External Attack Surface Management provides RDW with cybersecurity insights

About RDW

RDW is the National Dutch Vehicle Authority in the mobility chain. Some of their tasks include the licensing of vehicles on the Dutch and European market, registration and issuing driving licenses. As a public service, RDW contributes to the realization of policy objectives in the areas of mobility, traffic safety and the environment. RDW actively responds to the global changes, like electric cars and intelligent transport systems, to have an impact on the development and mobility and contribute to sustainability and safety.
For testing and inspecting new vehicles and their parts, RDW’s clients are the car manufacturers and importers. The organization also shares knowledge about traffic safety through consultation and support projects internationally.

 

RDW leverages Sweepatic for their EASM

Moving to the cloud

More and more IT assets are moving online. As a consequence, many organizations lack a centralized and complete view on these internet-facing assets and thus their external attack surface exposure. Additionally, there is a great chance of human errors when IT and cloud migrations take place. Without a centralized, continuous approach it is impossible to operate with a strong cyber hygiene.

This move to the cloud is a global trend and across all industries. It is essential to keep track of your internet-wide company perimeter, to prevent misconfigurations and IT assets and their associating risks that are lost out of sight.

At RDW, they recognized these challenges. The security team appreciated the importance of an intelligent tool that could help them automate the internet-facing asset discovery and continuous monitoring process.

Security insights and continuous asset monitoring

To proactively and continuously track and inventorize their online attack surface, RDW was convinced of the value of an External Attack Surface Management (EASM) solution. After seeing the Sweepatic Platform in action on their own organization’s data, it became clear that the tool could enable them in their cybersecurity initiatives.

Harry Ottens (Product Owner – Security Operations Center): “The Sweepatic Platform provides RDW with visibility on our external attack surface, allowing our security team to respond when vulnerabilities or misconfigurations are detected. Sweepatic gives us insight in the status of our online assets, and status changes compared to the day before. These insights are interpreted by our security team and if necessary, actions are taken to become more secure.”

For RDW, one of the most valuable features in the Sweepatic Platform includes the Certificates module that provides an overview of all assets and their SSL/TLS status.

Harry Ottens: “Apart from the Certificates feature, we mostly use the Domain Discovery module to keep an eye on look-a-like domains, the Reputation checks for all our IT assets and the Tracker (Sweepatic’s activity center) to monitor high-impact issues and changes in our attack surface.”

 

RDW Cybersecurity

Why RDW Selected Sweepatic

After setting up their SOC to have a centralized view on all cybersecurity related information, RDW also wanted to integrate an External Attack Surface Management (EASM) solution. The security team reviewed a number of providers and selected Sweepatic.

Harry Ottens: “Sweepatic scored great in terms of value for money, the fast implementation of the solution, the expertise of the team and their flexibility towards RDW regarding feature requests.”

With the Sweepatic EASM Platform, RDW monitors and remediates their attack surface to keep threats at bay.
Harry Ottens: “For RDW, the added value of the Sweepatic Platform is the automated and structured discovery of our external attack surface. This saves time and simplifies the follow-up of our cybersecurity actions.”

 

Curious to see what the Sweepatic Platform can do for your organization? Request a personalized demo or reach out to our sales team.

You can read more about External Attack Surface Management in our blogpost: https://blog.sweepatic.com/what-is-attack-surface-management/