Assetnote
@assetnote.io
True Attack Surface Management - https://assetnote.io
Engineering Better Asset Discovery: Beyond Open Source Tools
When building critical security infrastructure, the foundation matters. While open-source tools provide valuable building blocks, complex challenges like DNS wildcard detection require purpose-built solutions.
When building critical security infrastructure, the foundation matters. While open-source tools provide valuable building blocks, complex challenges like DNS wildcard detection require purpose-built solutions.
January 23, 2025 at 10:00 AM
Engineering Better Asset Discovery: Beyond Open Source Tools
When building critical security infrastructure, the foundation matters. While open-source tools provide valuable building blocks, complex challenges like DNS wildcard detection require purpose-built solutions.
When building critical security infrastructure, the foundation matters. While open-source tools provide valuable building blocks, complex challenges like DNS wildcard detection require purpose-built solutions.
The Evolution of Enterprise Architecture and Asset Discovery
Modern enterprise infrastructure has evolved significantly. Today's environments are cloud-distributed, protected by Web Application Firewalls, and delivered through Content Delivery Networks.
Modern enterprise infrastructure has evolved significantly. Today's environments are cloud-distributed, protected by Web Application Firewalls, and delivered through Content Delivery Networks.
January 21, 2025 at 10:00 AM
The Evolution of Enterprise Architecture and Asset Discovery
Modern enterprise infrastructure has evolved significantly. Today's environments are cloud-distributed, protected by Web Application Firewalls, and delivered through Content Delivery Networks.
Modern enterprise infrastructure has evolved significantly. Today's environments are cloud-distributed, protected by Web Application Firewalls, and delivered through Content Delivery Networks.
Safe Automation: The Hidden Challenge in Security Testing 🛡️
A key insight from our Surfacing Security podcast: Organisations face two major hurdles with security automation. Let's break down why the skill gap remains such a persistent challenge...
A key insight from our Surfacing Security podcast: Organisations face two major hurdles with security automation. Let's break down why the skill gap remains such a persistent challenge...
January 16, 2025 at 10:00 AM
Safe Automation: The Hidden Challenge in Security Testing 🛡️
A key insight from our Surfacing Security podcast: Organisations face two major hurdles with security automation. Let's break down why the skill gap remains such a persistent challenge...
A key insight from our Surfacing Security podcast: Organisations face two major hurdles with security automation. Let's break down why the skill gap remains such a persistent challenge...
The Signal-to-Noise Challenge in Attack Surface Discovery continues to vex security teams in our increasingly complex digital environments. The real challenge isn't just finding everything - it's finding what truly matters for your security posture.
January 14, 2025 at 11:05 AM
The Signal-to-Noise Challenge in Attack Surface Discovery continues to vex security teams in our increasingly complex digital environments. The real challenge isn't just finding everything - it's finding what truly matters for your security posture.
Scaling Security Depth: Why Detailed Analysis Matters More Than Ever
A key insight from our Surfacing Security podcast: The power of deep analysis isn't just in what it finds - it's in how it scales. The traditional view that deep analysis can't scale efficiently? That's being turned on its head.
A key insight from our Surfacing Security podcast: The power of deep analysis isn't just in what it finds - it's in how it scales. The traditional view that deep analysis can't scale efficiently? That's being turned on its head.
January 10, 2025 at 10:00 AM
Scaling Security Depth: Why Detailed Analysis Matters More Than Ever
A key insight from our Surfacing Security podcast: The power of deep analysis isn't just in what it finds - it's in how it scales. The traditional view that deep analysis can't scale efficiently? That's being turned on its head.
A key insight from our Surfacing Security podcast: The power of deep analysis isn't just in what it finds - it's in how it scales. The traditional view that deep analysis can't scale efficiently? That's being turned on its head.
The Evolution of Attack Surface Management: From Idea to Innovation 🚀
Years before ASM became an industry buzzword, we identified a crucial gap in security: the need to continuously monitor EVERYTHING across an attack surface.
Years before ASM became an industry buzzword, we identified a crucial gap in security: the need to continuously monitor EVERYTHING across an attack surface.
January 7, 2025 at 10:09 AM
The Evolution of Attack Surface Management: From Idea to Innovation 🚀
Years before ASM became an industry buzzword, we identified a crucial gap in security: the need to continuously monitor EVERYTHING across an attack surface.
Years before ASM became an industry buzzword, we identified a crucial gap in security: the need to continuously monitor EVERYTHING across an attack surface.
The Reality of Security Research and Remediation 🔍
Finding vulnerabilities is just the beginning.
The path to effective remediation is longer than most realise...
Finding vulnerabilities is just the beginning.
The path to effective remediation is longer than most realise...
January 3, 2025 at 10:09 AM
The Reality of Security Research and Remediation 🔍
Finding vulnerabilities is just the beginning.
The path to effective remediation is longer than most realise...
Finding vulnerabilities is just the beginning.
The path to effective remediation is longer than most realise...
Redefining Attack Surface Management: Beyond Asset Discovery
In our latest Surfacing Security episode, we challenge the conventional understanding of ASM and explore its true potential - because ASM isn't just about asset discovery, it's about what you do with that information.
In our latest Surfacing Security episode, we challenge the conventional understanding of ASM and explore its true potential - because ASM isn't just about asset discovery, it's about what you do with that information.
December 27, 2024 at 10:00 AM
Redefining Attack Surface Management: Beyond Asset Discovery
In our latest Surfacing Security episode, we challenge the conventional understanding of ASM and explore its true potential - because ASM isn't just about asset discovery, it's about what you do with that information.
In our latest Surfacing Security episode, we challenge the conventional understanding of ASM and explore its true potential - because ASM isn't just about asset discovery, it's about what you do with that information.
𝗦𝗽𝗲𝗲𝗱 𝗮𝗻𝗱 𝗦𝗰𝗮𝗹𝗲 𝗶𝗻 𝗔𝘁𝘁𝗮𝗰𝗸 𝗦𝘂𝗿𝗳𝗮𝗰𝗲 𝗠𝗮𝗻𝗮𝗴𝗲𝗺𝗲𝗻𝘁
What happens when you combine comprehensive attack surface visibility with continuous monitoring?
What happens when you combine comprehensive attack surface visibility with continuous monitoring?
December 23, 2024 at 10:00 AM
𝗦𝗽𝗲𝗲𝗱 𝗮𝗻𝗱 𝗦𝗰𝗮𝗹𝗲 𝗶𝗻 𝗔𝘁𝘁𝗮𝗰𝗸 𝗦𝘂𝗿𝗳𝗮𝗰𝗲 𝗠𝗮𝗻𝗮𝗴𝗲𝗺𝗲𝗻𝘁
What happens when you combine comprehensive attack surface visibility with continuous monitoring?
What happens when you combine comprehensive attack surface visibility with continuous monitoring?
Beyond Data Collection: The Missing Piece in Attack Surface Management
A key insight from our latest podcast: The security industry has a data obsession, but data alone doesn't protect your organization. The traditional approach of bigger wordlists, faster tools, and wider scanning isn't enough.
A key insight from our latest podcast: The security industry has a data obsession, but data alone doesn't protect your organization. The traditional approach of bigger wordlists, faster tools, and wider scanning isn't enough.
December 19, 2024 at 10:00 AM
Beyond Data Collection: The Missing Piece in Attack Surface Management
A key insight from our latest podcast: The security industry has a data obsession, but data alone doesn't protect your organization. The traditional approach of bigger wordlists, faster tools, and wider scanning isn't enough.
A key insight from our latest podcast: The security industry has a data obsession, but data alone doesn't protect your organization. The traditional approach of bigger wordlists, faster tools, and wider scanning isn't enough.
Last month, our Security Research team discovered and disclosed a critical pre-authentication RCE in CraftCMS (CVE-2024-56145). You can read our blog post on the issue here: assetnote.io/resources/re...
#attacksurfacemanagement
#attacksurfacemanagement
December 19, 2024 at 2:12 AM
Last month, our Security Research team discovered and disclosed a critical pre-authentication RCE in CraftCMS (CVE-2024-56145). You can read our blog post on the issue here: assetnote.io/resources/re...
#attacksurfacemanagement
#attacksurfacemanagement
Hidden in Plain Sight: The Cloud Security Challenge 🔍
Modern cloud infrastructure is transforming how applications are deployed. But it's also creating massive blind spots in traditional security scanning.
Modern cloud infrastructure is transforming how applications are deployed. But it's also creating massive blind spots in traditional security scanning.
December 17, 2024 at 10:01 AM
Hidden in Plain Sight: The Cloud Security Challenge 🔍
Modern cloud infrastructure is transforming how applications are deployed. But it's also creating massive blind spots in traditional security scanning.
Modern cloud infrastructure is transforming how applications are deployed. But it's also creating massive blind spots in traditional security scanning.
For 6 years, we've built something different:
A platform where security research drives our exposure discovery engine, not just CVE matching.
A platform where security research drives our exposure discovery engine, not just CVE matching.
December 13, 2024 at 7:04 AM
For 6 years, we've built something different:
A platform where security research drives our exposure discovery engine, not just CVE matching.
A platform where security research drives our exposure discovery engine, not just CVE matching.
Our security research team reverse engineered the patch for CVE-2024-8534. A memory safety vulnerability leading to memory corruption and Denial of Service in Citrix NetScaler. Read our research here: www.assetnote.io/resources/re...
Citrix Denial of Service: Analysis of CVE-2024-8534
An analysis of CVE-2024-8534, a memory safety vulnerability leading to memory corruption and Denial of Service in NetScaler ADC and Gateway.
www.assetnote.io
December 12, 2024 at 1:27 PM
Our security research team reverse engineered the patch for CVE-2024-8534. A memory safety vulnerability leading to memory corruption and Denial of Service in Citrix NetScaler. Read our research here: www.assetnote.io/resources/re...
Shadow IT and hidden vulnerabilities create major blind spots in security programs. Our Surfacing Security podcast reveals why traditional assessment tools fall short and what modern security teams are doing about it.
December 9, 2024 at 11:00 AM
Shadow IT and hidden vulnerabilities create major blind spots in security programs. Our Surfacing Security podcast reveals why traditional assessment tools fall short and what modern security teams are doing about it.
In the evolving world of #AttackSurfaceManagement, it's not just about discovering assets - it's about turning visibility into actionable intelligence. Our Surfacing Security Podcast explores the shift from traditional foot-printing to modern, automated solutions.
December 5, 2024 at 11:00 AM
In the evolving world of #AttackSurfaceManagement, it's not just about discovering assets - it's about turning visibility into actionable intelligence. Our Surfacing Security Podcast explores the shift from traditional foot-printing to modern, automated solutions.
🎯 Attack Surface Management Must Cover Modern Environments
Over the last 10 years, Attack Surfaces have evolved. With SaaS, CDNs and Cloud Platforms, the IT environment has expanded significantly.
Over the last 10 years, Attack Surfaces have evolved. With SaaS, CDNs and Cloud Platforms, the IT environment has expanded significantly.
December 3, 2024 at 11:00 AM
🎯 Attack Surface Management Must Cover Modern Environments
Over the last 10 years, Attack Surfaces have evolved. With SaaS, CDNs and Cloud Platforms, the IT environment has expanded significantly.
Over the last 10 years, Attack Surfaces have evolved. With SaaS, CDNs and Cloud Platforms, the IT environment has expanded significantly.
🎯 ASM is more than asset discovery. It's about real-time awareness, scale, and actionable visibility. Turn insights into security improvements.
What is "True" Attack Surface Management (ASM)?
Surfacing Security · Episode
buff.ly
November 29, 2024 at 11:00 AM
🎯 ASM is more than asset discovery. It's about real-time awareness, scale, and actionable visibility. Turn insights into security improvements.
🔍 Modern cloud infrastructure with WAFs, CDNs, and virtual hosting creates blind spots in scanning. Time for a modern #AttackSurface mapping.
🎧 Listen to Surfacing Security
Spotify: https://buff.ly/3BFRth2
Apple Podcasts: https://buff.ly/3TTe6F3
YouTube: https://buff.ly/3ZfTb28
#CyberSec #ASM
🎧 Listen to Surfacing Security
Spotify: https://buff.ly/3BFRth2
Apple Podcasts: https://buff.ly/3TTe6F3
YouTube: https://buff.ly/3ZfTb28
#CyberSec #ASM
Internet-Wide Recon: Moving Past IP-Centric Approaches
Surfacing Security · Episode
buff.ly
November 27, 2024 at 9:00 AM
🔍 Modern cloud infrastructure with WAFs, CDNs, and virtual hosting creates blind spots in scanning. Time for a modern #AttackSurface mapping.
🎧 Listen to Surfacing Security
Spotify: https://buff.ly/3BFRth2
Apple Podcasts: https://buff.ly/3TTe6F3
YouTube: https://buff.ly/3ZfTb28
#CyberSec #ASM
🎧 Listen to Surfacing Security
Spotify: https://buff.ly/3BFRth2
Apple Podcasts: https://buff.ly/3TTe6F3
YouTube: https://buff.ly/3ZfTb28
#CyberSec #ASM
Reposted by Assetnote
Earlier this year, Assetnote's Security Research team discovered a vulnerability in Sitecore XP (CVE-2024-46938) that can lead to pre-authentication RCE.
Order of operations bugs are one of my favorite types of bugs :) Write up and exploit script here: assetnote.io/resources/re...
Order of operations bugs are one of my favorite types of bugs :) Write up and exploit script here: assetnote.io/resources/re...
November 22, 2024 at 5:50 AM
Earlier this year, Assetnote's Security Research team discovered a vulnerability in Sitecore XP (CVE-2024-46938) that can lead to pre-authentication RCE.
Order of operations bugs are one of my favorite types of bugs :) Write up and exploit script here: assetnote.io/resources/re...
Order of operations bugs are one of my favorite types of bugs :) Write up and exploit script here: assetnote.io/resources/re...