Skip to main content

About SixMap

SixMap helps your organization continuously identify threats and defend your network against adversaries using high-performance computing (HPC) and our proprietary Computational Mapping method of performing external scans to identify network infrastructure and assets using only your organization’s name.

We then fuse network information with live, real-world threat intelligence to give precise guidance on identifying and fixing vulnerabilities to mitigate external cyber threats.

Data sources

SixMap uses public information to determine your organization’s hierarchical structure and find the names of organizations within the hierarchy. We then search through internet protocol (IP) registration information to compile a list of all public IP addresses registered to your organization. For more information, see Data sources.

Using the list, we determine which IP addresses are active and associated with individual host devices. Next, we use Computational Mapping to scan all 65,535 ports across each active IPv4 and IPv6 address to determine which ports are open to the public internet. For each open port, we identify which service, product, and product version is running.

Analysis

To help you decide where to focus your security efforts, we complete the mapping process by analyzing the data from the scans and displaying the results in the SixMap app. We provide two categories of information.

  • Vulnerabilities: We match service information with security vulnerabilities disclosed in the Common Vulnerabilities and Exposures (CVE) list. Then, we reference the Common Vulnerability Scoring System (CVSS) and Exploit Prediction Scoring System (EPSS) score for each vulnerability to determine its severity and likelihood of exploitation. We then check each vulnerability against the Known Exploited Vulnerabilities (KEV) catalog to learn which have already been exploited.

    For more information, see CVE program.

  • Configurations: We show which services and ports are used by different products and product versions to highlight where configurations might not follow internal security standards or industry best practices.