ZeroFox, an enterprise software-as-a-service provider in external cybersecurity, has contributed tools and a standards framework to the Open Web Application Security Project (OWASP) Amass Project.
The Amass Project aims to help businesses and government entities improve visibility to their full external attack surface asset ecosystem, ZeroFox stated.
Help Mapping the Attack Surface
The OWASP Amass Project has developed a tool to help information security professionals perform network mapping of attack surfaces and perform external asset discovery using open-source information gathering and active reconnaissance techniques.
The Open Web Application Security Project (OWASP) is a nonprofit foundation that works to improve the security of software. All of its projects, tools, documents, forums and chapters are free and open to anyone interested in improving application security.
ZeroFox identified a critical gap in the attack surface management landscape and led the development of the Open Asset Model and Asset Database within the OWASP Amass Project.
Jeff Foley, ZeroFox vice president of Research, commented on the company’s contribution:
"We are thrilled to contribute to the OWASP Amass Project and provide the security community with cutting-edge tools for Attack Surface Management. By leveraging the power of open source, we aim to expand access to advanced cybersecurity capabilities, helping organizations proactively defend against emerging threats."
External attack surface management refers to the process of identifying, analyzing and mitigating the vulnerabilities and risks associated with an organization's external-facing digital assets. They include websites, applications and network infrastructure. (via Cycognito)
What ZeroFox Offers
Here are some highlights of ZeroFox’s contributions: