Mapping in the EASM cycle is the starting point for analyzing an external attack surface. The data collected during this phase represents the vision of a malicious actor who is interested in an organization: websites and their technologies, remote access referenced or not, administration interfaces, possible connected objects left open to the Internet, an application that you thought was decommissioned, and potentially other systems that you do not suspect.
Mapping is a minimally intrusive discovery process based on the recovery of the following data:
✓ DNS (zone, security best practices, whois)
✓ Messaging (DNS configuration, services, security best practices)
✓ Certificates (self-signed, expired)
✓ SSL/TLS (weak configurations, vulnerable protocols)
✓ Network Services / Websites (protocols, technologies, banners, operating systems, vulnerabilities)
✓ IP addresses (host, ASN, geolocation, whois)
The methodology developed by Exaface allows you to enrich your mapping:
➤ Correlation of discovered information to suggest new resources to monitor (domain, subdomain, URL, other)
➤ Risk assessment with dedicated rating by data type
➤ Daily perimeter refreshing
✨ At Exaface, this mapping is also based on the history of data collected on a daily basis for several years, which represents:
– 480 million domains
– 2 billion subdomains
– 850 million IP addresses
– 2.5 billion subdomains with their associated IP addresses
– 110 million new DNS entries are collected every day
This first phase allows you to have at this stage the most exhaustive view possible of the security level of your external attack surface, all hosted on our European servers.
