Coverage¶
This document describes the monitoring items supported by RISKEN.
Scope of Support¶
RISKEN supports the following categories/items:
| Category | Item | Description | Note |
|---|---|---|---|
Cloud |
Threat intel | Collects results of threat detection services like GuardDuty or SecurityCommandCenter | Usage fees for security services may apply. |
| Resource info | Monitors resource information and problematic settings in use on cloud | Check conformity with third-party evaluation criteria such as CIS benchmarks. | |
| Public asset info | Collects information on cloud storage and other publicly exposed information on the internet | ||
Network diagnostics |
Portscan | Conducts port scans on externally exposed ports, IP/FQDN being used on cloud | |
Web site diagnostics |
WordPress | Conducts scans on WordPress | |
| Application | Conducts a simple web application scan using OWASP ZAP | Scanning of web pages that require authentication is currently not supported. | |
OSINT |
Domain | Checks for web sites that should not be publicly exposed, such as staging environments, and risks such as subdomain takeovers | |
Source code |
Secret scan | Inspects for confidential information that should not be stored in source code repositories like GitHub |