S2W said on the 20th that it will expand its market presence by upgrading the attack surface management (ASM) function, a core module of its enterprise and institution security artificial intelligence (AI) solution QUAXAR.
With the recent spread of AI, cloud and the Internet of Things (IoT), the information technology (IT) infrastructure asset of corporations has diversified, and the attack surface that hackers can penetrate is increasing rapidly. As a result, interest is growing in ASM, which continuously detects an organization's exposed asset and vulnerabilities from an attacker's perspective and evaluates and manages risk. The fact that the Personal Information Protection Commission released the "Plan to strengthen the personal information safety management system" in Sep. last year with ASM included as a key task is also accelerating adoption.
QUAXAR ASM operates through a three-step process of asset discovery, asset analysis and continuous monitoring, and features application of TALON SCORE, the proprietary vulnerability risk scoring method of S2W's threat intelligence center TALON. In addition to existing vulnerability indicators, TALON SCORE comprehensively reflects the level of access difficulty, actual exploitation cases, the presence of attack code and the time of disclosure to provide risk information optimized for each corporations environment.
QUAXAR ASM also integrates a CART (continuous automated red team) process that continuously conducts simulated intrusions into the corporations environment from an attacker's perspective, helping identify how discovered asset could be exploited in real attack scenarios and supporting the establishment of more sophisticated defense systems.
QUAXAR ASM generates synergy when used together with the digital risk protection (DRP) and threat intelligence (TI) modules. By cross-analyzing leaked account information and asset information identified on the dark web and Telegram, it enables a multidimensional understanding of the overall attack flow, and knowledge graph-based analysis allows users to grasp at a glance the connections between asset and attack campaigns.
Kim Yeon-geun, head of product development at S2W, said, "In an environment where even asset that corporations have not recognized can become an entry point for attacks, proactive management from an attacker's perspective is becoming increasingly important," and added, "Through the advancement of QUAXAR ASM, we will be able to further strengthen our ability to respond to cyber threats."