The Art of Recon: Strategies for Modern Asset Discovery
Listen now
Description
Today, we explore the world of asset discovery and reconnaissance, particularly how these practices have evolved over time. Historically, discussions around reconnaissance have been overly simplistic and tool-centric, often focusing solely on the latest tools rather than the underlying principles and methodologies. Join us as we break down our approach to reconnaissance into five key elements: breadth, depth, context, amplification, and focus. We discuss the importance of understanding the attack surface holistically and how to effectively map it out in a modern context. Learn why breadth is crucial for discovering all assets related to an organization, how depth allows for a deeper understanding of those assets, and the significance of context in enhancing your reconnaissance efforts. We also touch on amplification techniques that can help you uncover hidden vulnerabilities and the importance of applying an offensive mindset to your reconnaissance work. Whether you're a seasoned security professional or just starting in the field, this episode offers valuable insights and practical advice to enhance your reconnaissance skills and improve your overall security posture. Discover how to think beyond tools and embrace a more strategic approach to asset discovery!
More Episodes
Running an effective bug bounty program requires balancing an attractive scope and payout to hunters with an attack surface that challenges hunters to do more than automated scans. Program managers want to pay for skillful findings, not automated ones. In this episode, we talk about how ASM helps...
Published 10/10/24
Published 10/10/24
In this episode, we discuss the blindspots of IP-centric approaches to asset discovery and the importance of understanding the full attack surface of an organization. We unpack the challenges posed by modern cloud architectures, load balancers, and WAFs, and how these can create blind spots in...
Published 10/02/24