Name: Attack Surface Management Defined | Security from the Attacker's Perspective
Start: 2022-10-27T15:00:00Z
End: 2022-10-27T15:00:55.000Z
Location: BrightTALK
Rating: 2

The opportunities created by cloud products and services are enabling organizations to reach new heights of scalable growth and goals in 2023. The flexibility and agility of cloud environments is exciting for business development, but the amount of choice available to IT practitioners can also be overwhelming. Join Censys' Kevin Garrett as he uncovers Censys' own insights into cloud tools, trends and solutions.

All About Cloud: Tools, Products, and Services Critical to Cloud Success

Listen in as Senior Solutions Engineer Joe Gonzalez walks you through the top five considerations for managing your attack surface. Dive into why your current tools are probably not giving you the full picture, and how ASM solutions can provide critical context to exposed vulnerabilities.

January's Top Five Considerations For Managing Your Attack Surface

Around June 24 2022, out of over 4.7 million hosts Censys observed in Russia, Censys discovered two Russian hosts containing an exploitation tool, Metasploit, and Command and Control (C2) tool, Deimos C2. Historical analysis indicated one of these Russian hosts also used the tool PoshC2. These tools allow penetration testers and hackers to gain access to and manage target hosts. Listen in as Matt Lembright, Director of Federal Applications at Censys uncovered something interesting — not an active ransomware attack, but a cache of tools ready to be used by threat actors to carry out ransomware attacks.

January Webinar: Russian Ransomware C2 Network Discovered in Censys Data

With a comprehensive view of all external-facing internet & cloud exposures and critical risk prioritization, Censys Attack Surface Management finds what attackers look for the most. Interested to see more? Watch our demo on January 4th at 12 PM ET.

January Product Demo Webinar

Digital transformation projects and cloud adoption have increased the scope of the attack surface beyond what traditional security tools can see. In fact, attack surfaces are growing 1.5-2.6x year over year. Your business is moving faster than ever, and protecting the organization through all of this change has its own unique set of challenges. 

In this webinar, we take a look at a live Censys attack surface to help you understand whether the challenges of the modern enterprise are creating gaps in your security program.
Watch the on-demand episode to learn more about: 

- The challenges in security today
- How an Attack Surface Management platform can help your SecOps and IT 
- Understanding all of your company’s Internet assets with full context 
- How an ASM platform can help you manage Shadow Cloud

EASM For the Modern Enterprise

Join the Censys Team as we take you through an in-depth product demo to address how to get total visibility into your Internet and cloud exposure and leverage this visibility to prioritize and remediate your riskiest Internet weaknesses. Discover how to operationalize your attack surface insights across your security stack for end-to-end risk management and see how Censys empowers defenders like yourself with an instant and complete view into your Internet-facing attack surface.

Censys Attack Surface Management (ASM) provides an instant and complete view into your Internet-facing attack surface. By providing a comprehensive profile of the IT assets on the internet, defenders are empowered with the visibility and insights they need to protect themselves, stay ahead of attackers, and build more secure solutions.

Need to see it to believe it? Join us for our live product demo to see how security teams are using Censys ASM to understand and protect their organization’s digital footprint. In just 30 minutes our product experts will answer questions from the audience and show you how to:
- Get total visibility into your Internet and cloud exposure
- Leverage this visibility to  prioritize, and remediate your riskiest Internet weaknesses
- Operationalize your attack surface insights across your security stack for end-to-end risk management

December Product Demo Webinar

Join us for this special webinar episode about harnessing the power of Internet scan data. Learn how Censys uses its powerful Internet scanning capabilities to uncover, identify, and effectively measure Internet risks – and discover how you can use the free Censys Search tool to better inform your own security efforts.

During the webinar, Censys Product Marketing Manager Kaz Greene will lead a live investigation into hacked web servers using Censys Search. 

Watch to learn more about: 
- Finding compromised web servers with targeted attribute queries 
- Understanding insights and trends by building reports
- Analyzing temporal differences in Internet scan data
- Leveraging this data to support your organization’s own security program

What new questions could you answer about your organization's security posture with Censys Search? Register for the webinar to find out!

A Live Investigation with Censys Search

Did you know that during our research, Censys observed 105,497 total services running what would become a Log4j vulnerability target? Of those, 102,060 services were vulnerable to this attack. Tune in to Episode Three of our four-part webinar series in which Research Scientist Emily Austin dives into the internet's response to major vulnerabilities such as:

- The “Log4Shell” vulnerability that was disclosed in the Log4j logging library
- A critical RCE vulnerability in GitLab Server (CVE-2021-22205)
- An OGNL Injection vulnerability in Confluence that led to Confluence instances disappearing entirely from the public internet (CVE-2021-26084)

Episode Three: The Internet's Response to Major Vulnerabilities

Webinar: Russian Ransomware C2 Network Discovered in Censys Data

The Censys Research Team evaluated the presence of various risks and vulnerabilities across random samples of 2.2 million hosts from November 30, 2021, and 2 million hosts from roughly half a year later on June 10, 2022, all drawn from our Internet-wide scan data. In Episode 2 of our four-part webinar series reviewing the Censys 2022 State of the Internet Report, Research Scientist, Emily Austin and Security Researcher, Himaja Motheram will dive into the top five Censys-visible risks that were discovered from this evaluation.

Episode Two: The Top Five Censys Visible Risks

The Internet has revolutionized how we communicate, share information, and do business. Digital security is no longer a concern just for the Computing and Information Technology space, as organizations across industries have a growing digital footprint. Understanding the sprawl of your public-facing assets, or your “attack surface,” is more pressing. Without this meaningful visibility, protecting your digital systems is a guessing game. 

In the 2022 State Of the Internet Report, authored by the Censys Research Team, we examine the Internet through several lenses, such as the Internet as a whole and its attack surface, the Internet’s response to major vulnerabilities, organizations on the Internet, and what our customers and security experts have to say about our findings. 

Join us for part one of our four part webinar series where Emily Austin, Research Scientist at Censys, will spend the hour providing a high-level overview of: 
- Mitigation strategies and the three distinct types of behavior in response to vulnerability disclosures
- The percentage of misconfiguration risks that were observed across the internet and the varying data that was uncovered with it 
- Attack surface samples that were ran on 37 large organizations and the data that was disclosed including the various domain registrars and hosting providers

Episode 1: 2022 State of the Internet Report by Censys

The Top Five Considerations For Managing Your Attack Surface

With the explosion of cloud, IoT, and connected assets on the internet, attack surfaces are expanding faster than ever. The risks to your organisation are continuously shifting; misconfigurations and the like mean that assets are exposed and available for anyone to find. The challenge is who finds these exposed assets first – you or the attackers? Your security team needs an advantage. 

Attack Surface Management (ASM) helps our customers quickly find exposed assets across the cloud and Internet, prioritising the most critical risks to the organisation. But not all solutions are created equally. The ability to automatically detect new exposures saves time for the security team when understanding the entire attack surface; while a prioritised set of accurate risks coupled with practical guidance for fast remediation empowers the team to focus on fixing the problems that are actually going to get you breached.

Attack Surface Management Defined | Security from the Attacker's Perspective

Attack Surface Management

External Attack Surface Management

Cyber Attacks

Cyber Intelligence

Threat Assessment

Threat Detection

Security Analytics

CISO

IT Security

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Attack Surface Management Defined | Security from the Attacker's Perspective

Presented by

About this talk

Censys US