We are excited to introduce a new free tool, the Zero Networks TrustMeter, that shows you just how much an attacker will be able to access if they get into your network. This gives you much needed visibility into your network’s security stance, so you can take steps to mitigate your exposure to unnecessary risk.
As organizations around the globe rush to enable remote work for their employees, cybercriminals are taking advantage of the expanded attack surface to get into your network. The World Health Organization reported they have seen a fivefold increase in cyberattacks over the past months, which is indicative of the increased attack activity that organizations everywhere are seeing.
How exposed is your network? How do you even know?
Those are questions almost every organization is wrestling with. Unfortunately, the answers are never straightforward. Given the complexity and dynamic nature of today’s networks, it can be extremely difficult to gauge what an attacker will be able to do when they get into your network. Until now.
It is important to note that all data collected during TrustMeter’s scan remains local on the machine from which it run, it is not uploaded anywhere.
Most organizations concede their network is too open, allowing users inside to access way more than they will ever need or ever should be able to access. Our CEO, Benny Lakunishok, explains, “This excessive trust means that once an attacker compromises one machine inside the network, it’s easy for them to go anywhere and do whatever they want in the network. As a result, IT and security teams end up not being able to trust their own networks.”
If not addressed, excessive network access enables VPN infiltration, lateral movement, zero day exploits, and ultimately data exfiltration, as well as the spread of commodity malware and ransomware. With so much at stake, what can you do to start to tackle the problem?
You can begin by getting a clear view of how much your network is open from the inside, so you understand how exposed you may be. To help you do this, we are excited to announce TrustMeter, a free tool you can use to quickly and easily map excessive trust within your network. In just a couple clicks, TrustMeter gives you insights into just how much an attacker could access in your network, with data you can use to take proactive action to limit infiltration damage.
Running TrustMeter from different locations inside the network will yield different results because network access can change based on where you are in the network. Therefore, we recommend running TrustMeter in a number of different locations to uncover the biggest “soft spots” of your network. For example, you will probably want to see where an attacker could spread to from these spots in your network:
TrustMeter extracts assets and identity information and actively scans all assets to provide you detailed information on what is open and vulnerable to exploitation. Scans can be run from any machine in the network. TrustMeter will then generate a report which will provide clear visibility into the entire network from that vantage point.
The information is collected and processed to show you:
Finally, three files are outputted by TrustMeter:
TrustMeter is designed to be simple to use. The default configuration works out of the box for most use cases. To get started, you should:
While the tool should run out of the box, there are advanced configuration parameters you can use to fine-tune the tool based on your individual environment. While there are numerous parameters that can be configured, the two most critical for the quality of the results are maxconnections and mode:
Additional parameters are available and detailed in the help menu.
TrustMeter reports are divided into three sections, which will provide you differing levels of detail and insights.
Knowing what you’ve got is just the first step when trying to figure out how to successfully manage network access. TrustMeter’s holistic report provides vital insights into how much excessive access exists inside your network and which assets could be compromised in an event of a cyberattack, so you can take steps to mitigate your risks and shut down these internal attack vectors.
If you would like to solve the problem of excessive trust that TrustMeter revealed, we are happy to help. It probably warrants another conversation and definitely another blog - so please reach out.