Red Sift ASM (Attack Surface Management), formerly known as Hardenize, offers a comprehensive solution for continuously discovering, inventorying, and managing an organization's critical external-facing and cloud assets. It provides complete visibility into the entire attack surface, including previously unknown assets, enabling security teams to proactively identify and remediate configuration risks before they can be exploited by malicious actors. By solving problems before they become visible to insurers, Red Sift ASM can help reduce cyber insurance costs. The platform also assists organizations in maintaining alignment with best practices, security frameworks, and regulatory legislation. Security teams choose Red Sift ASM to leverage unmanaged attack surface data, identifying mismanaged or unmanaged assets that other tools might miss. It continuously scans domains, hostnames, and IP addresses to ensure data freshness. The solution facilitates automated asset inventory creation, eliminating the need for manual spreadsheets by connecting directly to cloud providers, certificate authorities, registrars, and managed DNS providers. It offers out-of-the-box integrations with major cloud platforms like AWS, Google Cloud, and Azure for a holistic view of cloud accounts. Red Sift ASM provides in-depth, real-time data about each asset, making it straightforward to take immediate action upon identifying a misconfiguration or unmanaged asset.

Features & Benefits

• Leverage unmanaged attack surface data
  • Identifies mismanaged or unmanaged assets that other tools miss, continuously scanning domains, hostnames, and IP addresses for fresh data.
• Automated asset inventory
  • Builds an inventory of external-facing and cloud assets without manual processes, connecting to cloud providers, certificate authorities, registrars, and managed DNS providers.
• Get complete visibility into cloud accounts
  • Integrates with AWS, Google Cloud, and Azure out-of-the-box for a holistic view of the entire attack surface.
• Information to take action
  • Provides in-depth, real-time data about each asset, enabling immediate action when misconfigurations or unmanaged assets are identified.
• DNS and DNSSEC
  • Monitors DNS and DNSSEC configuration across the estate, identifying dangling DNS issues that could pose a subdomain takeover risk and validating DANE configuration.
• SSL and TLS protocols
  • Checks for all known SSL and TLS protocols, cipher suites, named groups, and other cryptographic primitives, simulating connections from popular clients.
• Application security
  • Supports the deployment of relevant standards such as HSTS, CSP, SRI, and others, ensuring the use of secure cookies and preventing mixed content.
• SMTP security configuration
  • Checks for STARTTLS and correct TLS and PKI configuration, facilitating the confident deployment of SPF, DMARC, and MTA-STS.