In this article:
Use Attack Surface Intelligence (ASI) to expand and deepen your understanding of cyber-threats from a viewpoint that ranges from global to granular.
ASI provides direct access to SecurityScorecard's data with more than 4.1 billion IP addresses scanned every 10 days across 1500+ ports globally. Using powerful search capabilities, you can find and correlate the latest information on IPs, open ports, and vulnerabilities, threat actors, ransomware group campaigns, and other data points.
Tip: For automating and integrating ASI, see the API article.
Run search queries in the platform
Run filtered searches directly in ASI tab of the SecurityScorecard platform. If you are a CISO, you can gain a global view of the threat landscape to help you craft effective security policies. If you are a threat hunter, you can narrow the focus and analyze data at a more granular level, for example, connecting a vulnerability for a service running on an open port to a threat hunter known to exploit that vulnerability.
The ASI landing page provides sample queries to help you get started with your searches. It also provides relevant blog posts about recent threats and remediation strategies. Learn how to run search queries and use filters in ASI. In addition to using ASI's sample queries, you can write your own.
Use ASI with your portfolios
For your vendor risk management (VRM), see the threat landscape in the context of your Portfolios. See how IPs on your vendors' Scorecards may be on blocklists or have vulnerabilities known to be exploited by certain threat actors or ransomware groups.
Note: Attack Surface Intelligence does not surface potential vulnerabilities. It surfaces Common Vulnerability Enumerations (CVEs) that we confirm as being actual vulnerabilities. SecurityScorecard does, however, flag potential vulnerabilities as an issue type. Learn more.
Use ASI as a remediation tool
Run ASI searches on IPs or vulnerabilities in the Findings table for any issue type. Gain a clearer understanding of the risk that this finding presents to your organization to help you prioritize remediation.