As a global data, analytics, and technology company, Equifax plays an essential role in the global economy by helping employers, employees, financial institutions, and government agencies make critical decisions with greater confidence. The company has worked with Bishop Fox for continuous security testing for their external perimeter since 2020.
As Equifax rebuilds its technology systems and migrates its data and assets to the cloud, its security team remains focused on mitigating and managing the security risks that may arise from those services. Equifax recognizes the benefits of maintaining a team of expert security testers to detect, investigate, and help evaluate the risk of issues found on the company’s external perimeter.
With operations across the globe and services that play an essential role in the global economy, Equifax was seeking a way to map and track changes to thousands of domains and subdomains.
"This regression testing is a critical piece of defending our perimeter. Assets exposed to the external perimeter can be targeted by attackers, and this visibility is crucial when it comes to protecting our products, services, and the data entrusted to Equifax.”
– Jeremy Gillis, Senior Network Engineer at Equifax
Bishop Fox’s Cosmos (formerly CAST) managed service offering provides Equifax continuous testing and visibility with real-time communications from a dedicated team of security experts.
Typically, companies retain a third-party vendor to conduct a point-in-time red team test, produce a report, and then share it with the client so that response work can begin. In contrast, Equifax and Bishop Fox work closely together in real-time to leverage automation for continuous detection and response on the Equifax perimeter.
"The [Cosmos] team has been a great partner for us. We’ve been able to utilize their high-caliber skill set to add to the capabilities of our comprehensive security program.”
– Brad Trotter, Red Team Manager at Equifax
Together, Bishop Fox and Equifax collaborate to address potential threat concerns on Equifax’s attack surface. As a “second set of eyes” for Equifax, the Cosmos team demonstrates the exploits and attack vectors that Equifax can then proactively remediate the issues.
As Equifax’s red team continued to test the company’s applications and internal and external networks, it leaned on Bishop Fox to help sift through the noise and data inputs from the security tools already in place.
The Cosmos team provided an additional layer of expert analysis to enhance the results of Equifax automated tools and used attacker techniques and custom created exploits to test Equifax’s systems. By working closely together, the teams develop a highly customized analysis of security threats to enable more effective response and to build better defenses against cyber attacks.
Equifax also granted Bishop Fox access to their bug bounty program dashboards, so that they could help verify those leads and reduce the noise from some of those systems.
"With our partnership approach, any issues identified are thoroughly investigated, escalated, and ultimately fixed before they become a problem,”
– Brad Trotter, Red Team Manager at Equifax
With Bishop Fox’s Cosmos Service, Equifax can better mitigate threats of today and tomorrow with speed and precision.
As a global data, analytics, and technology company, Equifax plays an essential role in the global economy by helping financial institutions, companies, employees, and government agencies make critical decisions with greater confidence. Headquartered in Atlanta and supported by more than 11,000 employees worldwide, Equifax operates or has investments in 25 countries.
Gravity-Defying Security: An Apollo.io Story
Apollo selected Bishop Fox to perform a Google Security Assessment to evaluate the security of its application, external perimeter, and Google Cloud Platform (GCP) environment, as well as conduct a review of its responses to Google’s required self-assessment questionnaire (SAQ).
John Deere Digital Security Journey: Securing Products Against Cyberattacks
To help ensure John Deere products are ready to withstand security threats, John Deere chooses Bishop Fox's Cosmos platform and product security reviews.
August: Built-in Security in IoT Devices
This site uses cookies to provide you with a great user experience. By continuing to use our website, you consent to the use of cookies. To find out more about the cookies we use, please see our Privacy Policy.