ZeroFox External Attack Surface Management

Additional Info

CompanyZeroFox
Websitehttps://www.zerofox.com/
Company size (employees)1,000 to 4,999
Headquarters RegionNorth America

Overview

Digital transformation, hybrid work and complex software supply chains have all led to an unprecedented expansion of unknown and unmanaged assets, systems and exposures across the external attack surface. With ZeroFox EASM, customers can proactively remove threat actors’ targets of opportunity through full-spectrum discovery and enumeration of internet-facing assets, continuous correlation and analysis of exposures and actionable alerting and reporting to rapidly prioritize mitigation and remediation decisions.

ZeroFox EASM mimics attacker reconnaissance through an agent-less, cloud-native solution that leverages the best open source data collection methods and builds on it with our proprietary technology to crawl the external attack surface on your behalf. Our dedicated process enumerates and aggregates your internet-facing assets, including subdomains, IP addresses, software and security certificates, that reveals your digital footprint. This inventory is used to curate and maintain an asset library that is continuously correlated against our risk database, including Common Vulnerability Scoring (CVSS), Common Vulnerabilities and Exposures (CVE) and Expired Security Certificates, creating enriched contextualization of the issues discovered. This process creates a unified and prioritized external attack surface view, enabling rapid alerting and robust investigation into all discovered inventory and associated risks to drive critical mitigation and remediation actions.

Key Capabilities / Features

Active Discovery: ZeroFox EASM automatically discovers Internet-facing assets across your digital footprint. This brand new module within ZeroFox identifies exposed systems, domains, subdomains, IP addresses, outdated software, security certificates, services and more that is externally visible to an attacker. Ongoing discoveries monitor for new exposures and changes to existing assets. Prioritized findings enable your team to focus on the most critical risks.


Summarize Risk: Continuously correlate exposures to assets. An intuitive dashboard provides a centralized view of your external attack surface with clear risk scoring to focus efforts. Powerful labeling and clear asset context helps identify assets by risk level, exposure type and other attributes.


Attack Likelihood Determination: Leveraging the correlated exposures to assets database, ZeroFox EASM helps you estimate attack likelihood by checking the inventory for Common Vulnerability Scoring (CVSS), Common Vulnerability and Exposures (CVE), CISA’s Known Exploited Vulnerabilities (KEV) and Expired Security Certificates.


Explore Attack Surface for Shadow IT: ZeroFox EASM enables powerful searches to uncover unknown or forgotten assets linked to your domains and IP ranges. Companies can preemptively find exposed systems before adversaries do. With ZeroFox ASM, security teams gain an automated way to discover, monitor, protect and improve resilience across the enterprise attack surface.


Actionable Alerts: ZeroFox EASM delivers external awareness for operational assurance, rapid, actionable alerting and robust investigation driving proactive, corrective action.


How we are different

- For over a decade, ZeroFox has leveraged world-class intelligence capabilities to detect, disrupt and remediate external threats that are traditionally outside of your corporate perimeter. Now, as internet infrastructure rapidly grows as a threat vector, we’ve expanded our capabilities to provide customers with complete visibility and control across the entire external attack surface.


- Built by the pioneers of external attack surface management, ZeroFox EASM reduces risk from Shadow IT, misconfigurations, software supply chains and other unknown and unmanaged assets exposed to the internet.


- ZeroFox EASM is an industry-recognized, government-validated solution for organizations of all sizes.