Search form

Enterprise Cyber Risk Security Features

Bank-grade attack surface management, for any organisation

Manage

Remediate

Monitor

Attack Surface Discovery

  • Automated discovery of digital assets.
  • Eliminate false positives.
  • Monitor for changes.

Risks

  • Breaches.
  • Vulnerabilities.
  • Misconfigurations.

Reporting & Benchmarking

  • C-Suite reporting.
  • Alerts & Automated reports.
  • Custom competitor analysis.

Security Ratings

  • Organisation security ratings.
  • Domain security ratings.
  • Benchmarking.

Workflows

  • Remediation workflows.
  • Organisation risk matrix.
  • Risk impact ratings.

Integration

  • Client & Supply Chain Risk.
  • Due Diligence.
  • APIs.

Attack Surface Reduction

  • Exposed domains.
  • Functionality Vs Risk.

Enquiries & Improvements

  • Live enquiries tool.
  • Access to expert analysts.
  • Track organisation & domain scores.

Oversight

  • Accounts & permissions.
  • Historical scores.
  • Account security.

Manage your attack surface

Gain visibility over your attack surface with accurate, automated attack surface discovery, actionable security ratings and like-for-like peer comparison.

Attack surface discovery

Automated discovery of digital assetsOrbit Cyber Risk’s powerful Machine-Learning algorithm accurately & automatically discovers your public-facing IT infrastructure.
  • ML algorithm automates the discovery process
  • Continuously monitors for domains added or taken offline
  • Identifies absolute global exposure, not just infrastructure managed by local IT team
  • Pinpoint’s location of digital assets globally
Eliminate false positivesAttack surface discovery module is designed to eliminate false positives, accurately identifying the digital assets an organisation manages & is exposed to. 
  • Minimal manual intervention required
  • Highly accurate for identifying each of your underlying domains
  • Robust, absolute methodology, not liable to user manipulation 

Monitor for changes

Instantly identify when domains are added or removed from your network.

  • Automatically monitors for new domains 
  • Alerts users when changes occur
  • Updated continuously

Security Ratings

Organisation security ratings

Orbit Cyber Risk ratings provide continuous, objective analysis of your network. Our security ratings are based on Thomas Murray’s proprietary methodology, as well as analysis of open-sources and high-quality third-party data feeds. 

  • Organisation security rating from 0-1000
  • Analyses 10,000+ data points across six risk categories
  • Identifies breaches, vulnerabilities and misconfigurations across your attack surface
  • Updated continuously

Domain security ratings

Visualise risk at a domain and sub-domain level, with individual ratings for every digital asset in your footprint. Explore the underlying issues, toggle according to the highest risk to focus remediation.

  • Security ratings for every underlying digital asset, from 0-1000
  • Drill into underlying risks, prioritised by impact
  • Access detailed explanations and remediation advice

Benchmarking

Orbit Cyber Risk benchmarks your organisation against its peers, giving absolute security ratings a real-world perspective.

  • Compare your organisation to every other major group in your sector
  • Benchmark against Orbit’s ‘Global’ universe
  • Custom benchmark against named competitors

Attack Surface Reduction

Exposed domains

View all your domains and sub-domains exposed to the internet and reduce the size of your attack surface.

  • Visualise every exposed digital asset in your network & identify which domains do not need to be publicly exposed
  • Identify services with known vulnerabilities
  • Take action to reduce your attack surface

Functionality Vs Risk

Empower your team to decide what level of risk they are willing to accept in order to deliver the required functionality

  • Understand known risks associated with desired functionality
  • Take steps to mitigate risk while delivering on company priorities

Remediate Risks & Build Security

Understand the risks that can affect your organisation and its underlying domains and build resilience with remediation workflows and access to expert security analysts.

Risks

Breaches

Discover breaches in your network to prevent attacks which could lead to data loss, operational disruption, financial loss or reputational damage.

  • Continuously monitor for infrastructure breaches including Malware, Phishing or Port Scanning
  • Identify when data breaches have occurred, such as employee email addresses & passwords
  • Take action to prevent attacks & build resilience

Vulnerabilities

Discover vulnerabilities running on your domains that could be exploited by malicious actors

  • Identify publicly accessible services with known vulnerabilities that do not need to be exposed
  • Scan for c.10,000 known issues and vulnerabilities
  • Each vulnerability has an impact rating, helping you determine its criticality

Misconfigurations

Continuous information about misconfigurations observed in your network, allowing you to remediation potential operational and security issues.

  • Check for misconfigurations in your network such as issues in your DNS setup, TLS or HTTPS configuration.
  • Protect your security, performance, and reputation
  • Each misconfiguration has an impact rating, helping you determine its criticality

Workflows

Remediation workflows

Make your remediation simple and smart with impact ratings, risk tips and information, as well as rapid query responses.

  • Scan for c.10,000 known issues and vulnerabilities
  • Identify known vulnerabilities that do not need to be exposed
  • Every risk is given an explanation and impact rating
  • Both granular & high-level queries get rapid responses by our analysts

Organisation risk impact matrix

See your organisation-wide risk profile, where key risks are concentrated and which to prioritise.

  • See your organisation’s overall risk profile
  • See how risks are concentrated across categories
  • Prioritise highest-impact risks to be mitigated
  • Save time and ensure organisation-wide risk management 

Risk impact by domain

Within every domain, see which risks are high, medium and low impact, to prioritise remediation and build resilience.

  • View the risk impact of every breach, vulnerability and other risk in your network
  • See how each domain is exposed, and how to mitigate every risk

Enquiries and Improvements

Live enquiries tool

Make your remediation simple and smart with impact ratings, risk tips and information, as well as rapid query responses.

  • Scan for c.10,000 known issues and vulnerabilities
  • Identify known vulnerabilities that do not need to be exposed
  • Every risk is given an explanation and impact rating
  • Both granular & high-level queries get rapid responses by our analysts

Access to expert analysts

Access our team of expert cyber security analysts for remediation advice, risk quantification and any other queries.

  • All queries responded to by expert analysts
  • Query anything from risk impact to remediation tips and likely score improvements
  • Reduce your attack surface with help of industry experts

Track organisation and domain scores

See how your organisation score changes over time, as well as every underlying domain.

 

  • Chart score changes over time
  • See the impact of remediations in real time
  • Demonstrate to management the impact of their investment

Monitor

Get alerts directly to your inbox, create tailored competitor benchmarks, and report with confidence to management in language they understand. Escalate your monitoring with due diligence, supply chain risk analysis and data integration.

Reporting and benchmarking

Executive reporting

Access tailored management reporting suite for boards, regulators, risk & compliance and IT Security. 

  • Reporting with scores, history, benchmarks & underlying risks
  • Filter based on multiple categories
  • Generate customised reporting
  • Export to PDF

Email Notifications

Get real-time alerts and reporting directly to your inbox, with custom triggers and recipients.

  • Default notifications when score drops or new risks arise
  • Set custom notifications to ensure oversight at all times
  • Customise audience, risk triggers and timing
  • Set regular, bespoke reports summarising risks

Custom Competitor Analysis

Create custom benchmark of direct peers and competitors

  • Default benchmarks against peers and ‘Global’ universe of companies
  • Custom peer analysis can include named competitors
  • Provide management with comparative, as well as absolute, cyber risk performance in language they understand

Integration

Client and Supply Chain Risk

Escalate your monitoring programme at any time to gain visibility over your clients and supply chain

  • Easily upgrade your account to monitor any number of third parties
  • Priced to allow you to monitor all companies in scope, not just key service providers
  • Satisfy management that you are actively monitoring supply chain cyber risk

Due Diligence

Build a robust third-party cyber risk management programme with IT Security questionnaires and integrated reporting via risk dashboards

  • Issue questionnaires at scale and analyse responses on our bank-grade platform
  • Library of standard questionnaires, as well as fully custom templates
  • Automated scoring and reporting
  • Achieve best-in-class third party cyber risk management

APIs and Data Feeds

Access information via APIs, or integrate external data feeds into your Thomas Murray account

  • Get real-time information, security ratings and remediation steps via our API
  • Integrate existing risk feeds into Thomas Murray’s platform
  • Integrate your risk analysis into a single platform for ease of use and holistic oversight

Oversight and operations

Accounts and permissions

Share access with InfoSec and management colleagues across departments and offices.

  • Provide access to colleagues in your team and across departments
  • Allocate permissions and track account usage 
  • Add or remove users easily

Historical performance

See your organisation’s security performance at any point in history

  • View your full analysis from any historical point in time
  • See how remediations have impacted risk profile over time
  • Demonstrate reduced attack surface to management
  • Report on any previous point in time

Account Security

 

Ensure account & data security with permissions, sensitive data redaction and robust platform security

 

  • Manage SSO permissions with other Thomas Murray platforms & products
  • Breached sensitive data is redacted & carefully managed
  • Thomas Murray’s platform and staff adhere to the highest security standard

A Single, Global Risk Intelligence Platform

For more information about Cyber Risk, contact our experts:

Robert Smith

Head of SaaS Sales and Customer Success

rsmith@thomasmurray.com

Request a Demo