Request your FREE attack surface report

Our attack surface reports have a multitude of unique data points. Each data point is assigned a weighted severity level, benchmarked against similar companies within the industry, and rolled up into one overall company score. 

  • Web Application Security
    • Clickjacking, Cross Frame Scripting (XFS), and Cross Site Scripting (XSS) vulnerabilities
    • Vulnerable and misconfigured cookies
    • Identified booter shells
    • SQL & Blind SQL injection vulnerabilities
    • Directory traversal vulnerabilities
  • Network Security
    • Exposed network services, software versions, ports, and associated vulnerabilities •
    • SSH encryption strengths and practices 
    • SSL certificate status, encryption and cipher strengths

  • Endpoint Security
    • Metadata related to:
      • Operating systems
      • Web browsers
      • Active plug-ins

  • IP Reputation
    • Peer-to-peer (P2P) activity
    • Tor exit and intermediary nodes
    • Malware duration behavior
    • Historical behavior of malware (last 24 hours, last 30 days, last 365 Days)

  • Social Engineering
    • Social network data
    • Public data feeds
    • Corporate email address attribution 
    • Employee satisfaction 
    • Insecure security questions

  • Hacker Chatter
    • Hacker forums
    • IRC channels
    • Social network conversations
    • Hacked news mentions
    • Defacement mentions

  • DNS Health
    • Proper DNS setup
    • Sender Policy Framework (SPF) 
    • DKIM Configuration 
    • DNS hostnames 
    • DNS records

  • Cubit Score
    • Blacklisted databases
    • Spam activity
    • Exposed subdomains
    • WHOIS configurations

  • Patching Cadence
    • Exposed endpoint vulnerabilities (CVEs)
    • Insecure and outdated software, hardware, services, applications, and operating systems
    • Time between patch release and patch application
    • End of Life/Service products

  • Password Exposure
    • Exposed data leaks
    • Keylogger dumps
    • Database dumps
    • Public and private hacker chatter sources