Blog

Expanse Launches New Python SDK to Support Custom Integrations

Expanse is excited to announce support for a new python Software Development Kit (SDK) to empower customers on their journey to leverage all of Expanse’s different APIs. We understand that many organizations have complex, bespoke workflows that can require custom engineering to build and maintain. In this spirit, we’re confident that this SDK will allow Continue reading…

Risky Network Traffic in Fortune 500 Financial Services Companies

Welcome to the second installment of Expanse’s new blog series, Internet Data Bytes. In our last article, we demonstrated just how common risky Internet assets and communications are across a set of major healthcare companies.  In this edition, we’re looking at what a typical week looks like for the global enterprise networks of 12 of Continue reading…

Co-located Cloud Exposures Now Available in Expander

Expanse Finds SSH, FTP, and POP3 to Be the Most Commonly Exposed Cloud Services Among Top Enterprise Organizations At Expanse, we’re committed to helping our customers manage their complete global attack surface. To further support this mission, Expanse is rolling out enhanced visibility into customers’ cloud attack surface by displaying co-located cloud assets in the Continue reading…

State Police Department Reduces Remote Attack Surface With Expanse

Problem A large state police department faced challenges in identifying and securing attack vectors across its remote attack surface. The department had unintentionally exposed more than 75 Remote Desktop Protocol (RDP) servers, the majority of which corresponded to state police cruiser vehicles, that could have left the department open to attack by malicious actors online. Continue reading…

Risky Assets and Traffic Still Prevalent in Leading Healthcare Orgs

Internet Data Bytes: Healthcare Welcome to Expanse’s new blog series, Internet Data Bytes! This series will examine trends and cybersecurity risks Expanse regularly uncovers through our unique observations of Internet-accessible systems and services belonging to the world’s largest and most complex organizations. For this edition, we’re taking a quick dive into what a typical week Continue reading…

SIEM vs. SOAR: What’s the Difference?

SIEM and SOAR products exist to solve many of the same problems that security teams face today: to collect, normalize, aggregate, correlate, detect, alert on, and remediate across an ever-increasing number of disparate information vectors in order to manage security events in their networks. While these two classes of tools do have some similarities, they Continue reading…

Expanse Debuts New Integration for Splunk Phantom

Expanse is pleased to announce the release of our new integration for Splunk Phantom. As a Security Orchestration, Automation, and Response (SOAR) solution, Phantom plays a critical role in many of our customers’ ecosystems, helping them improve security teams’ efficiency and reduce incident response times.  Many of our customers in the Splunk universe are already Continue reading…