Features
Orion is packed with the offensive tools you need to proactively monitor and secure your attack surfaces.
Continuous Monitoring
Orion's Continuous Monitoring keeps track of all your public assets, alerting you to any changes and potential risks in almost real-time.
Monitoring and Alerts
Orion provides active alerts on all monitored assets as configured by customers. Active alerts allow you to react, identify, and mitigate vulnerabilities against your entire attack surface.
Asset Diffs
For specific assets like web pages, API endpoints, and SaaS services, Orion provides an asset diff to highlight what changes occurred between specific dates.
Continuous Assessment (premium)
The Ophion Security team conducts manual security assessments against all identified assets on a regular basis. New and changed assets are prioritized in each testing to provide up-to-date coverage.
Automated Exploitations
Orion automatically runs targeted exploitation scans against all identified assets to find impactful vulnerabilities.
Contexetualized scans
All vulnerability scans are contextualized to reduce noise and false positives. Each exploitation extracts a valid proof of concept for the specific system, thus creating actionable reports for security teams.
Secret Validations
Orion provides a detailed analysis of all identified API keys including but not limited to validity of the secret, permissions granted to the secret, and a sample set of the data that can be accessed.
Digestible Vulnerability Report
Orion vulnerability reports are human readable making them easier to consume and assign to specific teams for vulnerability triage and mitigations.
Assisted Hunt and Analysis
Security teams have better context than any vendor can ever have. Orion gives security teams the power to combine their knowledge with Orion's data to identify and mitigate more vulnerabilities.
In-depth asset analysis for APIs, SaaS and On-Prem services
Orion performs in-depth analysis against identified on-premise and SaaS assets, API endpoints, and more. A detailed analysis is directly available in Orion allowing teams to make well informed decisions on which assets to prioritize for engagements.
Granular change monitoring and alerts
Every in-depth analysis is followed by change monitoring to provide almost real-time alerts when changes are detected in sensitive assets. Teams get alerts for changes such as parameter changes in API endpoints, version changes in Wordpress, and new GitHub Action workflows.
Recursive Data Gathering
All data extracted by Orion is fed back into the scanners to recursively generate context, perform passive reconnaissance and run in-depth analysis. Security teams can use the extracted context to tag identical assets and identify blast radius for vulnerabilities.
SaaS Security
Recent breaches have seen successful compromises through SaaS solutions used by organizations' employees. Orion provides continuous coverage of over 50+ SaaS solutions. Learn more on what we cover at our SaaS Coverage page.
Blackbox SaaS Testing
Orion uses various signatures and identification techniques to identify and track different SaaS usages across the organization. Additionally, customers can onboard their own list of SaaS solutions to monitor without providing API keys or sensitive credentials.
Misconfiguration Scans
Orion continuously scans for misconfigurations on all identified SaaS solutions. These misconfigurations are based on active research performed by Ophion Security's R&D team against popular and common SaaS products.
Credential Stuffing Attacks
With the recent rise of credential bruteforcing attacks, Orion is designed to perform distributed credential stuffing attacks against common SSO providers and SaaS solutions. With Orion's continous learning system, it constantly tracks valid employee email addresses to use for password breach search & bruteforce attacks.