Free Book - External Exposure & Attack Surface Management for Dummies
A digital footprint is the trail of data created by a user on the internet. The footprint can be left actively, through websites visited, emails sent, and information submitted online. On the other hand, a passive digital footprint is a trail of data unintentionally left. Cookies on apps, devices and websites, geolocation services, and social media engagement all contribute to someone’s passive digital footprint.
Alternatively, digital footprint can also be used to refer to an organization’s attack surface.
The traditional Domain Name System (DNS) is a real-time, distributed database system where queries to DNS servers and resolvers translate hostnames into IP addresses and vice versa. While not all DNS data is public, much of it can be easily accessed and much of the information is in clear text. While traditional DNS records are transient, passive DNS enables the collection and archiving of historical DNS data which contains a wealth of information about DNS queries on the Internet. Analysis of this data provides insights into old DNS records, new values, differences, and can find possible attack vectors. An attacker or defender with this information can see where, how, and when your organization’s domain names and IP addresses have changed over time and who is changing them.
A data breach occurs when an unauthorized or potentially malicious party gains access to confidential, sensitive or protected data. Some data breaches contain personally identifiable information (PII), which may include national identity numbers, credit card numbers, or medical records.
Defensive security is a proactive approach that focuses on prevention, detection, and response to attacks from the perspective of defending the organization. For example, blue teams are generally thought of as defensive security. Defensive security is in contrast to offensive security, which is an approach designed to look at the organization from the perspective of an adversary. Penetration testers and red teams are generally seen as offensive security.