Censys Attack Surface Management-Identified Risks in Attack Surface Management
Censys Attack Surface Management identifies over 450 risks in the Attack Surface Management platform. The list of all risk types is available in the app.
Risk information appears in the Risks page, in the Hosts List page, on Host Details pages, and in the logbook and asset APIs.
Risks categories help you understand risks at a glance. A risk can belong to more than 1 category.
A misconfiguration is an incorrect or suboptimal configuration of an information system or system component.
-
Service Misconfiguration: A service misconfiguration is an incorrect or suboptimal configuration of a service component that provides functionality in larger processes.
Service misconfigurations include:
-
Weak Authentication
-
Lack of Encryption
-
TLS Cryptographic Weakness
-
SSH Cryptographic Weakness
-
Invalid TLS Certificate
-
Mail Service Misconfiguration
-
Web Misconfiguration
-
Non-Standard Service Configuration
-
-
Cloud Misconfiguration: A cloud misconfiguration is an incorrect or suboptimal configuration of a cloud component that provides functionality in larger processes.
Cloud misconfigurations include:
-
Logging Misconfiguration
-
Authentication Misconfiguration
-
Firewall Misconfiguration
-
Credential Exposure
-
-
Name Infrastructure Misconfiguration: A name infrastructure misconfiguration is an incorrect or suboptimal use of the Domain Name System.
Service misconfigurations include:
-
Domain Registration Misconfiguration
-
DNS Record Misconfiguration
-
An exposure is a situation where sensitive information, devices, or services are exposed to the Internet.
-
Information Leakage: Information leakage is a type of exposure where sensitive information is exposed to the Internet.
-
Device Exposure: An exposed device is a type of exposure in which a physical device is exposed to the Internet.
-
Service or Interface Exposure: A service or interface exposure is when a sensitive service or interface is exposed to the Internet.
Service exposures include:
-
Cloud Exposure
-
Dev Tool Exposure
-
Security Tool Exposure
-
Remote Access Service Exposure
-
IT Admin System Portal Exposure
-
Deprecated and Plaintext Protocol Exposure
-
Internal Network Protocol Exposure
-
Protocols With No Business Use
-
Database Engine Exposure
-
File Transfer Protocol Exposure
-
File System Exposure
-
DDoS Amplification Exposure
-
A vulnerability is a weakness in an information system, system security procedure, internal control, or implementation that can be exploited or triggered by a threat source.
-
Software Vulnerability: A weakness specific to a software product that can be exploited or triggered by a threat source.
Software vulnerabilities include:
-
Denial-of-Service Vulnerability
-
Remote Code Execution Vulnerability
-
Privilege Escalation Vulnerability
-
Cryptographic Vulnerability
-
Outdated Software Vulnerability
-
EOL Software Vulnerability
-
Common Vulnerabilities and Exposures (CVE)
-
-
Web Application Security Vulnerability: Related to vulnerabilities in web servers, web applications, and web services.
Web application vulnerabilities include:
-
Cross-site scripting (XSS) vulnerability
-
Cross-site request forgery (CSRF) vulnerability
-
SQL Injection vulnerability
-
Server-side request forgery (SSRF) vulnerability
-
Compromise is the disclosure of information to unauthorized persons, or a violation of the security policy of a system in which unauthorized intentional or unintentional disclosure, modification, destruction, or loss of an object occurs.
-
Evidence of Compromise: A category of compromise for which there is traceable evidence.
Comments
0 comments
Article is closed for comments.