Expanse platform added to DHS CDM list

Expanse, based in San Francisco, CA, announced on December 4 that Expanse Expander and Expanse Behavior have been added to the Department of Homeland Security (DHS) Continuous Diagnostics and Mitigation (CDM) Approved Products List (APL). Expander helps organizations discover and track all of their known and unknown Internet Assets and reduce their risk of exposure to attackers. Behavior actively monitors the communications of those assets, continuously analyzing suspicious traffic patterns. Expander and Behavior make up the Expanse Internet Operations Management Platform and are pivotal in helping the world’s leading organizations manage and secure their global Internet attack surface, on-premises and in the cloud.

“The addition of Expander and Behavior to the CDM APL gives agencies the power to fill in gaps between existing solutions that are only focused inside the firewall, and the need to address the increasing number of bad actors who look for ways to break into networks from outside the firewall,” said Matt Kraning, CTO and co-founder of Expanse. “To have Expanse added to the CDM APL underscores the need for a complete and continuous outside-in view of all on-premise and cloud network assets, which addresses everything from asset inventory to risky exposures and potential misconfigurations.”

The CDM Program was set up by the Department of Homeland Security to fortify the cybersecurity of government networks and systems, providing cybersecurity tools, integration services, and dashboards to participating agencies to support them in improving their respective security posture.

Expander and Behavior support the objectives of the CDM program by addressing:

  • What’s on the network: Knowledge of an organization’s Internet Assets (IP addresses, certificates, domains, and cloud instances by provider) and discovery of the ‘unknowns’ are critical to defending the network. Expander identifies new, existing, and unknown assets belonging to an organization on-prem and across all cloud providers.
  • Who’s talking to your network: Equally important is the knowledge of who is trying to access a network from the outside in an unauthorized or malicious way. Behavior provides visibility into those network communications — including risky and out-of-policy behaviors — between owned assets and others on the public Internet by combining observed Internet traffic and active sensing data, without requiring deployment or configuration of any local sensors.
  • How to defend the perimeter: The Expanse Internet Operations Management Platform indexes the entire Internet to collect data about every device connected to it, surfacing any exposures present on each of those assets that could be attacked or exploited. With this knowledge, the Expanse Internet Operations Management Platform provides organizations with a comprehensive, continuously updated inventory of its on-premise and cloud Internet Assets and their details, including associated exposures, non-compliant configurations, and risky communication behaviors.

Expanse continues to work closely with DHS and other government agencies to provide solutions that support CDM objectives in federal cybersecurity while meeting the reporting requirements outlined by the Federal Information Security Modernization Act.

Source: Expanse