DIGITAL ATTACK SURFACE ASSESSMENT (DASA)
What is a Digital Attack Surface Assessment?
The Digital Attack Surface Assessment is part of your attack surface management strategy. It provides a point in time assessment to identify previously unknown threats that could be used against your organisation in a cyberattack. It uses advanced reconnaissance, analytics, and many technologies to identify client-specific information through technical intelligence, as well as both open and closed source intelligence.
What is an Attack Surface?
The ‘attack surface’ is a collective term that describes any IT assets that an organisation has that are exposed to cyberattacks. Cloud, third-party, on-premise and subsidiary assets are all included within this definition.
What is Attack Surface Management?
Attack surface management is an ongoing process that seeks to manage, monitor, and analyse your IT security. Your organisation’s ‘attack surface’ continually changes over time. As a result, attack surface management rises to the challenge of responding to that threat in real-time. A DASA lets you uncover new threats that may have materialised since your last assessment.
What are the Benefits of a Digital Attack Surface Assessment?
The DASA provides many benefits for an organisation looking to identify cyber threats. Much of an IT department’s resources will be used to maintain the everyday functionality of an organisation. This reduces the IT department’s ability to conduct its own digital footprint investigations from within the organisation.
The DASA helps by proactively assessing an organisation’s digital attack surface. This method of attack surface management looks for information that is being discussed and shared through multiple mediums, providing a detailed view of your business from an external point of view. The DASA affords an organisation time to counter any information identified online. This potentially prevents an attack before it happens, saving valuable time and resources.
Imagine an attacker has just cloned your employee benefits portal and hosted it under a new domain – one that is very similar to the original.
Would you know how to spot it? What if your employees have been using the same work email and password combination to sign up for e-commerce or online fitness services, and those services were compromised. Would you know which users had been affected? These examples of external threats are commonplace in the digital age, and they are constantly changing.
Any organisation trying to identify this type of information will have to spend a considerable amount of time and money researching how threat actors think and act. LRQA Nettitude has the knowledge and tools to identify the threat they pose to your digital attack surface and can recommend ways to potentially mitigate the risk.
About Attack Surface Management Services
With prior knowledge of the client’s organisation through data that is seeded into LRQA Nettitude’s platform, data enrichment is utilised to identify information. Through open-source intelligence alone, this level of analysis would not be possible. This service looks over an organisation’s cyberattack surface to ensure only the most recent and relative data is identified.
External threats assessed within the DASA report include:
- Exposed user credentials which could be used to gain access to internal resources.
- Typo-squatting or expired domains could be used in potential email spoofing (Phishing) through bogus domain and certificate registrations.
- Deep and dark web chatter about your organisation that may indicate an upcoming attack.
- Data leakage through information uploaded to paste sites, code repositories and online forums.
- The risk presented by your supply chain and third parties.
- Your organisation’s risk posture, compared against your industry peers.
- Exposure and vulnerabilities within your internet-facing technologies.
- Identify cyber-related incidents targeting your industry vertical.
How the DASA Can Help Your Organisation
There are often many identifiable online indicators that point to an organisation, or its employees potentially being targeted in a cyberattack. These indicators can take many forms and it is not always possible to identify them through open source means alone. As well as identifying these external threats, the DASA can help an organisation to understand how online threats present themselves against the organisation.
Who Should Have a DASA Assessment?
There is no prerequisite for having a Digital Attack Surface Assessment conducted. It is simply a part of effective attack surface management. Any organisation that wants to gain an understanding of potential external threats should consider this assessment. This is especially true if an organisation wants to gain an understanding of how a potential threat actor perceives them.
At the end of the engagement LRQA Nettitude will provide a detailed report containing an analysis of the information identified. This information will consist of a description of the data identified, why it is important to the client organisation and recommendations centred around the remediation of the identified information. Each section within the report will also contain an assessment of the impact via a severity rating which should be used to gauge the risk associated with each finding. Screenshots are used to help both evidence and demonstrate the impact of the information. Where huge amounts of information are identified LRQA Nettitude will provide this information in a separate Excel file.
Contact us on the form below to arrange a DASA Assessment.