Advanced Cyber Defence Systems (ACDS) has recently announced significant updates to its External Attack Surface Management (EASM) tool, Observatory. These enhancements aim to provide improved security measures for enterprises in the ever-evolving cyber threat landscape. The new features include the ability to monitor leaked AWS access and secret keys, as well as a detection feature for software supply chain vulnerabilities, notably products like Polyfill that have been compromised with backdoors.
In today’s rapidly changing IT environment, businesses face constant challenges in adapting to the evolving threat landscape. The exponential growth of cloud service providers, such as AWS, highlights the need for robust cybersecurity measures. ACDS customers can now seamlessly transition cloud workloads while ensuring scalability of resources. However, this agility also introduces dynamic attack surfaces, with risks shifting daily as workloads change and IPs are reallocated. The latest ACDS Cybersecurity Challenges report for 2024 emphasizes the importance of precise identification of an organization’s attack surface and awareness of all assets, subdomains, IPs, and critical systems. Continuous monitoring and management of emerging vulnerabilities are essential to safeguard enterprise assets effectively.
Observatory stands out as a market-leading EASM tool that scans numerous internet-facing IP and port combinations, identifying and defending against both known and unknown threats. Unlike traditional vulnerability scanning methods, Observatory provides a holistic view of an organization’s vulnerability landscape. By leveraging proprietary algorithms and ACDS intelligence, the platform delivers relevant threat insights for organizations to prioritize remediation and proactive protection. The tool adopts a three-pronged approach focused on Discovery, Validation, and Insight to ensure comprehensive network security.
The recent enhancements to the Observatory platform introduce several key capabilities, including:
– Identity and Access Key Capabilities: The EASM tool can identify and report exposed identity and access keys, enabling CISOs and security teams to enhance the organization’s security posture.
– AWS Access Keys and Secret Keys Monitoring: Observatory can detect leaked AWS access and secret keys, preventing unauthorized access, data breaches, and financial losses.
– Polyfill.io Software Supply Chain Vulnerability Detection: With the ability to identify compromised software supply chain products like Polyfill, Observatory helps organizations mitigate risks associated with malware injection and data security breaches.
In addition to these new features, ACDS Observatory EASM continues to provide enterprise businesses with comprehensive visibility into known Common Vulnerabilities and Exposures (CVEs), associated scores, and vulnerabilities flagged by CISA KEVs. The platform offers detailed insights into each vulnerability discovered, empowering security leaders and CISOs to effectively manage their organization’s attack surface.
Elliott Wilkes, CTO of ACDS, highlighted the critical role of Observatory in helping security leaders navigate the complex cybersecurity landscape and secure enterprise assets effectively. Continuous monitoring and management of vulnerabilities are essential in the cloud environment, where risks evolve with every workload change. Wilkes looks forward to showcasing Observatory’s advanced tools at the upcoming Cloud and Cyber Expo in London.
ACDS will be showcasing its Observatory platform at stand CS136 at the Cloud and Cyber Expo on March 12-13, 2025, offering live demonstrations of its market-leading security solutions. These updates to the EASM platform underscore ACDS’s commitment to enhancing security measures for enterprises in the face of evolving cyber threats.
(Source: IT Security Guru)