RedHunt Labs is an External Attack Surface Management (“EASM”) company with their SaaS-based offering, NVADR. It helps enterprises discover, track and secure their exposed assets continuously. Their “asset” definition goes beyond subdomains and IP ranges and extends to modern Attack Surface assets such as mobile apps, code repos, cloud storage instances, docker containers, leaked keys, credentials, and much more.
RedHunt Labs is on a mission to help companies maintain holistic cybersecurity of their external digital footprint by eliminating shadow, IT risks and taking control of their ever-evolving attack surface.
What Problem Are You Trying to Solve?
As organizations adopt dynamic infrastructure, cloud and expand their global presence; their digital assets are growing beyond subdomains, IPs, and websites. These untracked assets/legacy systems/data leaks often lead to breaches. Organizations are finding it hard to track and secure their ‘ever-evolving attack surface’.
How Are You Solving That Problem?
We continuously keep discovering assets belonging to our customers, and as soon as an asset surfaces on the internet, we notify our customers with this intel. Having thousands of bots deployed across the internet, we cannot just identify assets, but also check for security risks associated with their exposures.
On top of it, the very definition of asset classes that RedHunt Labs’ Attack Surface Management platform covers are holistic and cover elements of the modern attack surface. Premium security consulting support is also provided to organizations to deliver effective and timely security risk posture visibility.
How Has the Pandemic Impacted Your Company?
With the pandemic, we have seen a large number of assets coming online, and hence the exposures of our customers have increased manifolds. Long story short, Attack Surface Management became more important because of more WFH setups.
Where Do You See Your Company Going In 5 Years?
In 5 years, we see the company becoming a global market leader in the External Attack Surface Management (“EASM”) arena, by not just delivering its offerings to major global organizations, but also coming up with models for organizations who are getting started on the path of managing their cybersecurity posture. With the combination of our consulting service and the product, we aim to capture a major market share within the next 5 years.
The company also plans to contribute to the security community by releasing open-source tools as well as internet-scale security research findings and relevant data sets.
What Is the Next Big Challenge in Information Security?
One of the big challenges in information security is the visibility of ‘what to secure’ rather than ‘how to secure’. There is a lot of data on the internet that can be collected; however, it’s not of much use without context and correlation. The ability to clearly map data points to an organization in terms of ownership and highlight relevant security risks will be a game-changer for the security of modern organizations, and RedHunt Labs is on a mission to deliver this.
As you can see from past few years, untracked exposures have been one of the most common reason for Data Breaches.
How Do People Get Involved/Buy into Your Vision?
We’ve released many open-source tools as well as security research studies on our website https://redhuntlabs.com/. People from the cybersecurity community can contribute and spread the word around the topic of Attack Surface Management. Also, CISOs can reach out to us to collaborate on identifying other gaps in this domain and how to fix them.