Welcome to BreachBoard!
Updated: 2 days ago
A new user's guide to your portal into BreachBits' Continuous Intelligent Red Team Service.
What is the BreachBoard?
The BreachBoard provides a central dashboard and control panel for BreachBits Continuous Intelligent Red Team (CIRT) Customers, where they can get a real-time ‘hacker’s-view’ of their IT infrastructure, as well as control and monitor the CIRT attack attempts against their defenses. As CIRT discovers new assets, open ports, vulnerabilities or humans that comprise your overall ‘attack surface’, you can find the details of them immediately – before attackers do.
New BreachBoard users will be provided with temporary credentials for their initial login at breachboard.breachbits.co. After the initial login, you will be directed to a page where you can securely set your password.
Dashboard - Control & Insights
After logging in, you will be brought to your organization's dashboard, where most of the control and knowledge features of your CIRT subscription can be found.
The top of the BreachBoard contains the features that allow customers to control each aspect of their CIRT Subscription.
On the left, you can start or stop CIRT's reconnaissance, scanning and attack cycle at any time with the Continuous Attacks button. To start CIRT's attack cycle, simply press the green 'Start Continuous Attacks' button, and you'll be given a prompt to verify you want to start CIRT's attack cycle.
If CIRT is already active, you will be given a red 'Stop Continuous Attacks' button instead. When clicked, you'll also get a prompt for contact information. If there is a concern or question that caused you to stop CIRT's attack cycle, enter your contact information and someone from the BreachBits Team will contact you to address it.
The button on the right gives you the ability to request an on-demand attack, which gives you the ability to execute realistic (but benign) attacks at a time of your choosing, to check or verify that your security controls on a particular computer or server are working as expected and will detect and disrupt an attack. More about this feature can be found in an upcoming blog post.
Below the control options on the BreachBoard is where customers can find the results of CIRT's reconnaissance, scanning and attack assessments of your organization, and key insights into your attack surface. At the top, you'll find the totals of of the key aspects of your attack surface for your reference.
At the top, you'll find the totals of of the key aspects of your attack surface for your reference.
Active Breaches. The number of current instances of successful CIRT attacks, where weaknesses in your defenses were found and exploited.
Targets Found. This is the number of public-facing servers, computers or cloud services that CIRT has found that anyone on the Internet (including attackers) can see and potentially attack.
Identities Found. A key component of your organization's attack surface are the humans that have access at some level to the data you are protecting. The number of identities found is the amount of email addresses, professional social media accounts, etc. that can be targets of social engineering attacks.
Vulnerable Targets. The total number of targets that CIRT has discovered that contain publicly-known vulnerabilities, that attackers could possibly exploit to access or disrupt your data.
Next is the attack overview section. CIRT Pro and Premium customers have access to a continuous stream of CIRT attack attempts that test their defenses and verify their security controls, and the details of these attacks can be found in this section. If your organization has no active breaches, you'll see the results of the past 30 days of CIRT attack attempts, as well as access to the details and timelines of each successful CIRT breach of your defenses.
If your organization does have an active breach, you will also see a few pieces of information about the breach, but not access to the entire timeline. This is intentional, to give your organization an opportunity to detect, isolate and remediate the breach, which allows you to exercise your incident response playbooks and see how long it takes your team and solutions to detect and stop a breach.
Attack Surface Insights
The details of your organization's attack surface can be found in the next BreachBoard section.
The first row of attack surface insights detail the human identities that CIRT has discovered through it's reconnaissance capabilities, and that CIRT (and real attackers) can use as phishing or other social engineering attacks to gain access to your organization's data. Additionally, a map shows the physical locations of the servers, computers or cloud services that comprise your organization's attack surface. The following two views detail the targets within your attack surface, as well as the ports and services that are exposed to the Internet (and attackers).
Have questions, ideas or comments about the BreachBoard, or what else you would like to see? Email firstname.lastname@example.org, or send us a message through the 'Contact Us' link at the top of your BreachBoard.