Bishop Fox Attack Surface Discovery

Bishop Fox Attack Surface Discovery is a service that identifies and validates internet-facing assets belonging to an organization. The service uses the Cosmos platform to continuously discover external footprints including domains, subdomains, networks, services, and third-party assets. The service employs a brand/domain-centric approach rather than traditional IP-centric methods to discover assets in the same manner as adversaries. Each discovered asset undergoes human-in-the-loop ownership validation by the Attack Surface Intelligence (ASI) team to ensure accuracy and eliminate false positives. The discovery process begins by mapping visible assets such as IP ranges, domains, subdomains, and exposed endpoints. From this foundation, the service pivots to uncover connected systems, services, and applications including APIs, databases, and additional hosts. Service fingerprints, configurations, and versions are analyzed to identify misconfigurations and vulnerable components. The service provides ongoing scanning to detect new assets and changes to the attack surface in real-time. Cloud Connectors enable attribution and safe scanning for comprehensive coverage across cloud environments. The result is a continuously updated inventory of external assets that security teams can use for threat exposure management programs.