Edgescan's EASM identifies and analyses a company's online presence by searching for related domains and gathering data on subdomains, internet records, registrant details, and associated services.
Version Number: v1.0.1
Published Date: 16 May 2024
____________________________________________________________________________
CTEM Phase 1: Scoping:
Attack Surface Management is a crucial component of CTEM. It is designed to include the complete external attack surface when defending against potential threats.
The role of DNS in simplifying the Internet
At the heart of navigating the vastness of the internet lies the Domain Name System (DNS). This system converts user-friendly domain names (e.g., "http://example.com") into computer-friendly IP addresses (e.g., 25.26.44.47). It's akin to a global directory, directing internet traffic to the correct server, making it effortless for users to access websites without memorizing complex numerical addresses.
How DNS Records Enhance EASM
DNS records are crucial for EASM, offering a map of a company's internet infrastructure. These records, stored in DNS databases, ensure users reach the intended website. They play a pivotal role in EASM by providing insights into the structure and connections of a company's domains and subdomains. Let's delve into specific DNS record types and their significance in EASM:
-
CNAME (Canonical Name Record): Facilitates domain aliasing, pointing multiple domain names to the same location. For EASM, identifying CNAME records uncovers the web of connections between web addresses, potentially revealing vulnerabilities.
-
A (Address Record) and AAAA (IPv6 Address Record): Link domain names to their respective IPv4 and IPv6 addresses, pinpointing where web services are hosted. EASM leverages these records to identify and assess security risks in both new and old internet address formats.
-
TXT (Text Record): Stores text information for various verification purposes, including domain ownership. EASM scrutinizes TXT records for signs of unauthorized entries or vulnerabilities.
-
SOA (Start of Authority Record): Indicates the authoritative server for a domain, serving as the starting point for DNS information. EASM uses SOA records to verify the source of DNS information and identify potential security management issues.
-
NS (Name Server Record): Directs to the servers holding a domain's DNS records, essential for understanding how a domain's web traffic is managed. EASM examines NS records to gain insight into the security of traffic management.
-
MX (Mail Exchanger Record): Designates the servers managing email for a domain. EASM assesses these records to ensure secure and correct email routing, guarding against email-based threats such as phishing.
By leveraging DNS records, EASM provides a comprehensive view of a company's digital presence, identifying vulnerabilities and securing against potential cyber threats. This synergy between DNS and EASM is crucial for maintaining a robust and secure online presence in the modern digital age.