Our Approach

How we help businesses secure their attack surface

We've worked with thousands of businesses of all sizes to help them reduce cyber risk and improve their security posture, whether they have 10 assets or 10,000. From discovery, to vulnerability assessment, to manual penetration testing, here’s our approach for getting the most out of your Attack Surface Management program with Halo Security.

1. Identify all your internet-facing assets

You can't protect assets if you don't know they exist. That's why you should always start by cataloguing every asset you control. We’ll help you find every related domain, IP and port that’s exposed to the internet. Once categorized, you can easily assign the right scanning and testing to them.

What We look for
  • Subdomains
  • Alive IPs
  • Additional TLDs
  • Forgotten applications
  • Shadow IT
  • Legacy services
Services Used

2. Analyze and reduce services available on your firewalls

Once you’ve identified all of your internet-facing assets, understanding and reducing unnecessary services allows you to cut off entry points an attacker could use. With Firewall Scanning, we detect and monitor all the open ports, services and protocols across all your targets.

What We look for
  • Open ports and misconfigurations
  • Risky services like SQL or email
  • Forgotten and legacy services
  • Obsolete versions of services
Services Used

3. Discover issues and apply best practices on your websites

While websites are essential to most businesses, they create many security risks that change over time. Once you've eliminated access to unnecessary services, it's best to focus on making sure your websites are protected.

What We look for
  • Expired or expiring certificates
  • Insecure cipher suites
  • Risky third-party cookies
  • Missing HTTP security headers
Services Used

4. Identify and patch server vulnerabilities

Once you've addressed any issues detected on your websites, it's time to focus on server vulnerabilities. Since you've already identified the assets on your attack surface and hopefully eliminated unnecessary exposures, a vulnerability scan is likely to give you a much more manageable number of vulnerabilities to remediate.

What We look for
  • Out-of-date software
  • Known vulnerabilities (CVE)
  • Misconfigured services
Services Used

5. Fix coding errors that create security risks

For custom-coded applications, you'll want to do more than look for server vulnerabilities. Our application scanning relies on Dynamic Application Security Testing (DAST) to find the errors that can allow OWASP Top 10 issues like SQL injection and cross-site scripting.

What We look for
  • SQL Injection (SQLi)
  • Cross-Site Scripting (XSS)
  • Code Injection
  • Cross-Site Request Forgery (CSRF)
Services Used

6. Achieve PCI compliance

For every asset that processes, transmits or stores credit card data, you'll need to run a more sensitive scan to achieve PCI compliance. Once you've found all possible PCI vulnerabilities and remediated the necessary ones, you can easily submit your report to us, an Approved Scanning Vendor (ASV), for approval.

Achive PCI DSS Requirements
  • Quarterly ASV Scan (11.2.2)
  • Asset Discovery (2.4)
  • Penetration Testing (11.3)
  • Web Application Scanning (6.6)
Services Used

7. Test your defenses

Once you've addressed all the issues that can be found automatically, a penetration test can help determine if there are any ways for an attacker to access your data. Our experienced penetration testers will use a variety of methods to try to manipulate your systems to expose data they shouldn't be able to access.

What We look for
  • Business logic flaws
  • Additional assets
  • Human-verified exploits
  • Coding errors
Services Used

8. Monitor and repeat

Continuously discovering, scanning and monitoring your attack surface will help you identify security risks as quickly as possible. Remediating cybersecurity risks as soon as they are introduced will help your organization protect its customer data.

Ready for a new approach to testing the security of your organization?

Start your Attack Surface Management program today.

Get a Demo

Or see plans & pricing »