Blog

May 25, 2019

On Finding Shadow IT

Post by Robert Hansen

There are many ways one can find shadow IT. Just look under someone’s desk, and you might find it that way. But if you want to find it at scale and see what’s on the public Internet, an Easter egg hunt under people’s desk just isn’t the …

Read More

May 1, 2019

Two Modest Proposals for Improving Cybersecurity

Post by Robert Hansen

I tend to think about security at a macro level these days. It occurred to me there might be a few interesting ways to help improve cyber security online. I like the idea of increasing costs to adversaries, so both of these are about introducing friction to …

Read More

April 19, 2019

Effective TLDs and Why We (Sometimes) Ignore Them

Post by Robert Hansen

Once upon a time there were only a few top level domains, like “.com” and “.net” and life was good. Then along came some friendly blokes who wanted everything to live under their top level domain, like “.co.uk” would be the “.com” for the “.uk” TLD. That …

Read More

April 9, 2019

Bit Discovery Design Considerations

Post by Robert Hansen

When I started building the back-end infrastructure for Bit Discovery’s external asset inventory system – I learned a lot about the Internet that I only had a vague notion of before then. One of the most important things I learned is that Internet is… weird. Really, really …

Read More

March 29, 2019

Asset Inventory — Lexicon, Glossary of Terminology

Post by Jeremiah Grossman

‘Asset Inventory’ is starting to catch on fast in Information Security. The reason for all the interest and market growth is simple: You cannot secure what you don’t know you own.

The reality is the vast majority of organizations simply do not have an inventory of their Internet-accessible …

Read More