TRaViS EASM System Documentation

Introduction

Welcome to the official documentation for TRaViS External Attack Surface Management (EASM), an advanced cybersecurity solution designed to provide organizations with exceptional visibility and control over their external digital assets. TRaViS empowers Security Operations Center (SOC) teams with innovative tools to identify, assess, and mitigate risks effectively. This guide offers a detailed overview of TRaViS’s features, capabilities, and benefits, ensuring users can fully leverage its potential to enhance their security posture.

System Overview

TRaViS EASM is a cutting-edge platform that continuously monitors and analyzes an organization’s external attack surface, including domains, subdomains, APIs, and more. With real-time insights and an intuitive interface, TRaViS transforms complex data into actionable intelligence, enabling proactive defense against cyber threats. Built for scalability and performance, it is a valuable tool for organizations of all sizes seeking to strengthen their cybersecurity framework.

Dashboard Guide

The TRaViS dashboard serves as the central hub for managing and monitoring your organization’s external attack surface. Its well-organized layout is divided into key sections, each designed to deliver valuable insights and support efficient workflows.

Dashboard Layout

• Header Metrics Panel: Provides a high-level summary of security metrics for quick decision-making.
• Main Data Table: Offers detailed information on individual assets for in-depth analysis.
• Additional Insights Panel: Delivers technical details to support advanced investigations.
• Control and Export Tools: Includes options for data management and reporting.

This flexible design allows users to focus on specific areas of interest, making TRaViS adaptable to diverse security needs.

Key Features and Capabilities

Header Section: Strategic Security Insights

The header section offers a real-time overview of your organization’s security status, enabling informed and timely decisions.

• Domain Intelligence:
  • Sites in Portfolio: Displays the total number of monitored domains, ensuring comprehensive coverage of your digital assets.
  • Exposed APIs: Identifies publicly accessible API endpoints, a common focus for security enhancements.
  • API Issues: Highlights specific vulnerabilities in APIs, facilitating targeted resolutions.
  • Subdomain Takeovers: Detects subdomains at risk of being hijacked, allowing you to secure or reclaim them.
  • Vulnerabilities Found: Aggregates all identified security issues, providing a clear view of your risk exposure.
  • New Issues Detected: Alerts you to recently discovered threats, ensuring prompt action.
• Dark Web and Exposure Monitoring:
  • Dark Web Exposures: Tracks data leaks or compromised information on the dark web, offering early detection capabilities.
  • Exposed Credentials: Identifies leaked usernames and passwords, helping prevent unauthorized access.
  • Exposed Personal Info: Monitors sensitive personal data exposure, supporting compliance with privacy regulations.
• Network and Configuration Analysis:
  • Reverse Proxy Issues: Detects misconfigurations in reverse proxies that could expose internal systems, aiding network security.
  • Average Score: Provides an overall security score (out of 1000) to benchmark your organization’s security posture.
  • Most Recent Score: Reflects the latest score, allowing you to track improvements over time.
• Severity and Remediation Tracking:
  • Critical/High Severity Issues: Flags urgent vulnerabilities requiring immediate attention.
  • Medium/Low Severity Issues: Lists manageable risks for scheduled resolution.
  • Remediated Issues: Tracks resolved vulnerabilities, demonstrating the effectiveness of your security efforts.
• Scan and Reporting Tools:
  • Export Options (CSV, Excel, PDF, Print, JSON): Generates detailed reports for audits, compliance, and stakeholder updates.
  • Elapsed Time: Displays scan duration, helping optimize performance and scheduling.

Benefits: This section enables users to quickly assess risks, allocate resources effectively, and maintain compliance with industry standards.

Main Data Table: Detailed Asset Insights

The main data table provides granular details about each monitored asset, supporting precise analysis and action.

• Domain Name: Lists all tracked domains for easy identification.
• Scan Time: Records the timestamp of the last scan, linking findings to specific events.
• Sub Count: Indicates the number of subdomains per domain, revealing attack surface complexity.
• Resp Count: Tracks active endpoints or responses, identifying operational assets and potential weaknesses.
• >5 Count: Highlights domains with more than five issues, focusing attention on high-risk areas.
• TRaViS Score: Assigns a security score to each domain, aiding risk prioritization.
• Elapsed Time: Shows scan duration per domain, supporting performance optimization.

Features:

• Sorting and Filtering: Allows users to reorder data by any column for customized views.
• Pagination: Supports navigation through large datasets with Previous/Next controls.
• Data Handling: Manages incomplete data gracefully, ensuring usability during scans.

Benefits: This table empowers users to investigate specific assets, prioritize remediation, and optimize scan efficiency.

Additional Insights Panel: Technical Depth

The lower panel provides advanced technical details, enhancing your ability to address vulnerabilities.

• Subdomain Details:
  • Lists all subdomains, uncovering hidden or unmanaged assets like shadow IT or legacy systems.
  • Supports securing or decommissioning vulnerable subdomains to reduce exposure.
• Ports Found:
  • Displays open ports (e.g., 80, 443) per subdomain, identifying potential entry points.
  • Uses visual indicators to highlight active or risky ports for quick assessment.
  • Enables mapping ports to services for targeted mitigation.

Features:

• Asset Discovery: Expands visibility by detecting unmanaged subdomains and configurations.
• Threat Mapping: Links technical findings to specific risks for proactive defense.

Benefits: This panel equips users with the granularity needed to investigate and resolve technical vulnerabilities effectively.

Why Choose TRaViS

TRaViS EASM stands out with its robust feature set, designed to meet the evolving needs of modern security teams:

• Comprehensive Visibility: Integrates data from domains, subdomains, APIs, dark web exposures, and network configurations.
• Real-Time Updates: Delivers continuous monitoring and timely threat detection.
• Risk Assessment: Utilizes the TRaViS Score and severity levels for clear risk prioritization.
• Remediation Support: Tracks resolved issues, providing measurable progress.
• Flexible Reporting: Supports multiple export formats for compliance and communication.
• Scalable Design: Handles large portfolios with advanced analytics and pagination.

TRaViS is trusted by industry professionals for its depth of insight and actionable results, making it a cornerstone of effective cybersecurity strategies.

Benefits for Security Teams

TRaViS enhances security operations by:

• Proactive Threat Detection: Identifies vulnerabilities before they are exploited.
• Efficient Prioritization: Guides resource allocation with severity and score-based insights.
• Compliance Readiness: Provides exportable reports aligned with standards like ISO 27001 and NIST.
• Long-Term Improvement: Leverages historical data for strategic security enhancements.

Conclusion

TRaViS EASM is a transformative solution that redefines external attack surface management, offering unmatched visibility, real-time insights, and robust support for security teams. This documentation provides a solid foundation for understanding and utilizing TRaViS’s capabilities. As additional features are explored through future updates, this guide will expand to ensure users fully harness its power.