Feature "Risk Insight"

Security misconfiguration vulnerability

Manage certificate security, audit web applications, analyze messaging systems, verify logins and passwords, and examine exposed services.

Ask a demo

Certificates: validation & expiration

This feature presents a subset of Patrowl's data, focused on the security of your certificates, including :

  • Expiry of certificates to avoid any interruption or penalty.

  • Cryptographic suites used (compliant, deprecated or fallible) to guarantee robust encryption.

  • Deprecated SSL/TLS protocols that could put your communications at risk.

  • The reuse of cryptographic keys, a potential vector of vulnerabilities...

Audit of Web Application Security

Web applications are frequent targets for cyberattacks. With Risk Insights, assess the security of your web applications and services by focusing on:

  • The level of protection provided by tools like Web Application Firewalls (WAFs) and Content Delivery Networks (CDNs).

  • The type of defense mechanisms in place and their ability to thwart threats.

  • Ensuring the protections are complete and cannot be bypassed.

Audit of Email Security

Email infrastructures are prime targets for cybercriminals. Risk Insights analyzes your email systems' security by evaluating:

  • Core configurations like Reverse DNS and IP reputation.

  • Encryption protocols like STARTTLS to ensure email confidentiality.

  • Security best practices (SPF, DMARC, DNSSEC, etc.) to prevent phishing attacks and other cyber threats.

Audit of Credential and Password Security

Credential and password breaches can compromise your entire infrastructure. Risk Insights detects these leaks across various sources such as:

  • Code repositories (e.g., GitHub, GitLab) where sensitive information may be accidentally exposed.

  • Configuration, development, and backup files.

  • Publicly accessible source codes and files, whether intentionally or by mistake.

  • Poorly secured API endpoints that could allow unauthorized access.

  • Known public breach databases with Indicators of Compromise (IOCs)

DON'T WASTE ANY MORE TIME

Audit of exposed services

Although the cloud encourages the direct exposure of services over the Internet, best practice recommends that sensitive services should not be exposed in this way.

  • Administration panel: An administration panel is a web or software application that allows authorized users to manage and control various aspects of a system, application or network.

  • Database protection : Databases are prime targets for attackers because of the sensitive information they store.

  • Basic Internet services: The external facade of a network, especially when exposed to the Internet, hosts many services. Although some, such as messaging services or SSH, are intentionally exposed and widely used, they need to be secured. (network protection)

  • Login panel: A login panel is a web interface requiring users to enter their credentials to access a secure system.

  • Other dangerous services: Many Internet services have historically been targeted and exploited by attackers, often due to vulnerabilities or misconfigurations.

Our latest news

See more news