Asset monitoring
Argos is able to continuously search for your company's external assets. We not only use well-known API providers such as Netlas or SecurityTrails, but also collect our own data by scanning more than 120,000,000 million cloud assets several times a day. To get as complete a picture as possible of the entire attack surface, Argos, for example, proactively looks at resources found (Javascript files and the like). Also use external sources, such as the Darknet or source code archives, such as github.com to find assets. Argos also has some proprietary functions that further optimize the process of finding valid assets.
Your external red team
Many companies do not have IT security specialists and/or cannot recruit specialists. The DSecured team can take on this task very efficiently and continuously search for and find problems and take over all relevant parts of IT security. We will provide you with non-stop advice throughout the contract period.
0% false positive rate
Unfortunately, there is no software that has a 0% false positive rate. Especially in IT security, there are findings that cannot simply be assessed and must be placed in the current context. Therefore, any unclear notification from Argos goes to the DSecured team. We check whether the information is relevant and whether it could possibly be exploited in a malicious way.
Prevention of leaks
Argos actively searches the company's assets for potential leaks of access data, general data but also source code. In addition, it monitors platforms such as github.com and immediately reports information that can be linked to a customer to the platform user. Through special access to assets, certain ports or paths, Argos is able to provoke errors, which in turn can leak important information.
Basic security/IT hygiene
Argos can scan for issues and security vulnerabilities multiple times a day. You can quickly see which assets may have serious problems, which assets have long been referenced, and which assets have unexpected ports open. This provides a good basis for reducing the number of assets - the less there is to monitor and protect, the lower the chance of being hacked.
Bug Bounty Programs
Bug bounty programs have proven to be an excellent extension to classic penetration testing. However, starting a program like this without careful preparation is not a good idea - your budget would be used up on unimportant finds in a very short time and the triage team would quickly be overwhelmed. Since Argos is based on a real bug bounty hunter, it is perfect for "cleaning up" in advance and thus ensuring that ethical hackers focus primarily on critical security gaps.
Mergers & Acquisitions
Before taking over a company, it is always worth checking how the external attack surface is structured and whether this could cause problems for you as a buyer. Nobody wants to integrate broken and referenced assets into their own network. Save yourself these problems and let Argos check how high the technical debt and legacy issues are. Argos also offers a solid tool to monitor the integration of new assets into your existing IT infrastructure.
