What is your Attack Surface Score and how can your organization benefit from it?
It is time to announce one of the biggest new features in the Sweepatic Attack Surface Management Platform so far: We are starting the year fresh with Attack Surface Scoring!
Discover how well your attack surface scores across several dimensions. From now on, you can consult the score (A-F) of all your internet-facing assets and global attack surface in the Sweepatic Platform, indicating the status of your external cybersecurity posture. The scoring helps to navigate the attack surface towards prioritized observations and to kickstart the remediation process to make your organization more cyber resilient.
Our customers and partners are very enthusiastic about the new feature. Amongst others, Ekinops shared their feedback. Jan Van der Velpen, IT Director:
What is Attack Surface Scoring?
How well is your organization’s online infrastructure maintained on the internet? Is your cybersecurity hygiene okay? Do you have many vulnerabilities causing possible entry ways for cyberattackers into your organization? How well does your organization do compared to other companies in the same industry?
With Attack Surface Scoring, you can put a number – well, in our case a letter – to those questions. The attack surface score provides a status of your cybersecurity posture and indicates where you can improve. Boost your attack surface management and turn your E score into an A to become less attractive to cyberattackers!
Scoring levels and dimensions
The score is set and maintained on 3 levels:
- Asset: each asset – an asset is defined as a website, (sub)domain, IP host or certificate – in the Sweepatic Platform receives a score across the 6 dimensions explained below. You can consult asset scores in the asset inventory throughout the platform. In the asset card details, you can see the asset score breakdown per dimension.
- Scope: in the main Sweepatic dashboard, you can see the aggregated score for the entire attack surface scope. Here you get an overview of the prioritized observations or issues per dimension and you can quickly see which issues need to be fixed to improve the score.
- Observation: Each observation is linked with a certain security dimension and is scored within this dimension.
To calculate the score of the assets and attack surface, 6 dimensions are taken into account.
- Vulnerabilities: These are reported when Sweepatic finds software versions that have known vulnerabilities or CVEs.
- Configuration: IT assets that are not configured according to well-established security best practices.
- Exposed Service: These are services that normally should not be exposed on the internet for everyone.
- Encryption: Proper encryption prevents data leakage and man-in-the-middle attacks.
- Reputation: The reputation of discovered assets is verified against external spam and blocklists. Reputation issues can lead to downtime, service degradation and performance issues.
- Hygiene: Hygiene based observations, can be sources for information gathering, or point to known and unknown assets that are not set up according to good standards. Without a valid business justification, these are potential candidates to take offline, by means of an attack surface reduction exercise.
Under each dimension, a user can drill-down to consult the observations leading up to the score. The Platform is prioritizing observations for you, so you can focus on improving your score across the dimensions!
Score calculation method: the math of the Sweepatic Platform
The transparency on how the Sweepatic Platform calculates the scores, is very important for us. Only in that way, customers and partners can truly get the full insights on their attack surface score.
We calculate a score for the six key cybersecurity dimensions and a total score for the attack surface.
A cybersecurity dimension is scored overall by aggregating scores of all assets for that cybersecurity dimension. An attack surface is scored overall by aggregating scores of all assets and of all cybersecurity dimensions. This aggregation is done via a weighted average where worse scores receive a higher weight.
How does your organization benefit from the Attack Surface Score?
- More insights and easy to consume information: The six dimensions each give more insights in the entire attack surface, they explain where to look for problems in your attack surface and how to address them in the remediation phase. A bad score means you have an opportunity to take actions and improve the score. The dimensions represent Sweepatic’s suggestions to clean up the attack surface.
- Easier prioritization and workflow: The score tells you where to start. When you know what issues to focus on, you can prioritize the ones to fix first. Instead of having a long flat list to sift through, you can now start with the dimensions that score worst. The Sweepatic Platform guides you where to focus on first.
- Reporting: The score of your attack surface indicates how well you are doing and how you are improving the organization’s online presence towards management.
- Save time: All of the above boils down to saving time. You get better insights more quickly. The MTTD (or Mean Time To Detect) improves significantly. As the Sweepatic Platform is a purpose-build attack surface management platform, you can focus on the remediation process, address issues to fix and make your organization more cyber resilient.
- Historical trend: The trendline in the scoring feature, provides a historic overview of the evolution of your attack surface score over time.
- Industry comparison: Soon we will release a benchmark feature, allowing a score comparison between your organization on one hand and your sector and other industries on the other hand.