Free Book - External Exposure & Attack Surface Management for Dummies
BAS is an advanced method of testing security environments by simulating likely attack paths and techniques commonly used by attackers. This process identifies vulnerabilities, much like a penetration test, except it's continuous and automated.
The business context is identifying an asset or service that is associated with the organization or team that controls it. Understanding the business context provides insight into the extent of the organization’s true attack surface, locating and monitoring otherwise “hidden” assets.
Beyond monitoring, business context also helps to identify the likely owner so is part of automatic attribution. This raises awareness of potential risks to help enlist help in sealing security gaps.
Banner grabbing is a process of collecting intelligence about IT assets and the services available on those assets. Banners provide information such as the version of software running on a system. That intelligence can be used by IT and Security administrators, or by attackers, to get a sense of what vulnerabilities may be present on the asset. Banners provide limited value because the only security issues they might indicate are software version-related (e.g., CVEs) and even then banners won’t reflect that a system has been patched. Therefore, banner grabbing is prone to false-positives.
A botnet is a collection of internet-connected systems each running remotely controlled software that performs a variety of tasks. Botnets are highly useful for performing distributed, coordinated activities. While botnets are infamous for their use by malicious actors to perform distributed denial of service (DDoS) attacks, they can be used for positive activities. For example, the CyCognito platform uses a botnet to perform reconnaissance by continuously detecting and security testing IT assets from locations across the world, at multiple intervals, undetectably and non-intrusively.