One thing I have learned after 15+ years in IT and Security is that knowing where all of your assets are and what they are is one of the most challenging projects you can manage.
You can’t detect and respond to threats on systems you do not even know exist!
The fact that Microsoft can be hacked with a password-spray attack that found a legacy system should give you an idea at how hard a problem set this actually is. Especially for larger companies.
Here are 3 ways you can start finding and securing your assets, with an understanding that this will need to be a continuous process.
- Identify and inventory all the assets that make up the company’s attack surface, including on-premises, cloud, external and subsidiary networks.
The tools the team at Project Discovery have created are free and second to none when it comes to scanning and finding your internet facing assets. They can help you find:
- Subdomains
- IP Blocks
- Open ports
- And much more
- Analyze and prioritize the vulnerabilities and threats associated with each asset, based on the likelihood and impact of a potential breach.
Again the tools by the team at Project Discovery will help with this. There vulnerability scanner Nuclei is an amazing tool.
- Remediate and monitor the identified vulnerabilities and risks.
Once vulnerable or unneeded assets have been found update them or just get rid of them. You can also monitor your infrastructure for changes and notify your team when changes occur.
Hopefully this was informative!
Happy hunting!
Marcus Edmondson | Offensive Security | Information Security 