Don’t end up on the sidelines thanks to External Attack Surface Management
As the largest European private rail freight operator, with headquarters in Belgium and sites in France, Germany, Italy, the Netherlands and Spain, Lineas employs more than 2,100 people. The company wants to realize a ‘modal shift’ in Europe, moving freight off the road and onto rail. By doing this, they want to improve the supply chain of companies and tackle issues caused by road transport, such as mobility issues, climate impact, health hazards due to air pollution, and road casualties.
Lineas launched the Green Xpress Network (GXN) with 23 rail connections between European stations in 2014. Last year in 2020, as the first transport company in Belgium, Lineas was named SDG Pioneer by the United Nations Institute for Training and Research. Also in 2020, Lineas presented the ‘Heroes’ locomotive, as a tribute to the heroes in the fight against the coronavirus. The special edition locomotive wrapped in white, not only honors the healthcare workers, but also other critical jobs that keep society on track during the COVID-19 pandemic. Most recently, Lineas acquired Independent Rail Partner in the Netherlands to strengthen their presence in the Dutch market.
The importance of cyber resilience and proactivity
Cybersecurity has always been at the top of the agenda at Lineas. The CISO, Christophe Rome, is constantly keeping up with new cybersecurity products and solutions which led him to Sweepatic.
Lineas needs to keep their infrastructure and services safe from cybercriminals that might cause serious harm. An important element in Lineas’ cyber resilience strategy, is External Attack Surface Management: knowing which IT assets are freely available online, reducing and monitoring them. This proactive approach helps Lineas become unattractive for bad actors, which in turn reduces Lineas’ risks for serious cyberattacks. Working with the Sweepatic Attack Surface Management (ASM) Platform allows Lineas to augment their attack surface reduction initiatives and remediate security issues proactively.
The Challenge of External Attack Surface Management
The CISO of Lineas needed to get an overview of the company’s attack surface quickly and get an action plan in place. To improve Lineas’ cyber resilience and strengthen internal processes, better visibility on and monitoring of all the organization’s internet-facing assets was needed.
It’s a challenging task to keep an eye on all known and unknown internet-facing assets out there. What marketing campaign websites are still online? Can they be removed? Are all our websites up and running? Are there any known vulnerabilities connected to assets that we need to take into account? This ‘knowing what you have available online’ was the first step to protect Lineas’ attack surface.
Christophe Rome (CISO of Lineas): ”The onboarding and set-up of our scope in the platform was very easy and quick. We only needed to provide our primary domains and Sweepatic picks up all external data from there. The Sweepatic Platform provides a very clear inventory of all Lineas’ domains, websites, IP hosts, certificates, etc. The dashboard stats and graphs visually present the digital footprint, while the different platform modules offer more detailed and in-depth metadata on every asset.”
Additionally, shadow IT needed to be addressed. Christophe Rome: “With more employees working from home, shadow IT was an issue to be reconned with. We were looking for an easy and efficient way to discover shadow assets and remove them or fix any issues related to them.“
Gaining visibility on the attack surface allowed Lineas to proactively protect their organization and make them less attractive for cybercriminals.
Why Lineas Chose Sweepatic
After initially meeting with our Sweepatic team and receiving a personalized demo for the Lineas attack surface scope, it became clear that the Sweepatic Platform would be of great value for Lineas’ Attack Surface Management and Reduction.
As the Sweepatic discovery engine automatically maps the entire attack surface without the need of entering IP addresses, visibility was quickly created. The powerful and fast discovery engine sweeps the external online exposure of Lineas and presents all the data in the Sweepatic Platform, including SSL certificate charts, attack surface evolution trendlines, a (sub)domains inventory, active website screenshots, cybersquatting domains and more.
Thanks to the increased attack surface visibility, Lineas augments their Attack Surface Reduction initiatives. Additionally, the included automated vulnerability detection of the Sweepatic Platform helps Lineas to proactively remediate, without having to upload their assets in a vulnerability scanner first.
Christophe Rome: “With the Sweepatic Platform running its discovery and analytics engine continuously, changes in our attack surface and possible issues are monitored and alerted 24/7. Based on the Sweepatic notifications, we create tickets for risks in our attack surface, follow them up and fix them. In that way, we can also identify assets that no longer serve a business purpose and therefore are attack surface reduction candidates to remove from our online presence.”
Lineas chose Sweepatic as an Attack Surface Management solution because of the proactive approach and the benefits a young innovative company entails.
Christophe Rome: “At Lineas, we appreciate Sweepatic’s close interaction, dynamism and flexibility. It starts with the quick and easy onboarding, followed by a customer kick-off call providing us with all information and answers we need to get started using the platform. Customer feedback is always welcome and listened to. Feature requests are put on the product roadmap if they prove feasible, so we as a customer can really have an impact on the product development.”