Overview

Expanse, formerly Qadium, shows you a complete, real-time view of all your Internet assets and what's talking to them.

Expanse is a SaaS company that continuously discovers, tracks, and monitors the dynamic global Internet Edge for the world’s largest organizations. In addition, Expanse is the first company to deliver off-premise analysis of network edge communications to identify customer systems that are making risky connections to out-of-policy services on the public Internet.

  • Deploy immediately: Expanse is a DISA approved agent-less SaaS solution available via DoD CIO Enterprise Software Initiative BPA
  • Identify high-value “edge case” risks, such as shadow IT in cloud hosting and risky or out-of-policy communications with external IP addresses and assets on the Internet
  • Receive global alerts to customer-specific accidental connections of sensitive IT, OT, and IOT devices to the public Internet, whether they occur at headquarter, at remote locations, or in commercial cloud hosting environments
  • Generate intelligence in support of proactive defensive cyber operations with Threat Hunt “as a service” data sources and analytics.
  • Remotely verify IT policy compliance of contractors, and key suppliers for supply chain risk mitigation

Products

  • Edge Expander

    Edge Expander discovers all of your public-facing network edge assets, understands where they are and what risks they pose, and tracks successful remediation of their edge exposures. This provides an accurate, real-time picture of customers’ dynamic, global network footprint. Edge Expander combines mapping across IPv4-wide active sensing (port scan) data with global DNS, all registration records, and CDN data. Edge Expander data sources are “best-of-breed” to deliver a current, accurate, and complete knowledge of the customer’s global attack surface.

  • Edge Behavior

    Edge Behavior provides instant analysis of your network edge communications. Discover hidden communication in network edge flow data without the burdens of collection or costly infrastructure. Edge Behavior cuts through massive amounts of flow data noise to identify systems that are making risky connections to out-of-policy services like Tor and BitTorrent. It sees communications to C&C servers—even through obfuscated access points. Behavior shows you where your network policy gaps are and helps you keep them closed.

  • Threat Hunt

    Investigate potentially malicious network behaviors beyond your firewall.

    Expanse provides rapid analytical support to defensive threat hunt and incident response missions, producing actionable leads based on minimal initial indicators of compromise or digital signatures. We start with trace evidence – even a solitary fact – and build associations between that evidence and all other Expanse data across the global Internet. This includes device identity, configuration, and related flows.

    Threat Hunt assistance includes:

    • Enumeration of all assets on the public Internet that share digital signatures similar to the indicators of compromise (IOCs)
    • Discovery of communications between intrusion set assets, as well as with potential command and control (C2) nodes
    • Identification of attempted communications between intrusion set assets and those on your network
    • Multi-hop enumeration of an intrusion set’s campaign infrastructure
    • Surfacing signatures of new intrusion sets that may have been previously unknown
  • Strategic Supplier Diligence

    Protect your supply chain, weapons systems, Programs of Record, and strategic industry partners.

    Federal department and agencies are partnering with strategic suppliers without having full visibility into the supplier’s transitive cybersecurity risks. A Strategic Supplier Diligence assessment from Expanse can ensure that federal operational, policy, and compliance leaders have an accurate and current understanding of their strategic industry partners, context behind evaluations of supplier security and their specific risks, an improved security ecosystem through escalation of identified security risks with the suppliers, and complete visibility into the organization’s Internet Edge.

    Strategic Supplier Diligence reports illuminate:

    • Strategic supplier network mapping to identify all IP addresses, domains, and certificates attributable to your suppliers
    • The number of critical exposures across your strategic supplier’s network
    • The types and characteristics of those exposures, including which are riskiest
    • Flow analysis to identify risky policy violations, such as unencrypted communications with your strategic suppliers

Contracts

GSA Schedule Contracts

GSA Schedule 70

GSA Schedule 70 GSA Schedule No. GS-35F-0119Y Term: December 20, 2011- December 19, 2021


SEWP Contracts

SEWP V

Contract Number: Group A Small: NNG15SC03B Group D Other Than Small: NNG15SC27B Term: May 1, 2015 - April 30, 2020


ESI BPA Contracts

Department of Defense ESI Desktop BPA Contract # N00104-12-A-ZF31

BPA Number: N00104-12-A-ZF31 BPA ISSUE DATE: July 1, 2012 BPA EXPIRATION: June 30, 2018 (subject to annual review)


Events

Archived Events

News

Latest News

Carahsoft Technology Corp., The Trusted Government IT Solutions Provider™, today announced that the U.S. Department of Defense (DoD) has awarded Carahsoft an enterprise-wide blanket purchasing ...
READ MORE >
CEO Tim Junio started at the CIA, and Qadium began as an R&D lab for government projects.
READ MORE >
Qadium, the first automated global Internet intelligence company, announced today that it has raised $40 million USD in Series B funding led by IVP. IVP is joined by new investor TPG ...
READ MORE >
Qadium, a Peter Thiel-backed cybersecurity start-up from San Francisco, has raised a Series B of $40 million, as it expands its product that CEO and ex-CIA analyst Tim Junio claims can index almost ...
READ MORE >

Resources

SELECT Resource_ID, Title, Vendor, Vertical, Type, DateAdded, Path, Linktype, InvisibleBit, FeaturedEnd, FeaturedBit, Description, CustomLogo, LegacyLink, Form FROM Resources WHERE Vendor = ? AND InvisibleBit = 0 ORDER BY FeaturedBit DESC, Type ASC

Datasheet

Threat actors have gotten smarter. They’re probing attack surfaces using an integrated operational approach including: sophisticated scanning technologies, weaponized vulnerabilities, automation, and commodity cloud infrastructure. They’re operating faster than your command decision-making p...

Product Brief

Expanse Edge Expander provides IT security teams with a continuously updated view of their Internet Edge and its exposures so they can be tracked and remediated to reduce risk, prevent data breaches, and stop ransomware attacks.

Edge Behavior dynamically analyzes communications across the global Internet to detect and stop risky and out-of-policy activities on your Internet Edge before they can be exploited, without the need for installation or configuration.

Resources

Matt Kraning is the CTO of Expanse, and in today’s show he describes the process by which Expanse maps the Internet.

Expanse continuously discovers, tracks, and monitors the dynamic global Internet edge for the world’s largest organizations.

Solutions Brief

Organizations face a non-stop onslaught of challenges posed by an increasing number of threats across their Internet Edge. As the severity and frequency of attacks increase unchecked, threat hunting has gained acceptance as a proactive approach to mitigating risk. Threat hunting is an important func...

The first item on both the CIS Controls and the NIST Cybersecurity Framework is a not-so-simple task: Identify your assets. Knowing your network is the most foundational step in building a secure organization, but many organizations overlook important edge cases and even mundane events that lead to ...

Video

Expanse's Lisa Wallace discusses network attack surface and explains how companies can launch attack surface reduction initiatives to reduce their exposure to attacks.

In this webinar from Expanse, Dr. Marshall Kuypers discusses common perimeter exposures that organizations should be worried about, and what they can do to remediate them.