Articles by Jeremiah Grossman

Personal site: https://www.jeremiahgrossman.com

“Responsible Person” and Attack Surface Management

By Jeremiah Grossman on January 26, 2021

One might assume it would be common practice within every IT department for there to be a centralized source of truth to easily lookup the primary contact for every IT asset (i.e. network range, hostname, IP address, or domain name).

 
This person, or group of people, is typically referred to …

Read More

Attack Surface Management: “These assets no longer belong to us”

By Jeremiah Grossman on January 13, 2021

Bit Discovery has been tracking the attack surface maps for hundreds of companies for a few years now. In the process we’ve found an interesting use-case. Companies will have assets in their inventory that they were once interested in, then they’ll suddenly say, “these assets no longer belong to us,” …

Read More

The Attack Surface is Foundational Knowledge

By Jeremiah Grossman on December 30, 2020

Foundational knowledge is information, or a skillset, generally accepted as essential to understanding more advanced cognitive subjects or performing increasingly sophisticated processes. As a simple example, learning basic addition is necessary before taking on multiplication. Familiarity with the fundamentals of TCP/IP is necessary before grasping how ACLs and network firewalls work. …

Read More

Analyze the Attack Surface Before Taking a CISO Job

By Jeremiah Grossman on December 29, 2020

I once had a conversation with a Chief Financial Officer (CFO) who said whenever they join a new company, they never know what they’ll find lurking in the financials until well after their first day. They said it’s a little nerve wracking to be unclear about the level of accuracy …

Read More

We want to scan “ALL” our websites…

By Jeremiah Grossman on December 21, 2020

Back in my days at WhiteHat Security, countless customer conversations would begin with them saying, “We want to [DAST] scan all of our websites.” DAST refers to Dynamic Application Security Testing. To which we’d instantly reply, “Great! Just give us the list, and some test account credentials, and we’ll get …

Read More

Why Attack Surface Management is Hard

By Jeremiah Grossman on December 18, 2020

Everyone agrees that attack surface management is critically important, as it is the very first step of any information security program. While enterprise interest and market traction for attack surface management is building, it’s curious why every organization doesn’t already have an up-to-date attack surface map. They should! It may …

Read More

Naming the Shadows within Shadow IT

By Jeremiah Grossman on August 21, 2020

When managing the inventory of internet-connected assets for an organization, the term Shadow IT is often used. The more accurate an Asset Inventory is, the less Shadow IT exists. Generally, Shadow IT refers to IT assets that an organization doesn’t know about or doesn’t have control over. Obviously, you can’t …

Read More

Free Asset Inventory for Healthcare Providers

By Jeremiah Grossman on March 26, 2020

As the world continues to grapple with the effects of the global COVID-19 pandemic, it is infuriating to see cyber-attacks targeting healthcare providers. Already impacted are the U.S. Health and Human Services Department, Champaign-Urbana Public Health District (Champaign, IL), Brno University Hospital (Brno, Czech Republic), Affordacare Urgent Care Clinic (Abilene, TX), Hammersmith Medicines Research (London, United Kingdom), and presumably …

Read More

Asset Inventory — Lexicon, Glossary of Terminology

By Jeremiah Grossman on March 29, 2019

‘Asset Inventory’ is starting to catch on fast in Information Security. The reason for all the interest and market growth is simple: You cannot secure what you don’t know you own.

The reality is the vast majority of organizations simply do not have an inventory of their Internet-accessible assets, such as …

Read More