Existing solutions fall short when it comes to discovering and monitoring unsanctioned, unknown, or misconfigured assets. You need a foundational system of record for your internet-facing assets that includes global discovery to assess, manage, and reduce your attack surface risks. That’s where the Unit 42 Attack Surface Assessment and Cortex Xpanse can help.

Unit 42 SOC Assessment Methodology

Elevate Your Cybersecurity Strategy with a Unit 42 Attack Surface Assessment

An Attack Surface Assessment combines visibility into your internet-facing assets with actionable recommendations to help you mitigate threats and reduce business risk. The Unit 42 service discovers shadow IT infrastructure, identifies assets vulnerable to CVEs, and ranks risks and recommendations based on Unit 42 security expertise and threat intelligence.

The process begins with reviewing and evaluating your existing network topologies, asset inventories, vulnerability scans, and other relevant information. Informed by this information, Unit 42 conducts interviews to further understand your goals and concerns and gain knowledge of your attack surface. We work with you to determine inputs to Xpanse. These inputs can be as simple as one domain or more complex with IP ranges, certificates, etc. Xpanse pulls data on your internet-facing assets with patented technology that removes stale, unrelated, and other false-positive assets.

Unit 42 security experts review Xpanse findings and enrich them with cutting-edge knowledge of relevant vulnerabilities and threats. Unit 42 threat intelligence informs this analysis and provides you with current and accurate insights into your threat landscape. We provide observations and recommendations tuned to your environment and specific security concerns, with a focus on high-impact issues that are most likely to be exploited based on industry trends, Unit 42 research, and proprietary insights. Jump-start your attack surface management (ASM) program with a single assessment or track your progress over time with multiple assessments. We track and update attack surface changes over the course of the engagement to show progress in remediating issues and to alert you to new or worsening trends. This helps you direct your limited resources to ensure your defenses are working properly and that you clearly understand what steps to take to improve your security program.

For industries including business services, healthcare, technology, financial services, and energy, we also provide industry benchmarking for additional perspective on your security posture. Included in the service is 30 days of access to the same Xpanse console that Unit 42 uses so you can work hand-in-hand with our consultants, dig into areas of concern independently, and otherwise gain actionable insights into your attack surface.

Unit 42, Cortex Xpanse, and Your Attack Surface View

Xpanse provides a view of your attack surface as it looks to an attacker, highlighting risks and potential exposures that attackers love to find. This view of your attack surface will improve your inventory visibility and provide context and actionable information that security ratings lack. Attack surface threats include ransomware, breaches arising from exposed data services, and other misconfiguration-related exposures. Stopping these threats requires a comprehensive view of your attack surface and security experts who can evaluate this data in the context of your business priorities and specific security concerns.

Unit 42 Attack Surface Assessment Benefits

  • Improve security outcomes and reduce mean time to detect (MTTD). You cannot defend what you do not know about. Having an accurate and comprehensive understanding of your attack surface allows you to see yourself from an attacker’s viewpoint and remediate issues before they can be exploited. Similarly, previously unknown assets can be brought into your risk management and monitoring processes to reduce the time to detect potential security incidents.
  • Simplify ASM with fixed pricing and no deployments needed. Jump-start your ASM program and enable your security and IT teams without having to commit to variable pricing, expensive licenses, hiring and retaining full-time security staff, and difficult technical deployments. Offload the work to our Unit 42 experts and reap benefits in short order. There is no need for deploying agents, aggressive scanning, or implementation planning.
  • Reduce risk scores and increase compliance. Compliance continues to grow in importance, and risk scores are often used to set insurance premiums. Identifying and remediating issues in your attack surface can reduce risk scores, increase compliance with relevant regulations, and show measurable progress for regulators, clients, board members, and other stakeholders. Additionally, you can strengthen your penetration testing by providing a more thorough reconnaissance phase than most penetration teams can offer.
  • About Unit 42

    Palo Alto Networks® Unit 42® brings together world-renowned threat researchers, elite incident responders, and expert security consultants to create an intelligence-driven, response-ready organization that’s passionate about helping you proactively manage cyber risk. Together, our team serves as your trusted advisor to help assess and test your security controls against real-world threats, transform your security strategy with a threat-informed approach, and respond to incidents in record time so that you get back to business faster. Visit paloaltonetworks.com/unit42.