CyLAB: Attack Surface Check and Remediation (ASCR)

DGS helps its clients to accurately identify their attack surface, wherever it may be, and maintain proper visibility over time, according to the evolving needs of their business and to all the possible ways in which they deliver their services.

With the spread of Smart Working, the use of the Cloud and the relocation of workloads, the set of contact and exchange points between the IT infrastructure and the outside world has become progressively larger and more complex to identify. At the same time, the dissemination and availability of users’ personal information has increased by leaps and bounds, creating a veritable market in the Dark Web.

In order to establish effective protection mechanisms for the logical perimeter (whatever it may represent), it is necessary to have a broader view of the exposed attack surface, in order to allow the organization to quickly understand and visualize where the vulnerabilities are located within its ecosystem and to decide what corrective actions should be taken and with what level of urgency. The attack surface becomes, then, a global indicator of the security of a complex system, composed of people and systems (hardware and software) in which information is carried over multiple and increasingly dynamic channels.

The vectors through which malicious actors can attack our core resources have multiplied and cybercriminals can perform comprehensive analysis with relative ease on multiple sources of information related to our context, including information about employees and organizational chart, technologies placed in defense, and strategies employed.

Being equipped with diverse active protection tools, that are close to the perimeter (E-mail Gateway, Next Generation Firewall or Web Application Firewall) rather than user-focused solutions (Endpoint Security systems or behavioral analyzers), does not mean that these items do not leave uncovered channels through which malware can breach.

It is also important to be aware of the fact that the surface is constantly changing, requiring constant visibility and up-to-date security measures; the continuous development of applications that the market demands, the increasing automation of cloud resources and the demand for scalability mechanisms of the infrastructures supporting the services generate a constant and inexorable mutation of the ways in which our systems interact with the outside world.

It is therefore necessary to strive for a holistic approach to the identification of the organization’s attack surface, based on systems that can provide a single, homogeneous visibility of its current state and also give an indication of its qualitative and quantitative evolution over time, based on, for example, the mitigation actions taken or the adoption of new technologies or tools to support the business.

In our Attack Surface Check and Remediation lab, we are constantly looking for that synergy between experts and technology platforms that can lead a company to always be in control of changes in its attack surface, constantly aligning it with the evolution of the IT infrastructure, the growth of application services and their availability, and the way its customers, employees or suppliers work.

The products of Breach and Attack Simulation (BAS), massive and automated Penetration Testing – rather than Bug Bounty platforms or Dark Web analysis – offered by our technology partners, provide us with tools that, under the control of the experts of our Teams (Blue, Red and Purple), guarantee an approach to the discovery of the organization’s weaknesses that is automatic, repetitive and massive but, at the same time, “tailor made” thanks to the sensitivity and experience of our professionals.

The focus of our lab (ASCR CyLAB) is on defining different use cases in order to test market-leading products on them and measure their effectiveness in the face of different attack techniques, detecting the channels through which threats can creep into an organization.

Customization to the operational context and a tailor-made approach allow DGS to propose solutions to its customers that can identify and maintain the right visibility over time on their attack surface and apply corrective actions as quickly and effectively as possible.

To find out what other areas we operate in at our CyLABs, CLICK HERE