October 1, 2024
Website Compromises Are Up 36% - Keep Yours Safe With Glasstrail!
As Head of Cyber Security for Theta, I am very grateful (and proud) to have our External Attack Surface Monitoring product Glasstrail in my toolkit.
What is Glasstrail?
Glasstrail helps our customers understand their external digital footprint and mitigate risks associated with cyber threats by proactively identifying vulnerabilities before they can be exploited by attackers.
I also use Glasstrail to monitor our own internet-facing landscape here at Theta – yes, we’re 'drinking our own champagne'!
Glasstrail delivers insights and helps us to manage remediations. By minimising our attack surface, Glasstrail helps us reduce our risk and ensure adherence to ISO 27001 by helping us maintain a secure perimeter.
Website compromises are up 36% - which is why you need a tool like Glasstrail
CertNZ’s latest April to June 2024 Quarterly report shows website compromise as the fourth most common reported incident type and website compromises are up 36% from last quarter. Having a tool in place that helps identify what needs to be done to secure your web assets is totally worth the investment!
What are the key features of Glasstrail?
Some of the key components of Glasstrail’s External Attack Surface Monitoring (EASM) include:
- Identifying all the digital assets you have exposed to the internet, including websites, email domains, servers and cloud instances.
- Scanning these assets for known vulnerabilities that could potentially be exploited by attackers. This includes outdated software, misconfigurations, or exposed databases.
- Gathering and analysing information from various sources about the potential threats and attack vectors that may target your organisation's external assets.
- Evaluating the identified vulnerabilities based on their potential impact and the likelihood of exploitation, and then helping you track and prioritise remediation efforts.
- Conducts ongoing surveillance to detect new assets and vulnerabilities as they emerge, ensuring that your security posture is always up-to-date.
- Providing detailed reports on the findings and offering actionable recommendations for mitigating the identified risks.
Glasstrail has recently released two new features. I thought I would walk through how I am using these to improve our security posture at Theta and inform our Management team and Board of the risks associated with our external-facing assets.
What’s new in Glasstrail?
Common Vulnerabilities and Exposures (CVE) Detection
While Glasstrail has identified OWASP 10 issues, including CVEs, for a while now, our team have taken it a step further and provided visibility of all potential and confirmed CVEs in the scan data.
CVEs (Common Vulnerabilities and Exposures) are publicly disclosed cybersecurity vulnerabilities. CVE standardises the identification of security threats, making it easier to share information and coordinate responses.
In the ‘Findings’ section of Glasstrail, you can now filter on Confirmed and Potential CVEs (as shown in the screenshot below). Then you can view your assets that have known CVEs.
If you’re a security specialist, you’ll already know that the higher the CVE rating, the more critical the risk to your organisation – so knowing what CVEs are impacting your assets and then being able to remediate them is a big win.
At Theta, our SecOps team review these results via the Glasstrail dashboard each week and tackles the critical and high severity findings first. With each finding, it’s possible to view more about the risk and how it can be fixed.
Internally at Theta, with these types of website vulnerabilities, we contact the site owner and raise the finding with them. Then, within Glasstrail, we can track these activities as ‘Raised’ and depending on what remediations the Developer can execute we will mark the risk as ‘Remediated’ or ‘Tolerated’. With Glasstrail, if you run the scan again, the finding will be marked according to the status you have already assigned and you can focus on the new risks coming in and do not need to revisit every single finding again (as you would do with some other EASM products on the market).
You can learn more about Glasstrail’s Common Vulnerability and Exposures (CVE) here.
"Why Should I Care" AI Analysis
At Theta we are all about harnessing the efficiencies and advances that GenAI can bring to our internal operations and, of course, our customer’s business processes. With Glasstrail’s AI-Powered Insight for Enhanced Attack Surface Management using generative AI, scan findings are examined across key categories of the external attack surface to advise on why the risks matter to help you communicate the risks to your wider team.
AI is used to analyse the findings and highlight the most critical ones, providing clear reasons why these should be prioritised with straightforward explanations about why resolving specific issues is crucial for your security posture.
Here's an example of a ‘Why should I care’ report for one of our internal Theta domains (yes – no-one is perfect!).
As you can see, Glasstrail’s AI Analysis reveals useful findings, helping you understand your most critical issues and their potential impact through prioritised and correlated findings.
This means that sifting through the scan data takes me less time, and our team has more time to spend on remediation.
Glasstrail is locally built here in New Zealand, it’s priced competitively to enable New Zealand businesses to get more control of their external attack surface risks. You can sign up for a 14 day free trial here – do it!