External attack surface management (EASM) encompasses a wide variety of public-facing assets, many of which security teams are aware of and have protected for years.
However, there are other attack vectors that have not previously been under the security or IT team’s jurisdiction. Case in point: brand protection and, more specifically, domain name monitoring.
Let’s dive into the growing field of external attack surface management, and what your business needs to do to protect your assets.
The Role of Brand Protection in External Attack Surface Management
A key area of the external attack surface that may be new to many security organizations is brand protection. Traditionally the domain of corporate legal, brand protection is focused on finding and stopping acts of brand infringement. Think, for example, counterfeit products or plagiarized logos. Prior to the Internet, brand protection was a manual effort performed by people.
Today, however, the Internet is a virtually limitless medium fraudsters can use to their advantage. Fraudsters have gone digital, and therefore so has brand protection. As you can probably guess, this all takes place via the external attack surface.
The attack vectors fraudsters use online are some of the same that cyber attackers leverage in their efforts to disrupt services, access your network and systems, and obtain sensitive data. In fact, fraud is part and parcel of a modern cyberattack. Social engineering and phishing are just two examples.
Learn more about external cybersecurity
Despite the similarities between fraud for fraud’s sake and fraud for a data breach, brand protection expands the attack surface to include digital properties that security may not have managed in the past. These include:
- The Dark Web
- Domains used for email and web-based digital properties
- Social media platforms
- Marketplaces and app stores
- Comment fields, code repositories, and anywhere else people might share a URL
It’s important to cover all your bases when it comes to external attack surface management. Even if an attacker uses a less common avenue to access company data, it still can have just as detrimental of an impact.
How to protect your attack surface, and your brand
Domain monitoring is the foundation to protecting the company’s brand and covering a large portion of the external attack surface management. Domain monitoring involves continuously monitoring domain names and taking down those that are fraudulent – that is, typosquat domains that look like the real thing but are off by a character or two to fool the unsuspecting end user into believing that the destination URL or email domain is a trusted brand.
Most companies purchase high-risk typosquat domains to keep them out of attackers’ hands. However, for some businesses that might have thousands of top-level domains, it is financially infeasible to purchase them all.
Nor is it practical to manually hunt down typosquat domains that are being exploited. In 2020, the number of phishing and fraudulent sites targeting businesses increased 73% over 2019, to 7 million sites.
The only way to effectively monitor these domains is with sophisticated technology. A modern domain monitoring solution leverages AI and automation to identify thousands of typosquatting variations spanning 3,000+ TLDs, and then continuously monitors threat level conditions and domain name availability.
It’s worth noting that every company’s brand protection landscape differs. Where we see similarities is in industry verticals, where customers tend to take similar paths and use the same touch points on the Internet.
Of course, where customers go, attackers go. So, for example, fraudulent apps in mobile app stores are a high risk for financial institutions (and their customers) while in-game fraud is a high risk for game development companies (and their customers).
No industry or company is free of the risk of brand infringement or typosquatting. Domain monitoring is just one portion of an organization’s attack surface, but it is a significant one that prior to recently, may not have been on security’s radar. To do external attack surface management right, it will have to be.
Start Effectively Implementing External Attack Surface Management Practices Today
Bolster offers an expansive solution to meet your business’s unique brand protection needs. With automatic scanning and takedown technology, you can trust that we will provide external attack surface management support where you need it.
To see Bolster in action, and get started managing your external risks today, Request a Demo with our team.
