Offensity & Offensity RED

OFFENSITY:

Offensity is a domain-based vulnerability monitoring tool. It does continuous monitoring of your company's internet accessible infrastructure instead of selective tests. Constantly updated, automated processes monitor your systems and test them immediately after vulnerabilities appear.
How Offensity helps you:

Automated detection of your externally accessible IT infrastructure, including DNS-, mail- and webservers, mailing lists etc.
Continuous scans for company-wide assessment on constantly increasing number of vulnerabilities
Focused monitoring of unauthorized published data on hidden websites in the Deep Web
Specific recommendation on how to mitigate discovered vulnerabilities by Europ's best hackers
Transparent reporting for management and IT experts, provides a unified overview of all security-relevant changes in your systems


Company-wide scans

Offensity monitoring is not limited to individual parts of your company or to certain system components. Offensity tests company-wide and covers all areas of the company infrastructure landscape with its powerful scanning - no matter how hidden they are.
Precise reporting

Offensity's reporting provides a clear, efficient basis for decision-making for your management. At the same time, IT and security experts can call up complex information and delve into details.
European security service

Offensity is a European security service that uses profound know-how to assess how secure your company is. We work according to the latest European standards and laws.
OFFENSITY RED:

With Offensity RED we continuously identify vulnerabilities in medium-sized and large companies. Our automated continuous vulnerability monitoring Offensity serves as a basis. The results of the automation serve as a first stepping stone to find further issue. Our security experts search for business-critical security risks four days a month. Advice and recommendations are provided in monthly two-hour collaboration calls.
Our expert team consists of experienced and internationally awarded penetration testers. Advice and recommendations are provided via telephone - directly with our security expert.
The problem

The tasks of daily operations and a lack of security specialists entail the risk of overlooking business-critical vulnerabilities. IT departments struggle under difficult conditions:

Historically grown IT infrastructures
Heterogeneous systems landscapes
Legacy systems
Low safety awareness of the employees

These conditions often impede the timely identification and assessment of security risks. New vulnerabilities suddenly turn old systems into a security risk and present IT departments with urgent and important tasks:

informing about newly published vulnerabilities
assessment of criticality and exploitability
survey of the systems concerned
prioritizing measures
implementation of measures

The extensive number of tasks of daily operations and the lack of security know-how infer a high risk for errors. There is a great risk of overlooking newly published vulnerabilities (1). In large infrastructures with conventional vulnerability scanners, it can take several days to weeks to identify affected systems (3). Assessment of criticality and exploitability (2) as well as prioritization of measures (4) require in-depth expertise.
Our solution

We complement our continuous and automated security monitoring solution Offensity with four days per month of manual vulnerability assessment and two hours of consulting. The manual vulnerability assessment with Offensity, as a basis, offers our customers the following advantages:

identification of complex attack scenarios
consideration of the individual customer infrastructure
assessment of the actual exploitability of vulnerabilities
vulnerability detection with authenticated users and roles

In comparison to external penetration testing teams, our security experts rely on a lot of preparation and preliminary work through the automated tests and other internal tools. The available time is used most efficiently.In monthly collaboration calls we offer individual advice, recommendations and support in prioritizing measures. The customer also determines what the focus will be in the upcoming manual vulnerability analysis. Our customers can choose from the between the following approaches:

audit of the external (accessible from the Internet) IT infrastructure
auditing of the internal IT infrastructure (e.g. client networks)
Phishing or Spear Phishing simulations with employees

Conclusion
Offensity RED improves IT security in complex and large infrastructures. We achieve this through:

Continuous search for exploitable security vulnerabilities and risks
Tight collaboration with the client to identify, prioritize and eliminate risks
Measurable long-term improvement of IT security

Reference Customers:

TTTech, ekz.bibliotheksservice GmbH, mySugr, Herold

History:

2020: Offensity RED (New product flavor launched)

Adding typical red-teaming features such as pentesting & collaboration calls in one, unified report for overall company findings

2019: Offensity (Commercial product launch)

Domain-based vulnerability scanning cloud service, providing easy-to-comprehend actionalble report and criticallity ratings

2018: Offensity (Beta release)

Domain-based vulnerability scanning cloud service, providing easy-to-comprehend actionalble report and criticallity ratings

General information:

Business Unit: Cybersecurity
Branch: All Branches
Type: Product
Patented: No
GFFT Rank: 4.24

Contact of the Organization:

A1 Digital International GmbH
Lassallestraße 9
A-1020 Vienna
Austria
Tel.: +43 (0) 5 06640
Email: