Recon is the initial planning stage of an attack or pre-attack phase. During the recon phase, an attacker performs a comprehensive technical analysis on their target organization in addition to gathering employee and organizational intelligence that can be used in a social engineering attack or to gain illicit network access.
The Cymulate Recon vector continuously scans the internet for information that an adversary can find and use before launching an actual attack. The module can scan for intelligence on your company, 3rd party supply chain or a target for a merger or acquisition (consent may be required). It searches for application and infrastructure vulnerabilities, sub-domains, web misconfigurations, open ports, leaked credentials, compromised passwords, Darknet presence, employee emails, and other exploitable intelligence that an attacker may use to their advantage.
Recon findings are presented in a comprehensive report listing a complete view of the findings discovered outside of your organization with a risk assessment score. Security teams may then take the appropriate measures to reduce their cyber exposure by applying actionable mitigation recommendations.