Attack Surface Management

Attack Surface Management (ASM) is a cybersecurity practice focused on the continuous discovery, analysis, prioritization, remediation, and monitoring of vulnerabilities and potential attack vectors within an organization’s IT infrastructure.

Threat Intelligence

Overview

This advanced module operates as a virtual threat analyst, continuously gathering, analyzing, and enriching threat data from various sources to provide actionable insights and proactive threat mitigation strategies. It empowers organizations to stay ahead of evolving cyber threats and make informed decisions to safeguard their critical assets.

Key Features:
  1. Threat Intelligence Dashboard: The Threat Intelligence Dashboard is a comprehensive tool that offers a visual representation of cyber threats and vulnerabilities. It includes features such as Social Network visualization, Trending, tracks mention of an organization over time and references to top industries in cyber threat reports, providing insights into potential targets. The Scanning feature provides insights into threat actors’ probing activities, while Top Scan Results highlight significant findings from these scans.

  2. Social Footprint: Social Footprint measures, manages, and reports an organization’s social sustainability performance. It helps organizations understand their social risks and impacts and communicate their social sustainability efforts effectively.

  3. Scan: The Scan feature automates the process of examining a system or network for any behavior or information that might signify a threat or vulnerability.

  4. Domain Scan: The Domain Scan tool automates the process of investigating a specific domain for potential threats or vulnerabilities.

  5. Feed: The Feed feature in a threat intelligence news feed is a real-time, continuous data stream that gathers information related to cyber risks or threats.

User Manual:

Threat Intelligence Dashboard

Click the “Threat Intelligence Module” to navigate to the TI Dashboard

image.png

Threat Intelligence Side Navigation Menu

The Side Navigation Menu lists all the Threat Intelligence tools to gather information for the target. It includes Social Footprint, Domain Scan, and Feed.

image (5).jpg

Social Footprint

Click on Social Footprint to add a target email address to scout. This will display an example of the scanned organization’s employee email and the related social media that the user mostly visited.

image (6).jpg

 

Domain Scan

Click Domain Scan, then click the New Scan Button. Input the Name of the target and the target domain, then click Scan Now. After the scan, click the scanned target to view the data. Data shown are the result of a scanned domain. Click on one of the correlations to view the vulnerabilities of the hosts.

DomainScan.png

New Scan Button

scanbutton.png

Target view data

Targetview.png

Scanned domain

ScannedDomain.png

Host Vulnerabilities view

VV.png

Feed

Click the Feed, select a cyber news site, and click View More to view the list of news on that site. Select any news to read.

Feel free to adjust the template further as needed!

VV.png

View more

feedview.png

List of News in Bleeping Computer site.

bleeping.png

Select any News

bleee.png

If you need further assistance, kindly contact our support at info@cytechint.com for prompt assistance and guidance.

Vulnerability Assessment and Management

Overview

Welcome to the Vulnerability Assessment and Management module. In this section, you'll be guided through the process of using our vulnerability assessment and management tool. You'll learn how to:

Vulnerability assessment and management is a process for identifying, evaluating, and addressing security weaknesses in an organization’s systems and networks. It involves scanning for vulnerabilities, assessing their impact, and prioritizing them by severity. This includes using tools and techniques to find vulnerabilities, analyzing the results, and generating reports for remediation. Management then involves applying patches, adjusting security settings, and monitoring for new threats. The goal is to enhance security, reduce risk, and protect against potential exploitation.


Navigate to the module:

image (7).jpg


How to Create a Scan

image.png

image.png


Scans Dashboard:

The scans dashboard provides a comprehensive overview of all ongoing scans, displaying the percentage of completion for each one. Additionally, it highlights the number of detected severities and vulnerabilities, offering a clear and detailed snapshot of the scan results.

Screenshot from 2024-08-29 16-45-29.png


Vulnerability Assessment and Management Dashboard:


Vulnerability Score:

image.png

The total risk presented by vulnerabilities found in an organization's systems is measured by the Overall Vulnerability Score in a Vulnerability Assessment and Management (VAM). This score is the result of assessing various elements, including each vulnerability's criticality, possible impact, exploitation, and severity. Metrics like the Common Vulnerability Scoring System (CVSS) scores, which grade vulnerabilities according to their effect and ease of exploitation, are also included. The overall vulnerability score aids in prioritizing repair activities by offering a consolidated view of the organization's risk exposure. This helps direct resource allocation to address the most urgent security concerns and improve the organization's overall security.


Overall Vulnerability Score - Trend:

image.png

The Vulnerability Score Trend tracks changes in the overall vulnerability score over time, showing how the organization's risk posture evolves. This trend helps assess the effectiveness of remediation efforts, identify recurring issues, and evaluate long-term security strategies. By analyzing these trends, organizations can gauge improvements in their security posture and make informed decisions to enhance cybersecurity.


Vulnerability Scans:

image.png

Running Scans - Indicates how many scans are running

Completed Scans - Indicates how many scans were completed

Assets Scanned - Indicates how many assets were scanned


Vulnerabilities by Severity & Asset Type:

image.pngThe charts displaying "Vulnerabilities by Severity" and "Vulnerabilities by Asset Type" provide a comprehensive breakdown of identified vulnerabilities within an organization. The "Vulnerabilities by Severity" chart categorizes vulnerabilities into critical, high, medium, low, and informational levels, offering a clear view of their distribution based on their severity. This classification helps in prioritizing remediation efforts according to the risk they pose. Meanwhile, the "Vulnerabilities by Asset Type" chart illustrates the count of vulnerabilities detected across various asset categories, such as web assets, network assets, and mobile assets. This chart allows organizations to understand which asset types are most vulnerable, facilitating targeted risk management and more effective allocation of security resources. By visualizing these metrics, the charts assist in identifying patterns and trends, ensuring a strategic approach to enhancing overall security posture.


Top CVEs Detected & Top Vulnerable Assets:

The Top CVEs Detected and Top Vulnerable Assets provide crucial insights into an organization's security posture by identifying prevalent vulnerabilities and at-risk assets. The Top CVEs Detected report highlights the most frequently found Common Vulnerabilities and Exposures (CVEs) within the organization, focusing attention on the most common and potentially severe vulnerabilities that need immediate remediation. In contrast, the Top Vulnerable Assets chart identifies which specific assets are most frequently affected by vulnerabilities. Together, these metrics enable organizations to prioritize their security efforts by addressing both the most critical vulnerabilities and the assets most susceptible to threats, thereby improving overall risk management and resource allocation.


If you need further assistance, kindly contact our support at info@cytechint.com for prompt assistance and guidance.

Virtual Penetration Testing

Overview

Welcome to the Virtual Penetration Testing module. In this section, you'll be guided through the process of using our virtual penetration testing tool. You'll learn how to:

Virtual penetration testing is a remote security assessment method designed to evaluate the vulnerabilities and weaknesses within digital environments, including web applications, networks, and systems. By simulating potential attacks using various tools and techniques, this method helps identify security flaws and assesses the effectiveness of current defenses. Unlike traditional in-person testing, virtual penetration testing is conducted over the internet, offering flexibility in testing locations and often reducing costs. The primary aim is to detect and address vulnerabilities before they can be exploited, providing valuable insights to enhance your organization’s security measures.


Navigate to the module


Create a Penetration Test Scan

image.png

image.png


Penetration Test Scans Dashboard: 

In the Penetration Test Scans dashboard, it shows all Penetration Tests that were conducted. It shows the completion of the test, whether it has finished the scan or not. It also shows the website where it has conducted the test as well as the different types of severity for the vulnerabilities & risks the penetration has scanned.


Virtual Penetration Testing Dashboard:

Total Vulnerabilities Detected & Severity:

image.png

This section displays the total number of vulnerabilities detected during penetration tests, categorized by severity: informational, low, medium, high, and critical.


Penetration Activity:

image.png

The Penetration Activity section shows the amount of all the penetration tests that were conducted for an organization, all the web assets scanned, during penetration testing, as well as all the currently running penetration tests.


Penetration Graph:

image.png

In this section, a penetration graph is a visual tool that summarizes the results of security assessments. It typically displays various metrics, such as the distribution of vulnerabilities across different severity levels such as informational, low, medium, high, and critical. This provides a clear picture of the organization's risk profile. The graph may also track trends over time, showing changes in vulnerability counts and test status, and highlight which assets were scanned and the vulnerabilities detected per asset. This visualization aids in understanding the effectiveness of security measures, identifying areas needing improvement, and prioritizing remediation efforts based on severity and impact.


Top Vulnerabilities Detected:

image.png

Top Vulnerabilities Detected provides a visual summary of the most critical vulnerabilities identified during the test. It typically ranks these vulnerabilities by severity or impact, highlighting which ones pose the greatest risk. The graph often categorizes vulnerabilities by type or affected system areas, such as web applications or network services, and may show their frequency of occurrence. This helps prioritize which vulnerabilities need immediate attention and provides insight into the overall risk landscape. Additionally, if the graph includes data over time or across different test phases, it can help track trends and assess whether security improvements are being made. Overall, this graph is an essential tool for understanding and addressing the most significant security threats uncovered in the penetration test.


Recent Penetration Test:

image.png

Recent Penetration Test refers to the latest assessments performed to evaluate the current security status of your system. These tests identify and analyze vulnerabilities, helping you understand recent threats and improvements. Reviewing recent tests ensures your defenses are up-to-date and aligned with the latest security risks.


Top Exploitable Assets:

Top Exploitable Assets refer to the most vulnerable components of your system identified as having the highest potential for exploitation by attackers. These assets are prioritized based on their risk level and ease of exploitation, helping you focus on addressing the most critical weaknesses to enhance your overall security.

To access detailed information about vulnerabilities from a penetration test, click on any item in the "Top Exploitable Assets" list. This action reveals a comprehensive view of the scan, including the types of vulnerabilities detected and their severity levels. The modal also displays scan details such as the start and end times, duration, and sources of the test. Additionally, it provides specifics on vulnerability types, affected hosts, paths, insertion points, and overall severity, offering a thorough understanding of the identified security issues.


If you need further assistance, kindly contact our support at info@cytechint.com for prompt assistance and guidance.