Skip to the main content.
Partner Programs
Technology Partners
Featured Report


  • Netenrich /
  • Blog /
  • Looking “Left of Bang” to Increase Situational Awareness

2 min read

Looking “Left of Bang” to Increase Situational Awareness

At Netenrich, part of what we’re doing is looking "left of bang." Bang (!) is geek speak for when we see detonation of malicious content. What happens before the compromise that makes us more likely to get hacked? We call it situational awareness. At any point along the way in a correlated series of events leading to a compromise, we can take action and remove the risk before bang.

Consider a few common scenarios where situational awareness and action prior to compromise could change the outcome:

  • Per LexisNexis, your cleared employee just filed for bankruptcy.
  • Your public-facing website has seven (7) critical vulnerabilities.
  • Your company has 17 interns. One of them is a member of domain admins.
  • Of your 1,500 ATM machines, one is running different software than the rest.
  • Your production cloud environment has 15 different “containerized operating systems.”
  • An employee starts publicly posting hundreds of very nasty things about your company.
  • A key employee is uploading or emailing resumes.
  • A point-of-sale machine has zero free disk space and CPU utilization is at 90% — and your biggest sale of the year starts in an hour.
  • The events per second count from a critical log source went to zero or spiked to 300% more than normal.
  • A device is communicating on a never-before-seen port or on an insecure port (69, 20/21, 23, 25 | SFTP, FTP, Telnet, SMTP).


Looking beyond risk — predicting likelihood

As we extend situational awareness and tie events to active threat campaigns and exploits known to be in the wild — see Netenrich Knowledge Now (KNOW) for a free “trending threats” feed — we go one level deeper and can predict the “Likelihood” of an exploit.

How? By combining knowledge about the asset, its vulnerabilities, the number of exploits in the wild that leverage those vulnerabilities, and the actors and campaigns using those exploits. We can even map a customer’s business type to the campaigns targeting that vertical.

Situation analysis


Knowledge Now (KNOW): Real-time global threat intelligence

KNOW now trending threats

Threat actors from KNOWLEDGE NOW

Vulnerabilities from KNOWLEDGE NOW


Attack Surface Intelligence uncovers hidden risks and exposures

Netenrich combines auto-discovery of assets linked to a domain, vulnerabilities, and public information into Attack Surface Intelligence (ASI)* to surface public security risks and exposures prior to exploit.

Attack Surface Intelligence dashboard

And if you need help, we offer vulnerability management services (vulnerability scanning/asset discovery) and digital management services (patch management and proactive asset resolution).


And compliance says?

On the CIS 18 Critical Security Controls list, asset inventory ranks as the #1 and #2 top priorities. If you don’t have a plan for asset discovery, inventory, and risk profiling — in other words, a “left of bang” plan to improve situational awareness — you might get burned by your auditors or have a cybersecurity insurance renewal or claim denied because you didn’t follow best practices. And that’s even if you don’t get hacked.

In the next installment in this series, I’ll lay out some common threat scenarios and show what we can detect.

*Please note, Attack Surface Intelligence (ASI) is now known as Attack Surface Exposure (ASE). For more information, please contact us.


Red CryptoApp: A New Threat Group in the Ransomware World

Red CryptoApp: A New Threat Group in the Ransomware World

This is a preliminary report based only on the data leak site (DLS), listed victims, and other observed patterns. A detailed investigation will...

Read More
Netenrich Earns Google Cloud SecOps Service Delivery Expertise Certification

Netenrich Earns Google Cloud SecOps Service Delivery Expertise Certification

As the first, exclusive pure-play Google Chronicle SecOps partner, Netenrich is 100% committed to the Chronicle SecOps and Mandiant technology stacks...

Read More
Identity Behind Hunters International Ransomware Group’s Dedicated Leak Site Exposed

Identity Behind Hunters International Ransomware Group’s Dedicated Leak Site Exposed

This article focuses on my research to uncoverthe identity of Hunters International ransomware group’s (Surface Web) Dedicated Leak Site (DLS). It...

Read More