Enterprise Attack Surface Management Now Available
April 13, 2021
Managing risk in an environment that is rapidly becoming cloud first, remote first, SaaS first, employee-driven, distributed IT connected everything, you know how hard it can be to figure out exactly what it is you are trying to secure, let alone to try and defend it.
Today with this new release of the Intrigue platform for Attack Surface Management, we take a significant step toward enabling enterprises of all types and sizes to effectively map their attack surface, continually monitor their environment, and mitigate against ongoing risk, all required processes in today’s information security environment. Protecting your organization is now easier than ever.
This release is also possible due to over five years of research and open source work from a broad community of security professionals and assessment experts. So to each of you, I want to recognize your contribution and say thank you. The ideation and work we’ve done together is now addressing more and more of the challenge. To the core team that delivered this platform, you can be extremely proud of the work we’ve done together over the last six months – the sheer volume of positive change is incredible.
To our early adopters, investors, and customers – thank you for your support – I am excited to deliver on the promises made to build the best Attack Surface Management platform available on the market today. While there is always more to do, this is a significant step forward and the entire team appreciates your valuable contributions and feedback.
Intrigue Began Around A Single Realization
No matter how much security teams invested or how much time they spent on the problem, they were still being breached through simple, effective, mostly-automatable attacker techniques – in other words, they were not able to consistently and automatically identify assets, find exposures, assess risk, and address the problems quickly enough. It wasn’t because of a lack of trying, a better technical approach was needed.
While there were many technologies available to help organizations with the challenges of asset and vulnerability management, there was no solution (1) holistic enough in its ability to handle the multitude of modern IT assets, (2) integrated enough to organize the required data, or (3) automated enough in its approach to identifying risk.
Our primary objective became the development of a solution that could actually address this problem now, while being flexible enough to adapt as organizations and technology evolve.
Defining the Challenge
As with most information security challenges, it’s about the journey, not the destination. Our approach to Attack Surface Management helps organizations drive a continuous process to discover intelligence about assets and exposures, direct that intelligence to the right owner in the business and enable the business owner to mitigate the risk.
The security tools that were supposed to identify problems and assess risk were not designed for the shared-responsibility security model of AWS, GCP and Azure. Organizations cannot rely upon simple vulnerability scanning in this ecosystem where cloud-first is the default. Couple this technical complexity with the siloed areas of responsibility present in most large organizations, where no one is fully responsible for holistic enterprise security, and you have the current situation.
From a technical perspective, Attack Surface Management can be broken down into three primary steps:
- Mapping the Attack Surface: Discover unknown assets, across your infrastructure, partner and third party infrastructure. Examine asset composition and understand relationships among all entities. Scope in all areas where you have direct ability to act or influence..
- Monitoring of your areas of influence: Monitor your now-knowns in near real time to detect changes and exposure. Automatically cross reference with known threats to your assets.
- Mitigate Risk: Develop actionable intelligence to eliminate vulnerability from exploits and misconfiguration.
Complexity is ever increasing as we build on legacy solutions and make them interoperate. Security can still be an afterthought as most large organizations are in a fight to digitize quickly to innovate more rapidly and prevent being disrupted.
A Better Approach
Building upon the architectural approach pioneered in our open source solution – a broad, flexible, asset model and an ability to automatically identify many different types of risk – is how we’re already helping the world’s most sensitive organizations close these gaps. Our platform is an integrated system that can support a cloud-first environment and provide organizations the information and visibility they need to stay ahead of any attackers that are looking to exploit whatever may have been missed.
At a high level, our approach follows a self-learning, recursive process to gather and organize information:
- First, we utilize every available open and customer-configured data source to find assets of every shape and size – hosts, apps, cloud assets, user accounts, etc.
- We then pivot on those found assets relentlessly through every available technique or external / cloud data source to 1) Gain more intelligence on each found asset and 2) Discover additional assets.
This automated and recursive process results in an exhaustive search graph, upon which we perform exposure analysis, to look for everything from vulnerabilities, to misconfigurations, to leaks. We map all known exposures to the asset upon which it was identified and present this to the user. You can get a feel for the types of exposures we detect in our capabilities browser.
Go Forth And Map Your Attack Surface
A core design principle of Intrigue is to reduce the barrier to get started. We designed the initial experience to automatically map known attack surface based on information gathered during the onboarding process. To get started, simply sign into the new platform, and we’ll help you map your attack surface, monitor your environment, and mitigate risk, today.
Founder and CEO Intrigue