Print Print  
Award Information
Proposal Number: DHSST-LRBAA14-02-CSD.21-0002-I
Proposal Title: Continuous Discovery and Monitoring of the DHS Digital Footprint
Topic Number: CSD.21
Topic Title: Cyber Situational Understanding
Organization: RiskIQ
Address: 22 Battery St. 10th Floor
San Francisco, CA 94111-5524  
Abstract: Defining the Enterprise Digital Footprint An organization's Digital Footprint is typically larger and more complex than expected. As modern organizations adopt the web for growth and efficiencies, their digital footprint grows, which leads to an ever-changing attack surface to defend. A Digital Footprint is comprised of all the applications and digital assets exposed to the Internet and the supporting infrastructure that powers it. A typical, modern organization has an attack surface, or digital footprint, comprised of: -Web Servers and Web Applications: Official and sanctioned web systems, dependencies and content. -Shadow IT: Assets created via initiatives outside the IT team and without explicit approval. This can result in the creation and external hosting of websites that are unknown to IT security teams. -Third-party Components: Dependencies that are outside the direct control of an organization but are presented to the Internet as part of their web systems. Third-party components can be problematic because a web browser acts as a code execution engine for web applications. Executed third-party components represent a forfeiture of organizational control. Examples of 3rd party components in digital footprints: --3rd party code (inclusive of widgets, analytics providers, ads, etc.) --3rd party dependencies (inclusive of: CDNs, CMSs, DNS, etc.) --3rd party infrastructure (inclusive of: Email servers, AWS, Azure, etc.)
Award/Contract Number: HSHQPM-17-X-00168
Period of Performance: 06/23/2017 - 12/22/2107
Award/Contract Value: $310,500.00
Award/Obligated Amount: $0.00