Coalition performs security scans on all of our insureds before and during their policy period. In this article, we’ll discuss the overall concept of the Coalition scans, the two major categories of scanning we use, and the secondary review process.
Coalition Scanning Overview
Coalition was founded and developed by security professionals who have devoted their careers to cybersecurity. We know what attackers look for because many of us have been employed as the attackers. Our scanning processes are designed to detect the flaws in your systems that real attackers are using today, but with an extremely light touch (active) or no touch at all (passive).
Types of Scanning
The majority of Coalition scans are called “passive” scans. That is, scans that we perform using third-party data that is collected or hosted by outside resources. For example, we check DNS records for email configurations without touching your computers at all. In fact, in most cases, we have no need to ever directly interact with your networks or computers.
In some instances, Coalition will also perform “active” tests on our insureds. These active tests are designed specifically to search for flaws without actually exploiting those flaws or causing any service disruption. It’s important to understand that Coalition does not attempt to hack into anyone’s systems. Rather, we simply “knock on the door without turning the knob.” In doing so, we’re able to get much more accurate data and notify you of any issues with your systems before an attacker finds them first.
In some cases, our automated scanning process isn’t enough. If a quote is selected for “secondary review,” one of our security engineers takes the additional time to manually inspect your domains. We use many of the same tools that were used in our automated scanning processes, but with very specific interests and analysis. On completion, we provide you with helpful advice beyond what you may find in your Cyber Risk Assessment.
Coalition uses our knowledge and experience to look for targets before the attackers can find them. In doing so, we can offer advice, free products, and free services to help keep our insureds safer
For more information on this topic please reach out to us; we’re here to help!