Threat
Intelligence
BroadWatch delivers threat intelligence by collecting,
processing and analyzing threats and vulnerabilities to data
applications, assets and systems. This includes a description
of the vulnerability, explanation of the threat, related tags
for searching, and related attacks that expose the threat. The
intelligence data is prioritized and sorted by risk level,
applications affected, and domains compromised; and is
displayed on one single dashboard simultaneously accessible by
all authorized platform users.
Risk Analytics
BroadWatch aggregates critical threat and vulnerability data
to deliver analytics and reporting for use in prioritizing and
responding to discovered threats and related cyber risks to
the organization. This risk assessment data is applicable for
use by executive management, oversight committees, CISOs and
managers, as well as front-line operators in making governance
and response decisions that include risk avoidance, risk
mitigation, or risk acceptance.
Vulnerability Scanning
BroadWatch’s proprietary vulnerability scanning methods are
designed to discover, identify, and report weaknesses, risks,
(including hardware misconfigurations and flawed programming
code) within an organization’s IT assets, networks,
applications, and domains. Scanning is performed on both
internal and external targets providing an understanding of
what bad actors can see and take advantage of. BroadWatch
scans can be executed in real-time, or on a customized
schedule (daily, weekly, quarterly, annually) to obtain
updated near-instant risk exposure data or verification of
specific remediation efforts.
Vulnerability Management
BroadWatch manages vulnerabilities by aggregating,
correlating, prioritizing, and reporting risk exposure found
through vulnerability scanning (either by BroadWatch or a 3rd
party application). Users can monitor, track, and itemize
vulnerabilities and remediation status based on criteria such
as domains compromised, assets affected, critical
applications, and workforce assignments.
Workforce Management
BroadWatch provides automated and synchronized workforce
management functions to assist in the assignment and reporting
of remediation efforts throughout the organization. This is
used by both management and operators to coordinate and track
assigned remediation tasks and report real-time task status.
Asset Management
BroadWatch assists organization’s Information Technology Asset
Management (ITAM) processes during the operation and
maintenance phases by (1) discovering existing assets in the
environment; (2) tracking the threat level of the asset by
monitoring risk and compliance and; (3) reports on the
existence and risk exposure of various IT assets found within
an organization’s digital landscape.
Domain
Discovery
BroadWatch discovers domains (and sub-domains) associated with
an organization in order to identify and ensure awareness of
external risk exposure that may or may not have been known
internally. Organizations oftentimes lose sight of domains and
these can become compromised due to lack of necessary risk
analysis and remediation.
Penetration Test Reports
Penetration Tests are usually performed by a 3rd party
contractor to evaluate the security of a computer network by
ethical hacking means and then providing the contracting
client a report of the test findings. BroadWatch can be used
to deliver the findings data and then track these findings
through remediation; and depending on the report delivery
methods selected, can import all findings into the platform
for ongoing tracking and analytics.
Compliance Reporting
BroadWatch identifies and reports the compliance status of IT
assets, systems, and applications for which the organization
has a compliance requirement. These reports can be used to
maintain specific standards that have been designated
internally or by an outside entity (such as a regulatory
agency).
3rd Party Data Ingestion
BroadWatch ingests and merges 3rd party threat & vulnerability
scan data into one single and correlated view—thus removing
data disparity by having to use multiple systems and displays.
Ingested data from 3rd party platforms is maintained in
perpetuity after the 3rd party system has been decommissioned
thereby ensuring historical data continuity.
Sensitive Information
Reporting (SIR)
Utilizing proprietary and standard open source intelligence
(OSINT) reconnaissance and gathering techniques, BroadWatch
dynamically reports external facing sensitive information
available in the public domain that can potentially be used to
nefariously exploit critical systems, applications, and
assets. The Sensitive Information Report (SIR) includes:
Full sub-domain discovery
Port enumeration
Application identification
Dark Web exposure
Cyber Risk
