“More effective than bug bounties, less triage work for enterprise teams”

An organization’s internet-facing perimeter is an ever-changing landscape. Abricto Security’s Aardwolf solves this challenge by actively discovering new systems as they arise. All systems are catalogued; services are enumerated and assessed for vulnerabilities.

Purpose

Aardwolf was developed to address a gap in the market: organizations need greater visibility of their internet-facing assets and more broadly, their organization’s external risk exposure.

Traditional network vulnerability scanning fails to uncover application-layer vulnerabilities. Bug bounty programs are a costly alternative that provide a false sense of security as programs become stale and researchers move on.

Value Proposition

Aardwolf maximizes the efficiency and effectiveness of an organization’s risk management program. Our platform inventories external assets and tracks the constantly changing interrelationships of the organization’s digital footprint. From there, Aardwolf validates defensive controls and uncovers internet-facing, high-risk vulnerabilities that traditional approaches miss. We boil the ocean, and our security consultants distill the noise into validated, contextualized findings.

Features and Capabilities

  Unauthenticated application vulnerability identification
  Dangerous-port and risky service scanning and tracking
  Subdomain enumeration and discovery
  Application directory enumeration
  Identification of dangling DNS pointers
  Internet archive data
  Storage-as-a-Service review
  Application backdoor identification
  Abricto remediation support
  Dashboarding
  Credential stuffing and password spraying
  Certificate health and compliance monitoring
  Unindexed API identification and interrogation
  Public source code identification

Vulnerability Validation-as-a-Service

  • We independently validate all vulnerabilities, eliminating false-positive notifications.
  • No more time wasted by your team drilling down into dashboards or reports trying to triage alerts.
  • Remediation efforts are focused on qualified and prioritized vulnerabilities, maximizing organizational efficiency and effectiveness.

Service Experience

  • Access to the Aardwolf Dashboards:
    • Export data based on asset, timeframes or properties
    • View realtime, internet-facing attack surface
    • Interact with assets to triage, discover and correlate event
  • Access to the Abricto Security Client Portal:
    • View discovered and vetted vulnerabilities
    • Jira integration out of the box
    • Rich API available for custom integration
    • View historical metrics of asset vulnerabilities

Aardwolf handles the discovery, identification and validation of external vulnerabilities.
No more false-positives and no more communication barriers.