Cybersecurity Scorecard: Help Businesses Stay Safe

by

October 25, 2018

There’s a litany of things a business owner has to be concerned with. There’s so much to deal with on a daily basis that certain things can get overlooked.

One of those things is cybersecurity. We spoken a bit about how important it is to discuss cybersecurity matters at the executive level and why it may be necessary to hire an outside cybersecurity expert (like a Managed Cybersecurity Services Provider).

Both of those things might seem pretty daunting and not all that easy to accomplish. Especially if you’re up to your neck with other tasks. You might even be saying you don’t even know where you’d start to investigate your current cybersecurity posture.

Truth be told, it’s not as difficult as you think. That’s why we’re offering you a FREE cybersecurity risk scorecard. We think it’s a great place to start when considering your businesses’ overall cybersecurity health and well being.

The Cybersecurity Risk Scorecard uses open source intelligence (meaning non-invasive) means to investigate your cybersecurity posture. The scorecard helps breakdown complex information and makes it easy to understand and ready for consumption at the executive level.

What’s Included:

  • Patch Management
    Details are collected in relation to system version numbers. The scan leverages software from internet-wide vendors. like Censys, Shodan, Zoomeye etc. These version numbers are converted into the corresponding common platform enumeration number (CPE-ID) and are then correlated with NIST
  • Email Security
    Vulnerabilities are collected relating to potential email servers and SMTP misconfigurations like open relay, unauthenticated logins, restricted relay, SMTP ‘Verify’ vulnerabilities and more.
  • DNS Health
    We generate DNS health report from 40+ control items which are collected from online services like IntoDNS, Robtex, Netcraft and HackerTarget. Since DNS queries are recursive, it is almost impossible to detect a hacker footprints from the DNS servers.
  • Leaked Credentials
    There are more than 5 billion hacked email / password available on the internet and underground forums. This section shows the leaked or hacked emails & passwords.
  • IP/Domain Reputation
    Asset reputation score is based on the number of IPs or domains are blacklisted or they are used for sophisticated APT attacks. The reputation feeds are collected from VirusTotal, Cymon, Firehol, BlackList DNS servers, etc.
  • Fraudulent Domains
    Fraudulent Domains and subdomains are extracted from the domain registration database. The registered domains database holds more than 300M records.
  • Attack Surface
    Attack surface is the technical analysis of open critical ports, out-of-date services, application weaknesses, SSL/TLS strength and any misconfigurations. This information is gathered from Censys & Shodan database and service / application versions are correlated with Passive Vulnerability
  • Digital Footprint
    Digital Footprint is determined by open ports, services and application banners. This information is gathered from NormShield crawlers, Censys, VirusTotal, Robtext, Alexa, Shodan etc.
  • Web Ranking
    Cisco, Alexa and Majestic track web sites and rank them according to popularity, back-links, references, etc. This subcategory shows Alexa and Majestic trends, Google Page insight speed test results as well as Web Content Accessibility Guidelines (WCAG) 2.0 parsing compliance findings.
  • Exposure Monitoring
    Company employees may disclose Local IPs, email addresses, version numbers, whois privacy records or even misconfigure a service in a way that it may expose sensitive information to the internet.
  • Brand Monitoring
    Brand monitoring is a business analytics process concerned with monitoring various channels on the web or media in order to gain insight about the company, brand, and anything explicitly connected to the cyber space.

Interested in finding out more? Register today for our FREE Cybersecurity Risk Scorecard. You won’t regret it.

{{cta(‘28930af3-48ef-45de-9a14-9a33518ebcf2′,’justifycenter’)}}

 

Carl Keyser is the Content Manager at Integris.

Keep reading

Bridging the Gap between Automation and Innovation

Bridging the Gap between Automation and Innovation

Automation and Innovation. Some people might say those two words cancel each other out. Yet, I believe these two concepts can create capacity for each other—if your business leverages the free time automation creates to foster innovation. Automation can be...

Why Is My Laptop Draining So Fast?

Why Is My Laptop Draining So Fast?

Before You Replace Your Laptop Battery, Try These Fixes First Stuck with a laptop that’s running out way before it’s standard 8-10 hours of run time? Don't throw it out just yet.  Try these quick fixes to extend its life: Reduce your screen brightness If possible,...