By Shelby Carpenter - July 10, 2019
Like most large financial institutions, this Fortune 100 financial services company has a complex network. From M&A activity to cloud development to securing critical suppliers, it was challenging for the company to identify and monitor all of its Internet-connected assets. And without a complete and accurate IT asset inventory, it was even more challenging to secure those assets.
By Marshall Kuypers - June 26, 2019
It’s easy to focus on the threats that you know about, and easy to ignore the ones that you don’t see. When organizations conduct vulnerability scans, they get a weekly reminder of all of the unpatched and out-of-date devices on their network. Spam and phishing emails come in daily and are a constant reminder of… Continue reading…
By Marshall Kuypers - June 19, 2019
In the past, the vast majority of an organization’s attack surface was based on static ranges that were registered to that organization. This made it relatively simple to monitor the attack surface for signs of compromise and prevent intrusion by malicious actors. But things have changed. Today, most organizations have assets on so much more… Continue reading…
By Luna Frank-Fischer - June 12, 2019
In order to effectively protect our customers, Expanse cultivates a deep understanding of the Internet. We use our global perspective to help our customers understand both what they own that is connected to the public Internet and how to keep their assets secure. Since joining Expanse as a software engineer, I’ve learned about many pervasive,… Continue reading…
By Seth Ford - June 5, 2019
Over the past decade, IT processes have become increasingly decentralized at most organizations. Because the control of Internet-connected assets is so dispersed, it’s an ongoing challenge for organizations to appropriately manage asset lifecycles and monitor for exposures. Few things have contributed to the decentralization of IT — and the asset management challenges that come with… Continue reading…
By Haley Sayres - May 30, 2019
Organizations need to secure their assets in the cloud. But they can’t secure what they don’t know about.
By Marshall Kuypers - May 28, 2019
The Internet has created myriad ways for people and organizations to connect with one another. Unfortunately, attackers will attempt to find and exploit the Internet presence of an organization. All of the connections, profiles, pages, and posts can be discovered and potentially weaponized in both targeted and opportunistic attacks. Your Internet Presence The classes of… Continue reading…
By Marshall Kuypers - May 23, 2019
On May 14th, 2019, Microsoft released a patch for a pre-authentication vulnerability affecting several versions of Windows. Microsoft even released a patch for end-of-life software because the vulnerability is so serious that it has the potential to create a WannaCry-styled global outbreak. In this post, we’ll talk about RDP, the vulnerability, and how you can… Continue reading…
By Brittany Alexander - May 15, 2019
When I worked as a cybersecurity consultant at one of the Big Four auditing and professional services firms, I got a front-row seat to the security challenges facing enterprises today. I learned to be skeptical of the cyber maturity of the “big guys,” or the large and well-established enterprises that are connected to the daily lives of millions. While working with clients of all sizes across multiple industries, I realized very few organizations have even a decent grip on their actual cybersecurity posture.