Threat Landscape Assessment (TLA)


Our Threat Landscape Assessment (TLA) is a highly appreciated service where we passively gather intelligence about your environment to assess your security perimeter, online footprint and attack surface. It provides good insight to necessary security assessments and engagements.

Our Threat Landscape Assessments (TLA) provides a very good look into your organization's security posture, attack surface and exposed assets.

Our experienced open-source intelligence (OSINT) and network scanning specialists conduct a fast paced and effective scan of the internet after traces of your organization and write an extensive report on any issues or interesting artifacts found.

Assured performs external asset discovery and uses readily available information gathering methodologies such as:

  • Information gathering and internet presence identification through Open Source Intelligence (OSINT)
  • Passive and active domain discovery
  • IP/Net block mapping & identification of suppliers
  • Passive service enumeration and targeted scanning
  • Web service fingerprinting, analysis and information leakage identification
  • Vulnerability analysis of identified services

The TLA provides you with a current view of your digital footprint, as seen from an attacker's perspective, and can act as a basis for future security engagements on the most valuable parts of your infrastructure.

A Threat Landscape Assessment (TLA) is quick, effective and a great initial test. Many of our clients also ask us to perform this assessment on a regular basis.


A Threat Landscape Assessment (TLA) is a brief, non-intrusive security assessment of an organization's external assets and attack surface.

To identify the organization's attack surface and common vulnerabilities that an attacker could abuse to gain access to its resources.

A TLA contains the following stages: domain and asset discovery; general information gathering (documents, employee emails, third-party services and vendors); passive and active service enumeration; vulnerability assessment; and finally, communicating findings in a comprehensive report.

Organizations and IT environments change frequently. It is common to perform a TLA as an initial test to get insight into what exactly you have online. Based on the results a penetration test might be of interest or a configuration audit of certain systems. It could be performed periodically to monitor changes in the environment or executed when major changes have been implemented.

You will get a written report and a presentation detailing the issues and observations identified during the assessment as well as a list of recommendations with indication of priority. In almost every assessment assets that needs further testing or auditing are identified.


Contact us if you have questions about a Threat Landscape Assessment (TLA).