scroll it

Mind the Gap: Attack Surface Discovery and PTaaS

Justine Desmond
0% read

When getting on the London underground, there’s a phrase you see everywhere in the stations—MIND THE GAP. A direct message to warn you while stepping onto the train of the tracks below. In the infosec community, security gaps need as much attention but often go unnoticed.

While security practitioners don’t have a loudspeaker in their office reminding them of this cautionary phase, that doesn’t change that there is a gap existing today between new, often unmanaged assets and the inventory security teams use for penetration testing. To the chagrin of security practitioners, an estimated 69% of organizations have experienced an attack that started with an unknown or unmanaged asset.

Companies and federal agencies want to stay one step ahead of sophisticated adversaries, yet just 9% of organizations believe they monitor their whole attack surface. Additionally, the majority of large organizations pentest less than 10% of their assets and often test only their managed assets, missing new applications or cloud instances. 

Some organizations have invested in External Attack Surface Management solutions to discover unknown assets. However, an increased attack surface visibility without action to understand exposure and risk of assets undermines the return on attack surface visibility investment. 

In response to this challenge, Synack integrated external attack surface discovery (ASD) to its penetration testing as a service (PTaaS) solution, enabling organizations to make their attack surface discovery data actionable. With actionable discovery data, organizations can leverage the additional visibility to stay one step ahead of nefarious actors by proactively assessing the risk of unknown elements of their external attack surface. 

Synack’s comprehensive security testing platform integrates continuous discovery, fingerprinting, prioritization, point-in-time and continuous testing, vulnerability management and root cause analysis to help organizations leverage attack surface visibility to improve their security posture. 

Synack is making attack surface discovery data actionable

Synack added self-service asset discovery and visibility to the Synack Platform. You will finally know the answer to questions like “What is the complete view of my attack surface?” and “Which assets increase risk for the organization?” to close outstanding security gaps.

Self-Service Discovery & Seed Groups 

Easily discover new assets by creating new seed groups, adding your known Domains, FQDNs, IPv4 addresses, CIDRs and IP ranges. Seed groups allow you to easily organize your assets by team, subsidiary or even third party. You can also limit access to specific seed groups so teams get appropriate access and can remediate risks.

Continuous Discovery of New Assets 

Once a scan is generated, all discovered assets will appear in a single view in the Synack Platform. The Discovered Assets view provides visibility into newly discovered assets along with assets currently being tested. Newly discovered assets must be confirmed while tested assets are automatically confirmed and moved to the Asset List. The filtering provides an easy way to drill into specific application types or new, unconfirmed assets.

Bridging the gap between asset discovery and PTaaS for better attack surface management

Synack’s Attack Surface Discovery provides insight into unknown and often untested assets that belong to your organization. It seamlessly integrates with Synack’s Asset Insights, automatically adding discovered assets to your Asset List for further fingerprinting and investigation. 

Customers can use new information from fingerprinting to prioritize discovered assets for testing:

  • Providers – If you have assets hosted with a cloud provider that’s not compliant, you can launch a test on assets in the hosting environment. 
  • Ports – Worried about an exposed database (DB)? You can filter on all assets that have a DB port open and prioritize them up for testing. 
  • Test Status – Any newly discovered and untested asset can be prioritized for testing. 

Synack’s new Attack Surface Discovery solution bridges the gap between your ASM and security testing. Synack helps you discover, inventory and fingerprint assets continually and feed those results into a continuous testing program. It’ll be easy to tell your security team to mind the gap when you work with Synack to manage external attack surfaces to reduce risk.  

Interested in moving forward with Synack’s Penetration Testing as a Service (PTaaS) with integrated Attack Surface Discovery, ensuring testing coverage for your external attack surface? Request a demo of Syanck’s Elite Platform offering today.