Bitdefender Launches Internal Attack Surface Assessment Tool

Severity: Medium (Score: 42.9)

Sources: Msspalert, Feeds2.Feedburner

Summary

Bitdefender has launched a complimentary Internal Attack Surface Assessment to help organizations identify and mitigate internal cyber risks stemming from excessive user access to applications and system utilities. This assessment addresses the growing threat of Living-Off-the-Land (LOTL) and fileless attacks, which exploit legitimate tools like PowerShell. The tool provides a data-driven analysis of the internal attack surface, offering actionable insights for prioritizing and remediating vulnerabilities. Organizations are increasingly recognizing the need to manage internal risks as attackers leverage trusted tools already present in their environments. The assessment is designed to run without disrupting operations, allowing security teams to implement it seamlessly. By focusing on user-level visibility, it aims to help teams make informed decisions on access restrictions and monitoring. Bitdefender's GravityZone PHASR technology powers the assessment, emphasizing the importance of continuous risk management. Key Points: • Bitdefender's new tool helps identify excessive user access to reduce internal cyber risks. • The assessment targets threats from Living-Off-the-Land and fileless attack techniques. • It provides actionable insights without disrupting existing operations.

Key Entities

• Malware (attack_type)
• T1059.001 - PowerShell (mitre_attack)
• PowerShell (tool)