As of this moment, twigs supports discovery of the following attack surface assets:

  • Source code repositories (local, remote / git, github enterprise)
  • Docker (container images, instances, public / private docker repositories)
  • ECR, ACR, GCR (public, private container repositories from AWS, Azure and GCP)
  • Kubernetes (deployment yaml, helm charts)
  • Cloud workloads from AWS, Azure and GCP (Agentless CWP)
  • Server, endpoints (credentialed or non-credentialed discovery)
  • Cloud functions (Azure and GCP)
  • VMware (Agentless discovery of VCenter and ESX endpoints)
  • ServiceNow (Asset discovery from ServiceNow CMDB)
  • Third Party Attack Surface (using CycloneDX, SPDX and ThreatWorx standard SBOMs)

Credentialed host discovery is supported for:

  • RedHat
  • CentOS
  • Ubuntu
  • Debian
  • Amazon Linux
  • Windows
  • Mac OS

Apart from this, twigs also provides running of following checks on various attack surface components for posture management:

  • SAST (static analysis for source code repositories using semgrep)
  • IaC scan (for deployment code like Ansible, Terraform, CloudFormation etc. using checkov)
  • Secrets scan (for secrets embedded in source code)
  • CIS benchmarks (for AWS, Azure, CIS, Docker, K8S, GKE and servers)
  • DAST (dynamic testing of web application using plugins like Zap, Arachni)

These capabilities continue to evolve to add more coverage for the attack surface