Why Do We Monitor for Domains? Finding Keys to the Kingdom!
Domains represent a crucial and vital part of the attack surface our organizations expose. A DNS (“Domain Name System”) is a central part of every organization and can essentially be considered as a directory of all things accessible, pointing our computer systems to which IP address responsible for serving up functionality, applications and support to our users and customers.
Attackers consider domains and DNS as a treasure trove of information. What do YOU have that THEY might find interesting to attack? Our threat actors often look for what we, in River Security, call the path least travelled. You know, those systems nobody else has found, which our organization might have forgotten about, that are without governance, patch management and other security controls.
DNS contain a directory of what companies seek to offer their users and customers, River Security tries their best to always stay on top of what your directory holds. What new systems do you provision? What old systems can we find references too? All in all with the goal of continuously stay on top of the attack service and provide offensive services, as fast and accurately as possible, to wherever risk might surface.
DNS Points to Resources
Yes, DNS points attackers to IP addresses, IPv4 and IPv6 alike, which in turn hosts services typically among the protocols of TCP or UDP. This is attack surface of which must be assessed by offensive security engineers to ensure risk can be uncovered and addressed before threat actors can.
It is all about proactively, from an offensive and penetration testing point of view, be able to quickly assess our customers new and existing attack surface. A pro-active and agile approach to security. This continuous approach to penetration testing is truly the bleeding edge of how traditional penetration testing is evolving into a new and better format.
We use many techniques to ensure we get one step ahead of our threat actors, some in cooperation with our customer where they essentially notify River Security about the latest development. We want to tell you more about all of this.
