Data Loading...
bitsight-technologies-company-overview-ambient-digital-2020-03-22 Flipbook PDF
bitsight-technologies-company-overview-ambient-digital-2020-03-22
157 Views
22 Downloads
FLIP PDF 898.24KB
BitSight Security Ratings Report This report was created for Ambient Digital, by Dentsu Aegis Network Group. It is a snapshot of the company’s BitSight Security Rating performance during the past year, as of March 22, 2020. You can learn more about this report by visiting https://www.bitsighttech.com/understandyour-rating.
Who is BitSight Technologies? BitSight Technologies is used by the world's largest investment banks, retailers, private equity companies and insurers to evaluate the security risk of their third parties with objective, evidence-based security ratings. Its Security Rating Platform continuously analyzes terabytes of data on security behaviors in order to help organizations manage third party risk, benchmark performance, and assess and negotiate cyber insurance premiums.
What is a Security Rating? These ratings range from 250 to 900 and indicate a company's relative security effectiveness and are generated daily, based on externally observable data on security events from many different sources. BitSight does not perform penetration tests on any company's network.
What is this report? This report includes: An overview of the company's Security Rating history and overall performance, Comparisons to industry averages and, An in-depth analysis of the company’s observed events, and current security standards on its servers.
Why am I receiving this report? Typically, a BitSight Security Ratings report is shared by BitSight customers with companies in their networks, typically third parties, to inform them of risks affecting their internet security posture that may need remediation, as a part of the evaluation process for cyber insurance applicants, or to meet regulatory requirements.
What is a service provider? A service provider delivers a combination of IT services that includes web monitoring, web development, website hosting, IP infrastructure, and email over the internet. These services require the organization to host customer infrastructure. As a result, some events seen on provider networks are due to customer activity.
How can I discuss information in this report? BitSight customers such as the company that initiated this report can grant to their vendors 14 days of free access to the BitSight Security Ratings platform, where they may view additional details. Please reach out to Dentsu Aegis Network Group or BitSight Technologies at [email protected] regarding additional questions or information in this report.
About BitSight Technologies Based in Boston, MA, BitSight is backed by the Globespan Capital Partners, Menlo Ventures, Comcast Ventures, Commonwealth Capital Ventures, Flybridge Capital Partners, and the National Science Foundation. For more information, please visit www.bitsighttech.com or follow @BitSight on Twitter.
Ambient Digital BitSight Security Ratings
1
Security Ratings Report March 22, 2020 Ambient Digital provides advertising services, marketing, and media solutions. The company was founded in 2010 and is headquartered in Singapore, Singapore.
Ambient Digital Business Services ambientdigitalgroup.com 1 IP addresses
Security Ratings Business Services Industry Range
0 '2 M ar
'2
0
0 Fe b
'2
9 Ja n
'1
9
9 D ec
N ov '1
O
'1 ep S
ct '1
9
9 '1 Au g
'1 Ap r
'1 M ar
9
300
Ju l ' 1
640–250
9
BASIC
400
'1
740–640
9
INTERMEDIATE
500
Ju n
900–740
600
9
ADVANCED
700
9
Our ratings measure a company’s relative security effectiveness.
800
M ay '1
670
BITSIGHT SEC URITY RATING
BitSight Security Rating
The Security Rating for Ambient Digital has varied from 670 to 770 over the past 12 months. The blue band represents the range of ratings for all companies within the Business Services industry. Outliers are excluded. Sudden drops in ratings can be due to publicly disclosed breaches, an increase in observed events, file sharing activities, or poorly configured diligence records.
Ambient Digital BitSight Security Ratings
2
Rating Overview The grades below show how well this company is managing each risk vector. More information on these risk vectors can be found in the Ratings Details sections.
Compromised Systems Botnet Infections
Diligence A
SPF Domains
Spam Propagation
What Makes A Security Rating?
F
10%
A
DKIM Records
C
User Behavior
Malware Servers
A
TLS/SSL Certificates
A
Unsolicited Communication
A
TLS/SSL Configurations
D
Potentially Exploited
A
Open Ports
F
35%
Web Application Headers
D
Diligence
Patching Cadence
A
Insecure Systems
A
Server Software
F
User Behavior File Sharing
A
Public Disclosures Breaches
A
Desktop Software
N/A
Mobile Software
N/A
DNSSEC Records *
Ambient Digital BitSight Security Ratings
C
Compromised Systems User Behavior
55% Compromised Systems
Diligence
* Risk vector does not currently affect Security
Ratings ** Informational risk vector (will never affect
Mobile Application Security *
N/A
Security Ratings)
Domain Squatting **
N/A
Breaches have a negative impact on Security Ratings only if they occur.
3
Compromised Systems are devices or machines in an organization's network that show symptoms of malicious or unwanted software. These compromises can disrupt daily business operations and can increase an organization's risk of data breach. This Week
Past Year
Average Event Duration 1
0
0
0.0 days
100% faster to resolve events than the Business Services industry average2. 0.0 days Ambient Digital
Diligence Summary Diligence risk vectors show steps a company has taken to prevent attacks. BitSight has information about 21 of Ambient Digital's diligence records. 100 P ERC ENT OF REC ORDS
Compromised Systems Summary
10% 29%
GOOD 51%
NEUTRAL
50 38%
FAIR
10%
WARN BAD
31% 19% 0 Company
Indus try
3.7 days Business Services industry average2
1 This is the average amount of time between the first time an event was observed
and the last time it was seen. Ideally, most events should be resolved within three days. 2 Industry averages are calculated from similarly sized companies.
Network Footprint
Ambient Digital BitSight Security Ratings
4
Rating Details BitSight Security Ratings range from 250 to 900 and indicate a company's relative security effectiveness. Each organization can receive one of the three following ratings: Basic, Intermediate, or Advanced. Highly rated organizations have strong security postures historically and provide the lowest risk. Note: Industry averages are calculated from similarly sized companies. All Companies refers to companies of similar size. BASIC
250–640
INTERMEDIATE
640–740
ADVANCED
740–900
Compromised Systems Compromised Systems are devices or machines in an organization’s network that show symptoms of malicious or unwanted software. These compromises can disrupt daily business operations and can increase an organization’s risk of data breach. Compromised Systems are evaluated based on the number and type of malware, the severity, and the duration. For each risk vector, an overall letter grade is calculated from evaluations of each instance of compromise. For example, an organization could have an "F" for botnet infections, if they either had many botnets in a short period, or a few persistent botnets over months.
Botnet Infections
A Grade
In the top 10% of all companies
0
0
0.0 days
This Week
Past Year
Average Duration
1
1
4.2 days
This Week
Past Year
Average Duration
AMBIENT DIGITAL
BUSINESS SERVICES INDUSTRY AVERAGES
Botnet Infection events indicate that devices on a company’s network were observed participating in botnets as either bots or Command and Control servers. Botnets can be used to exfiltrate corporate secrets and sensitive customer information, repurpose company resources for illegal activities, and serve as conduits for other infections.
Spam Propagation
A Grade
In the top 10% of all companies
0
0
0.0 days
This Week
Past Year
Average Duration
1
1
3.7 days
This Week
Past Year
Average Duration
AMBIENT DIGITAL
BUSINESS SERVICES INDUSTRY AVERAGES
Spam Propagation events are observed when devices on a company’s network are sending unsolicited commercial or bulk email. This type of activity can damage a company’s reputation and cause legitimate company email to be caught in spam filters.
Ambient Digital BitSight Security Ratings
5
Malware Servers
A Grade
In the top 10% of all companies
0
0
0.0 days
This Week
Past Year
Average Duration
1
1
3.1 days
This Week
Past Year
Average Duration
AMBIENT DIGITAL
BUSINESS SERVICES INDUSTRY AVERAGES
Malware Server events occur when servers are observed engaging in malicious activity, such as hosting phishing, fraud or scam sites. Compromised servers can put employees and customers at risk by infecting devices that connect to company resources.
Unsolicited Communications
A Grade
In the top 10% of all companies
0
0
0.0 days
This Week
Past Year
Average Duration
1
1
3.5 days
This Week
Past Year
Average Duration
AMBIENT DIGITAL
BUSINESS SERVICES INDUSTRY AVERAGES*
Unsolicited Communications events occur when devices attempt to communicate with servers that are not hosting any useful services. This type of activity not only shows that a device is compromised, but that it is actively seeking other devices to infect.
Potentially Exploited
A Grade
In the top 10% of all companies
0
0
0.0 days
This Week
Past Year
Average Duration
1
2
3.6 days
This Week
Past Year
Average Duration
AMBIENT DIGITAL
BUSINESS SERVICES INDUSTRY AVERAGES
Potentially Exploited events occur when browsers on a company’s network are infected with malware that is altering the user’s experience, such as adware. These events are often indicative of other infections.
Diligence Diligence risk vectors show steps a company has taken to prevent attacks. BitSight currently evaluates SPF, DKIM, TLS/SSL, and DNSSEC information in assessing a company’s security diligence. All diligence records are evaluated as one of the following: Good, Fair, Neutral, Warn, or Bad. Records are assessed using industry-standard criteria. For each diligence risk vector, an overall letter grade is calculated using the evaluations of each individual record. For example, if a company has three domains, and each of them has an effective SPF record, their overall SPF grade would be an "A". Likewise, if none of the three domains have SPF records, their overall SPF grade would be an "F". Records older than sixty days will not affect a company’s Security Rating.
Ambient Digital BitSight Security Ratings
6
SPF Domains Last 60 days
F Grade
In the bottom 10% of all companies
1 Domain
0
0
0
0
1
Good
Fair
Neutral
Warn
Bad
Properly configured SPF records help ensure that only authorized hosts can send email on behalf of a company by providing receiving mail servers the information they need to reject mail sent by unauthorized hosts. BitSight verifies that a company has SPF records on all domains that are sending or have attempted to send email, and that they are configured in a way that helps prevent email spoofing. Note: Records older than sixty days will not affect a company’s Security Rating.
DKIM Records Last 60 days
C Grade
0 Records
No DKIM records were found for domains controlled by Ambient Digital In the bottom 50% of all companies Properly configured DKIM records can help ensure that only authorized hosts can send email on the behalf of a company. BitSight verifies that a company uses DKIM and has configured it in a way that prevents email spoofing.
TLS/SSL Certificates Last 60 days
A Grade
In the top 10% of all companies
1 Certificate
1
0
0
0
0
Good
Fair
Neutral
Warn
Bad
Evaluates TLS/SSL certificates, which includes the strength of their cryptographic keys. Certificates are responsible for verifying the authenticity of your company servers to your associates, clients, and guests, and serve as the basis for establishing cryptographic trust.
Ambient Digital BitSight Security Ratings
7
TLS/SSL Configurations Last 60 days
D Grade
In the bottom 30% of all companies
4 configurations
0
0
0
4
0
Good
Fair
Neutral
Warn
Bad
Evaluates TLS/SSL server configurations, which includes whether a company's servers have correctly configured security protocol libraries, and support strong encryption standards when making encrypted connections to other machines. Incorrect or weak configurations may make servers vulnerable to certain attacks (POODLE, Heartbleed).
Open Ports Last 60 days
F Grade
In the bottom 20% of all companies
7 Records
1
0
2
4
0
Good
Fair
Neutral
Warn
Bad
Open Ports shows which port numbers and services are exposed to the Internet. Certain ports must be open to support normal business functions; however, unnecessary open ports provide ways for attackers to access a company’s network.
Web Application Headers Last 60 days
D Grade
In the bottom 30% of all companies
5 Records
0
1
2
0
2
Good
Fair
Neutral
Warn
Bad
This risk vector analyzes security-related fields in the header section of HTTP request and response messages. If configured correctly, these fields can help provide protection against malicious behavior, such as man-in-the-middle and cross-site scripting attacks.
Ambient Digital BitSight Security Ratings
8
Patching Cadence
A Grade
In the top 10% of all companies
0 weeks to remediate
0 weeks to remediate
Today
60 Days Ago
86 weeks to remediate
84 weeks to remediate
Today
60 Days Ago
AMBIENT DIGITAL
BUSINESS SERVICES INDUSTRY AVERAGES
This risk vector evaluates how many systems in an organization's network infrastructure are affected by software vulnerabilities and how quickly the company resolved any issues. Vulnerabilities are publicly disclosed holes or bugs in software that can be used by attackers to gain unauthorized access to systems and data. Patches are updates to the affected software that resolve the vulnerability and close that particular avenue of attack.
Insecure Systems Last 60 days
A Grade
In the top 10% of all companies
0 Records
No Insecure Systems records were found for Ambient Digital
Insecure Systems is an indication of the number of an organization's endpoints that are communicating with an unintended destination. The software of these endpoints may be outdated, tampered with, or misconfigured. “Endpoints” refer to any desktop computer, server, mobile device, media system, or appliance that has internet access. A system is classified as “insecure system” when these endpoints try to communicate with a web domain that doesn't yet exist or isn't registered to anyone. Some examples include mobile devices on debug or root mode, reaching for rogue application content or abandoned applications fetching server configurations.
Server Software Last 60 days
F Grade
In the bottom 10% of all companies
3 Records
0
0
2
0
1
Good
Fair
Neutral
Warn
Bad
The Server Software risk type can be used to create a rich picture about the software used by an organization. It helps track security holes created by server software that is no longer supported by its original developers or has become out-of-date (deprecated). Server Software provides analytics for and detects the presence of deprecated and unsupported software in an organization's IT infrastructure to make it simple to maintain a robust, up-to-date array of server software applications.
Ambient Digital BitSight Security Ratings
9
Desktop Software Last 60 days
N/A Grade
0 Records
No Desktop Software records were found for Ambient Digital
Desktop Software are laptops, servers, and other non-tablet, non-phone computers in a company's network which access the internet. Outgoing communications from desktop software include metadata about the device's operating system and browser version; we compare the devices' version of OS and browser with currently released versions and software updates available for those systems, and determine whether those systems are supported or out of date. If there are unsupported desktop software in an organization's network, there is a greater risk of system failure (vendor devices are not being maintained), disruption of business continuity, and attackers may be able to use unpatched vulnerabilities to gain system access.
Mobile Software Last 60 days
N/A Grade
0 Records
No Mobile Software records were found for Ambient Digital
Mobile software are smartphones and tablets in a company's network which access the internet. Outgoing communications from mobile devices include metadata about the device's operating system, device description, browser version, and description of applications; we compare version information with currently released versions and software updates available for those systems, and determine whether those mobile devices are supported or out of date. If there are unsupported mobile devices in an organization's network, there is a greater risk of system failure (vendor devices are not being maintained), disruption of business continuity, and attackers may be able to use unpatched vulnerabilities to gain system access.
DNSSEC Records * Last 60 days
C Grade
In the top 50% of all companies
2 Records
0
0
2
0
0
Good
Fair
Neutral
Warn
Bad
DNSSEC is a protocol that uses public key encryption to authenticate DNS servers. BitSight verifies whether a company is using DNSSEC and if it is configured effectively. * Risk vector does not currently affect Security Ratings
Ambient Digital BitSight Security Ratings
10
Mobile Application Security *
N/A
0 Applications
Grade
No Mobile Application Security records were found for Ambient Digital
This risk vector analyzes the security aspect of publicly available applications in official mobile marketplaces such as Apple App Store and Google Play. * Risk vector does not currently affect Security Ratings
Domain Squatting **
N/A Record
Grade
Typographical Errors
Spear Phishing
Bit-flip
Domain squatting reports on the presence of registered domains named similarly to those owned by an organization. Attackers set up malicious software served by similar domain names to take advantage of organization visitors' mistyped URLs, and can trick users to opening malicious email attachment if recipients do not carefully check messages' domain names of origin. ** Informational risk vector (will never affect Security Ratings)
User Behavior User Behavior looks at user activities that indicate deviation from corporate IT security policies and therefore introduce new potential vectors for attack. User Behavior records older than 60 days will not affect a company's grade.
File Sharing Last 60 days
A Grade
In the top 10% of all companies
0
0
0 events
Unique Torrents
Unique IPs
Volume
1
1
3 events
Unique Torrent
Unique IP
Volume
AMBIENT DIGITAL
BUSINESS SERVICES INDUSTRY AVERAGES
File sharing is the exchange of media and software, passed through a centralized server (File Transfer Protocol, email, instant messaging), distributed cloud storage services, or direct peer-to-peer channels such as BitTorrent, Gnutella. BitSight only tracks file sharing over the BitTorrent protocol, when seen on company infrastructure, and records the sharing of such files as books, music, movies, TV shows, and applications.
Ambient Digital BitSight Security Ratings
11
Public Disclosures
Breaches
A Grade
0 Breaches in the past year
Breaches are publicly disclosed events of unauthorized access, often involving data loss or theft. These events are graded based on several factors, including the number of data records lost or exposed. Note: Breaches have a 120-day half-life. For instance, after 18 months, the remaining impact of a breach will be fewer than 20 points for severe breaches and under 10 points for moderate breaches.
No data loss events have been reported for Ambient Digital in the last year.
Ambient Digital BitSight Security Ratings
12
Compromised System Statistics for Ambient Digital Compromised System statistics provide additional information for specific events. Risk type, start date, end date, and duration are provided for all events. Where possible, details about the infection (such as type of botnet) are also included.
No events for Ambient Digital
Ambient Digital BitSight Security Ratings
13
Diligence Statistics for Ambient Digital GOOD
Total Grade Distribution 21 RECORDS 19.0 %
FAIR
NEUTRAL
WARN
BAD
DKIM Grade Distribution
SPF Grade Distribution
0 RECORDS
1 RECORD
9.5 % 4.8 %
28.6 %
No Records
38.1 %
100.0 %
Diligence risk vectors show steps a company has taken to prevent attacks. Note: Risk vectors marked with * are excluded.
Properly configured DKIM records can help ensure that only authorized hosts can send email on the behalf of a company. BitSight verifies that a company uses DKIM and has configured it in a way that prevents email spoofing.
Properly configured SPF records help ensure that only authorized hosts can send email on behalf of a company by providing receiving mail servers the information they need to reject mail sent by unauthorized hosts. BitSight verifies that a company has SPF records on all domains that are sending or have attempted to send email, and that they are configured in a way that helps prevent email spoofing.
TLS/SSL Certificates Grade Distribution
TLS/SSL Configurations Grade Distribution
Open Ports Grade Distribution
1 RECORD
4 RECORDS
7 RECORDS 14.3 %
57.1 %
100.0 %
Evaluates TLS/SSL certificates, which includes the strength of their cryptographic keys. Certificates are responsible for verifying the authenticity of your company servers to your associates, clients, and guests, and serve as the basis for establishing cryptographic trust.
Ambient Digital BitSight Security Ratings
28.6 %
100.0 %
Evaluates TLS/SSL server configurations, which includes whether a company's servers have correctly configured security protocol libraries, and support strong encryption standards when making encrypted connections to other machines. Incorrect or weak configurations may make servers vulnerable to certain attacks (POODLE, Heartbleed).
Open Ports shows which port numbers and services are exposed to the Internet. Certain ports must be open to support normal business functions; however, unnecessary open ports provide ways for attackers to access a company’s network.
14
Web Application Headers Grade Distribution
Insecure Systems Grade Distribution
Server Software Grade Distribution
5 RECORDS
0 RECORDS
3 RECORDS
20.0 % 33.3 % 40.0 %
No Records 66.7 % 40.0 %
This risk vector analyzes security-related fields in the header section of HTTP request and response messages. If configured correctly, these fields can help provide protection against malicious behavior, such as man-in-the-middle and cross-site scripting attacks.
Insecure Systems is an indication of the number of an organization's endpoints that are communicating with an unintended destination. The software of these endpoints may be outdated, tampered with, or misconfigured.
Server Software provides analytics for and detects the presence of deprecated and unsupported software in an organization's IT infrastructure to make it simple to maintain a robust, up-to-date array of server software applications.
“Endpoints” refer to any desktop computer, server, mobile device, media system, or appliance that has internet access. A system is classified as “insecure system” when these endpoints try to communicate with a web domain that doesn't yet exist or isn't registered to anyone. Some examples include mobile devices on debug or root mode, reaching for rogue application content or abandoned applications fetching server configurations.
Desktop Software Grade Distribution
Mobile Software Grade Distribution
DNSSEC Grade Distribution *
0 RECORDS
0 RECORDS
2 RECORDS
No Records
No Records
Desktop Software are laptops, servers, and other non-tablet, non-phone computers in a company's network which access the internet. Outgoing communications from desktop software include metadata about the device's operating system and browser version; we compare the devices' version of OS and browser with currently released versions and software updates available for those systems, and determine whether those systems are supported or out of date.
Mobile Software are smartphones and tablets in a company's network which access the internet. Outgoing communications from mobile software include metadata about the device's operating system, device description, browser version, and description of applications; we compare version information with currently released versions and software updates available for those systems, and determine whether those mobile devices are supported or out of date.
100.0 %
*
Ambient Digital BitSight Security Ratings
DNSSEC is a protocol that uses public key encryption to authenticate DNS servers. BitSight verifies whether a company is using DNSSEC and if it is configured effectively.
**
15
Mobile Application Security *
Domain Squatting Distribution **
0 APPLICATIONS
RECORD
No Records
This risk vector analyzes the security aspect of publicly available applications in official mobile marketplaces such as Apple App Store and Google Play.
Ambient Digital BitSight Security Ratings
No Grade Distribution
Domain squatting reports on the presence of registered domains named similarly to those owned by an organization. Attackers set up malicious software served by similar domain names to take advantage of organization visitors' mistyped URLs, and can trick users to opening malicious email attachment if recipients do not carefully check messages' domain names of origin.
16
Patching Cadence history for Ambient Digital This risk vector evaluates how many systems in an organization's network infrastructure are affected by software vulnerabilities and how quickly the company resolved any issues. Vulnerabilities are publicly disclosed holes or bugs in software that can be used by attackers to gain unauthorized access to systems and data. Patches are updates to the affected software that resolve the vulnerability and close that particular avenue of attack. Impacted Hosts over last 12 months
No Patching Cadence records found for Ambient Digital in the last 60 days.
Ambient Digital BitSight Security Ratings
17
User Behavior statistics for Ambient Digital User Behavior looks at user activities that indicate deviation from corporate IT security policies and therefore introduce new potential vectors for attack.
File Sharing category distribution File Sharing events indicate the number of times in the past 60 days that file sharing activity occurred, sorted by torrent category. Each event represents one IP address sharing one torrent per day.
A
in the top 10% of all companies
Grade
File Sharing – 0 events over the past 60 days 0 UNIQUE IPs OBSERVED
There have been no observable File Sharing events over the last 60 days for Ambient Digital.
Ambient Digital BitSight Security Ratings
18
Compromised System details for Ambient Digital
No events for Ambient Digital
Ambient Digital BitSight Security Ratings
19
Diligence details for Ambient Digital First Seen
Last Seen
Impacts Grade
Host
Risk Vector
Grade
Details
03-152019
03-20-2020
ambientdigitalgroup.com:443
Web Application Headers
FAIR
Ineffective headers: StrictTransport-Security, Missing required headers
01-022019
03-20-2020
www.ambientdigitalgroup.com
SSL Certificates
GOOD
12-272019
03-20-2020
xxx.xxx.251.207:25
Open Ports
WARN
Detected service: SMTP without STARTTLS
12-272019
03-20-2020
xxx.xxx.251.207:110
Open Ports
WARN
Detected service: POP3 without STARTTLS
12-272018
03-19-2020
ambientdigitalgroup.com
SPF
BAD
SPF record is ineffective
12-242019
03-18-2020
xxx.xxx.251.207:143
Open Ports
WARN
Detected service: IMAP without STARTTLS
12-302019
03-17-2020
xxx.xxx.251.207:21
Open Ports
WARN
Detected service: FTP without AUTH TLS
12-202019
03-16-2020
xxx.xxx.251.207
Server Software
NEUTRAL
Support status is unknown
12-202019
03-16-2020
xxx.xxx.251.207:22
Open Ports
GOOD
Detected service: SSH (OpenSSH_5.8p1)
12-272018
03-14-2020
ambientdigitalgroup.com
DNSSEC
NEUTRAL
DNSSEC is not configured on this domain
12-122019
03-13-2020
xxx.xxx.251.207
Server Software
BAD
Software version is unsupported
12-122019
03-13-2020
xxx.xxx.251.207
Server Software
NEUTRAL
Support status is unknown
12-122019
03-13-2020
xxx.xxx.251.207:80
Open Ports
NEUTRAL
Detected service: HTTP
12-112019
03-12-2020
ambientindonesia.com
DNSSEC
NEUTRAL
DNSSEC is not configured on this domain
08-072019
03-10-2020
ambientdigitalgroup.com:443 †
SSL Configurations
WARN
Allows insecure protocol: TLSv1.0, Allows insecure protocol: TLSv1.1
12-292018
03-10-2020
ambientdigitalgroup.com:80
Web Application Headers
NEUTRAL
Redirect
12-112019
03-09-2020
xxx.xxx.251.207:53
Open Ports
NEUTRAL
Detected service: DNS
12-102019
03-09-2020
ambientindonesia.com:443
Web Application Headers
BAD
HTTPS redirect to HTTP
Ambient Digital BitSight Security Ratings
20
First Seen
Last Seen
Impacts Grade
Host
Risk Vector
Grade
Details
12-102019
03-09-2020
ambientindonesia.com:443 †
SSL Configurations
WARN
Allows insecure protocol: TLSv1.0, Allows insecure protocol: TLSv1.1, Certificate name mismatch
12-102019
03-05-2020
www.ambientindonesia.com:443
Web Application Headers
BAD
HTTPS redirect to HTTP
12-102019
03-05-2020
www.ambientindonesia.com:443 †
SSL Configurations
WARN
Allows insecure protocol: TLSv1.0, Allows insecure protocol: TLSv1.1, Certificate name mismatch
02-292020
02-29-2020
www.ambientindonesia.com:80
Web Application Headers
NEUTRAL
Redirect
08-032019
02-11-2020
xxx.xxx.17.213:443 †
SSL Configurations
WARN
Allows insecure protocol: TLSv1.0, Allows insecure protocol: TLSv1.1
04-102019
01-19-2020
ambientindonesia.com:80
Web Application Headers
NEUTRAL
Redirect
12-102019
12-11-2019
www.ambientdigitalgroup.com:443 †
SSL Configurations
WARN
Allows insecure protocol: TLSv1.0, Allows insecure protocol: TLSv1.1
12-112019
12-11-2019
www.ambientdigitalgroup.com:80
Web Application Headers
NEUTRAL
Redirect
12-102019
12-10-2019
mail.ambientindonesia.com:80
Web Application Headers
NEUTRAL
Redirect
† IP address is attributed to this company by way of DNS association on one or more domains.
Ambient Digital BitSight Security Ratings
21
Domain Squatting Details The following results are for Squatting Type
Technique
Ambient Digital BitSight Security Ratings
Registered By
Domain Variation
22
Diligence Details and Remediation SPF Grade Issue
Description
BAD
This record is formatted in a way that makes it ineffective. This can occur for many reasons, but the most common is a neutral “all” mechanism. This mechanism states that the SPF record will neither pass nor fail any mail agents or servers not explicitly stated in the SPF record.
SPF record is ineffective
Ambient Digital BitSight Security Ratings
Remediation Instructions Check any “?” modifiers in your “all” mechanisms, which defeats the ability of an SPF record to be specific about allowed/restricted domains. Likewise make sure that the “all” mechanism is present.
23
Diligence Details and Remediation TLS/SSL Certificates and Configurations Grade Issue
Description
WARN
Allows insecure protocol: TLSv1.0
Early TLS is being deprecated. Refer to the TLS Deprecation Update your company’s server-configurations to disable Schedule. this protocol. Refer to the Guide to Deploying DiffieHellman for TLS for explicit instructions.
WARN
Allows insecure protocol: TLSv1.1
Early TLS is being deprecated. Refer to the TLS Deprecation Update your company’s server-configurations to disable Schedule. this protocol. Refer to the Guide to Deploying DiffieHellman for TLS for explicit instructions.
Ambient Digital BitSight Security Ratings
Remediation Instructions
24
Diligence Details and Remediation Open Ports Port Grade
Issue
Description
Remediation Instructions
WARN
Detected service: FTP without AUTH TLS
This port was observed running a File Transfer Protocol (FTP) service, without AUTH TLS (encryption).
Insecure FTP poses many risks as it is also common vector for trojans and other malware. In addition to blocking port 21 bidirectionally on routers, hardware and software firewalls, switch to the SFTP protocol SSH File Transfer Protocol.
GOOD
Detected service: SSH
This port was observed running SSH, which is used for sending and receiving secure communication.
WARN
Detected service: SMTP without STARTTLS
This port was observed running SMTP without STARTTLS, which is an unsecured mail protocol.
Configure your mail server software to use Secure SMTP over TLS, according to the RFC-3207 specification.
NEUTRAL Detected service: DNS
This port was observed running a Domain Name System (DNS) service, which is used to direct requests for domain names to their assigned IP addresses.
NEUTRAL Detected service: HTTP
This port was observed running HTTP, which used for sending and receiving Internet traffic.
WARN
Detected service: POP3 without STARTTLS
“POP3” is a a way for email clients to access their Configure your mail server software to use STARTTLS mailbox from different systems. “STARTTLS” is a for Internet Message Access Protocol (IMAP) and POP3 protocol extension that allows the client and the server to as defined in RFC-2595. negotiate upgrading the connection to use TLS. Without STARTTLS, a man-in-the-middle (MITM) can read all the email that are being received by the client.
WARN
Detected service: IMAP without STARTTLS
This port was observed running Internet Message Access Protocol (IMAP) without STARTTLS, which is an unsecured mail protocol.
Ambient Digital BitSight Security Ratings
Configure your mail server software to use STARTTLS for IMAP and Post Office Protocol version 3 (POP3) as defined in RFC-2595. Unencrypted mail activity may also be a sign of malware activity. Consider blocking plain IMAP (port 143) and plain POP (port 110) after the transition to secure IMAP transmission.
25
Diligence Details and Remediation Web Application Headers Issue
Description
Remediation Instructions
HTTPS redirect to HTTP
The HTTPS URI is redirecting to an HTTP URI.
Avoid downgrading user connections from secure to insecure.
Ineffective headers: StrictTransport-Security
The implementation of these header(s) do not follow security best practices.
Ensure your headers are implemented correctly, as outlined in RFC-7231. Your headers should not permit caching of encrypted content. They should also have specific permissions (as opposed to using wildcards or other generalizations) and be formatted properly.
Missing required headers
One or more required security headers are not set.
Ensure your policy correctly implements the required headers. Refer to the list of required headers.
Redirect
The page redirected to a different hostname or IP using a 301, 302, or 307 status code.
Why individual Web Application Headers errors do not have grades: The method of grading web application headers is not as straightforward as other risk vectors, because the grade for an web application headers record is based on the entire configuration of the application header, not just individual errors. Therefore we cannot pre-assign grades for web application headers errors without evaluating the entire record first.
Ambient Digital BitSight Security Ratings
26
Diligence Details and Remediation Server Software Issue
Description
Remediation Instructions
Software version is unsupported
The installed software is unsupported.
Review the list of supported software and ensure the latest version is installed.
Support status is unknown
BitSight is unable to determine the security patch status of the installed software
Ambient Digital BitSight Security Ratings
27
Diligence Details and Remediation DNSSEC Grade
Issue
Description
NEUTRAL DNSSEC is not configured on This domain is missing a DNSKEY record and therefore cannot be this domain authenticated using DNSSEC.
Ambient Digital BitSight Security Ratings
Remediation Instructions You will need to set up DNSSEC for your domain, including generating necessary keys and updating DNS zone records accordingly. See this DigitalOcean guide for instructions which may be applicable to your server configuration, as well as dnssec.net for practical documents related to DNSSEC setup.
28
User Behavior details for Ambient Digital
Ambient Digital BitSight Security Ratings
29
Frequently Asked Questions What is the BitSight Security Rating? BitSight Security Ratings measure organizations’ security performance using a proprietary algorithm that analyzes externally observable data. Security Ratings range from 250 to 900, similar to consumer credit scores, with a higher rating equating to overall better security posture. Security Ratings provide a comprehensive outside-in view of a company’s security risk. These ratings are further complemented with additional insight in the BitSight customer portal, where users can access in-depth details and dashboards on compromised system and diligence data. We have provided a standard categorization of security performance based on ranges of Security Ratings. These categories are Basic, Intermediate and Advanced. While different organizations have differing methods of assessing risk, these categories serve as a general best practice guideline and marker of overall security performance.
BA SIC
250–640
INTERMEDIA TE
640–740
A DV A NCED
740–900
How is the BitSight Security Rating Calculated? The BitSight Security Rating is generated on a daily basis and is calculated from a proprietary risk measurement algorithm that evaluates evidence of security outcomes and practices. The rating is comprised of multiple risk vectors that are organized in three categories: Compromised Systems, Diligence, and User Behavior. Compromised systems data refers to events of malware externally observed from a company's network. Diligence data refers to an assessment of a company's security configuration practices. User Behavior shows user activities that deviate from corporate IT security policies and therefore introduce new vectors for attack. The current risk vectors in the BitSight customer portal are: Compromised Systems: Malware Servers, Botnet Infections, Spam Propagation, Unsolicited Communications, Potentially Exploited Diligence: Sender Policy Framework (SPF), DomainKey Identified Mail (DKIM), Transport Layer Security (TLS) and Secure Sockets Layer (SSL) Configurations, Transport Layer Security (TLS) and Secure Sockets Layer (SSL) Certificates, Open Ports, Domain Name System Security Extensions (DNSSEC), Web Application Headers, Patching Cadence, Insecure Systems, Server Software, Desktop Software, Mobile Software, Mobile Application Security User Behavior: File Sharing BitSight’s algorithm accounts for the following in calculating Security Ratings: Number and type of issues or events Issue Duration: time between the first and last observation Severity: includes the data source type, correlations, and confidence in each source of data, as well as risk vector-specific factors (such as the botnet type or the number of hosts that received unsolicited communication). Effective security configuration practices, including proper record/certificate formatting and technical implementation
Where does the underlying data for Security Ratings come from? BitSight collects external data on compromised system events, file sharing events, and configurations from many different sources. BitSight does not test or penetrate any company's networks
Ambient Digital BitSight Security Ratings
30