Owners of systems with unpatched vulnerabilities and faulty configurations must be notified before they get exploited by attackers. Arctic Security automates the victim identification and notification to help with this. With Arctic Security’s products, National Cyber Security Centers and Service Providers can warn their customers about the observed exposure and abuse on their Internet-connected systems. Enterprises use Arctic Security to monitor their Suppliers and Partners and notify them so they can fix problems before they compromise the supply chain.

The integration with Shodan automates the queries and augments the resulting data so that the victim organization can easily find and fix the problems. In addition to Shodan, Arctic Security harmonizes and categories over 100 other sources of abuse information including compromised machines, unpatched vulnerabilities, faulty configurations and leaked credentials from the dark web. 


In Arctic Hub, data from Shodan is first harmonized and then categorized and matched to the victim organization. The enriched data makes it easy for IT professionals to identify and fix the reported problems. Often, when you search on Shodan you get an ISP as the network owner and not the actual end users. Arctic Hub adds that information and then breaks the results down into vulnerabilities, open services, or compromised computers. This makes it easier to prioritize and remediate the observed findings.

Data Augmentation Example

Arctic Security creates vetted Shodan queries to find vulnerable and misconfigured systems in Internet-connected systems, such as the one shown in the Shodan query result below. In the actual integration, data is fetched through the Shodan API and processed automatically.

 

 

After collecting the data, it is harmonized, augmented, and enriched with data from other sources of Arctic Hub. Final result for this data item is shown below.

 

 

Users of Arctic Hub can then find the right recipients affected by the data, and send the processed information directly to them. This is something that is not available in the original data. Recipients can then act on data based on information from both Shodan and Arctic Security.

As shown in the list below, Arctic Security supports a growing number of integrated Shodan queries to identify and automatically notify the owners of vulnerable and misconfigured systems.

contact

Want to know more? Contact us

Looks like you're proactive about cybersecurity. We like that! Let us know what you want to accomplish, and our team will be in touch. Together, we can work out the best way to help you.

test-drive

Test-drive Early Warning Service

We built Early Warning Service as a continuous monitoring service to alert our customers to their cybersecurity issues. It’s a great way to take stock of your security posture and see what may have slipped through your defenses undetected. Try our free service for quarterly reports that show you visible cybersecurity issues in your network.