Using over 150 unique techniques and sources - the open core engine is used to to create a graph representation of the attack surface. This combination provides unparalleled external asset visibility.
A comprehensive asset identification library of over 5000 checks is used to examine applications, network services and javascript components. When combined with Intrigue.io proprietary vulnerability and threat intelligence, Risk based vulnerability management becomes much easier for security teams.
Intrigue helps security teams stay aware of new software defined assets by integrating with cloud providers and using a multitude of asset discovery techniques. Security teams are alerted when new assets are found, and can action workflows.
Intrigue makes it simple to identify connected organizations and learn about their security posture. A global catalog of over 120,000 organizations is constantly monitored, provided security teams visibility of third, fourth and nth party risk.
Attack surface is no longer limited to domain records and IP address ranges. Cloud infrastructures, 3rd party networks and applications are making attack surface progressively more difficult to manage.
Enterprise teams need intelligent mechanisms to discover and secure their public presence and to keep track of unmanaged and exposed assets.
Intrigue is powered by the open source Intrigue Core engine, and routinely collects information about the attack surface of organizations.
Intrigue emulates actions of an intelligent actor, interactively mapping Internet-facing systems, exposed services, and applications. Starting with 'seed' information, like a domain name, Intrigue uses over 150 unique capabilities and integrations to build an intelligent knowledge graph of visible enterprise assets, their applications, misconfigurations, and vulnerabilities.
Our customers can manage the accuracy of the reports by supplying private 'seed' information and filtering out inaccurate associations. They also benefit from advanced assessment plugins not available to the public, which take further steps to uncover information valuable to potential attackers.