Do You See What They See? Asset Discovery In the Age of Security Automation — by Isaac Dawson
#IICSG2019 Conference Fix It Track
Day 2 (20 Jun 2019)
@ Breakout Room 2
At a certain point in an organization’s life, Internet-facing assets become difficult to account for. Marketing departments spin up infrastructure for campaigns – and forget about them – developers deploy test machines outside ITs purview, legacy systems are pushed to the side, and cloud deployments become commonplace. All the while the organization is exposed to an ever-growing list of threats. Attackers are constantly scanning the internet for these systems and they have a map of your external facing infrastructure, do you?
If the bug bounty programs have taught us anything, the faster you are able to assess an organization’s external footprint, the higher the chance you have of getting in before someone else. Attackers have automated their tooling and organizations cannot afford to skip this critical step in gaining insight into what they have and what they leave exposed.
About Isaac Dawson
Isaac Dawson is the CEO & Founder of Linkai, a continuous asset discovery service based in Japan. With over 18 years of industry experience, Isaac Dawson had previously lead R&D efforts for Veracode’s dynamic application security product lines. Including innovative research leading to a patent for automatically identifying and exploiting Cross-Site Scripting vulnerabilities. Prior to Veracode, he was an application security consultant for Symantec Japan and @stake. During his years in consulting and research he realized companies were in sore need of a service that could continuously monitor their external attack surface and notify them when changes occur. With this need being unmet, he created from the ground up Linkai’s Continuous Web Site Discovery service, Hakken.