UBsecure Launches Attack Surface Management Service Utilizing Threat Intelligence

UBsecure, Inc. (Headquarters: Chuo-ku, Tokyo; President: Yoko Matsuda) announces the launch of its Attack Surface Management (ASM) service utilizing threat intelligence, effective today. In recent years, cyberattacks such as ransomware have become normalized, necessitating continuous strengthening of countermeasures against cyber risks surrounding enterprises. However, due to the rapid increase in web services driven by DX, the spread of cloud and SaaS, and the expansion of group companies and contractors, IT assets are dynamically and widely dispersed, making it difficult to grasp assets through conventional IT asset management workflows. Consequently, the burden and difficulty of accurately grasping the actual risk situation through vulnerability assessments have increased. Meanwhile, reconnaissance and information gathering activities by attackers have become automated and efficient, making it easy to find publicly available assets that can be used for attacks in a short time. In response to this situation, the Ministry of Economy, Trade and Industry (METI) published the 'ASM Introduction Guidance' in May 2023. The guidance recommends the use of ASM to continuously grasp the areas subject to attack from the attacker's perspective and to detect, evaluate, and manage security risks. UBsecure is launching an ASM service that utilizes threat intelligence, such as threat information and leakage information that can be used for attacks, in addition to the continuous visualization of external public assets, which is the basis of ASM. Through this service, we will contribute to highly effective security operations and the reduction of cyber risks by enabling customers to continuously grasp their attack surface and clarify the risks that need to be addressed. This service is an ASM service that continuously grasps IT assets published on the Internet and visualizes the attack surface and potential risks visible from the outside. It performs risk assessment based on threat information and attack trends for detected assets and supports the prioritization of security responses. On the dashboard screen, you can check the transition of the risk situation. In addition, by utilizing the CTI (Cyber Threat Intelligence) search engine, we conduct investigations that delve into the background of risks and the trends of threat actors. We visualize risks lurking in the Attack Surface, verify information linked to detected assets with the Criminal IP ASM database, visualize risk scores and relevant CVE information in real-time, and quickly detect environmental changes and new risks. We collect information comprehensively from the surface web to the dark web, automatically explore public assets linked to organizations published on the Internet using advanced search technology, and collect information. In addition, we detect early whether sensitive information has been leaked through data linkage with companies specializing in the collection and analysis of external information, including dark web, and community monitoring such as darknet markets and Telegram. By providing a threat intelligence database, we support threat analysis by utilizing information about threats. In addition, functions such as the CTI search engine and the ability to centrally display threat actor information called intelligence cards can be used to streamline triage and investigation in incident response. This service utilizes 'Criminal IP ASM' provided by AI SPERA. We have prepared two service menus according to the customer's issues and security operation phase. The Monitoring Service (for those who want to build a continuous monitoring system) continuously monitors external public assets with daily scans and grasps asset increases/decreases and new risks in real-time. It includes the provision of dashboards, ASM reports, and support for detected content. The Spot Service (for those who want to grasp the current risk first) performs identification and risk assessment of external public assets on a spot basis. It is the optimal plan for those who want to grasp the current situation or confirm the effect with a low budget and short period. It includes the provision of ASM reports and support for detected content. In addition, we accept individual consultations according to customer requirements, such as additional investigations for incident response and threat intelligence reports. For details on the provision form, price system, and support content, please contact the inquiry desk below.