FAQ | Underscore

Organizations need to identify the existence and location of critical assets to ensure that said assets are monitored and protected based on each asset’s business risk rating. Discovering assets enables organizations to establish an inventory, which can be used to assess and mitigate associated risks to the organization. An asset inventory enables organizations to configure scans to probe for common weaknesses in the platform or application.

Underscore Adversity Discovery & Assessment (ADA) enables organizations to discover every asset with 100% visibility and rich context to track behaviour, detect risks, and prioritize action to help protect your critical infrastructure & assets. ADA enables security teams to quickly identify and remediate those vulnerabilities that are most likely to be exploited and negatively impact the business.

Finding all devices in your network can be challenging because hundreds, if not thousands, of devices are connected to enterprise networks at any given time. These can be end-user devices, such as laptops and phones, or network-capable Internet of Things (IoT) assets, such as smart TVs, printers, and security cameras. While end-user devices such as computers support traditional cybersecurity agents, many other operational technology (OT) and IoT assets are left unprotected and unmanaged, making it difficult to quickly find all devices on the network .

Adversity discovery works by using in-depth automated OSINT techniques to search the internet to identify and map assets that comprise your organizations digital perimeter. Assets can be defined as domains, IPs and FQDNs. Managing asset discovery manually is a complex and time-consuming task and can often lead to unknown assets not being identified which could lead to increased risk.

In order to maintain an accurate asset inventory asset discovery needs to be conducted regularly as an organizations digital perimeter is constantly evolving. It’s critical to have tools in place that can identify and alert you of new services but also changes to know assets that could pose a risk.

IT asset discovery tools automate the identification and cataloging of an organization’s digital assets. These solutions work by gathering information through a combination of network discovery methods (agent-based vs agentless).

IT asset management discovery tools are crucial for modern enterprise cybersecurity, which is marked by an expanding attack surface due to a proliferation of cloud computing, bring-your-own-device (BYOD) policies, interconnected systems, and air gapped environments.

This form of passive automated inventory management offers a wealth of benefits as a more efficient way to take control of your security posture.

Below are some of the main advantages of continuously mapping assets, outlining its importance in today’s cyber-climate.

Gain real-time attack surface visibility of your digital environment
Take control of your network
Streamlined and Simplified Asset Management
Be proactive with always-on automated security
Harness scalability with asset monitoring
Ensure compliance with data security regulations

Enterprises need IT asset discovery as a part of the larger IT asset management (ITAM) process that aims to manage and optimize all assets across the enterprise system. Since you can only secure and optimize what you can see, ITAM always starts with discovering assets and gaining comprehensive network visibility.

IT discovery tools have the following benefits for enterprises:

Improved security: By understanding all assets within an organization’s network through continuous monitoring, security teams can identify and prioritize potential security risks and vulnerabilities.
Increased efficiency: Organizations can use the information provided by asset discovery software to optimize resource allocation, reduce downtime, and improve overall efficiency.
Enhanced compliance: IT discovery tools help organizations comply with various regulations and standards, such as the General Data Protection Regulation (GDPR), by tracking assets and providing audit logs of all their activity.
Streamlined planning and budgeting: IT asset discovery provides valuable information that organizations can use to plan and budget for future technology initiatives. These tools also help reduce operational costs by discovering overbilled software licenses, underutilized assets, and unauthorized cloud-based resources.

Discovering assets on your digital perimeter enables a holistic approach to cyber security and allows you to identify and prioritize assets that may be at risk. Knowing this information can help you take remedial action before an incident occurs.
Asset discovery tools can automate many of the tasks associated with maintaining an inventory of your assets. This includes tracking asset location, ownership and assigning asset criticality. They can also help you as regards auditing and compliance purposes, generating reports that show which assets are compliant with internal security policies or external regulations.
Overall, asset discovery is a critical practice for organizations looking to protect their systems and data from cyber threats. By identifying and mapping all the technology assets that exist outside the organization’s firewall, security and IT leaders can gain visibility into their digital footprint, identify vulnerabilities, and implement measures to protect against cyber-attacks.

An organization identifies assets by IP address. While that may be true, it really isn’t.
The entity on the network is a physical device that runs an OS and has a set of applications & services installed. This solution should pin all other assets properties to a device.
A service may be hosted by many applications. For example, when we say that we have 10 web servers, the question is – are they all running the same software? Do they have similar (if not identical) risk profile? How many are having weakness & how many don’t? Should I be worried about all these weaknesses?
ADA is expected to answer these and more questions. Leveraging its enumeration scans, wifi scan and cloud sensor, the solution should provide a comprehensive list of risks and actionable for the user.

Underscore ADA shines a light on blind spots in your attack surface and highlights potential risks using over fifty data sources to keep you informed in real-time. Our scalable technology accelerates asset discovery time, completing it in a fraction of the time that manual techniques take. Underscore ADA provides businesses with a real-time view of their managed and unmanaged assets, including IT, OT, and IoT, discovering up to five times more assets than traditional methods. The solution provides a single trusted source of asset information, helps organizations manage their technical debt, and improves security hygiene by identifying security gaps

Underscore offers high-performance, reliable and scalable ADA solution.

Get a complete, accurate view of assets and vulnerabilities in your inventory
Prioritize remediation efforts based on business risk
Reduce mean time to remediation
Improve your overall risk posture
Automate your cybersecurity with an easy-to-use platform.
Benefit from robust reporting capabilities

Yes, ADA supports the customization of multiple interfaces to meet specific needs while maintaining strict control over unauthorized traffic.

Management Interface: A dedicated port exclusively for configuration and administration, featuring secure web and shell-based access. Only authorized management traffic is permitted, with Role-Based Access Control (RBAC) implemented according to roles and responsibilities.
Production Interfaces: Additional interfaces are available to manage data from various network segments, customized to align with production requirements.

All interfaces are designed to prevent the processing of unauthorized or unsanctioned traffic in any form.

ADA has these priced components –

ADA Appliance/Virtual-Appliance – Priced at event-rate. Minimum 1,000 events/second
Threat Intelligence Subscription – Renewable annually
Support – Renewable annually
Professional Services – Optional. Usually required when the logging and storage requirements need to be designed for scalability and high-performance for one or more sites. Alternatively, the services may be required if the buyer’s log-modelling needs require tuning of log patterns to improve the model
Engineering Services – Optional. Usually required when one is contemplating setting up security big-data lake using tools/backend databases such as Elasticsearch/Kibana or, MongoDB

The ADA solution provides the following capabilities:

Query and Data Filtering: Users can create customized queries and apply advanced filters to efficiently retrieve relevant data for analysis.
Data Export: The solution supports exporting and importing data in widely used formats such as TSV and CSV, facilitating integration with other analytics frameworks. Additionally, ADA can integrate with third-party software to fetch and process relevant data.
Data Security: To ensure robust security, ADA avoids caching user data and prevents the use of browser cache or other temporary storage mechanisms for executing unauthorized or unauthenticated queries.
Asset Profile Timeline: ADA offers a historical timeline view of an asset\u2019s profile, highlighting changes in configurations, platforms, operating systems, applications, vulnerabilities, and risk levels over time.
Alarm Mechanisms: The solution includes alarm mechanisms to detect and alert users about misbehaving health parameters, ensuring timely interventions and resolutions.
Visual Health Indicators: The solution provides intuitive visual indicators for monitoring critical system components such as power supplies, network cards, CPUs, RAM, storage, and essential processes, enabling effective system health management.
Debugging and Troubleshooting: ADA facilitates debugging and troubleshooting directly through its user interface, streamlining the resolution of issues.

Frequently Asked Questions

Q1. What is Adversity Discovery and Assessment?

Q2. How to find all devices in your network?

Q3. How does Adversity Discovery works?

Q4. Why should I use Adversity Discovery?

Q5. Why do enterprises need IT asset discovery

Q6. What key functions Adversity Discovery tool performs for your organization?

Q7. Philosophy behind Underscore ADA?

Q8. Why should we invest in ADA?

Q9. Can the number and types of interfaces in ADA be customized to specific requirements?

Q10. Does ADA ensure that user information is not temporarily stored, and prevent unauthorized or unauthenticated requests through stored data in the browser or other temporary storage mechanisms?

Q11. Can ADA store its own logs for a defined time period?

Q12. Does ADA rely on a specific database, and can it support backup and restoration using external storage?

Q13. Can the solution synchronize its internal clock with a central NTP server?

Q14. Can the solution detect unauthorized Wi-Fi devices across network segments, identify enterprise assets connected to them, and integrate with decoys to detect threats and identify at-risk services or applications?

Q15. Does the solution ensure that device data, service details, or vulnerabilities are not shared with third parties or external services?

Q16. How is ADA priced?

Q17. What capabilities does the ADA solution offer to improve data management, asset monitoring, security, and system health management?