This page documents the categorization of all Security Findings found on the scans run by Coalition Control.
|Encryption||Services that may be accessible without an encryption layer. Example: an HTTP server that is accessible without SSL/TLS for secure communication.|
|Storage||Databases or storage systems that are publicly exposed and remotely accessible. Potential for data-exfiltration.|
|IOT||IOT devices that are publicly exposed and remotely accessible. These include, but are not limited to: Smart TVs, Cameras, Embedded Servers, Sensors. Potential for data-exfiltration.|
|Malware||Malicious programs that are publicly exposed and remotely accessible. These include, but are not limited to: Trojans, Backdoors, Worms. Potential for data-exfiltration, unrestrained remote access, etc. Indicates a potential infection.|
Issues with SSL/TLS certificates, which may be expired and/or invalid or matched with known malicious software. A hacker can take advantage of a website with an expired SSL certificate and create a fake website that is identical to it. An invalid certificate means that others cannot validate your identity.
Remote access technologies that are publicly exposed and remotely accessible. These are usually technologies that grant full access to systems remotely. These include, but are not limited to: RDP, VNC, X11, Telnet, Powershell.
Web Server missing security configurations such as headers and/or exposing high access endpoints that should not be publicly exposed.
DNS configurations or lack thereof that are considered unsafe.
Exposed configurations that can contain credentials and/or information pieces that should have been kept private. Credentials with a big scope of access may grant an attacker with the ability of controlling respective systems.
Known vulnerabilities that were identified on software that is publicly exposed. Potential for remote access, data-exfiltration, etc.
Outdated software that is no longer getting security updates. Upgrading to a newer version is advised.
Asset found on public lists of bad assets. Causes of listing include, but are not limited to: spam, malware, phishing.
Exposed virtualization software.
|Exposed Critical Software||
Software that is publicly exposed and remotely accessible and grants access to critical resources or data.