- Ryan Melillo, Security Engineer
- linkedin.com/in/ryanmelillo/
- September 12, 2023
Like it or not, every company carries a cyber risk – some more than others. At Melillo, our goal is first to help our clients assess that risk, and then to minimize it.
We’ve found that IBM’s Randori software can help us successfully attain that objective. Randori scans publicly accessible information about a company without needing any special access credentials. It searches the internet using APIs and appropriate tools to highlight any vulnerabilities it finds. When it’s finished, Randori generates a report providing a “temptation score” that indicates how attractive or vulnerable the company is to hackers or other threats. The tool can be used by simply inputting a domain name and, using artificial intelligence, it then creates a report with security values categorizing concerns as critical, medium, or low.
A big advantage of Randori is its ability to uncover previously undetected information. For example, it can find random Amazon cloud servers or data buckets that were supposed to be taken down or destroyed but still remain open and contain sensitive data. Such information can be exploited as a starting point for further attacks.
In today’s world, where security is crucial due to widespread cloud-based systems and remote work access, Randori’s report provides a meaningful context by tiering the identified issues. It goes beyond random scores and gives a clear indication of the level of temptation a company poses to potential attackers. For instance, a high temptation score of 9.5 out of 10 means that someone targeting the company would likely succeed. That contextualized information helps companies understand the severity of their vulnerabilities and take appropriate actions to enhance their security.
Companies of any size can use Randori, particularly for discovering the use of technology systems, applications and services within an organization that are not officially sanctioned or supported by the IT department, also referred to as “Shadow IT.” When employees or departments bypass official IT channels and procure or use their own technology solutions it creates security risks and vulnerabilities that attackers can exploit to gain access to a company’s larger dataset.
Additionally, there is a risk to an organization’s brand when a third-party resource operates as if they are the company itself. For example, unauthorized websites or activities that don’t align with the company’s brand can impact its marketing efforts. Thus, shadow IT is not solely an IT security threat but also a concern for maintaining brand integrity. Randori identifies such risks and vectors of attack and identifies instances where another brand is projecting itself as the company. That can include former and current legitimate business partners, as well as cases where bad actors set up infrastructure pretending to be the company without authorization. Those malicious acts become security incidents requiring appropriate action – which Melillo can also help solve.
It’s important to remember that security is a layered solution. Randori is a great solution for advanced threat detection and risk assessment, but it is just one piece of a very large toolbox that IBM provides to Melillo customers. Together with IBM, Melillo provides a complete ecosystem to support all its clients’ security needs.