RiskIQ has introduced updates and enhancements to its Digital Footprint product to improve digital defences and help organisations understand their exposure to digital risk from outside the safety of their firewall.
New capabilities within Digital Footprint provide a holistic Risk Report to an organisation, as it relates to their external risk exposure on the internet. Utilising RiskIQ’s industry-leading internet reconnaissance, security defence teams can dig deep into the factors that contribute to their risk to establish a plan to remediate the most critical security exposures.
“As part of our commitment to helping our customers tackle the persistent threats against them, we continue to invest in our platform to provide actionable insights, visibility, and control over risk and threats outside the firewall,” said Lou Manousos, CEO of RiskIQ. “Organisations are managing an unprecedented level of risk by simply having a digital presence online. RiskIQ provides the visibility and intelligence, along with the broadest and deepest internet data, to help an organisation understand and reduce their risks.”
RiskIQ Digital Footprint, the company’s attack surface visibility product, provides a real-time inventory of all internet-facing assets, including the components running on assets that may expose the organisation to vulnerability risk. In addition to the new Risk Reporting capability, Digital Footprint now automatically correlates newly discovered vulnerabilities with internet-exposed components and assets, immediately highlighting those at risk to inform patching and remediation planning.
RiskIQ looked at Risk Reports for 25 of the 50 largest banks in the U.S., which returned an average risk score of 74 out of 100. The average bank had 30 domain configuration issues, 42 SSL configuration issues, 87 IP reputation issues, and 81 threat indicators across their digital footprints. These results go to show that even some of the biggest institutions, with likely the most sizable security budgets, have room for improvement and gaps in security outside the firewall.
"Being able to quantify your risk and understand precisely what contributes to it is essential to managing your digital attack surface," said Ed Amoroso, CEO of TAG Cyber, a global cybersecurity advisory company. "Risk reporting and scoring should be the first step companies take to address their external risk exposures and something they continue to monitor as they manage a healthy security posture."
RiskIQ has recently released more than 25 new features for the rest of its Digital Threat Management platform and products, including updates to its user interface to speed up the process of validating and triaging digital threats such as phishing, brand abuse, social imposters, and rogue mobile applications. RiskIQ has also introduced single sign-on (SSO) capability to integrate the platform authentication to existing enterprise account and user management tools. Other new enhancements improve threat detection and investigation capabilities, help organisations maintain their inventory of all official social media profiles and mobile applications, and provide an understanding of open ports exposed on their organisation’s IP footprint. These updates are all available to customers today.
