BreachLock Unified Platform & Dashboard

Bring security solutions and testing findings together under one unified platform, harnessing a common data model for PTaaS, ASM, continuous pentesting and automated scanning, and Red Teaming.

  • Break Down Silos: Connect solutions for comprehensive asset visibility.
  • A Centralized Approach: A unified view of your vulnerabilities and high-fidelity data.
  • Leverage the Power of Integration: Improve operational efficiency, achieve greater transparency, and optimize testing effectiveness.

Attack Surface Analytics

  • Detailed Analytics:  Discover a detailed analysis of all  your assets to gain an overview of business critical risks.
  • Filter Target Assets: Domains, subdomains, IP address and IP blocks, and technologies to drill down and gain valuable intelligence about each asset.
  • Understand Inherent Risks: Discover which WAFs are enabled or disabled and the provider used, if an IP address is reachable or unreachable, which security certificates are active or inactive, or if you are using the latest version of TLS used, and more.

Attack Path Validation & Mapping

  • Comprehensive Visualization:  Gain a complete visual representation of connection between different nodes, assets, vulnerabilities, and potential paths an attacker may take.
  • Attack Path View: The domain is the core node on the attack path view and includes all domains, discovered subdomains, associated IP addresses, and identified vulnerabilities categorized by risk.
  • Identify Chokepoints:  Nodes serve as pivotal points in multiple attack paths helping to prioritize remediation efforts and disrupt potential attacks.

Asset Discovery & Data Breach

The Platform dashboard for Asset Discovery provides a complete overview of all vulnerable assets that were either discovered in Domain Discovery and Data Breach scans or manually added into inventory.

  • Vulnerability Details: In-depth contextual data is available for each vulnerability, including evidence-based Proof of Concept.
  • Run a Scan:  Run a domain scan live or schedule for on-demand.
  • Add Asset: Add assets for scanning including domain, subdomain, URL, IP, IoT device, a cloud, or mobile asset, or API.
  • Data Breach: Correlates with the Asset Discovery highlighting user and password exposure within the selected domain on the Dark Web, including source, potential threat actor, and when exposure was last seen.

Continuous Security Testing:

APT Scans

The Platform has consolidated Automated Pentesting (APT) Scans, Scan Status, and Scan Scheduling features so that users have a complete pentest automation hub and overview at all times.

  • APT Scans: Continuous security testing ensures vulnerabilities are identified in real-time.
  • Centralized View: Provides complete overview of scan results, status, and scheduled activities.
  • Full Transparency: Enables teams to monitor progress, track vulnerabilities from discovery to resolution, and gain an up-to-date understanding of their security posture.

Continuous Security Testing:

Scan Status & Schedule

Having a centralized view of all automated pentesting scans allows users to maintain better oversight and control of their security testing activities.

  • Scan Status: Review scans for domains, subdomains, IPs/IP Blocks, and Asset Groups by completion, in progress, scheduled, error, paused, failed, or terminated - all in one view.
  • Digital Footprint: Provides complete digital footprint, workflow, and activity details of the scan.
  • Asset Details: In-depth contextual data is available for each asset and associated vulnerabilities, including evidence-based Proof of Concept.
  • Schedule Scan: Scheduled scans on Domains, Subdomains, IP Addresses, URLs (endpoints), IP Block, and Asset Group.

EASM Vulnerability Discovery

The BreachLock Unified Platform consolidates vulnerabilities through Attack Surface Discovery providing the following:

  • Holistic Visibility: Provides a complete view of the attack surface, enhancing remediation efficacy.
  • Improved Remediation: Centralized platform allows for targeted mitigation, addressing the most critical vulnerabilities.
  • Proactive Risk Reduction: Identifies trends and risks early to prevent breaches before escalation.
  • Data-Driven Decisions: Offers actionable insights to prioritize vulnerabilities based on severity and business impact.
  • Scalability: Adapts to dynamic infrastructures, including cloud, IoT, and remote endpoints.

PTaaS: Pentests

The BreachLock Unified Platform under PTaaS features a cumulative, rolled-up view of all pentests conducted through the manual pentesting process.

  • Dashboard Overview: Pentests are itemized by product or asset type, type of pentest (Black Box, Gray Box, or White Box), start date, and status of completion.
  • Edit a Pentest: Pentests can be edited for those pentests that have been Requested, Scheduled or Completed.
  • Schedule a New Pentest: New pentests can be requested by product type (Cloud, Web, API, Network, Mobile, IOT, etc), by asset, configured and scheduled live or on-demand.

PTaaS: Vulnerabilities

BreachLock’s PTaaS model offers human-led pentesting conducted by certified, in-house pentesters, as well as automated pentesting and continuous scanning, maximizing the flexibility and versatility to choose the solution and methodology that works best for you.

  • Vulnerabilities Dashboard: Includes vulnerability name, pentest type, risk severity, assets impacted, date identified and ability to rescan.
  • Vulnerability Details: In-depth contextual data is available for each vulnerability, including evidence-based Proof of Concept.
  • Automated Rescans: Automated Rescans are available for each vulnerability and triggers a scan on all impacted assets.  Validation checks are executed for only selected rescans.

Flexible & Customized Reporting

The Platform's Reporting feature offers robust flexibility, enabling users to customize compliance-ready, internal, or executive-level reports that are easy to generate and tailored to their audience.

  • Reporting Dashboard: Provides a cumulative view of all reports that have been generated by approved users based on security testing performed to date.
  • Generate Report: Optional reporting modules are available to generate, review, and preview a report by asset and include PTaaS, ASM, Automated Pentesting (APT) for Web, APT-API, and APT-External Network.
  • Business Value Impact: Both the Detailed Report and Executive Summary include high-level business impact implications to guide strategic decisions and prioritize security investments.

Asset Inventory

The Asset Inventory feature represents a comprehensive catalog of all assets discovered within an organization’s digital environment, whether systems, devices, applications, APIs, and other assets.

  • Dashboard: A rolled-up, cumulative view of all assets discovered during security testing, whether through PTaaS, automated pentesting and continuous scanning, or Red Teaming.
  • Add Asset: Add assets for scanning including domain, subdomain, URL, IP, IOT device, cloud, mobile, or API as discovery is not limited only to what BreachLock uncovers.
  • Edit or Deactivate an Asset: Modify an asset name, alias, or asset type or deactivate and remove an asset from further scanning.
  • Create Asset Group: Create and group similar assets for easy categorization.

Azure DevOps, ServiceNow, and GitHub Integrations

  • Collaboration & Communication: DevSecOps teams can address issues identified in BreachLock scans in real-time, seamlessly and effortlessly.
  • Time Savings: Quickly access and act on the latest vulnerabilities without manual intervention, reducing lead-time for issue tracking.
  • Centralized Remediation: Centralize vulnerabilities and affected assets for prompt action and faster remediation, protecting assets from potential attacks.

Industry recognitions we have earned

Tell us about your requirements and we will respond
within 24 hours.

Fill out the form below to let us know your requirements.
We will contact you to determine if BreachLock is right for your business or organization.