Perpetual Assets Analysis

Binary Brotherhood currently offers two types of services to help control our client’s Internet-facing assets;

Vulnerability Assessment (VA) or Company Assets Targeted Recon. Both are designed to check, track, and highlight gaps and anomalies. Each package can also be tailored to fulfill other various client requirements.

Option #1 - Vulnerability Assessment(VA)

A Vulnerability Assessment (VA) service uses well-known scanning products. Each product utilizes up-to-date vulnerabilities databases and are used during a scanning session, ensuring full coverage of the current tread trends. Binary Brotherhood will conduct a gap analysis of the scan results and create a custom report that covers several key areas of variations over time and potential issues that will have to be addressed quickly.

Option #2 - Company Assets Targeted Recon

We use custom, military-inspired, OSINT techniques and follow a thorough framework to uncover and highlight what information is available publicly associated with company assets, like employees, network details, application footprinting, etc. We provide a custom report containing all the data discovered and analyzed, which is summarized and filtered down to the traces that matter for your security.

Some of the tasks during an OSINT recon might include:

  • Identification of IP addresses, sub-domains, ports, and services that can increase our attack surface
  • Identification of technologies used, application platform, and other infrastructure details
  • Identification of sensitive information as API keys, AWS S3 buckets, leaked credentials, etc
  • Other data includes identification of log files, backup files, database files, client-side code, Javascript libraries, and configuration files