Cyber Threat Monitoring
Cyber Threat Monitoring
Understand an organization’s cybersecurity risk using data-driven, objective, and continuously evolving metrics that
provide visibility into any organization’s information security control weaknesses across 10 risk factors
- Network Security: Examples of network security hacks include exploiting vulnerabilities such as open access points, insecure or misconfigured SSL certificates, or database vulnerabilities and security holes that can stem from the lack of proper security measures.
- DNS Health: Measures multiple DNS configuration settings, such as OpenResolver configurations as well as the presence of recommended configurations such as DNSSEC, SPF, DKIM, and DMARC.
- Patching Cadence: How diligently a company is patching its operating systems, services, applications, software, and hardware in a timely manner.
- Endpoint Security: Endpoint security refers to the protection involved regarding an organization’s laptops, desktops, mobile devices, and all employee devices that access that company’s network.
- IP Reputation: ingests millions of malware signals from commandeered Command and Control (C2) infrastructures from all over the world. The incoming infected IP addresses are then processed and attributed to corporate enterprises through our IP attribution algorithm. The quantity and duration of malware infections are used as the determining factor for these calculations, providing a data point for the overall assessment of an organization’s IP Reputation, along with other assessment techniques.
- Web Application Security: Examples of vulnerabilities detected include Cross-site Scripting (XSS) or an SQL injection attacks.
- Cubit Score: The Cubit Score factor is a proprietary threat indicator that measures a collection of critical security and configuration issues related to exposed administrative portals.
- Hacker Chatter: The Hacker Chatter factor continuously collects communications from multiple streams of underground chatter, including hard-to-access or private hacker forums. Organizations and IPs that are discussed or targeted are identified.
- Information Leak: identifies all sensitive information that is exposed as part of a data breach or leak, keylogger dumps, pastebin dumps, database dumps, and via other information repositories. EXO maps the information back to the companies who own the data or associated email accounts that are connected to the leaked information, assessing the likelihood that an organization will succumb to a security incident due to the leaked information.
- Social Engineering: EXO identifies a variety of factors related to social engineering, such as employees using
their corporate account information for services, for example, social networks, service accounts, personal
finance accounts, and marketing lists that can be exploited. In addition, employee dissatisfaction is monitored
through publicly available data.