Internal Attack Surface Management (IASM)
This breakthrough innovation gives information security teams the ability to assess the risk posture of assets exposed to the internet. Unlike scanning, this new technology actively monitors the network traffic these assets use to establish identity, select protocols, negotiate encryption and access data. Objective evidence from these network relationships is then used to identify, prioritize and report insecure configurations.
Internal Risk Factors
What assets in your network poses the highest security risk? Is it Users, Devices, Networks, Applications or Data Assets? Our internal risk factors assessment provides a prioritized list of asset risks, allowing you to mitigate risk by prioritizing what to investigate first.
Browsers verify the chain of trust for all end entity certificates, but what about all your other apps?
Our certificate chain analysis performs this same validation for every TLS session in your network.
Let's face it, databases are a mystery. No company knows how many they have, where they are located, if they are encrypted, who is accessing them, and the list goes on. It is no wonder the number of exfiltrated records grows year after year. We have the answers to your database security questions.
Usernames and passwords are the keys to our digital kingdom. You would think they would be one of the most secure elements in the network, but unfortunately, they’re not. Windows workstations are notorious for exposing credentials in cleartext and weak hashes, as well as all the domain controller session data itself!
Do you know how much of your business network traffic is protected by encryption? Are the encryption algorithms being used obsolete and easy to crack?
We have the technology to answer these and other tough-to-answer network security questions!
Dragonfly Cyber's technology provides an internal assessment of a company’s cybersecurity posture using small-footprint non-intrusive network sensors. Our patented network traffic analysis technology continuously monitors asset relationships, evaluates the cyber strength of the communication and scores that behavior to multiple risk factors. The result is a real-time reporting of risk factors that drives fact-based risk remediation. These risk factors are invaluable for continuously evaluating enterprise cyber risk management, third-party risk management, progress on board of director initiatives, evaluating cyber insurance posture, and qualifying mergers and acquisition opportunities.