The majority of data breaches are not caused by targeted attacks (i.e. by an attacker who has specifically chosen to target your company and its web applications). Instead, the main cause of data breaches is through random opportunistic attacks.
Hackers scour the internet using tools like 'Autopwn', which searches public databases to discover vulnerable systems, and exploits them automatically. The WannaCry ransomware randomly exploited systems all over the internet to spread its malware.
The majority of hackers don't even care who you are, they simply want control of your systems to perform bitcoin mining; host malicious content, or to stage further attacks against other parties. Although in some cases, this access then turns into your customer database exiting the building.
That's why Intruder's continuous monitoring platform checks all of your internet-facing systems from an unauthenticated perspective. We look for all those security misconfigurations, or known vulnerabilities, that allow hackers to execute an attack against your business.
Of course, in some cases, the bad guys CAN get access to your web applications, for example ones with public logins, or where products have malicious users. So in this case, it also makes sense to make checks BEHIND the login, to ensure you don't have any weaknesses there either.
The reason we don't offer any automated "behind the login" scanning products is two-fold:
- Many modern applications are Single-Page Applications, which automated scanners find it challenging to work effectively with
- The most serious weaknesses in web applications are often 'business-logic' weaknesses. For example where a user can gain access to another user's shopping cart, and see what they bought. Automated scanners are not good at understanding real word scenarios and therefore it is usually better to hire a security consultant for this type of work.
We do have our eyes set on solving these problems, so do check back. But in the meantime, for many of our customers, we do offer one-off consultancy services to help secure their web applications. If you're interested, ask us in the intercom bubble.