Log in
E-mail
Password
Show password
Remember
Forgot password ?
Become a member for free
Sign up
Sign up
New member
Sign up for FREE
New customer
Discover our services
Settings
Settings
Dynamic quotes 
OFFON
  1. Homepage
  2. Equities
  3. United States
  4. Nasdaq
  5. Rapid7, Inc.
  6. News
  7. Summary
    RPD   US7534221046

RAPID7, INC.

(RPD)
  Report
SummaryQuotesChartsNewsRatingsCalendarCompanyFinancialsConsensusRevisions 
SummaryMost relevantAll NewsAnalyst Reco.Other languagesPress ReleasesOfficial PublicationsSector newsMarketScreener Strategies

Attack Surface Analysis Part 1: Vulnerability Scanning

06/10/2021 | 09:14am EDT

In this three-part series, we'll explore key considerations and strategies for choosing an attack surface analysis strategy, and the ways it can be used to increase awareness of both technical and process-related risks. We'll start with vulnerability assessment below.

BREACH!!! A word you may hear shouted in undersea thrillers such as Hunter Killer, Greyhound, or Red October, but one you never want to hear when it involves your own organization. But whether we want them or not, breaches can and will happen. It's our job as cyber first responders to figure out how to stop them where and when we can, and mitigate the damage when one occurs. A key step in this process is figuring out what can be hacked. To do this, you need to see what an attacker sees-which is to say, you need to analyze the attack surface.

If 'see what an attacker sees' is a bit too vague, a more technical (and verbose) definition of attack surface analysis (courtesy of moi, at a recent presentation) would be:

'Attack surface analysis entails mapping out what parts of an organization need to be reviewed and tested for security vulnerabilities. The point is to understand areas of risk; to make IT, security personnel, and leadership aware of what areas are vulnerable to attack; to find ways of minimizing the risk; and to notice when and how the attack surface changes and what this means from a risk perspective.'

In more practical terms, attack surface analysis consists of 3 tasks:

  1. Identification of areas for testing
  2. Externally facing applications/systems
  3. Internal applications/systems
  4. 'The cloud' (cue ominous sound effects)
  5. Personnel
  6. Processes
  7. APIs, web forms, file shares
  8. Identification of high-risk areas
  9. Identification of changes in the attack surface

You're now probably thinking 'great! Now how do I do it?' I'm glad you asked. There are a number of ways to perform attack surface analysis, but the ways we'll be discussing in this blog series are vulnerability assessment, penetration testing, red teaming, and purple teaming. First up is vulnerability assessments!

Vulnerability assessments are focused on identifying vulnerabilities, not exploiting them. The purpose is to (1) identify and catalog assets / installed software, (2) discover if said software is potentially exploitable, (3) find open ports and the associated protocols, and (4) determine if system / network configuration issues exist. This is normally accomplished via either a commercially available vulnerability scanner (*cough* InsightVM *cough*), open-source tools (Nmap, OpenVAS, rumble.run, etc.), or a combination of both.

What types of activities do these vulnerability assessment tools perform? A non-exhaustive list of capabilities would include:

  1. Discovery scans. Usually very quick (time-wise) and, as the name implies, focused on discovery of systems and tcp/udp ports that are open.
  2. Unauthenticated scans. Without using credentials to log into discovered systems, this type of scan performs more detailed enumeration, which can include dns resolution, operating system type, services running, etc. (Think an nmap scan using the -A flag.)
  3. Authenticated scans. Utilizes credentials to log into discovered systems and perform even more detailed enumeration, which can include software vulnerabilities, system configuration issues, benchmarks against frameworks such as CIS, NIST, and more.

Vulnerability assessments are usually performed on a quarterly basis (at a minimum), when new equipment/systems are installed, or when the network has experienced a significant change. The output of said assessment(s) is a report which provides a comprehensive list of what vulnerabilities exist, what has changed since the last time the assessment was performed, and (ideally) a list of recommended actions to mitigate any discovered vulnerabilities.

The value of vulnerability assessment is that it is a non-destructive form of testing which enables you to take a pulse of the health of your network. It does this by establishing a baseline of your systems and their vulnerabilities, maintaining continuous visibility of your environment (i.e. ensuring only approved systems, devices, software, etc. are operating on your network), and making the business aware of the potential risks present. The challenges of vulnerability assessments are that they typically do not test vulnerabilities for exploitability, and that they ignore the 'human element' (often the most vulnerable and unpredictable element in our environments).

I hope the information above is helpful as you determine which analysis strategy makes sense for you! Stay tuned for the upcoming posts in this series for additional analysis techniques to take your program to the next level.

  • Part 2: Penetration Testing - coming soon
  • Part 3: Red and Purple Teaming - coming soon

Disclaimer

Rapid7 Inc. published this content on 10 June 2021 and is solely responsible for the information contained therein. Distributed by Public, unedited and unaltered, on 10 June 2021 13:13:01 UTC.


© Publicnow 2021
All news about RAPID7, INC.
05:56pINSIDER SELL : Rapid7
MT
09:51aA MATTER OF PERSPECTIVE : Agent-Based and Agentless Approaches to Cloud Security, Part 1
PU
10/19OWASP TOP 10 DEEP DIVE : Injection and Stack Traces From a Hacker's Perspective
PU
10/18RAPID7 : Mizuho Adjusts Rapid7's Price Target to $138 from $125, Keeps Buy Rating
MT
10/18PASSWORDLESS NETWORK SCANNING : Same Insights, Less Risk
PU
10/15RAPID7 : 4 Simple Steps for an Effective Threat Intelligence Program
PU
10/14TURN ON, TUNE IN, DROP THE NOISE : Achieve Better Cloud Security by Reducing Noise
PU
10/13RAPID7 : Michael Daniel on the Cyber Threat Alliance
PU
10/12RAPID7 : Patch Tuesday - October 2021
PU
10/12THIS WAS THE SUMMER OF APPSEC : All the Improvements We Made in Q3
PU
More news
Analyst Recommendations on RAPID7, INC.
More recommendations
Financials (USD)
Sales 2021 522 M - -
Net income 2021 -127 M - -
Net Debt 2021 430 M - -
P/E ratio 2021 -57,1x
Yield 2021 -
Capitalization 6 988 M 6 988 M -
EV / Sales 2021 14,2x
EV / Sales 2022 11,5x
Nbr of Employees 1 847
Free-Float 98,2%
Chart RAPID7, INC.
Duration : Period :
Rapid7, Inc. Technical Analysis Chart | MarketScreener
Full-screen chart
Technical analysis trends RAPID7, INC.
Short TermMid-TermLong Term
TrendsBullishBullishBullish
Income Statement Evolution
Consensus
Sell
Buy
Mean consensus BUY
Number of Analysts 15
Last Close Price 125,27 $
Average target price 133,36 $
Spread / Average Target 6,46%
EPS Revisions
Managers and Directors
Corey Eugene Thomas Chairman & Chief Executive Officer
Andrew Frank Burton President & Chief Operating Officer
Jeffrey Alan Kalowski Chief Financial Officer
Tas Giakouminakis Chief Technology Officer
J. Benjamin H. Nye Lead Independent Director
Sector and Competitors
1st jan.Capi. (M$)
RAPID7, INC.38.31%6 956
MICROSOFT CORPORATION38.58%2 314 159
SEA LIMITED84.37%202 635
ATLASSIAN CORPORATION PLC75.51%103 291
ZOOM VIDEO COMMUNICATIONS, INC.-18.06%82 126
DASSAULT SYSTÈMES SE40.13%71 236