Keeping track of your company’s public IP space is always a good idea. This means maintaining a centralized up-to-date list of:

  • All static IP blocks allocated to you (by an ISP)
  • All VPS instances operated by you in the cloud

This makes your life easier by:

  • Keeping your  your DNS updated to prevent scenarios like db.yourcompany.com from exposing embarrassing content you don’t control
  • Helping keep your IP whitelists updated
  • Enabling you to run scans on your exposed attack surface, e.g. with Nessus
  • Supplementing inventory management to help prevent old hosts from being forgotten and slipping through the cracks
  • Preventing legal trouble in the case of ownership discrepancies or miscommunication
  • Most importantly, making pentesters like us at Carve happy and more helpful