Redpoint Security principals and developers have worked on a proprietary tool, Surveyor, which provides full visibility into an application’s security posture by monitoring common weak spots and using your application customers to trigger reporting.
Secure your web application from Build to Browser
Surveyor works to secure your application by providing a real-time monitor for three key stages in your application’s lifecycle. That’s why we argue that Surveyor is security from build to browser. Surveyor provides coverage for teams concerned about your SDLC, your application’s runtime security, as well as sneaky attacks against your customers and their data that often don’t get discovered. Surveyor provides this security in three key ways.
- Activating a Package Monitor that alerts you to changes to packages for keystone components and libraries that your application depends on.
- By monitoring runtime application behavior. Surveyor, in the initial review of the application, creates a baseline for the application’s operations and interactions, and it reports anytime it sees a change to that baseline.
- By monitoring the application your customer sees in the browser, Surveyor can tell you if a malicious JavaScript is operating on the customer’s page, providing instant notification that credit-card skimming or magecart-style attacks may be taking place against your customers.
Redpoint testers already use Surveyor in application review because, as a browser plugin, it works to start mapping out an application’s attack surface as well as alerting on potential vulnerabilities that may exist in initial reviews. If you’d like to learn more about Surveyor, check out the Redpoint Labs site, or contact Redpoint below for more information.
General FAQs
Surveyor is Redpoint's proprietary security tool that provides a continuous security monitor from build to your customer's browser. Surveyor combines three features that enhance your application's security:
- Application and User Behavior Monitor - this is the feature that could be described as Google Analytics for Security Events. That means analyzing User Behavior, Application Behavior and JavaScript Analysis that detects and reports potentially risky behaviors and changes of interest over time.
- Continuous Dynamic Assessment - this feature is implemented in Redpoint Security's application security assessment process already. Surveyor performs scans of an application, so we can provide host reports that combine asset discovery and attack surface monitoring that alerts on common vulnerabilities we find during our application reviews. From this data, Surveyor and Redpoint Security testers provide custom developed Security Unit Tests from data gathered during Surveyor scans and our expert-driven application assessments.
- Supply-Chain Package Monitor - With this feature, Surveyor will alert you if there are changes to critical dependencies, and those alerts will include threat assessment of whether those changes raise risk of a supply-chain attack. The information you get from a Supply-Chain alert goes further than a typical SCA or SBOM report because it digs into Package metadata, so you'll know if your most critical package has changed ownership (as was the case with the polyfill io attack) or even if the package has a new maintainer. Surveyor's run-time triggers means that something like the polyfill io attack would have been registered and alerted on within minutes, rather than the 6 months it did take
Surveyor's features provide security coverage for a range of businesses that provide software services to customers or are in the process of developing and maintaining software applications.
Surveyor's continuous assessment feature can help your developers strenghten your application's security along with providing security unit tests to ensure vulnerabilities that are quashed aren't re-introduced into your new developments or application updates.
The tool also watches package changes to alert you if a risky change to a package maintainer or owner has introduced a new threat for your application's security profile.
Additionally, initial development of the tool aimed at providing security for your customers by monitoring malicious scripts that live in the browser, a feature which demonstrates Surveyor's usefulness for eCommerce sites, fintech, healthcare industry applications, and other websites where attackers target customers or users to compromise accounts or steal payment information.
Surveyor's unique trigger and monitoring capability also means that organizations that have sensitive assets where a tool that monitors user behavior for actions that indicate risk or threat will want to use Surveyor. If you have a publicly-facing supplier or partner portal that you want a set of eyes on, Surveyor is a solution that can provide immediate insights regarding what's happening on that page.
Surveyor combines three features that enhance your application's security:
- an Application and User Behavior Monitor, this is the feature that could be described as Google Analytics for Security Events. That means analyzing User Behavior, Application Behavior and JavaScript Analysis that detects and reports potentially risky behaviors and changes of interest over time.
- Continuous Dynamic Assessment, this feature is implemented in Redpoint Security's application security assessment process already. Surveyor performs scans of an application, so we can provide host reports that combine asset discovery and attack surface monitoring that alerts on common vulnerabilities we find during our application reviews. From this data, Surveyor and Redpoint Security testers provide custom developed Security Unit Tests from data gathered during Surveyor scans and our expert-driven application assessments.
- Supply-Chain Package Monitor - With this feature, Surveyor will alert you if there are changes to critical dependencies, and those alerts will include threat assessment of whether those changes raise risk of a supply-chain attack. The information you get from a Supply-Chain alert goes further than a typical SCA or SBOM report because it digs into Package metadata, so you'll know if your most critical package has changed ownership (as was the case with the polyfill io attack) or even if the package has a new maintainer. Surveyor's run-time triggers means that something like the polyfill io attack would have been registered and alerted on within minutes, rather than the 6 months it did take.
Surveyor is trivially easy to integrate with existing systems because Surveyor can be installed anywhere you could deploy Google Analytics. Surveyor users can access alerts and information the tool is monitoring in the Surveyor platform, but use provided webhooks to alert in other clients, such as email or a slack notification channel.
Ease of setup, speed of notifications, and reliability of findings.
Surveyor as a scanning tool requires very little overhead for implementing within your application.
- Simple Signup and Setup: It's as quick as setting up an account, taking the script Surveyor provides you, and placing it on the application host you'd like to have watched. You can even try it on single host today to see how it works.
- Speed of Notifications: Alerts for changes to application scripts, package monitors, or your application's attack surface are triggered when a customer loads a page with those changes on it. The speed of our solution works quite differently from a server-side scanner that may not register a change for weeks at a time. We use the polyfill io example when we talk about this difference because it's true, Surveyor would have told you about the polyfill io compromise the second the package was acquired by a new potentially malicious maintainer. It would have also told you that there were indicators that the new maintainer had an elevated risk profile, before malicious scripts were even loaded into the package.
- Reliability of Findings: Surveyor has been trained on Redpoint Security's own processes that aim to provide findings that are accurate, useful, and whenever possible, actionable with remediation recommendations. Furthermore, with Surveyor we make use of Machine-Learning tools to continuously improve its output. That means continuous awareness of emerging threats, and more accurate rankings over time. Overall, you'll be able to trust that findings Surveyor notifies you about, and the risk ratings you receive have a weight behind them.
Security & Compliance FAQs
Surveyor data enrichment ML engine may use anonymized data to train on Indicators of Attack from malicious sources, but does not store data that could be used to identify your customers or your application or organization.
Surveyor is in active development so Security updates and patches will be released along with feature development schedules. Rollouts of updates will take place with several layers of testing to ensure QC and to discover edge case problems or any DoS conditions before customers install updates.
Multiple layers of Authentication controls for access to Surveyor systems. Fine-grained Role-Based Access Control (RBAC) is being implemented soon.
We follow robust incident response and reporting guidelines as detailed in our information security policies which comply with all SOC2, ISO27001, individual US State (California et al) and GDPR standards.
Privacy & Data Management FAQs
Surveyor collects data that can enhance its data analysis it serves to our clients. The focus will be limited to Indicators of Malicious Behavior, scripts, or data that help train a model on distinctions between benign and malicious behaviors. No client-specific data is stored in Surveyor's training collections.
Any client-specific data related to the hosts which Surveyor is monitoring for your security purposes is not retained by Redpoint Security and can be deleted.
Yes. Surveyor sends weekly host reports via email, unless instructed otherwise due to organizational requirements. Should your organization need to delete your own proprietary Surveyor data, those emails should be deleted to remove all data generated as a result of Surveyor's monitoring.
Deployment & Integration FAQs
Surveyor can be installed anywhere you could deploy Google Analytics.
Surveyor can start reporting immediately on what it's seeing on any given page where you install the script.
Upon install, Surveyor can be integrated with email and slack clients, or through its user interface, the Surveyor Portal. More integrations, with organization's SIEMs can be requested and implemented in concert with Surveyor sales and customer service.
Yes, contact Surveyor sales and customer service for details.
Pricing & Plans
Pricing for individual features is as low as $25/month for a single host monitor that provides continuous alerts for user and application behavior. If you'd like the monitor for 12 hosts per month, Surveyor costs $250/month. Contact Surveyor sales for implementation and associated costs of the Continuous Dynamic Assessment and Package Monitor. Surveyor is also offered on a yearly license for Redpoint Security clients as an add-on option with our Application Security Assessment.
Yes, contact Surveyor sales or Customer Service.
For changes to your Behavior Analysis Surveyor tool, you can make changes to your plan in the Billing portion of your Surveyor portal. Contact Surveyor sales and customer service for other needs.
Account & User Management FAQs
The Portal provides instructions for setting up an account, connecting a payment account for billing, and taking steps toward monitoring selected hosts. If you have questions during this process, feel free to reach out to Surveyor sales and customer service for help.
Reset-password can be initiated through the Surveyor portal. Help with roadblocks that develop there can be trouble-shot with help of Surveyor sales and customer service.
This feature is coming soon.
Customer Care FAQs
Check FAQs for basic information or contact customer service by email customerservice@redpointsecurity.com if you have needs not covered here.
Email customer service here customerservice@redpointsecurity.com for support.
Updates & Upgrades FAQs
Updates will be rolled out with instructions on update features through email or the weekly reports that Surveyor initiates. Instructions will be included if there is a required process a Surveyor user has to undertake as part of the updates.
No, changes will be QA tested before being pushed to production. If any unexpected behavior occurs with your account or service after an upgrade, please reach out to Surveyor customer support for troubleshooting.
Weekly reports or Surveyor communications will alert if there are feature updates or patches.
Trial & Cancellation FAQs
Contact Surveyor sales or Customer Service.
Monitoring within a month will be assessed for the percentage of the month covered, and refund will be pro-rated for remaining days of the month, once Surveyor is no longer doing processing work on any of your hosts.
Customization & Scalability FAQs
Yes, contact Surveyor sales to discuss how we can help meet your business requirements.
Yes, Surveyor has solutions for medium- and large-size enterprises. Contact Surveyor sales to discuss how we can start monitoring your application everywhere it needs.
No, Surveyor has plans for supporting any size of organization.