Эпизоды
-
Running an effective bug bounty program requires balancing an attractive scope and payout to hunters with an attack surface that challenges hunters to do more than automated scans. Program managers want to pay for skillful findings, not automated ones. In this episode, we talk about how ASM helps optimize your bug bounty program.
-
In this episode, we discuss the blindspots of IP-centric approaches to asset discovery and the importance of understanding the full attack surface of an organization.
We unpack the challenges posed by modern cloud architectures, load balancers, and WAFs, and how these can create blind spots in reconnaissance efforts. We also highlight the significance of subdomain data and passive DNS in uncovering hidden attack surfaces that traditional scanning methods might miss.
We talk about:
- The limitations of Internet Wide Scanning
- The importance of breadth and depth in attack surface mapping
- Real-world examples of blind spots in modern infrastructure
- The role of DNS and path-based routing in security assessments
- Insights into IPv6 and its implications for discoveryFor more details about Assetnote's Attack Surface Management Platform, visit https://assetnote.io/
-
Пропущенные эпизоды?
-
This week's episode dives deep into the concept of shadow exposure and how it relates to third-party software, often overlooked in discussions about shadow IT. We explore the historical context of shadow IT, its evolution, and the real risks associated with widely deployed enterprise software that organizations may not fully understand.
Join us as we discuss:
The origins and implications of shadow ITThe challenges of visibility and transparency with third-party vendorsReal-world examples of vulnerabilities in critical software, including ServiceNow and IBM's ASPR FastbackThe limitations of security questionnaires and self-attestation processesThe importance of proactive security measures and effective disclosure processesWe also share insights from our security research team and discuss how organizations can better manage their attack surfaces to mitigate risks associated with shadow exposure.
For more details about Assetnote's Attack Surface Management Platform, visit https://assetnote.io/
-
Today, we explore the world of asset discovery and reconnaissance, particularly how these practices have evolved over time. Historically, discussions around reconnaissance have been overly simplistic and tool-centric, often focusing solely on the latest tools rather than the underlying principles and methodologies.
Join us as we break down our approach to reconnaissance into five key elements: breadth, depth, context, amplification, and focus. We discuss the importance of understanding the attack surface holistically and how to effectively map it out in a modern context.
Learn why breadth is crucial for discovering all assets related to an organization, how depth allows for a deeper understanding of those assets, and the significance of context in enhancing your reconnaissance efforts. We also touch on amplification techniques that can help you uncover hidden vulnerabilities and the importance of applying an offensive mindset to your reconnaissance work.
Whether you're a seasoned security professional or just starting in the field, this episode offers valuable insights and practical advice to enhance your reconnaissance skills and improve your overall security posture. Discover how to think beyond tools and embrace a more strategic approach to asset discovery!
-
In this episode, we dive into the technical complexities of DNS resolution in the context of ASM asset discovery. Join us as we discuss the challenges, implications, and solutions we have encountered while dealing with DNS resolution at scale. From DNS wildcards to security scanning considerations, we explore the importance of DNS data and its role in comprehensive reconnaissance.
Our hosts, Michael and Shubs, share their experiences and insights gained from years of perfecting DNS resolution for asset discovery. Discover how DNS records play a crucial role in security scanning, including the detection of DNS misconfigurations and potential security risks.
Learn about a fascinating case of DNS poisoning at scale and how it was detected and exploited. Gain valuable insights into the differences between IP-centric tools and a subdomain-centric approach to reconnaissance, highlighting the importance of focusing on DNS data for comprehensive attack surface mapping.
-
There's a lot of confusion in the ASM (Attack Surface Management) market. Today we discuss the core principles of ASM, the challenges of building and maintaining an effective ASM system, and the importance of safety and accuracy in external attack surface scanning.
We share insights on the differences between asset discovery and exposure management, the pitfalls of relying on off-the-shelf tools for ASM, and the critical role of curated checks in ensuring the quality and safety of scanning results.
We go behind the scenes regarding the work that goes into creating a reliable ASM system, the impact of open-source tools on the market, and the value of a well-designed and integrated approach to attack surface management.
Gain a deeper understanding of the complexities and considerations involved in building and maintaining an effective ASM system, and learn why quality and safety are paramount in safeguarding your organization's external attack surface.
-
Today, co-hosts Michael and Shubs reflect on the six-year milestone of Assetnote and do a deep dive into a critical Magento bug. They explore the importance of proactive and reactive security research, the limitations of traditional vulnerability scoring systems like CVSS and EPSS, and the significance of understanding exploitability in assessing vulnerabilities. Learn about the need for deeper insights into security risks and the value of in-depth research for security teams.
To learn more about Assetnote, visit https://www.assetnote.io/.
-
Today we look at Attack Surface Management (ASM) with a focus on what true ASM entails. Join us as we discuss the core principles of ASM, the importance of understanding real exposure on your attack surface, and the role of security research in identifying vulnerabilities beyond known CVEs. Discover how our team at Assetnote pioneers a new approach to security research, uncovering hidden exposures and providing actionable insights for our customers. Tune in for a deep dive into the core principles of ASM and the critical role of proactive mitigation strategies in enhancing security posture.
To learn more about Assetnote, visit https://www.assetnote.io/.
-
In this podcast episode, Michael and Shubs explore the background and evolution of Assetnote, a pioneering Attack Surface Management platform. They discuss the company's origins, the challenges faced in its early days, and the strategic decisions that established it in the market. They discuss the importance of speed and scale and the value of automation and security research and provide their unique approach to building a successful product.
To learn more about Assetnote, visit https://www.assetnote.io/.
-
Over the last decade, ServiceNow has been deployed readily across enterprises. With its growing popularity, combined with the lack of visibility organizations have on its security posture, at Assetnote, we worked hard to discover vulnerabilities in the ServiceNow platform.
Assetnote Security Researcher, Adam Kues, spent over a month finding an exploit chain and was credited with CVE-2024-4879, CVE-2024-5178, and CVE-2024-5217. At the time of discovery, these vulnerabilities affected an estimated 42,000+ ServiceNow instances globally.
The exploit chain would allow attackers to do the following on any ServiceNow instance without authentication (versions Vancouver and Washington):
1) Execute arbitrary Glide scripting language code
2) Executing arbitrary commands on any connected MID servers
3) Reading local system filesWe released a vulnerability check through the Assetnote platform to identify vulnerable customer instances. Customers were provided a mitigation, long before any official patches were deployed.
We've gone into detail about the vulnerability and how it worked on our blog.
We reported this issue on May 14th, 2024. ServiceNow responded incredibly quickly and applied the update to all customers (excellent work!). We had the chance to work closely with their team to address these vulnerabilities, and they continued to roll out patches to secure customer instances.
To learn more about Assetnote, visit https://www.assetnote.io/.
-
On May 14th, 2024, we disclosed a chain of vulnerabilities to ServiceNow, resulting in 3 new CVEs. This series of security issues affected all Vancouver and Washington ServiceNow instances (around 42,000 globally), allowing an attacker to execute code on the instance.
In this live Q&A, Assetnote security researcher Adam Kues explains his approach to how he found these vulnerabilities, highlighted in our recent research post. He is joined by hosts, Michael Gianarakis and Shubham Shah.
Congratulations to Adam on being credited with CVE-2024-4879, CVE-2024-5178, and CVE-2024-5217!
To learn more about Assetnote, visit https://www.assetnote.io/.
