Attack Surface Identification

We continuously collect and correlate data from internet accessible devices, allowing organizations to see what is their attack surface and what they are exposing to attackers.

  • Ports and Services Exposure
  • Possible Vulnerabilities
  • Accessible Remote Desktops
  • Invalid SSL Certificates
  • Misconfigured Network Shares
  • Databases

We map these digital assets to Organizations to be able to show their Known and Unknown assets.

HoneyPots / Sensors

Our distributed honeypot network collects events worldwide across residential and enterprise providers to give BinaryEdge clients a realtime view of what is happening on the Internet.

We collect payloads, sources and classify these events, i.e. Malicious, Botnets, database scanners.

We also provide a fully automated anomaly detection system that allows us to understand in realtime when spikes occour in certain target countries, ports or IP addresses; this is important as it allows you to understand if the latest portscan you are seeing on your perimeter is targetting you or the entire internet, therefore allowing you to better focus on what you should be defending against.

Having access to the data from our honeypots also allows organizations to monitor their ranges for potentially malware infected traffic.

Torrents / DHT Monitoring

We have several listeners monitoring torrent usage, allowing organizations to detect if their network space is being used to share or download Torrents.

While Torrents can be a reliable and fast way to distribute content, it is also a common way to distribute malware, that might affect an organization networks and devices.

  • Data about the node serving the torrent
  • Data about the peer downloading the torrent
  • Data about the torrent, including: infohash, name, category