Eoin & The Security

edgescan provides our clients with #fullstack security assessments but what does #fullstack mean? #fullstack covers may layers in the OSI  inter-connectivity diagram . From "the top down......" Deep Coverage Web Applications : Technical vulnerabilities (Injection attacks, scripting, error based attacks) Logical vulnerabilities Component Security (end-of-life components/plugins, insecure config) Host Security : Patching Enabled services (Type, version, known vulnerabilities etc) Operating System Known vulnerabilities Weak protocols Weak configuration So unlike many application-only or Host-only  assessment services,  edgescan discovers more possible weaknesses as a result of either via poor maintenance, configuration mistakes, deployment security, patching and also developer code....#fullstack Wide Coverage The holistic approach also covers ranges of IP's such as say a /24 or /16 cidr block. Automatic Assessment : edge...

At edgescan we have a solution called HIDE (Host Index Discovery and Enumeration) which is in effect a continuous asset profiling function it does the following: HIDE query's entire IP ranges for our clients. This "blanket" covering of ranges gives our clients the ability to see whats "Alive" and whats enabled in seconds. If an endpoint is decommissioned or newly deployed, HIDE detects the change and can alert users. Detection of the state of all endpoints exposed to the public Internet Identification the endpoint and tries to resolve any DNS associated with it Enumeration the services and open ports enabled on the endpoint. Automated alerts based on user defined criterion (e.g. New host discovered,  HOST dies etc). Detection is via cloud API's and/or port enumeration (TCP/UDP). Via the HIDE console you can query say across 10,000 endpoints, what system is running Linux and has port 25 open etc. Why is HIDE "a hit" with our client...