In the ever-evolving landscape of cybersecurity, organizations are constantly seeking effective solutions to manage their external attack surface and mitigate risks. One approach gaining traction is the utilization of open-source tools for reconnaissance and asset discovery. In this blog, we'll explore the value proposition of leveraging open-source intelligence in external attack surface management (EASM) and its role in enhancing cybersecurity resilience.
Here is the verbatim discussion:
basis there's also this there's a lot of new acronyms out there as well continuous automated red teaming cart continuous automated security testing cast right automated exploitation right Ed talked a little bit about breach uh attack simulation um key capabilities of a full endtoend easm solution what are your thoughts Picos on that and then I know that we had I think we have some folks on the phone as well that come from the Consulting world right that are Consulting they're doing cyber security Consulting talk a little bit about how you think that a comprehensive easm SL continuous testing you know package could assist in potentially helping to automate what has been uh let's say automate some of what has been a traditionally manual process a little bit about me thanks bicash appreciate it I know bicos pretty well we work together he's my boss I have to say that b you the man uh anyway got we're gonna keep this very light today I do want to say before we get into uh the discussion about um external attack surface management um the value proposition overall and what the industry is bearing uh I'd like to do as as much interaction as we possibly can I know this is a we have everybody muted and it's a it's a webinar type of panel discussion and we're all on zoom and hopefully one day we're very soon we're all doing this with microphones like the old days and pass it around the you know pass it around the uh the auditorium but um any questions that anybody might have please please make this as interactive as you possibly can throw it into the chat um into the uh which could also be part of suppose picking up open source tools so let me start with open source tools what you can do with open Source tools and I will also talk about later on the other Technologies which are out there available so if you look at esm the primary capability is nothing but reconnaissance right and if you find out or if you try to find out the reconnaissance tools which are out there if you just try out do a Google search you will find more than five 500 such kind of reconnaissance tools which are out there which can help you to uh discover various types of assets which can help you to do subdomain Discovery etc etc so there are I'm not naming all these tools largely these are various small small tools which you can tie together string it together and use it or or somebody a consultant could use it so you can use these reconnaissance tools but these tools are not good enough along with the reconnaissance tools you also need a lot of data like for example uh you need the IP who is information of the entire Globe then you'll be able to pick pinpoint your assets in a more accurate in a accurate manner so you also need to find out all get all this who is information the domain registration details now these data are unfortunately you can't get everything for free so some of this data you have to buy you need uh dark WB uh information uh which could also be utilized as a part of reconnaissance so there are all these data which is out there which you need now the next part is using this tools and this data you may initially just focus on open source intelligence don't buy any kind of data which is um proprietary or which companies are selling so I think there's a good start where you can start with all these open source tools.
Highlights:
Open Source Tools for Reconnaissance:
- Reconnaissance tools play a crucial role in discovering assets, subdomains, and other digital footprints across the internet.
- A plethora of open-source reconnaissance tools are available, offering functionalities such as subdomain discovery, WHOIS information retrieval, and domain registration details.
- Leveraging these tools allows organizations to gain comprehensive visibility into their external attack surface without significant financial investment.
Data Acquisition and Analysis:
- In addition to reconnaissance tools, organizations need access to relevant data sources such as WHOIS information, IP geolocation data, and dark web intelligence.
- While some data sources may require purchase, organizations can initially focus on leveraging freely available open-source intelligence (OSINT) to kickstart their EASM efforts.
- Open-source threat intelligence feeds and OSINT platforms provide valuable insights into emerging threats and adversary tactics, enabling proactive defense strategies.
Integration and Automation:
- Integrating open-source tools and data sources into EASM workflows enhances automation and scalability.
- Organizations can utilize APIs and scripting languages to automate data retrieval, analysis, and reporting processes, streamlining EASM operations.
- By harnessing the power of open-source technologies, organizations can build cost-effective and scalable solutions tailored to their specific cybersecurity requirements.
Collaboration and Knowledge Sharing:
- The cybersecurity community thrives on collaboration and knowledge sharing, with numerous forums, communities, and repositories dedicated to open-source cybersecurity tools and techniques.
- Engaging with the open-source community allows organizations to leverage collective expertise and stay abreast of the latest developments in EASM and threat intelligence.
Open-source tools offer a wealth of opportunities for organizations seeking to enhance their external attack surface management capabilities. By leveraging freely available reconnaissance tools, data sources, and threat intelligence feeds, organizations can gain comprehensive visibility into their digital footprint and proactively mitigate cyber risks. Moreover, integrating open-source technologies fosters collaboration, innovation, and scalability, empowering organizations to build robust EASM solutions tailored to their cybersecurity needs. Embracing open-source intelligence in EASM represents a cost-effective and agile approach to bolstering cybersecurity resilience in today's threat landscape.
Speakers:
Bikash Barai is credited for several innovations in the domain of Network Security and Anti-Spam Technologies and has multiple patents in USPTO. Fortune recognized Bikash among India’s Top 40 Business Leaders under the age of 40 (Fortune 40-under-40).Bikash is also an active speaker and has spoken at various forums like TiE, RSA Conference USA, TEDx etc.Earlier he founded iViZ an IDG Ventures-backed company that was later acquired by Cigital and now Synopsys. iViZ was the first company in the world to take Ethical Hacking (or Penetration Testing) to
the cloud.
https://twitter.com/bikashbarai1
https://www.linkedin.com/in/bikashbarai/
Ed Adams, a seasoned software quality and security expert with over two decades of industry experience. As CEO of Security Innovation and a Ponemon Institute Research Fellow, Ed is renowned for his contributions to advancing cybersecurity practices. With a diverse background spanning from engineering for the US Army to senior management positions in leading tech companies, Ed brings a wealth of expertise to the table.
https://www.linkedin.com/in/edadamsboston
Paul Dibello, based in Duxbury, MA, US, is currently a Senior Vice President Global Business Development at ShadowDragon, bringing experience from previous roles at FireCompass, R9B, Virtru Corporation and iSIGHT Partners - A FireEye Company. Paul DiBello holds a 1986 - 1990 Bachelor of Arts (BA) in Economics @ Princeton University. With a robust skill set that includes Software, Sales, Project Management, Development, Operations and more, Paul DiBello contributes valuable insights to the industry.
https://www.linkedin.com/in/pauldibello11
Tejas Shroff based in Boston, MA, US, is currently a Software Engineer at Tangle, bringing experience from previous roles at Aperion Studios, XPO Logistics, Inc., Oculus VR and Beach Day Studios. Tejas Shroff holds a 2019 - 2019 UX Design Immersive in Design & User Experience @ General Assembly. With a robust skill set that includes Leadership, Social Networking, Start Ups, Social Media, Teamwork and more, Tejas Shroff contributes valuable insights to the industry.
https://www.linkedin.com/in/tejasshroff
Comments