XTIUM Cybersecurity Threat Assessment Service Description

Don’t wait for a breach to happen. Take a proactive approach to security with our comprehensive Threat & Vulnerability Scanning service.

We combine the power of Tenable Nessus, the industry’s leading vulnerability scanner, with the deep threat intelligence of DarkOwl to deliver unparalleled visibility into your security posture and actionable insights to mitigate risks.

1. Introduction

This document outlines the scope, deliverables, and execution process for the XTIUM Cybersecurity Threat Assessment Service, a point-in-time evaluation designed to identify vulnerabilities, security gaps, and dark web exposure in your external attack surface. By leveraging industry-leading tools like Tenable Nessus for vulnerability scanning and DarkOwl for dark web monitoring, XTIUM provides actionable insights to enhance your cybersecurity posture and mitigate risks.

2. Service Overview

What is the XTIUM Cybersecurity Threat Assessment Service?

The XTIUM Cybersecurity Threat Assessment Service is a comprehensive evaluation of your external-facing assets to identify potential cybersecurity risks. The service includes:

• Mapping and analyzing your external attack surface (e.g., domains, IPs, services).
• Identifying vulnerabilities and security gaps in public-facing systems using Tenable Nessus.
• Monitoring the dark web for exposed credentials, sensitive data leaks, and threat actor activity targeting your organization using DarkOwl.
• Delivering a detailed report with prioritized recommendations to address identified risks.

Objective:

The primary objective of this service is to provide you with a clear understanding of your external cybersecurity risks and actionable steps to mitigate them, helping to prevent data breaches, unauthorized access, or service disruptions.

3. Scope of Service

What XTIUM Will Do:

XTIUM will perform the following activities as part of this engagement:

• Attack Surface Discovery
  • Identify all internet-facing assets associated with your organization, including domains, IPs, open ports, and services.
  • Map shadow IT and other unauthorized or unmanaged assets.
• Vulnerability Identification
  • Conduct vulnerability scans using Tenable Nessus to identify:
    • Known vulnerabilities in external-facing systems.
    • Misconfigurations in public-facing systems.
    • Weak authentication mechanisms.
    • Deprecated or unsupported software.
  • Security Gap Analysis
    • Analyze findings to highlight critical security gaps that could lead to data breaches, unauthorized access, or service disruptions.
  • Dark Web Monitoring
    • Use DarkOwl to search the dark web for:
      • Exposed credentials (e.g., usernames, passwords) associated with your organization.
      • Sensitive data leaks (e.g., financial or proprietary information).
      • Mentions of your organization’s domains or brands.
      • Threat actor activity targeting your organization.
    • Reporting and Recommendations
      • Compile findings into a detailed report with prioritized recommendations for remediation.
    • Expert Consultation
      • Conduct a 1-hour Q&A session with your team to review the findings, discuss remediation strategies, and recommend best practices for ongoing protection.

Out-of-Scope Activities:

For clarity, the following activities are not included in this service:

• Internal network scanning, endpoint security assessments, or employee device evaluations.
• Active exploitation or penetration testing of identified vulnerabilities.
• Implementation of remediation or patching on your systems.
• Ongoing monitoring, incident response, or managed detection and response (MDR) services.
• Formal audits for compliance with standards such as GDPR, HIPAA, or PCI-DSS.

4. Deliverables

What You Will Receive:

At the conclusion of this engagement, you will receive the following deliverables:

• Attack Surface Overview
  • A visual and tabular representation of your external-facing assets, including domains, IPs, and services.
• Vulnerability Report
  • A detailed report of identified vulnerabilities, categorized by severity and exploitability.
• Dark Web Insights
  • A customized report from DarkOwl detailing compromised credentials, leaked sensitive data, and targeted threat actor activities related to your organization.
• Critical Gap Summary
  • A focused overview of the most critical security gaps requiring immediate attention.
• Actionable Recommendations
  • A prioritized roadmap for addressing vulnerabilities, improving configurations, and enhancing your security posture.
• Comprehensive Assessment Report
  • An all-inclusive report summarizing attack surface discovery, vulnerabilities, dark web findings, and recommendations.
• Expert Debrief and Support
  • A 1-hour session with a XTIUM cybersecurity professional to discuss the report, answer questions, and outline next steps.

5. Execution Process and Timeline

How the Service Will Be Delivered:

XTIUM will execute the assessment in the following phases:

• Engagement Kickoff
  • Conduct a scoping session with your team to confirm objectives, define the scope of assets to be assessed, and obtain written authorization for scanning.
• Attack Surface Discovery
  • Use tools like Tenable Nessus and Nmap to identify and validate your internet-facing assets.
• Vulnerability and Gap Analysis
  • Perform vulnerability scans and analyze findings to identify security gaps.
• Dark Web Monitoring
  • Use DarkOwl to search for information related to your organization on the dark web and investigate potential threats.
• Reporting and Consultation
  • Compile the comprehensive assessment report and deliver it to you.
  • Schedule and conduct the 1-hour Q&A session to review findings and recommendations.

Estimated Timeline:

The engagement is expected to take approximately 15 business days from the kickoff date, assuming timely provision of information and authorization. The timeline may vary depending on the size and complexity of your external attack surface or delays in providing necessary approvals.

6. Tools and Technologies

XTIUM will use the following tools to perform the assessment: 

Tenable Nessus: For vulnerability scanning, identifying weaknesses in systems and applications. 

DarkOwl: For dark web monitoring, providing actionable threat intelligence. 

Additional Tools (if needed): Nmap for asset discovery and port scanning; Burp Suite/OWASP ZAP for manual validation of vulnerabilities.

7. Customer Responsibilities

To ensure a successful engagement, you are responsible for: 

• Providing accurate and complete information about your external-facing assets (e.g., domains, IPs) to define the scope.
• Granting written permission for XTIUM to perform scans on specified assets.
• Configuring your systems to handle external scans (e.g., rate limiting, IP whitelisting) to avoid disruptions.
• Participating in the kickoff meeting and the final Q&A session.
• Reviewing and acting on the recommendations provided in the report, as XTIUM will not implement changes on your behalf.

8. Assumptions

This service description is based on the following assumptions:

• You will provide timely access to necessary information and approvals for scanning.
• The scope of the assessment will be limited to the assets you specify during the kickoff meeting.
• Your systems are configured to allow external scans without causing disruptions.
• The engagement will be completed within the estimated timeline, barring unforeseen delays.
• You understand that this is a point-in-time assessment, and new vulnerabilities or threats may emerge after the assessment is complete.  
• You agree that XTIUM cannot be held liable for breaches or incidents that occur after the assessment, as cybersecurity threats evolve rapidly.
• You agree that XTIUM cannot be held liable for inaccuracies in findings due to incomplete or incorrect information provided by you.
• You agree that that decisions made by you based on the recommendations are your responsibility, as implementation is not included in this service.