This page documents the categorization of all Security Findings found on the scans run by Coalition Control.
Category | Definition |
Encryption | Services that may be accessible without an encryption layer. Example: an HTTP server that is accessible without SSL/TLS for secure communication. |
Storage | Databases or storage systems that are publicly exposed and remotely accessible. Potential for data-exfiltration. |
IOT | IOT devices that are publicly exposed and remotely accessible. These include, but are not limited to: Smart TVs, Cameras, Embedded Servers, Sensors. Potential for data-exfiltration. |
Malware | Malicious programs that are publicly exposed and remotely accessible. These include, but are not limited to: Trojans, Backdoors, Worms. Potential for data-exfiltration, unrestrained remote access, etc. Indicates a potential infection. |
SSL/TLS |
Issues with SSL/TLS certificates, which may be expired and/or invalid or matched with known malicious software. A hacker can take advantage of a website with an expired SSL certificate and create a fake website that is identical to it. An invalid certificate means that others cannot validate your identity. |
Remote |
Remote access technologies that are publicly exposed and remotely accessible. These are usually technologies that grant full access to systems remotely. These include, but are not limited to: RDP, VNC, X11, Telnet, Powershell. |
Web |
Web Server missing security configurations such as headers and/or exposing high access endpoints that should not be publicly exposed. |
DNS |
DNS configurations or lack thereof that are considered unsafe. |
Token |
Exposed configurations that can contain credentials and/or information pieces that should have been kept private. Credentials with a big scope of access may grant an attacker with the ability of controlling respective systems. |
CVE |
Known vulnerabilities that were identified on software that is publicly exposed. Potential for remote access, data-exfiltration, etc. |
EOL |
Outdated software that is no longer getting security updates. Upgrading to a newer version is advised. |
Malicious List |
Asset found on public lists of bad assets. Causes of listing include, but are not limited to: spam, malware, phishing. |
Virtualization |
Exposed virtualization software. |
Exposed Critical Software |
Software that is publicly exposed and remotely accessible and grants access to critical resources or data. |