www.cyberresilience.io Open in urlscan Pro
34.251.201.224  Public Scan

Form analysis
0 forms found in the DOM

Text Content

A SECURITY RESEARCH PROJECT TO GAIN INSIGHTS INTO COMMON SECURITY FLAWS.




CYBERRESILIENCE IS A SECURITY RESEARCH PROJECT LED BY UPGUARD INC THAT CONDUCTS
INTERNET-WIDE SCANNING TO GAIN INSIGHTS INTO COMMON SECURITY FLAWS.

Using the data we collect via CyberResilience, we enable security research,
educate the community on cybersecurity and improve awareness on how to protect
against cyber attacks and threat actors. 
‍
Through this research project, we aim to protect the world's data. We believe
that research is best done in collaboration – we encourage partnerships and
collaboration from the industry and academia in order to protect the world’s
data.



SCANNING AND COLLECTION

CyberResilience scans all public IPv4 addresses to determine open ports and
misconfigured services. Collection activities take place which involve
connecting to a publically open port and performing standard protocol handshakes
to attempt to identify the running service.
‍
We will never attempt to change device configurations, access private networks,
or maliciously trigger a known exploit as part of the scanning and collection
process.
‍
We will attempt to only collect security data that should be visible to any
entity that attempts to connect to a particular address and port from the public
internet.
‍
CyberResilience scans a growing number of TCP and UDP services. TCP studies
include HTTP(S), SMTP, SSH, FTP, IMAP, POP3, MySQL, PostgreSQL, RDP, and many
more. UDP studies include NetBIOS, DNS, NTP, IKE, Kerberos, SIP, SNMP, MDNS, and
quite a few others.



WHAT DATA DO WE COLLECT?

The purpose of our project is to evaluate the security posture of internet
connected systems. Therefore, the data we collect is limited to:

 * TCP responses to our scanning requests including HTTP headers and the
   content.
 * Installed versions of network exposed services, applications (e.g. Wordpress,
   Apache, PHP, etc.)
 * Metadata about exposed services and applications: Which ports are open, what
   services and applications are running, identification banners, TLS
   certificates, publicly enabled features, etc.
 * Vulnerability information for systems and services that exhibit vulnerable
   behavior, such as a network service behaving in a way that strongly
   correlates to the presence of a specific vulnerability (e.g. a Microsoft
   Exchange Server vulnerable to CVE-2021-26855 will return a specific header in
   a HTTP request which signals that the vulnerability exists).


OPT OUT

Security and privacy is paramount in what we do, and we understand that is
extremely important for our industry. 
‍
If you’d like to be excluded from our scanning please let us know by email at
webmaster@cyberresilience.io. Please provide us with the IP addresses or ranges
and proof of ownership or control of said IPs. Proof can include WHOIS records
or PTR records. Your request will be manually reviewed and we will let you know
the outcome of your request. Please note that we regularly review the opt out
list and remove entries where the WHOIS or PTR records have changed



QUESTIONS?

If you have further questions about us, please email us at
webmaster@cyberresilience.io

©2022 CyberResilience.io
Cookies