Attack surface mgmt

SW Labs | Review: Randori Recon

April 22, 2021
Product: Randori ReconCategory: Attack Surface Management
Company: Randori Inc.Review date: March 2021
  1. Customer provides some base data to start with. 
  1. Randori discovers core assets and expands outward. 
  1. "Attackable" components are identified. 
  1. The Target Temptation score is applied and used to prioritize. 
  1. Customers review findings and approve findings they want to authorize for further validation 
  1. Automated processes attempt to exploit these findings. If successful, Randori's Hacker Operations Center will attempt to move laterally and achieve predefined objectives. 
Figure 1 - Randori Dashboard 
Figure 2 - Randori Dashboard: summaries and trends 
Figure 3 - Targets Summary 
Figure 4 - filtering lists in Randori
Figure 5 - a list view of targets 
Figure 6 - The target information screen 
Figure 7 - The discovery path
Figure 8 - A typical notification email
  • Axonius (asset management) 
  • LogicHub (SIEM/SOAR) 
  • Splunk (SIEM/SOAR) 
  • ServiceNow (ticketing) 
Adrian Sanabria
Adrian Sanabria
Adrian joined SC Media's parent company, CyberRisk Alliance in 2020. He will focus primarily on cybersecurity product reviews, but will also provide industry insight trends for both SC Media and Security Weekly (another CyberRisk Alliance company). He brings two decades of industry experience, working as a practitioner, penetration tester, and industry analyst. He spent the last few years as an entrepreneur, challenging norms in sales and marketing for a variety of vendors. Adrian loves to cook, eat, hike, play music and regale his teenagers with stories of what the early days of the Internet were like.