving assets on the Internet. In layman’s terms, we provide organizations with a “hacker’s view of their digital footprint”. Due to dynamic infrastructures, most organizations today are not able to track their assets on the internet, while they expose their hosts, domains, subdomains, applications, code repositories, and much more. All these can become an entry point for a malicious actor. Through our agent-less SaaS platform, our customers get continuous visibility of these assets and the security risks related to them. What makes us stand out is our unique capabilities of Open Source Intelligence (OSINT) and offensive security, which helps us deliver a wide variety of exposure for our customers. Using thousands of our data collectors deployed across the internet, we have been able to identify critical assets and security issues for our customers which could have led to a security breach. BLOG TAGS What set of tools do you use to detect vulnerabilities? android apps attack surface attack surface management continuous security Although there are multiple commercial and open-source tools out there, most of them are not scalable. As we have dedicated teams for development and security research, we have developed our own toolchains to deliver best-of-the-class results for our clients without affecting their performance or availability. We have written our own port scanners, web scanners, internet-wide data collectors as well as vulnerability scanning engines and chained them into a scalable system. While we rely on our security scanners, we focus a lot on finding security exposures, which is quite often the root cause of vulnerabilities. cve-2022-22965 cybersecurity Data breach dataleaks cyber data-leak Dependency Confusion Attack dns misconfigurations docker Also, to deliver a service like ours, we need to collect, filter and store large amounts of data. Early on in our journey, we realized that the existing solutions wouldn’t cut it, so we deployed our own data collection bots to gather data and asset correlations without impacting the services we collect from. domain takeover easm entrepreneur exploit exposed risks exposed service featured internet-security firebase httploot Did you notice any new methods used by threat actors arise as a result of the pandemic? internetsecurity kubernetes kubestalk linux management open port Recently we have noticed that the threat actors are not just targeting servers and traditional IT ecosystems such as Web applications but also non-traditional assets such as public docker containers, leaked credentials in code repositories, exposed internal portals. Also, there has been a rise in services that are required for people who work from home, such as VPN encryption openssl osint opensource patch-management pentesting pii project-resonance Project Resonance , RDP, etc. secret security scanner spf records spring4shell threat-research vulnerability surface In recent years, penetration testing has become standard practice. Can you briefly describe what this practice is like?  Indeed, Penetration testing has become standard practice. The goal of a penetration test is to identify exploitable issues in the provided scope, so that appropriate security controls can be implemented. A penetration test can cover different types of scope, such as Web Applications, Mobile Applications, Internal/External Network, Cloud Environments.  A standard penetration test starts with the client defining the scope of the assessment and then automated, and manual tests are performed by the testing team. A detailed report of the assessment is provided to the client, which contains the details of the identified vulnerabilities, including description, proof of concepts, steps to reproduce, remediation, and references. Although penetration testing is a useful practice, it has two major gaps: Restricted scope: The scope is pre-defined and limited. Point in time activity: Most organizations perform penetration tests only annually or half-yearly. This leaves a gap in security between the assessments. Having the component of discovery and being continuous makes Attack Surface Management (ASM) a perfect complement to penetration testing in any security management program for a CISO. You recently launched an initiative called Project Resonance. Share with us, what are the key takeaways so far? is an effort to “give back to the community” by creating awareness and improving the security of the Publicly Exposed data/information. Project Resonance We focus specifically on identifying different kinds of systems and components that are unknown to security teams. Examples of such systems/components are unknown custom headers, data leak patterns, modern technology stacks, custom protocols, third-party dependencies, etc. Waves are sent out to billions of assets collected by our cluster of bots deployed across the internet, and useful insights are extracted and shared with the community (through blog posts, tools release, and data sets) to serve a larger purpose of making the Internet a more secure place. For example, recently we leaking thousands of sensitive data (passwords, keys, etc.). In another Project Resonance wave, we shed light on thousands of unauthenticated Databases scanned millions of publicly exposed Docker images which were found to be exposed on the internet. Besides regular penetration tests, what other security measures can companies take to protect themselves against cyberattacks? First and foremost is visibility. One can’t protect what they don’t know. Having multiple teams across multiple geographies leads to multiple untracked assets that security teams are unaware of. Having an updated inventory of the exposed assets helps in identifying and prioritizing actions. Apart from this here are a few measures, every organization should take to better protect against cyberattacks: Regular patching and updating software. Use MFA or Passwordless technologies. Employee security awareness training. Regular Data Backup. Regular security assessments. Avoid installing software from untrusted sources. Following the principle of least privilege. What security tools would you recommend for personal use? For personal use, I would recommend using Password managers, MFA tools, Endpoint security products for both laptop/desktop and mobile devices. And finally, what does the future hold for RedHunt Labs? Looking at the recent trends in the ASM industry and the progress we have made so far, we are growing rapidly and will become the global leader in ASM. We are currently working on some major partnerships to deliver our product to various geographies. Also, there are multiple product integrations that we are working on, which will help organizations to observe the results from the platform easily. We are also looking to expand our R&D team to discover more attack surfaces for our customers and deliver unmatched results compared to any other product in this space. Link for the original interview – most-organizations-today-are-not-able-to-track-their-assets-on-the-internet/ https://cybernews.com/security/sudhanshu-chauhan-redhunt-labs- Let’s Reduce Your Org’s Attack Surface. Request Free Trial  Attack Surface Management  Business  News & Announcements  Tips Previous: Internet-Wide Study: State of SPF, DKIM, and DMARC (Wave 6) Next: Making Sense of the Dirty Pipe Vulnerability (CVE-2022-0847) RESEARCH COMPANY DOWNLOADS REGISTERED OFFICE  102 First Floor, 60, Grays Inn Road, London, United Kingdom, WC1X 8AQ Blog About Us Privacy Policy DROP AN EMAIL  Code Leak Search Engine Media Kit Terms & Conditions info@redhuntlabs.com Project Resonance Events Calender Compliance Policy CALL US  +(91) 9971 658929 Talks And Presentations Community Support Sample Report BOOK MEETING  /calendly We value your privacy We use cookies to enhance your browsing experience, serve personalized ads or content, and analyze our traffic. By clicking "Accept All", you consent to our use of cookies. Request Free Trial Schedule Meeting Customize Reject All Accept All Copyright © 2023 Redhunt Labs . ALL RIGHTS RESERVED. Developed By : Dreamsdesign.in