An organization’s external attack surface comprises not only the assets they own and threats they must manage themselves, but also extends to subsidiaries, partners, and supply chain members that have some business or digital connection to the primary organization. Many organizations struggle to monitor and evaluate the cybersecurity posture of their third-party vendors at all, let alone continuously. This lack of visibility can lead to blind spots, allowing unidentified exposures to create entry points for cyberattacks that may ultimately lead back to the primary organization. TacitRed leverages Expert AI and real-time data processing to provide tactical attack surface intelligence. It applies an intelligence synthesis technique, whereby terabytes of proprietary and public internet, threat traffic signals, and threat intelligence data sources are assessed. This results in accurate and timely third-party risk profiles.
With today’s rapidly evolving threats, organizations face an increasing volume and sophistication of cyber-attacks. The expanding attack surface, driven by the adoption of multi-cloud environments, distributed applications, and extensive third-party dependencies, makes it challenging for security teams to manage their attack surface and respond efficiently to threats and attacks. TacitRed empowers security analysts to take immediate, decisive actions to mitigate impactful cyber exposures by providing unparalleled tactical attack surface intelligence that is fully curated, prioritized, and detailed.
MSSPs face several challenges in maintaining and enhancing their security services. MSSPs must be able to offer strategic advice, while managing popular security tools owned by the customer and provide innovative tools and services that cover cyber defense gaps. TacitRed, a tactical attack surface intelligence solution from Cogility, offers a transformative SaaS approach to addressing these challenges and gaps. Unlike conventional EASM solutions, TacitRed provides fully curated, prioritized intelligence that enables MSSPs to take immediate, decisive action.
This paper examines key capabilities that will help security teams evaluate EASM functionality and better understand how modern EASM solutions can be applied to make their enterprise more cyber resilient and their security analysts more efficient.
To effectively manage cyber risk for external entities — such as third parties supplying critical services, equipment, and supply chain logistics — each entity must be continuously enumerated and evaluated against a dynamic set of vulnerabilities, and threat intelligence data streams, and then evaluated with variable impact assessments considering full context, historic exposure — anticipating future risk. Currently, many of the existing solutions rely on manual entity enumeration and focus on ‘point-in-time’ reporting that does not effectively scale to be able to monitor millions of entities. Cogility has developed a system and several component processes for automatically enumerating each entity’s infrastructure, cloud assets, technologies, related technologies, vulnerabilities, and system compromise signals for any given scope of entities. The proposed solution can be scaled to assess every commercial entity in the United States in a near real-time manner.
In October 2023, aerospace giant Boeing’s parts and distribution business suffered a severe cybersecurity breach. The infamous LockBit ransomware group claimed responsibility for the attack, alleging that they had exfiltrated a “tremendous amount” of sensitive data from Boeing’s systems.