Autobahn's Cyber Fitness focusses on creating impact through remediation instead of tracking long lists of vulnerabilities. This helps you and your team to prioritize which tasks to focus on first.
Autobahn uses Hetzner servers for data storage located in Germany. Their datacenters are ISO 27001 certified. For two-factor authentication during login to Autobahn, we use AWS which is also ISO 27001 certified.
Autobahn uses a variety of data sources to effectively map your company's internet footprint. We use DNS scanning, Internet scanning, subdomain generation through brute forcing subdomains, WHOIS, and SSL certificates, TLS/SSL scanning, as well as cloud scanning. We currently also have an integration with AWS and will soon integrate with other cloud services.
Autobahn identifies vulnerabilities in network devices, IoT, ICS, custom web apps, cloud/third party services, off-the-shelf software, hardware, and telco components. This allows us to find gaps in: network segregation, system architecture, implementation security, credential management, patch management, and secure application development.
Autobahn helps you understand the security posture of your company. Comparing you to similar-sized industry peers allows you to understand if you are more vulnerable and thus need to step up your remediation efforts, or helps you focus security best practice areas where you underperform.
Autobahn's industry benchmarking is based on a comprehensive data set that we regularly update. This allows you to compare your Hackability Score to a peer group that is relevant to you, both in size and industry.
Autobahn also allows you to benchmark your results against previous scans, showing your remediation progress. This can help your IT security team set KPI's, or let you decide whether external support is required.
Firstly, we categorize our findings into three security best practice areas: insufficient hardening, missing patching and unnecessary exposure.
Then, we classify the vulnerabilities based on severity and business impact:
+ Severity 4: Instantly exploitable vulnerabilities
+ Severity 3: Exploit fragment that can be used to craft a successful attack
+ Severity 2: Vulnerability that may reveal sensitive information to enable further attackers
+ Severity 1: Best practice deviation
Afterwards, we use a proprietary formula to calculate the Hackability Score per finding type.
Finally, we calculate the absolute Hackability Score which is the sum of the individual Hackability across all assets. Then, we normalize this Hackability Score based on the number of exposed services to compare organizations within industries.
Vulnerability prioritization helps security teams and companies increase their cyber resilience by focusing on the right tasks. On top of that, Autobahn automates remediation guidance and ticket creation.
If you deem the risk as acceptable, you can mark a vulnerability as “risk-accepted” and it will no longer affect your Hackability Score.
Autobahn helps you and your company create an overview of the most important vulnerabilities your company faces. In our dashboard and report, we tell you what you should do in the short term, and the long term. This takes the guess work out of improving your security.
Autobahn's curated Cyber Fitness workouts provide easy-to-follow remediation steps that everyone in your IT team can follow. As Autobahn has one of the lowest false positive rates in the industry, your team will always be working on reducing real threats.
Autobahn helps you and your company improve, or create if you have not yet, an overview of the most important vulnerabilities your company faces. In our actionable and to the point dashboard and report, we tell you what you should do on the short term, and on the long term. Autobahn also allows you to benchmark your results against your previous reports to show the remediation progress. This supports the IT security team to set their KPI's, and helps you decide whether external help is necessary.
Yes, Autobahn currently integrates with Qualys and Nessus Pro. We are working on incorporating other scanning tools and can take your requests on the agenda.
Our team is just an email away and ready to support youContact us