Unveiling TITAN AI: A New Era of Threat-Informed Third-Party Risk Management
Request a demo Get started for free

Video

TITAN AI Demo Series: Unlocking the Driftnet API for Deeper Third-Party Visibility

TITAN AI Demo Series: Unlocking the Driftnet API for Deeper Third-Party Visibility

Security Scorecard recently acquired DriftNet. Io, boosting our Internet scanning infrastructure and allowing us to scan up to forty percent more hosts than leading competitors. DriftNet has top of the line Internet scanning and enumeration, including UDP support alongside TCP, TLS fingerprinting techniques, such as being able to search by JARM hashes, and port agnostic protocol scanning, which I’m going to demonstrate right now with this query. Here, I’m looking for the RDP remote desktop protocol, but not on its usual port of three three eight nine. Most scanners will just detect that protocol along its usual port by scanning the top ports with common services like RDP that are valuable to understand from a security perspective. But here, we’re showcasing that we’re going to find that protocol on any port. So you can see the results of the query here in this UI. The data contains over twenty thousand unique values for ports that are hosting the RDP remote desktop protocol, but are not its usual port. This is super important because this could be on your attack surface, it could be something a developer did because they thought they were hiding the service and being secure, but it is still, in fact, clearly visible to an attacker, or these could be on your vendors, and now you have a list of vendors that you need to have a conversation with. They need to take that service down from these hosts, put it behind a VPN, or enforce some other mitigating control or security measure that falls in line with your third party risk policies. All of this data is consumable through our API, and you can pipe it into your SIM or other ticketing system. Our vision is to give you the best in class Internet scanning data to power our TPRM workflows, as well as you having that exact same view into the Internet. You don’t have to wait for an EDR tool to fire off. You can look directly at the Internet and uncover potentially vulnerable services natively. If this seems like it could be valuable to you and your TPRM workflows or threat hunting workflows, reach out to us at Security Scorecard.

SecurityScorecard recently acquired DriftNet.io, boosting our Internet scanning infrastructure and allowing us to scan up to forty percent more hosts than leading competitors. DriftNet has top of the line Internet scanning and enumeration, including UDP support alongside TCP, TLS fingerprinting techniques, such as being able to search by JARM hashes, and port agnostic protocol scanning, which we’re going to demonstrate right now with this query. Here, we’re looking for the RDP remote desktop protocol, but not on its usual port of three three eight nine.

Most scanners will just detect that protocol along its usual port by scanning the top ports with common services like RDP that are valuable to understand from a security perspective. But here, we’re showcasing that we’re going to find that protocol on any port. So you can see the results of the query here in this UI. The data contains over twenty thousand unique values for ports that are hosting the RDP remote desktop protocol, but are not its usual port.

This is super important because this could be on your attack surface, it could be something a developer did because they thought they were hiding the service and being secure, but it is still, in fact, clearly visible to an attacker, or these could be on your vendors, and now you have a list of vendors that you need to have a conversation with. They need to take that service down from these hosts, put it behind a VPN, or enforce some other mitigating control or security measure that falls in line with your third party risk policies. All of this data is consumable through our API, and you can pipe it into your SIEM or other ticketing system.

Our vision is to give you the best in class Internet scanning data to power our TPRM workflows, as well as giving you that exact same view into the Internet. You don’t have to wait for an EDR tool to fire off. You can look directly at the Internet and uncover potentially vulnerable services natively. If this seems like it could be valuable to you and your TPRM workflows or threat hunting workflows, reach out to us at SecurityScorecard.

Explore other posts

AI Agents – KEV Remediation
AI Agents – KEV Remediation
In this video, we’re going to show you the new AI agent capabilities within the SecurityScorecard platform. Here, we’ve got…
Demo Tuesdays
Mythos and CVE/KEV Management
Mythos and CVE/KEV Management
We at SecurityScorecard have been asked a lot what our position is on the Mythos news and AI being able…
Demo Tuesdays
SecurityScorecard for Cyber Underwriting Demo Video
SecurityScorecard for Cyber Underwriting Demo Video
https://securityscorecard-3.wistia.com/medias/1s1hgwj9zy…