DIGITAL ATTACK SURFACE ASSESSMENT (DASA)
What is a DASA report?
The Digital Attack Surface Assessment provides a point in time assessment using advanced reconnaissance and analytics to identify previously unknown threats that could be used against your organisation in a cyberattack. A myriad of technologies is utilised to identify client-specific information through technical intelligence as well as both open and closed source intelligence.
What are the Benefits?
The DASA report provides many benefits for an organisation looking to identify ways in which threat actor attacks may present themselves. Much of an IT departments resources will be used to maintain the everyday functionality of an organisation, without adding to the workload of dealing with false-positive alerts from within the organisation.
The DASA report helps by proactively assessing an organisation’s digital attack surface; looking for information being discussed and shared through multiple mediums to provide a detailed view of your business from an external point of view. The DASA report affords an organisation time to counter any information identified online, potentially preventing an attack before it happens saving valuable time.
Imagine an attacker has just cloned your employee benefits portal and hosted it under a new domain – very similar to the original.
Would you know how to spot it? What if your employees have been using their same work email and password combination to sign up for e-commerce or online fitness services and those services were compromised. Would you know which users had been affected? These examples of external threats are commonplace in the digital age and are constantly changing.
Any organisation trying to identify this type of information will have to spend a considerable amount of time and money researching how threat actors think and act. Nettitude has the knowledge and tooling to identify their activities against your digital attack surface and can recommend ways to potentially mitigate the risk.
About the Services
With prior knowledge of the client’s organisation through data seeded into Nettitude’s platform, data enrichment is utilised to identify information which through open sources intelligence alone would not be possible. This service looks back one calendar month over an organisation’s digital attack surface to ensure only the most recent and relative data is identified, but this time frame can be extended if required.
External threats assessed within the DASA report include:
- Detect data leakage through information uploaded to paste sites, code repositories and online forums.
- Deep and dark web chatter about your organisation that may indicate an upcoming attack.
- Exposed credentials of your users which could be used to gain access to internal resources.
- Detect and eliminate typo-squatting or expired domains which could be used in potential email spoofing (Phishing) through bogus domain and certificate registrations.
- Identify infringement of your brand and threat actors preparing for an attack against your employees and customers.
- Assess your internet-facing technologies for exposure and vulnerabilities.
- Review the risk presented by your supply chain and third parties.
- Compare your risk posture against your industry peers.
- Highlight active threat actors and malware campaigns being used in your industry and against your peers.
- Shadow IT available from the internet including cloud for configuration weaknesses and known vulnerabilities.
How the DASA Report Can Help Your Organisation
There are often many identifiable indicators online that point to an organisation or its employees potentially being targeted in a cyber-attack. These indicators can take many forms and it is not always possible to identify them through open sources means alone. As well as identifying these external threats, the DASA report can help an organisation understand how threats present themselves against the organisation on the internet.
Who Should Have A DASA Assessment?
There is no prerequisite for having a Digital Attack Surface Assessment conducted. Any organisation that wants to gain an understanding of the external threats they are potentially facing should consider this assessment. Especially if an organisation wants to gain an understanding of how they could be perceived by a potential threat actor.
The assessment will be conducted by Nettitude’s team of CREST Certified Cyber Threat Intelligence Analysts who have over 40 years of combined experience in the field across military and commercial backgrounds. Our team are adept in identifying risks presented by your organisation and carry out assessments through the lens of an attacker.
A report providing a thorough output of the results from the engagement will be produced, containing a detailed analysis of each sections findings with recommendations. Screenshots are used where possible to help provide evidence and demonstrate the impact of the information.
Following receipt of the assessment report, Nettitude can offer a debrief. The debrief will provide commentary on any findings identified and answer any questions you may have; it also acts as an opportunity for the customer to provide feedback on how useful they found the information.
Get a free quote