Cybersecurity Scorecard: Help Businesses Stay Safe

by

October 25, 2018

There’s a litany of things a business owner has to be concerned with. There’s so much to deal with on a daily basis that certain things can get overlooked.

One of those things is cybersecurity. We spoken a bit about how important it is to discuss cybersecurity matters at the executive level and why it may be necessary to hire an outside cybersecurity expert (like a Managed Cybersecurity Services Provider).

Both of those things might seem pretty daunting and not all that easy to accomplish. Especially if you’re up to your neck with other tasks. You might even be saying you don’t even know where you’d start to investigate your current cybersecurity posture.

Truth be told, it’s not as difficult as you think. That’s why we’re offering you a FREE cybersecurity risk scorecard. We think it’s a great place to start when considering your businesses’ overall cybersecurity health and well being.

The Cybersecurity Risk Scorecard uses open source intelligence (meaning non-invasive) means to investigate your cybersecurity posture. The scorecard helps breakdown complex information and makes it easy to understand and ready for consumption at the executive level.

What’s Included:

  • Patch Management
    Details are collected in relation to system version numbers. The scan leverages software from internet-wide vendors. like Censys, Shodan, Zoomeye etc. These version numbers are converted into the corresponding common platform enumeration number (CPE-ID) and are then correlated with NIST
  • Email Security
    Vulnerabilities are collected relating to potential email servers and SMTP misconfigurations like open relay, unauthenticated logins, restricted relay, SMTP ‘Verify’ vulnerabilities and more.
  • DNS Health
    We generate DNS health report from 40+ control items which are collected from online services like IntoDNS, Robtex, Netcraft and HackerTarget. Since DNS queries are recursive, it is almost impossible to detect a hacker footprints from the DNS servers.
  • Leaked Credentials
    There are more than 5 billion hacked email / password available on the internet and underground forums. This section shows the leaked or hacked emails & passwords.
  • IP/Domain Reputation
    Asset reputation score is based on the number of IPs or domains are blacklisted or they are used for sophisticated APT attacks. The reputation feeds are collected from VirusTotal, Cymon, Firehol, BlackList DNS servers, etc.
  • Fraudulent Domains
    Fraudulent Domains and subdomains are extracted from the domain registration database. The registered domains database holds more than 300M records.
  • Attack Surface
    Attack surface is the technical analysis of open critical ports, out-of-date services, application weaknesses, SSL/TLS strength and any misconfigurations. This information is gathered from Censys & Shodan database and service / application versions are correlated with Passive Vulnerability
  • Digital Footprint
    Digital Footprint is determined by open ports, services and application banners. This information is gathered from NormShield crawlers, Censys, VirusTotal, Robtext, Alexa, Shodan etc.
  • Web Ranking
    Cisco, Alexa and Majestic track web sites and rank them according to popularity, back-links, references, etc. This subcategory shows Alexa and Majestic trends, Google Page insight speed test results as well as Web Content Accessibility Guidelines (WCAG) 2.0 parsing compliance findings.
  • Exposure Monitoring
    Company employees may disclose Local IPs, email addresses, version numbers, whois privacy records or even misconfigure a service in a way that it may expose sensitive information to the internet.
  • Brand Monitoring
    Brand monitoring is a business analytics process concerned with monitoring various channels on the web or media in order to gain insight about the company, brand, and anything explicitly connected to the cyber space.

Interested in finding out more? Register today for our FREE Cybersecurity Risk Scorecard. You won’t regret it.

{{cta(‘28930af3-48ef-45de-9a14-9a33518ebcf2′,’justifycenter’)}}

 

Carl Keyser is the Content Manager at Integris.

Keep reading

Strong Cybersecurity Postures: How to Unleash their Power

Strong Cybersecurity Postures: How to Unleash their Power

In the vast digital landscape where virtual dragons and sneaky trolls roam a strong cybersecurity posture has never been more important. Imagine a band of modern-day knights led by our protagonist, Alex. Armed with a trusty laptop and a cup of coffee, Alex navigates...

How to Spot a Phishing Attack in 2023

How to Spot a Phishing Attack in 2023

In 2023 cyber threats lurk behind every tree trunk in today's digital jungle, and cybersecurity awareness is more critical than ever. Among the craftiest of these threats are phishing attacks. Phishing attacks are cunningly engineered with social manipulation at their...

How to Choose an IT Consultant in Boulder, CO

Regardless of industry size or type, Boulder IT consultants play a massive role in the way companies in the Boulder area do business. While most companies may have their own in-house IT department, many of these departments are small and cannot handle all the...