New solution helps organizations map internet-facing attack surface to protect organizations’ sensitive information for first and third party information security and risk programs
Tysons, Va. – November 16, 2020 - QOMPLX™, a leading global intelligent decision platform provider, today announced the general availability of Q:SCAN, an internet attack-surface scanning and scoring solution aimed at helping organizations identify and fix external cyber exposures. QOMPLX’s solution improves security program effectiveness by helping teams dynamically identify, monitor and fix their high-risk external exposures while improving the completeness of their inventories.
Today’s IT leaders are facing increased cyber risks stemming from globally dispersed workforces, aggressive adoption of cloud services, and the wide availability of low-cost or free attack and post-exploitation tools. Internet-facing business assets produce signals that attackers seek to understand and exploit, and that customers use to judge the posture of their security programs along with those of their vendors.
Managing Internet-facing attack surfaces requires thinking like an attacker. Q:SCAN passively scans external internet domains to identify key risk signals, which can indicate an organization may have a poor security posture. Using a wide range of public data sources, open-source intelligence (OSINT) techniques, and internet scanning and collection approaches, Q:SCAN identifies, collects and analyzes assets and their configurations, and assesses their overall posture. The solution creates an overall risk score for the organization. Using advanced analytics from public and proprietary datasets, Q:SCAN also provides additional context based on data from cyber breaches and threat actors.
Q:SCAN complements traditional vulnerability scanning tools by rapidly assessing and scoring organizations’ overall security postures across their cloud and traditional on-premise IT environments. Q:SCAN data can be used directly or integrated into analyst workflows to help defenders guard against external threats. This helps IT Operations and Security teams alike, by improving communication and supporting data-driven collaboration across departments. Q:SCAN data also powers partner solutions such as the Dun & Bradstreet Cyber Risk Rating service, for organizations that need access to high-quality Internet scan data for their own third-party risk management, cybersecurity monitoring, rating and research purposes.
Since its founding in 2015, QOMPLX has developed technology that supports data-driven risk management by combining internal, external, open-source, and Internet-based data. QOMPLX’s Q:CYBER suite, including the new Q:SCAN product offering, is the first comprehensive solution that combines external attack surface intelligence with internal telemetry from Active Directory, log sources, and other security tool feeds.
“QOMPLX has always focused on getting to ‘ground truth’ using real observations about IT and OT systems as the basis for realistic and pragmatic risk management and risk finance. With our extensive expertise in Internet-scale data collection and extraction, and with our powerful suite of analytic tools, Q:SCAN and our Q:CYBER suite is the industry’s most comprehensive data factory for cyber. We believe that by fusing together data from multiple vantage points, customers can accurately map their networks and reduce operational risks,” said Jason Crabtree, Founder and CEO, QOMPLX. “As we started mapping and monitoring large corporations’ critical internal infrastructures, Active Directory servers, Windows Event logs, and security tools and log feeds, we became painfully aware of gaps in managing external exposures. We realized that our expertise in Internet-scale data collection, unstructured data analysis, and analytics would allow us to outperform other exposure mapping and scoring solutions. Over the past year, we invested substantially in these capabilities, partnering with a select set of customers and partners to provide high quality data and insights. We’re now pleased to bring these capabilities to market as Q:SCAN and put it in the hands of more clients.”
Q:SCAN is available now. More information is available in our latest datasheet, Q:SCAN - Score Your External Security Posture.
About QOMPLX, Inc.
QOMPLX protects businesses’ data where they need it most. Q:CYBER, QOMPLX’s premier cybersecurity software platform, is the first and foremost enterprise-grade cybersecurity solution for IT and security organizations seeking superior performance with risk-driven programs. Our Identity Assurance, Privilege Assurance, Scan, and Assess tools save businesses time and money while providing the visibility they need to establish ground truth in today’s digital world. Find out why a growing number of leading global enterprises trust QOMPLX’s Q:CYBER software to power their defensive operations. For more information visit QOMPLX.com and follow us on Twitter @QOMPLXOS.
Media Contact (QOMPLX):