Expanse, based in San Francisco, CA, announced on December 4 that Expanse Expander and Expanse Behavior have been added to the Department of Homeland Security (DHS) Continuous Diagnostics and Mitigation (CDM) Approved Products List (APL). Expander helps organizations discover and track all of their known and unknown Internet Assets and reduce their risk of exposure to attackers. Behavior actively monitors the communications of those assets, continuously analyzing suspicious traffic patterns. Expander and Behavior make up the Expanse Internet Operations Management Platform and are pivotal in helping the world’s leading organizations manage and secure their global Internet attack surface, on-premises and in the cloud.
“The addition of Expander
and Behavior to the CDM APL gives agencies the power to fill in gaps between
existing solutions that are only focused inside the firewall, and the need to
address the increasing number of bad actors who look for ways to break into
networks from outside the firewall,” said Matt Kraning, CTO and
co-founder of Expanse. “To have Expanse added to the CDM APL underscores
the need for a complete and continuous outside-in view of all on-premise and
cloud network assets, which addresses everything from asset inventory to risky
exposures and potential misconfigurations.”
The CDM Program was set up by
the Department of Homeland Security to fortify the cybersecurity of government
networks and systems, providing cybersecurity tools, integration services, and
dashboards to participating agencies to support them in improving their
respective security posture.
Expander and Behavior support the
objectives of the CDM program by addressing:
- What’s on the network: Knowledge of an organization’s
Internet Assets (IP addresses, certificates, domains, and cloud instances
by provider) and discovery of the ‘unknowns’ are critical to defending the
network. Expander identifies new, existing, and unknown assets belonging
to an organization on-prem and across all cloud providers.
- Who’s talking to your network: Equally important is the knowledge of who is
trying to access a network from the outside in an unauthorized or malicious
way. Behavior provides visibility into those network communications — including
risky and out-of-policy behaviors — between owned assets and others on the
public Internet by combining observed Internet traffic and active sensing data,
without requiring deployment or configuration of any local sensors.
- How to defend the perimeter: The Expanse Internet Operations Management
Platform indexes the entire Internet to collect data about every device
connected to it, surfacing any exposures present on each of those assets that
could be attacked or exploited. With this knowledge, the Expanse Internet
Operations Management Platform provides organizations with a comprehensive,
continuously updated inventory of its on-premise and cloud Internet Assets
and their details, including associated exposures, non-compliant
configurations, and risky communication behaviors.
Expanse continues to work closely with DHS and other government agencies to provide solutions that support CDM objectives in federal cybersecurity while meeting the reporting requirements outlined by the Federal Information Security Modernization Act.
Source: Expanse
By 
