Frequently asked questions

General

Why should I use Autobahn?

Autobahn's Cyber Fitness focusses on creating impact through remediation instead of tracking long lists of vulnerabilities. This helps you and your team to prioritize which tasks to focus on first.

On which servers is Autobahn hosted?

Autobahn uses Hetzner servers for data storage located in Germany. Their datacenters are ISO 27001 certified. For two-factor authentication during login to Autobahn, we use AWS which is also ISO 27001 certified.

Asset discovery

How does Autobahn discover my assets?

Autobahn uses a variety of data sources to effectively map your company's internet footprint. We use DNS scanning, Internet scanning, subdomain generation through brute forcing subdomains, WHOIS, and SSL certificates, TLS/SSL scanning, as well as cloud scanning. We currently also have an integration with AWS and will soon integrate with other cloud services.

Vulnerability detection

Do we just scan the network or also the hardware?

Autobahn identifies vulnerabilities in network devices, IoT, ICS, custom web apps, cloud/third party services, off-the-shelf software, hardware, and telco components. This allows us to find gaps in: network segregation, system architecture, implementation security, credential management, patch management, and secure application development.

Hackability Score

Why does Autobahn compare my company to industry peers?

Autobahn helps you understand the security posture of your company. Comparing you to similar-sized industry peers allows you to understand if you are more vulnerable and thus need to step up your remediation efforts, or helps you focus security best practice areas where you underperform.

How does Autobahn's security benchmarking work?

Autobahn's industry benchmarking is based on a comprehensive data set that we regularly update. This allows you to compare your Hackability Score to a peer group that is relevant to you, both in size and industry.  

Autobahn also allows you to benchmark your results against previous scans, showing your remediation progress. This can help your IT security team set KPI's, or let you decide whether external support is required.

How is the Hackability Score calculated?

Firstly, we categorize our findings into three security best practice areas: insufficient hardening, missing patching and unnecessary exposure.  

Then, we classify the vulnerabilities based on severity and business impact:

+ Severity 4: Instantly exploitable vulnerabilities

+ Severity 3: Exploit fragment that can be used to craft a successful attack

+ Severity 2: Vulnerability that may reveal sensitive information to enable further attackers

+ Severity 1: Best practice deviation

Afterwards, we use a proprietary formula to calculate the Hackability Score per finding type.

Finally, we calculate the absolute Hackability Score which is the sum of the individual Hackability across all assets. Then, we normalize this Hackability Score based on the number of exposed services to compare organizations within industries.  

Cyber Fitness

What is vulnerability prioritization?

Vulnerability prioritization helps security teams and companies increase their cyber resilience by focusing on the right tasks. On top of that, Autobahn automates remediation guidance and ticket creation.

What if Autobahn detects a risk that is acceptable for me?

If you deem the risk as acceptable, you can mark a vulnerability as “risk-accepted” and it will no longer affect your Hackability Score.

How does Autobahn help to improve my vulnerability management process?

Autobahn helps you and your company create an overview of the most important vulnerabilities your company faces. In our dashboard and report, we tell you what you should do in the short term, and the long term. This takes the guess work out of improving your security.

How can Autobahn help me remediate security issues?

Autobahn's curated Cyber Fitness exercises provide easy-to-follow remediation steps that everyone in your IT team can follow. As Autobahn has one of the lowest false positive rates in the industry, your team will always be working on reducing real threats.

How does Autobahn help to improve my overview of vulnerabilities relevant for my company?

Autobahn helps you and your company improve, or create if you have not yet, an overview of the most important vulnerabilities your company faces. In our actionable and to the point dashboard and report, we tell you what you should do on the short term, and on the long term. Autobahn also allows you to benchmark your results against your previous reports to show the remediation progress. This supports the IT security team to set their KPI's, and helps you decide whether external help is necessary.

Can Autobahn integrate with other vulnerability scanning tools?

Yes, Autobahn currently integrates with Qualys and Nessus Pro. We are working on incorporating other scanning tools and can take your requests on the agenda.

Didn’t answer all your questions?

Our team is just an email away and ready to support you

Contact us