Announcing BLS's Attack Surface Management Offering
And A New Analyst Job Opening As Well
Black Lantern Security (BLS) is excited to announce and spotlight our new Attack Surface Management (ASM) offering. With this offering, we aim to assist our customers in monitoring and maintaining the security posture for externally-exposed (internet-facing) assets. ASM is executed using a two-phased approach. In the first phase, BLS Operators use a combination of automated tools and manual inspection to identify, baseline, and analyze external applications, services, and systems. After establishing the baseline, BLS Operators conduct security surveys for each external asset. These surveys identify vulnerabilities in external assets and provide valuable input for assessing risk and guiding remediation activities.
For the second phase, BLS Operators monitor and alert on changes to the customer baseline. Any changes, which may include NEW assets OR existing assets with NEW vulnerabilities, trigger an analysis of the affected assets to determine if the changes introduce new risks to the environment. Our team also monitors and tests for emerging threats and vulnerabilities. For example, last year’s log4j announcement required a reexamination of our existing clients’ entire attack surface.
If you think your organization might benefit from this service, then reach out for more information.
Now for the second aspect of this announcement. With the growth of our ASM offering, we need new team members to aid us in analyzing thousands of hosts. We are posting a new position for “Attack Surface Analyst”. The team will consider both entry-level and experienced candidates. This is an excellent opportunity for someone who has an interest in offensive operations but might not be a seasoned penetration tester. The ideal candidate will have experience in continuous Open Source Intelligence (OSINT) gathering and analysis of LARGE data sets; web application/service penetration testing knowledge is a huge plus. Candidates should have a strong interest in continuous, offensive security operations and a demonstrated ability to be disciplined and organized.
If you have any interest in this type of position, then check out our new job posting here.