Skip to the main content.
Login SCHEDULE A DEMO
Login SCHEDULE A DEMO
  • Netenrich /
  • Blog /
  • Looking “Left of Bang” to Increase Situational Awareness

2 min read

Looking “Left of Bang” to Increase Situational Awareness

At Netenrich, part of what we’re doing is looking "left of bang." Bang (!) is geek speak for when we see detonation of malicious content. What happens before the compromise that makes us more likely to get hacked? We call it situational awareness. At any point along the way in a correlated series of events leading to a compromise, we can take action and remove the risk before bang.

Consider a few common scenarios where situational awareness and action prior to compromise could change the outcome:

  • Per LexisNexis, your cleared employee just filed for bankruptcy.
  • Your public-facing website has seven (7) critical vulnerabilities.
  • Your company has 17 interns. One of them is a member of domain admins.
  • Of your 1,500 ATM machines, one is running different software than the rest.
  • Your production cloud environment has 15 different “containerized operating systems.”
  • An employee starts publicly posting hundreds of very nasty things about your company.
  • A key employee is uploading or emailing resumes.
  • A point-of-sale machine has zero free disk space and CPU utilization is at 90% — and your biggest sale of the year starts in an hour.
  • The events per second count from a critical log source went to zero or spiked to 300% more than normal.
  • A device is communicating on a never-before-seen port or on an insecure port (69, 20/21, 23, 25 | SFTP, FTP, Telnet, SMTP).

 

Looking beyond risk — predicting likelihood

As we extend situational awareness and tie events to active threat campaigns and exploits known to be in the wild — see Netenrich Knowledge Now (KNOW) for a free “trending threats” feed — we go one level deeper and can predict the “Likelihood” of an exploit.

How? By combining knowledge about the asset, its vulnerabilities, the number of exploits in the wild that leverage those vulnerabilities, and the actors and campaigns using those exploits. We can even map a customer’s business type to the campaigns targeting that vertical.

Situation analysis

 

Knowledge Now (KNOW): Real-time global threat intelligence

KNOW now trending threats

Threat actors from KNOWLEDGE NOW

Vulnerabilities from KNOWLEDGE NOW

 

Attack Surface Intelligence uncovers hidden risks and exposures

Netenrich combines auto-discovery of assets linked to a domain, vulnerabilities, and public information into Attack Surface Intelligence to surface public security risks and exposures prior to exploit.

Attack Surface Intelligence dashboard

And if you need help, we offer vulnerability management services (vulnerability scanning/asset discovery) and digital management services (patch management and proactive asset resolution).

 

And compliance says?

On the CIS 18 Critical Security Controls list, asset inventory ranks as the #1 and #2 top priorities. If you don’t have a plan for asset discovery, inventory, and risk profiling — in other words, a “left of bang” plan to improve situational awareness — you might get burned by your auditors or have a cybersecurity insurance renewal or claim denied because you didn’t follow best practices. And that’s even if you don’t get hacked.

In the next installment in this series, I’ll lay out some common threat scenarios and show what we can detect.

 

Security information and event management

4 min read

SIEM 101 – Best Practices for Implementation

Security information and event management (SIEM) is about collecting, detecting, and responding. That is, collecting data into a single pane of glass...

Read More

1 min read

Netenrich at RSA Conference  2023

Visit Netenrich at booth #4241 in Moscone South Expo during RSAC in San Francisco on April 24 - 27, 2023. Netenrich will present and demo Resolution...

Read More
Increase situational awareness

2 min read

Looking “Left of Bang” to Increase Situational Awareness

At Netenrich, part of what we’re doing is looking "left of bang." Bang (!) is geek speak for when we see detonation of malicious content. What...

Read More