Offensity & Offensity RED

GFFT Rank:

Offensity - https://www.offensity.com/  
Product Profile

OFFENSITY:

Offensity is a domain-based vulnerability monitoring tool. It does continuous monitoring of your company's internet accessible infrastructure instead of selective tests. Constantly updated, automated processes monitor your systems and test them immediately after vulnerabilities appear.

How Offensity helps you:

  • Automated detection of your externally accessible IT infrastructure, including DNS-, mail- and webservers, mailing lists etc.
  • Continuous scans for company-wide assessment on constantly increasing number of vulnerabilities
  • Focused monitoring of unauthorized published data on hidden websites in the Deep Web
  • Specific recommendation on how to mitigate discovered vulnerabilities by Europ's best hackers
  • Transparent reporting for management and IT experts, provides a unified overview of all security-relevant changes in your systems

Company-wide scans

Offensity monitoring is not limited to individual parts of your company or to certain system components. Offensity tests company-wide and covers all areas of the company infrastructure landscape with its powerful scanning - no matter how hidden they are.

Precise reporting

Offensity's reporting provides a clear, efficient basis for decision-making for your management. At the same time, IT and security experts can call up complex information and delve into details.

European security service

Offensity is a European security service that uses profound know-how to assess how secure your company is. We work according to the latest European standards and laws.

OFFENSITY RED:

With Offensity RED we continuously identify vulnerabilities in medium-sized and large companies. Our automated continuous vulnerability monitoring Offensity serves as a basis. The results of the automation serve as a first stepping stone to find further issue. Our security experts search for business-critical security risks four days a month. Advice and recommendations are provided in monthly two-hour collaboration calls.
Our expert team consists of experienced and internationally awarded penetration testers. Advice and recommendations are provided via telephone - directly with our security expert.

The problem

The tasks of daily operations and a lack of security specialists entail the risk of overlooking business-critical vulnerabilities. IT departments struggle under difficult conditions:

  • Historically grown IT infrastructures
  • Heterogeneous systems landscapes
  • Legacy systems
  • Low safety awareness of the employees
These conditions often impede the timely identification and assessment of security risks. New vulnerabilities suddenly turn old systems into a security risk and present IT departments with urgent and important tasks:
  1. informing about newly published vulnerabilities
  2. assessment of criticality and exploitability
  3. survey of the systems concerned
  4. prioritizing measures
  5. implementation of measures

The extensive number of tasks of daily operations and the lack of security know-how infer a high risk for errors. There is a great risk of overlooking newly published vulnerabilities (1). In large infrastructures with conventional vulnerability scanners, it can take several days to weeks to identify affected systems (3). Assessment of criticality and exploitability (2) as well as prioritization of measures (4) require in-depth expertise.

Our solution

We complement our continuous and automated security monitoring solution Offensity with four days per month of manual vulnerability assessment and two hours of consulting. The manual vulnerability assessment with Offensity, as a basis, offers our customers the following advantages:

  • identification of complex attack scenarios
  • consideration of the individual customer infrastructure
  • assessment of the actual exploitability of vulnerabilities
  • vulnerability detection with authenticated users and roles

In comparison to external penetration testing teams, our security experts rely on a lot of preparation and preliminary work through the automated tests and other internal tools. The available time is used most efficiently.In monthly collaboration calls we offer individual advice, recommendations and support in prioritizing measures. The customer also determines what the focus will be in the upcoming manual vulnerability analysis. Our customers can choose from the between the following approaches:

  • audit of the external (accessible from the Internet) IT infrastructure
  • auditing of the internal IT infrastructure (e.g. client networks)
  • Phishing or Spear Phishing simulations with employees

Conclusion
Offensity RED improves IT security in complex and large infrastructures. We achieve this through:

  • Continuous search for exploitable security vulnerabilities and risks
  • Tight collaboration with the client to identify, prioritize and eliminate risks
  • Measurable long-term improvement of IT security
 
  
Development Line of Offensity
2020

Offensity RED (New product flavor launched)

Adding typical red-teaming features such as pentesting & collaboration calls in one, unified report for overall company findings
2019

Offensity (Commercial product launch)

Domain-based vulnerability scanning cloud service, providing easy-to-comprehend actionalble report and criticallity ratings
2018

Offensity (Beta release)

Domain-based vulnerability scanning cloud service, providing easy-to-comprehend actionalble report and criticallity ratings

Contact

A1 Digital International GmbH
Lassallestraße 9
A-1020 Vienna
Austria
Tel.: +43 5 06640
Email: info@a1.digital

General Information

Headquarter: Vienna / Austria
Employees: 180
Founded: 2017
Reference Customers
  • TTTech
  • ekz.bibliotheksservice GmbH
  • mySugr
  • Herold