Objectives of the emerging vulnerability service
The goal of this service is to evaluate new vulnerabilities with high impact and massive impact, such as: (log4j, proxylogon, zerologon, ...) on the perimeter of organizations.
The service has the following capabilities:
- Inventory: Monitoring and discovery of perimeter assets.
- Proactive detection: different Tarlogic teams (Intelligence, Hunting, and Cybersecurity) collaborate in the early detection of new vulnerabilities
- Filtering and analysis: when a new high-impact vulnerability is published, a check for its presence in the client's perimeter is performed
- Notification: 24x7 notice to the client of the vulnerability's impact or non-impact on their infrastructure
Benefits of the emerging vulnerability service
Implementing an emerging vulnerability detection and response service allows:
- React in a coordinated manner to the publication of a high-impact zero-day vulnerability.
- Performing a quick analysis on the perimeter, using an updated inventory and with a standardized testing approach.
- Define countermeasures and verify their proper functioning, as information about the vulnerability expands.
- Reducing the exposure surface and the window of opportunity that a hostile actor would have to compromise the assets of your infrastructure.
- Anticipate possible movements associated with the use of certain vulnerabilities by organized groups.
Description of the emerging vulnerability management service
Over the past few years, several high-impact vulnerabilities were published that massively affected the technological infrastructure of companies around the world. These vulnerabilities were also exploited by ransomware groups to introduce malware into organizations.
With the emergence of Log4j on December 9th, 2021, multiple companies reached out to Tarlogic requesting our help to identify the vulnerability in the perimeter and its potential impact. Facing this situation, different Tarlogic teams worked on developing a methodology that could provide proactive detection and evaluation capabilities, thus anticipating real impact.
In this way, after refining our processes during 2022 with some of our clients, the Emerging Threats Service was born. A service that complements a traditional vulnerability management approach by reacting to new threats as they materialize.
The emerging vulnerabilities service can be hired individually or as an extension of our 8x5 vulnerability management services, in this way our customers can leverage the full potential of our attack surface reduction services.
This service can be extended with research and technical analysis services, as well as forensic analysis and compromise assessment in case of a security incident.