BinaryEdge has earned itself a strong following within the information security community due to its superior results in unearthing Internet-exposed devices compared to competitors such as Shodan. Many security researchers have utilized BinaryEdge to find unpatched systems exposed on the Internet, notify companies, and even claim bug bounty rewards.
Coalition’s acquisition of this company places its scanners into the hands of Coalition’s cyber insurance customers while still operating as a stand-in service.
Searching for Internet-exposed devices
Cyber-insurance provider Coalition announced it has acquired BinaryEdge, a search engine for Internet-exposed devices. This acquisition will incorporate their internet-wide vulnerability scanning features into Coalition’s current cyber insurance policies, according to CEO Joshua Motta and BinaryEdge CEO Tiago Henriques’ statements to ZDNet. Customers of Coalition can then scan their networks for vulnerable systems and receive alerts and guidance for fixing those vulnerabilities.
BinaryEdge is a search engine for security that uses machine learning and cybersecurity techniques to quickly scan, collect, and classify public Internet data. This data includes open ports and services, vulnerable remote desktops, insecure networks, invalid SSL certificates, and real-time search results, allowing users to assess how vulnerable their network may be. It provides live updates that show users exactly where vulnerabilities may exist in their networks.
Search engines such as this one also provide lists of passwords and usernames commonly employed on these devices, while their databases house over 10,000 different devices ranging from routers and servers to web cameras, SCADA systems used in power plants and water treatment facilities, making this search engine an invaluable resource for cybersecurity professionals and those needing to keep an eye on their online presence.
Shodan, Censys, Zoomeye, and Fofa are other tools similar to Google Search that allow cybersecurity professionals to locate internet-connected devices and servers as well as obtain details regarding their operating systems, software installations, and open ports – often used by hackers as an easy target for attacks against these targets. They can also prove invaluable resources when conducting penetration tests against specific networks.
BinaryEdge remains popular within the infosec community despite some flaws. For instance, it occasionally displays geolocation data about devices, making it easier for attackers to target specific buildings or neighborhoods. Furthermore, some systems used by water utilities – for instance, Kamerka SCADA systems at one plant were shown as being located 1.5 miles from where they were – sometimes display incorrect locations, making preparation for physical surveillance easier for attackers.
Detecting Internet-exposed devices
Discovering Internet-exposed devices is essential in assessing cyber risk. Many security failures don’t occur because companies ignore obvious security flaws; instead, companies don’t recognize hazards in the first place. Therefore, companies must utilize search engines like Shodan and BinaryEdge, which scan the Internet for open systems, as this helps identify vulnerable systems, services, and networks while assisting companies to assess risk levels more accurately.
These tools are designed to locate devices on the Internet by searching for specific protocols, manufacturers, or device types. Once found, these tools provide details regarding each type of device’s configuration and screenshots of its interface, making it easy to identify quickly. They may even show whether an unpatched software installation has been configured.
Shodan and BinaryEdge utilize Internet scanning software to identify devices accessible to the general public, including industrial control systems (ICS). Each allows you to search for specific devices to gain insight into the risks posed by these systems – for instance, their operating system type, whether or not they’re insecure, potential vulnerabilities present, and any data leakage events that could potentially lead to criminal activity.
Shodan and BinaryEdge collect OSINT (open source intelligence) from the Internet, such as open ports and services. This data can be highly beneficial to blue teams as it enables them to answer many questions they would otherwise not be able to pose; many companies even deploy honeypots or sensors on their network to monitor these events. Their data may then be combined into larger datasets like GreyNoise, an Internet monitoring security tool that detects different actors that scan it.
Coalition, a cybersecurity insurance provider, announced last week that they have acquired BinaryEdge, an Internet-exposed device search engine provider. With this acquisition, Coalition’s cyber insurance customers will be able to have their Internet-exposed devices scanned by BinaryEdge and receive alerts of vulnerabilities they find. In addition, this integration also offers recommendations on how best to resolve those vulnerabilities.
Identifying Internet-exposed devices
As more devices connect to the internet, Industrial Control Systems (ICSs) become more vulnerable to online threats. Misconfigurations often expose these systems, providing attackers with entry into crucial infrastructure equipment. Luckily, several tools such as Shodan, Censys, Zoomeye, and Fofa exist that can assist with identifying vulnerable ICS systems; using different criteria, they classify devices and services by port, software version, operating system type, and location.
Kamerka, created by Polish security researcher Jakub Wojciech, is one such tool. This open-source intelligence (OSINT) gathering tool indexes sensitive devices online and displays their locations on a map. Users can use search queries to locate devices on the web before plotting the results on Google Maps – providing data such as their IP address, operating system, or software version for further inspection.
As well as identifying vulnerable devices, this tool enables users to track malicious activity. It will notify you if a malicious actor has gained entry to your device and take measures before any further threats escalate. It can even detect network compromise by malware.
This tool combines Machine Learning and Cybersecurity techniques to analyze public Internet data. The platform utilizes multiple methods for collecting, classifying, and creating real-time threat intelligence streams and reports for your business. Furthermore, its integration can enable you to track and protect cyber assets more effectively.
Security professionals looking to monitor their competitors can benefit from this tool by tracking the activity of their rivals and understanding their vulnerabilities. With its detailed profile of website vulnerabilities, this tool enables security professionals to protect themselves against attacks by monitoring competitors, blocking malicious content, or preventing data collection by other sites.
BinaryEdge stands out from other tools by its innovative approach to gathering public Internet data, which differs significantly from tools like Shodan, Censys, and Zoomeye. Our custom-built platform utilizes Machine Learning and Cybersecurity techniques to scan, acquire, classify, and create real-time threat intelligence reports for our company clients.
Reporting Internet-exposed devices
As more devices and services connect to the Internet daily, digital security has become a top priority among tech professionals. Tools such as Shodan, Censys, Zoomeye, Fofa, and BinaryEdge allow users to find Internet-exposed devices like servers, network shares, and misconfigured consumer IoT devices; data on open ports with potential vulnerabilities, as well as open ports or services that pose potential threats online – these search engines help cybersecurity professionals establish risk management policies and protect critical assets against potential online threats.
Recently, cyber-insurance provider Coalition completed their acquisition of BinaryEdge – an Internet-wide vulnerability scanning portal popular among infosec professionals – for USD 180 Million. As Joshua Motta and Tiago Henriques of BinaryEdge discussed, the acquisition will integrate its scanning capabilities into its cyber insurance offerings. All Coalition policyholders will benefit from receiving free BinaryEdge scans of their Internet-exposed systems and alerts should any security vulnerabilities arise. BinaryEdge has become a valuable asset to the information security community, which relies heavily on it to identify unpatched systems requiring repairs. Many scans have allowed infosec researchers to locate database servers leaking sensitive data online – earning them bug bounty rewards.