Unisys Attack Surface Discovery

With the Unisys Attack Surface Discovery Solution, you can identify security threats, control shadow IT activities and translate your exposed digital infrastructure and business information into a business cyber risk context, reducing your attack exposure and converting risks into opportunities with actionable insights.

The Attack Surface Discovery Solution provides continuous visibility into your internal and external attack surface, providing essential data about your organization's security posture and helping you take the necessary steps to reduce cyber risk.

It scans your organization's external attack surface in a non-intrusive way. It detects source code leaks (on GitHub/GitLab/BitBucket), non-coded threats, and known vulnerabilities that external attackers can exploit. The solution can monitor and analyze more than 600 different sources of information and provide threat intelligence related to your organization's attack surface in near real-time. The sources include various forums (both on the Dark and Deep Web), Telegram, and Discord channels.

The internal Attack Surface Discovery solution is designed to help organizations identify and quantify threats holistically. It uncovers unknown attack paths, identifies insider threats, and helps to increase Zero Trust maturity. The solution includes security tool coverage gap analysis, CMDB reconciliation, and mapping the internal attack surface, including assets, users, software packages, and vulnerabilities. It identifies potential lateral movement paths within the network and focuses on insider threats often overlooked by traditional security measures. Additionally, it analyzes coverage gaps in existing security tools. It leverages AI and machine learning to provide a robust preventative security framework, enabling organizations to detect and respond to sophisticated cybersecurity threats.

The solution harnesses the power of machine learning, allowing it to scan your external environment seamlessly, eliminating the need for manual data searches or additional software installation on endpoints. Its robust integration with other incident management tools and versatile API gives you the essential capabilities to successfully adopt broader cybersecurity strategies, such as Zero Trust.

The external Attack Surface Discovery Solution can process data in multiple languages, including but not limited to English, Russian, Ukrainian, Chinese, Arabic, Turkish and French. It also extracts leaked credentials, monitors malware Logs, and finds exposed confidential documents.

The solution augments and extends the use of Microsoft Azure, Sentinel, Defender, Endpoint Configuration Manager, Active Directory and Entra ID. It brings data from each of these systems, applies AI/ML and advanced analytics and produces real-time visibility and actionable insights for cybersecurity and cyber risk teams. Unisys-associated professional services enable you to successfully act upon these insights and findings to enhance security posture and improve cyber resilience.

Service Deliverables:

• A holistic attack surface report of your organization based on the subscription model (onetime, quarterly and annually). The report contains the following:

• Internal attack surface map (internal asset list with an impact score for each asset based on identified vulnerabilities)

• External attack surface map (external facing asset list, their exposure details along with risk scores with business context)

• Threats list with attack path along with evidence (including identified lateral movement paths)

• List of mission-critical assets based on impact score

• Security coverage gap report (Ex. Missing endpoints in Microsoft Defender or vulnerability scanner coverage)

• Darkweb leakage report (Ex. Credentials, business-critical information, malware infection, etc.)

• Third-party and supply chain attack surface and associate risks

• Dashboard access to live attack surface map of the organization

• Real-time and near real-time alerts

• Live access to cybersecurity experts

• Integration into your SecOps workflows

*Pricing and timeframe will vary depending on scope.