Advanced Cyber Defence Systems (ACDS) has unveiled various updates to its EASM tool, Observatory. Its new capabilities include an ability to monitor for leaked AWS access and secret keys, as well as a new detection feature for software supply chain vulnerabilities, including known compromised products with backdoors like Polyfill.
As the threat landscape becomes more complex, both businesses and IT strategies are in constant flux. The rapid growth of cloud service providers, like AWS, whose revenue has multiplied 25 times in the last decade, underscores this evolution. For ACDS customers, this translates to seamless cloud workload transitions, scaling resources as needed. However, this agility creates a dynamic attack surface, changing daily as workloads shift and IPs are reassigned. The ACDS Cybersecurity Challenges in 2024 Report revealed that half of security professionals believe that it is likely that there are devices connected to their company’s network that they are not aware of. Effectively securing enterprise assets requires precise attack surface identification and knowing all assets, subdomains, IPs, and critical systems. With each workload change, the risk profile shifts, demanding continuous monitoring and management of emerging vulnerabilities.
Observatory is a market defining external attack surface management (EASM) tool that scans billions of internet-facing IP and port combinations, as well as validates, identifies, and defends against known and unknown threats. Unlike the more conventional method of vulnerability scanning, Observatory maps an organisation’s entire vulnerability landscape. Using proprietary algorithms, unique ACDS intelligence is used to pull out the most relevant constellations of threats for an organisation to prioritise in remediation and proactive protection. The solution uses a three-pronged approach to holistically secure an organisation’s entire network: Discovery, Validation, and Insight.
The upgrades to the Observatory platform include:
- Identity and Access Key Capabilities: The Observatory EASM tool is able to identify and report any identity and access keys that are exposed to the internet. The identification and reporting of these greatly assist the CISO and broader security team to plan, act on, and harden an organisation’s security posture.
- AWS Access Keys and Secret Keys Monitoring: Observatory is able to monitor the attack surface and discover any AWS access and secret keys that may have been leaked. If these keys are exposed, attackers can gain control of cloud resources, steal data, and incur significant charges. Prompt action when alerted to leaks can help prevent unauthorised access, financial losses, and security breaches.
- Polyfill.io Software Supply Chain Vulnerability Detection: Polyfill is a hosting service for open source software packages that was taken over in 2024 by a threat actor group that used it to inject malicious code into users’ browsers. This technology was used by over 100,000 major organisations globally. Many older websites have yet to remove Polyfill from their supply chain to fully mitigate the risk of malware injection, which presents significant risk to the entire supply chain, jeopardising both user and data security. Observatory is able to detect the presence of Polyfill and other known compromised software supply chain products.
As well as introducing new capabilities, ACDS Observatory EASM continues to provide enterprise businesses with a platform that is continuously scanning the internet and reporting on known CVEs, the associated EPSS and CVSS scores, those with CISA KEV flags. Additional insight is provided in granular detail on each of those vulnerabilities found.
Elliott Wilkes, CTO of ACDS, said: “The Observatory platform provides security leaders and CISOs with in-depth knowledge and understanding of the complex, ever-evolving attack surface of their organisation, which, in the age of the cloud environment, is essential. Securing enterprise assets hinges on precisely identifying the attack surface, encompassing all assets, subdomains, IP addresses, and critical systems. Because the risk landscape shifts with every workload change, continuous monitoring and management of emerging vulnerabilities are critical. I look forward to showcasing Observatory’s market-defining tools at the upcoming Cloud and Cyber Expo.”
ACDS will be exhibiting on stand CS136 at the Cloud and Cyber Expo, held at London ExCeL on the 12 – 13th March 2025. Live demonstrations will be available on the stand.
