On-Demand External Risk Assessment
Need to perform an external risk assessment against your organization or a third party, but don't have the time, resource, or interest to navigate procurement and licensing? We have you covered with our on-demand assessment.
With Foretrace's on-demand assessment, you are given a point-in-time exposure report detailing the targeted organizations digital footprint - all from the perspective of a cyber adversary. This includes data collected by all of the modules available within the Foretrace platform, and is enhanced by analyst review and recommendations.
The report includes:
Locations accounts are mentioned on the internet, presence in breaches and on popular paste sites used for credential dumping and exfiltration.
Active scanning and data collection of generated lexically-similar domains which could be used to phish the organizations users.
Detection of public files and scanning for advantageous or revealing metadata content.
DNS record and WHOIS history, presence on blocklists, subdomain footprint, technology in use, takeover vulnerabilities, and more.
Scanning of public / CDN hosted content that contains potentially confidential/regulated data, or includes any custom patterns requested.
Hosts and Vulnerabilities
Passive scanning for live hosts, host metadata collection, enumeration of public facing technologies, implied vulnerabilities, and active scanning for confirmation of findings.
Dark Web Presence
Mentions or presence of the organization and/or its data on dark web forums and marketplaces.
Public Code Secrets
Scanning of public code infrastructure for the unintentional presence of secrets; including certificates, credentials, API keys, and more.