How Storm XASM Works?

Cybral XASM is a powerful security platform designed to constantly discover, analyze, and protect an organization’s external digital presence. By combining asset discovery, vulnerability scanning, and threat intelligence, it gives organizations real-time visibility into potential risks, helping them defend against threats before they happen. Here’s how each part of XASM works:

Stage 1: Scanning Process

XASM runs five core scans in parallel to ensure complete coverage of the external attack surface:

  1. Asset Discovery

    • Automatically detects and lists all internet-facing assets, including IP addresses, domains, and subdomains.

  2. Network Vulnerabilities Scanning

    • Scans publicly exposed IP addresses to identify vulnerabilities and misconfigurations in network infrastructure that can be exploited by attackers.

  3. Web Application Scanning

    • Scans web applications for externally exposed vulnerabilities, identifying weak points in application security.

  4. GitHub Leak Detection

    • Monitors public code repositories for exposed credentials, and other sensitive data that could lead to data breaches.

  5. Social Data Scanning

    • Analyzes publicly available data about employees and organizational details to identify information that could be exploited.

Stage 2: Analysis and Insights

  1. Defense Strategy Generation

    • After completing the scanning process, XASM uses AI-powered analysis to generate prioritized defense strategies for identified vulnerabilities.

    • These tailored strategies provide actionable recommendations to secure each asset type.

Storm Threat Inteligence Engine
PreviousSystem OverviewNextGetting Started

Last updated