When a public real estate company realized they lacked a comprehensive cloud inventory and found evidence of infection, they leveraged the Censys Attack Surface Management platform to gain greater visibility into all of their Internet-based assets. Since partnering with Censys, the company achieved a full view of their attack surface and generated significant ROI.
Key ROI achieved
Censys discovered more than 600 cloud assets outside of monitored accounts, 80% more than what the company previously believed was online.
Censys identified 18 AWS S3 storage buckets that were unintentionally exposed to the public and one bucket with its permissions publicly configurable.
Censys revealed 60 new risks on previously unknown assets, including deprecated protocols, protocol misconfigurations, and vulnerable end-of-life software.
Lack of cloud visibility leads to security challenges
This publicly-traded real estate company needed to uncover Internet-facing security risks stemming from both cloud and on-prem assets. With over 50,000 employees, a lean security team, and multiple subsidiaries, the company struggled to comprehensively inventory and quickly patch Internet assets.
Their security team was spread thin across multiple business units, which made tracking down potentially unknown assets an insurmountable challenge. This problem was exacerbated by acquisitions and a mandate to track the security of several subsidiaries despite having no control over their subsidiaries’ assets.
The security goal: Discover assets that their security team had missed, and gain a comprehensive Internet asset inventory across the entire company.
How Censys reduces risk of a breach through external asset visibility in the cloud
The Censys Attack Surface Management platform provides this real estate company with a comprehensive view of their external attack surface and immediately uncovered more than 600 previously unknown assets in 15 clouds and 74 networks. This result is inline with other companies: on average, Censys Fortune 500 customers find 30-80% more Internet-facing assets than expected.
As part of its discovery process, Censys identified more than 60 previously unknown risks including Internet exposed MySQL, Telnet, and FTP servers. Most critically, Censys’ cloud asset discovery algorithm identified 18 S3 storage buckets that were unknowingly leaking data publicly. In one case, a bucket had an externally editable ACL, allowing attackers to change permission and upload malicious data. The customer was able to remediate ACLs on the misconfigured asset before a data breach occurred. In 2018, AWS S3 storage bucket misconfigurations were responsible for around 30% of all records exposed. Storage bucket misconfigurations and database server exposures (e.g., Internetfacing Elasticsearch and MongoDB) continue to plague enterprises. In most cases, these exposures are due to simple misconfigurations rather than unknown vulnerabilities.
This real estate company continues to use Censys to track any new and unexpected services and risks that appear online as well as to quickly respond to new threats using Censys’ inventory tool. In addition to uncovering problems, the team relies on Censys’ daily scanning to confirm that identified security problems are correctly resolved by their IT counterparts.
“Censys provides a good lens into things that we don’t know about. Censys was able to quickly discover multiple S3 storage buckets that were publicly accessible on the Internet and contained sensitive data.” – Public Real Estate Company
Why do companies choose Censys?
Censys Attack Surface Management is powered by our industry-leading Internet scanning platform that discovers 85% more services than our nearest competitor.
Censys continuously scans more than 100 protocols across the top 3,500 ports on the full IPv4 address space every 10 days and the top 100 ports daily.
Censys is the only Attack Surface Management provider that uncovers unknown storage buckets on AWS, GCP, and Azure that contain sensitive data.
“We chose Censys over a competitor because it provided the rich data we needed.” – Manager of Cybersecurity, Public Real Estate Company
Interested in learning how Censys Attack Surface Management could support your security goals? Try a demo today!