Welcome to the (new) BreachBoard!
A new user's guide to your portal into BreachBits' Continuous Intelligent Red Team Service.
What is the BreachBoard?
The BreachBoard provides a central dashboard and control panel for BreachBits Continuous Intelligent Red Team (CIRT) Customers, where they can get a real-time ‘hacker’s-view’ of their IT infrastructure, as well as control and monitor the CIRT attack attempts against their defenses. As CIRT discovers new assets, open ports, vulnerabilities or humans that comprise your overall ‘attack surface’, you can find the details of them immediately – before attackers do.
To begin, new users will receive an email with a BreachBoard registration link, that will allow you to securely create your new BreachBoard user account.
After logging in, you will be brought to your organization's dashboard, where key metrics and insights of your CIRT subscription can be found.
On the left side of the BreachBoard, you will find the navigation panel, where you can drill into individual aspects of your CIRT Service.
In External Threats, you can see the results of CIRT's efforts to discover, monitor, attack and potentially breach your public-facing attack surface.
In Internal Threats, you can see the results of CIRT's internal cybersecurity assessments of your environment, as well as request new assessments.
In Event History, you can see a detailed time-ordered list of the results of your CIRT Service, including new target and service discoveries, etc.
External Threats gives you a 'hackers's view' of your organization from the public Internet, and has four views - Overview, Attack Surface, Vectors and Controls. In the Overview, you get a high-level view of your organization's cyber Key Risk Indicators (KRIs), which weigh heavily when CIRT calculates your overall cyber risk.
At the top of the Overview View, you also have the ability to start or stop CIRT's attacks & scans of your attack surface.
If the Continuous Attacks status is Disabled, then CIRT is conducting passive reconnaissance on your attack surface, but no scans or attack attempts will be conducted.
When you are ready to start or resume CIRT scans and attacks, simply press the play button.
Next is the Attack Surface View, which provides the most up-to-date snapshot of your organization's public-facing attack surface. Below the summary tiles at the top, you will find any targets that CIRT has discovered to have publicly-known vulnerabilities. Click on any of these vulnerabilities to learn more about them from the National Vulnerability Database.
Below the vulnerable targets you will find all system and human attack surface targets that CIRT has discovered to-date. System targets are public-facing computers, servers or cloud resources, while human targets are email address or social media accounts that can be used to target a human in your organization with social engineering attacks.
The third view in External Threats are your attack vectors that CIRT has identified and queued for testing. An attack vector is a specific ’aimpoint’ in one of your attack surface targets that an attacker could pair with an existing (i.e. non-theoretical) tactic or method to gain access to your internal attack surface and/or violate the confidentiality, integrity or availability of your data.
As CIRT proceeds through the attack vectors in your attack surface to test them for viability and attack them, a record of each individual attack can be found nested under each attack vector.
Internal Threats View
Upcoming BreachBoard releases will also provide an Internal Threats View, where results of internal assessments and requested internal attacks can be found, as well as functionality to request and schedule internal assessments, to test each layer of your defenses. Stay tuned for updates!
Customers can now see the results of CIRT's discovery, reconnaissance and attack actions as they happen with the Event History view. As new services, vulnerabilities or attack vectors are found in (or disappear from) your attack surface, you will see the details of the CIRT updates here.
Have questions, ideas or comments about the BreachBoard, or what else you would like to see? Email email@example.com and share them with us!