Famous cybersecurity firm, The Phobos Group launched it’s new tool this week, Orbital. It is a reconnaissance and risk assessment platform. It represents the firm’s reimagining of a reconnaissance platform.
The tool, Orbital, out of beta and public trials works by scanning a customer’s public-facing infrastructure and generating a report with issues it finds.
But what’s unique about Orbital is that it relays the report of its findings in “plain English” as opposed to the previously obtainable report from such tools detailing a 600-page report with indecipherable jargon using terms like CVEs, DREAD scores, STRIDE models and/or ATT&CK mappings.
The primary focus of the Orbital reports is to use simple language for simple concepts like “entry points” and “attack pathways,” said Phobos Group founder Dan Tentler
Instead of a list of CVE identifiers (numeric codes for security flaws), Orbital shows how attackers could combine bugs and misconfigurations to carve a path through the company’s public-facing network.
Orbital is also equipped with a custom-built engine that arranges the issues ranking it from most dangerous to least. This will allow IT personnel to act on the most threatening one right away.
“Orbital was designed from the ground up to be more impactful than bug bounties and compliance-driven vulnerability scanning,” the Phobos team said. “There isn’t a new taxonomy or scoring metric to learn, the Attack Pathways do all the heavy lifting. You see exactly what an attacker would see, before they do.”
The Orbital platform will bring out details like leaked credentials, open ports, internal hosts leaking information to the outside world, a company’s tech stack breakdown, screenshots of what attackers see of a company’s systems, and much more.
In addition to this, it also employs positive reinforcement to show companies when they use “favorable technology stacks” and whether the counter measures after an attack has been improved in between scans.
“Orbital is geared toward the active defender who needs to prioritize risk now,” the Phobos team said. “Orbital was designed by people who want to see real change that results in tactical success against attackers.”
After months of work, teasing, and planning, Phobos Orbital is out of beta and available for trials starting this week, with pricing on demand.